5 Replies Latest reply on Aug 25, 2011 3:45 PM by Robert Baty

    WS-Security Username classloader issue with JBossAS7?

    Robert Baty Newbie

      Hello,

      I seem to be having an class loader issue configuring a WS-Security Username client using JBossWS-CXF on JBossAS7.  I have added the

       

      Dependencies: org.apache.ws.security, org.jboss.ws.cxf.jbossws-cxf-client services export

       

      Into my MANIFEST.MF to get access to the CXF and Apache WSS4J client libraries from the server so I have gotten past that.  What I believe is happening now is in my client code:

       

      // Create the client WS-Security configuration using Apache CXF APIs.
      Client client = ClientProxy.getClient(endpoint);
      Endpoint cxfEndpoint = client.getEndpoint();
      Map<String,Object> outProps = new HashMap<String, Object>();
      outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
      outProps.put(WSHandlerConstants.USER, "bob");
      outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
      outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, "rjb.ws4.security.client.ClientCallbackHandler");
      WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); 
      cxfEndpoint.getOutInterceptors().add(wssOut);
      cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor());
      

       

      Runs I get a ClassNotFoundException

       

      15:00:42,667 WARN  [org.apache.ws.security.util.Loader] (http--0.0.0.0-8080-1) rjb.ws4.security.client.ClientCallbackHandler from [Module "org.apache.cxf:main" from local module loader @4aeb52 (roots: C:\jboss-7.0.0.GA\modules)]: java.lang.ClassNotFoundException: rjb.ws4.security.client.ClientCallbackHandler from [Module "org.apache.cxf:main" from local module loader @4aeb52 (roots: C:\jboss-7.0.0.GA\modules)]

       

      I believe this is due to the new classloader in JBossAS7.  With the Dependencies I have added in the MANIFEST.MF my project has access to the server modules but in this circumstance wouldn't the callback work the other way around in that CXF or Apache WSS4J be trying to construct the callback class to get the Username password?

       

      Robert