1 2 Previous Next 20 Replies Latest reply on Aug 12, 2014 5:40 AM by Alessio Soldano

    How can I resolve "General web Service security error"?

    Carlos Bejarano Newbie

      Hi,

       

      I am using Jboss 6.1.0 Final and Jboss-cxf 3.4.1 GA...

      I have problems using BindingProvider to set credential and consume a remote web service.

      The user and pass are stored in a external file named

       

      Here my console message:

       

      hn.com.tigo.corporatesms.negocio.wsclient.SendMessageTechnicalExceptionMsg: BEA-386200: General web service security error

                at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)

                at $Proxy62.sendMessage(Unknown Source)

                at hn.com.tigo.corporatesms.negocio.wsclient.facade.SendSMSWSClientFacade.sendSMS(SendSMSWSClientFacade.java:89)

                at hn.com.tigo.corporatesms.negocio.wsclient.facade.SendSMSWSClientFacade.sendSMSToMSISDN(SendSMSWSClientFacade.java:140)

                at hn.com.tigo.corporatesms.negocio.sms.SendSMS.send(SendSMS.java:120)

                at hn.com.tigo.corporatesms.negocio.sms.SendSMS.send(SendSMS.java:98)

                at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.sendSubscriberList(TareaMotor02.java:298)

                at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.doTask(TareaMotor02.java:234)

                at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.ejecutarTarea(TareaMotor02.java:89)

                at hn.com.tigo.corporatesms.negocio.timer.TareaGeneral.run(TareaGeneral.java:132)

                at java.lang.Thread.run(Thread.java:662)

      Caused by: org.apache.cxf.binding.soap.SoapFault: BEA-386200: General web service security error

                at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)

                at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)

                at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)

                at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:99)

                at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)

                at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)

                at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)

                at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2330)

                at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2192)

                at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2036)

                at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)

                at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:696)

                at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)

                at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)

                at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)

                at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)

                at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)

                at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)

                ... 10 more

       

       

      and here my client code:

       

      private GeneralResponse sendSMS(MobileMessage pMobileMessage)
                                    throws SendMessageTechnicalExceptionMsg {
                          try {
                                    System.out.println("Inicializar Servicio :::> " + this.urlWSDL);
                                    MessagingServiceHttpBindingQSService servicio = new MessagingServiceHttpBindingQSService(
                                                        new URL(this.urlWSDL));
                                    System.out.println("Estado Servicio :::> " + servicio);
                                    MessagingService port = servicio
                                                        .getMessagingServiceHttpBindingQSPort();
                                    Map<String, Object> ctx = ((BindingProvider) port)
                                                        .getRequestContext();
                                    ctx.put("ws-security.username", userName);
                                    ctx.put("ws-security.password", password);
                                    System.out.println("Port :::> " + port);
                                    printXMLRequest(pMobileMessage);
                                    GeneralResponse response = port.sendMessage(pMobileMessage);
                                    printXMLResponse(response);
                                    return response;
                          } catch (MalformedURLException ex) {
                                    SendMessageTechnicalExceptionMsg sendEX = new SendMessageTechnicalExceptionMsg(
                                                        ex.getMessage(), ex.getCause());
                                    sendEX.setStackTrace(ex.getStackTrace());
                                    throw sendEX;
                          } catch (Exception e) {
                                    SendMessageTechnicalExceptionMsg sendEX = new SendMessageTechnicalExceptionMsg(
                                                        e.getMessage(), e.getCause());
                                    sendEX.setStackTrace(e.getStackTrace());
                                    throw sendEX;
      
                          }
      
      
                }
      
      

       

      Thanks a lot

        • 1. Re: How can I resolve "General web Service security error"?
          Alessio Soldano Master

          What are you trying to achieve? Is the target ws endpoint using WS-SecurityPolicy or not? If it is, you're most likely missing part of the configuration in the context (see https://docs.jboss.org/author/display/JBWS/WS-Security#WS-Security-Client ), if it's not then you're using wrong context properties (see "Use binding provider to set principal/credential" at https://docs.jboss.org/author/display/JBWS/Authentication)

          Knowing what exception is actually being thrown on server side might help.

          • 2. Re: How can I resolve "General web Service security error"?
            Carlos Bejarano Newbie

            Hi Alessio.

             

            I'm trying to send a SMS through my WS and it needs the authentication. The ws endpoint uses ws-securityPolicy.

            Looking into wireshark the Username Token is missing but I don't know why.

             

            The exception on server side is the same above. But here is it

             

            javax.xml.ws.soap.SOAPFaultException: BEA-386200: General web service security error

                      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)

                      at $Proxy53.sendMessage(Unknown Source)

                      at hn.com.tigo.corporatesms.negocio.wsclient.facade.SendSMSWSClientFacade.sendSMS(SendSMSWSClientFacade.java:101)

                      at hn.com.tigo.corporatesms.negocio.wsclient.facade.SendSMSWSClientFacade.sendSMSToMSISDN(SendSMSWSClientFacade.java:155)

                      at hn.com.tigo.corporatesms.negocio.sms.SendSMS.send(SendSMS.java:120)

                      at hn.com.tigo.corporatesms.negocio.sms.SendSMS.send(SendSMS.java:98)

                      at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.sendSubscriberList(TareaMotor02.java:298)

                      at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.doTask(TareaMotor02.java:234)

                      at hn.com.tigo.corporatesms.negocio.motor.tarea.TareaMotor02.ejecutarTarea(TareaMotor02.java:89)

                      at hn.com.tigo.corporatesms.negocio.timer.TareaGeneral.run(TareaGeneral.java:132)

                      at java.lang.Thread.run(Thread.java:662)

            Caused by: org.apache.cxf.binding.soap.SoapFault: BEA-386200: General web service security error

                      at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75)

                      at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46)

                      at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35)

                      at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                      at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:99)

                      at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)

                      at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)

                      at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                      at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:755)

                      at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2330)

                      at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2192)

                      at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2036)

                      at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)

                      at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:696)

                      at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)

                      at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

                      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)

                      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)

                      at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)

                      at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)

                      at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)

                      ... 10 more

            • 3. Re: How can I resolve "General web Service security error"?
              Alessio Soldano Master

              ok, if you're expected to use ws-security policy and you notice the username token is missing in the message going on the wire, then this is related to the fact you're not specifying all the required parameters into the message context; again please have a look at https://docs.jboss.org/author/display/JBWS/WS-Security#WS-Security-Client

              • 4. Re: How can I resolve "General web Service security error"?
                Fernando Lozano Newbie

                Alessio,

                 

                I have the same problem and use the same code on my client:

                 

                Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
                                              ctx.put("ws-security.username", userName);
                                              ctx.put("ws-security.password", password)

                 

                Which by the way is the code provided as example from JBoss and CXF documentation you provided. They state that setting those properties should be enough for a client to send WS-Security UsernameToken headers. But they don't. And I can't find on the docs what else to do.

                 

                On google I find lots of posts telling to develop and install my own SOAP handler, but I expected CXF or JBoss AS should have those ready for use, it should be a simple matter of configuring System Properties somwhere.

                • 5. Re: How can I resolve "General web Service security error"?
                  Alessio Soldano Master

                  Folks, you're setting wrong parameters in the message context, please have a look at the page I linked before, in particular section "Authentication and authorization" -> "Client".

                  The jbossws-cxf testsuite and binary distribution comes with example of this btw, see http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-cxf-4.1.0.Final/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/basic/UsernameTestCase.java

                  • 6. Re: How can I resolve "General web Service security error"?
                    Carlos Bejarano Newbie

                    Hi Alessio

                     

                    But what happens in the case where I don't use a "callback handler"?? Exist another easy way to setting Username Token variables? And WHERE is the functionality of "ws-security.password" if I can't assign a value programmatically and my app works fine??. Is possible I've missed something important in my "configuration"??

                     

                     

                    Thanks Again

                    • 7. Re: How can I resolve "General web Service security error"?
                      Alessio Soldano Master

                      Hi Carlo,

                      to be honest, I forgot about that scenario (no usage of callback handler), sorry. In any case, I've just tried it and it's working as expected, see the passing testcase I've just added to the jbossws-cxf testsuite: http://viewvc.jboss.org/cgi-bin/viewvc.cgi/jbossws?view=revision&revision=16997

                      • 8. Re: How can I resolve "General web Service security error"?
                        Carlos Bejarano Newbie

                        Hi Alessio,

                         

                        Looking into other jboss(this work fine)...I notice it has the same JAR files like mine... It could be a different configuration in my java environmet? Others jar files??

                        What is the minimal configuration?

                         

                        Thanks

                        • 9. Re: How can I resolve "General web Service security error"?
                          Alessio Soldano Master

                          Not sure I get what you mean... what's the question?

                          • 10. Re: How can I resolve "General web Service security error"?
                            Fernando Lozano Newbie

                            Hi Alessio,

                             

                            I followed your hints, jboss-ws and cxf docs the best as I coud, and took a look to the testcases your provided the links. Nothing worked. My goal is getting the simpler working consumer for a WS-Security Username Token enabled service.

                             

                            I'm using jboss as 7.1.1 and eclipse juno SR1 under Fedora 17 and with jboss-tools-4.0.0-beta1 and OpenJDK7.

                             

                            Started from a working sample internet service, avaibable online as http://parabank.parasoft.com/parabank/services/store-wss-01?wsdl (info about the sampe at http://parabank.parasoft.com/parabank/services.htm).

                             

                            It looks the WSDL from that service nas no WS-Policy definitions, but I can consume it using SoapUI and setting the request property WSS-Password Type to "PasswordText".

                             

                            Used Eclipse/JBoss Tools wizzards to create a sample client. The client is a Java SE app, although it is inside a Dynamic Web Project. Added cfx and wss4j jars from jboss to the project classpath, so I can get CXF classes. It doesn't worked with or without the handler.

                             

                            Here's the code:

                             

                            package testwsse.bookstore.auth.clientsample;

                             

                            import java.util.List;

                             

                            import javax.xml.ws.BindingProvider;

                            import org.apache.cxf.ws.security.SecurityConstants;

                             

                            import testwsse.bookstore.auth.*;

                             

                             

                            public class ClientSample {

                             

                                public static void main(String[] args) throws java.lang.Exception {

                                        System.out.println("***********************");

                                        System.out.println("Create Web Service Client...");

                                        Bookstore_Service service1 = new Bookstore_Service();

                                        System.out.println("Create Web Service...");

                                        Bookstore port1 = service1.getCartServicePort();

                                       

                                        System.out.println("Configuring WS-Security...");           

                                       

                                        //XXX won't work

                                        ((BindingProvider)port1).getRequestContext().put(SecurityConstants.USERNAME, "soatest");

                                        ((BindingProvider)port1).getRequestContext().put(SecurityConstants.PASSWORD, "soatest");

                                       

                                        //XXX won't work either, callback is never called

                                        //((BindingProvider)port1).getRequestContext().put(SecurityConstants.USERNAME, "soatest");

                                        //((BindingProvider)port1).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER,

                                        //      "testws.bookstore.auth.clientsample.UsernamePasswordCallback");

                                       

                             

                                        System.out.println("Call Web Service Operation...");

                                       

                                        List<Book> livros = port1.getItemByTitle("Java");

                                        System.out.println("Found: " + livros.size() + " books.");

                                        for (Book livro : livros) {

                                            System.out.println("Book Title: " + livro.getName());

                                            for (String autor: livro.getAuthors()) {

                                                System.out.println("Author: " + autor);

                                            }

                                        }

                                       

                                        System.out.println("***********************");

                                        System.out.println("Call Over!");

                                }

                            }

                             

                             

                            And here's the result:

                             

                            ***********************

                            Create Web Service Client...

                            Create Web Service...

                            Configuring WS-Security...

                            Call Web Service Operation...

                            Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: An error was discovered processing the <wsse:Security> header

                                at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)

                                at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:111)

                                at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)

                                at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)

                                at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:129)

                                at $Proxy32.getItemByTitle(Unknown Source)

                                at testwsse.bookstore.auth.clientsample.ClientSample.main(ClientSample.java:34)

                            • 11. Re: How can I resolve "General web Service security error"?
                              Fernando Lozano Newbie

                              Alessio,

                               

                              You can download my Eclipse project from http://www.lozano.eti.br/TestWSSE.zip. What is missing?

                               

                              Thanks in advance.

                              • 12. Re: How can I resolve "General web Service security error"?
                                Alessio Soldano Master

                                Ok, so basically you're trying to use WS-Security UT for invoking an endpoint whose wsdl contract does not advertise that. That's why the ws-security is not automatically configured. So you have 2 options:

                                A) produce a locally modified version of that wsdl with proper ws-security policy and consume that with your client

                                B) programmatically (or through jbossws-cxf spring integration) configure ws-security in your client; see e.g. http://anonsvn.jboss.org/repos/jbossws/stack/cxf/tags/jbossws-cxf-4.1.0.Final/modules/testsuite/cxf-spring-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/UsernameTestCase.java

                                • 13. Re: How can I resolve "General web Service security error"?
                                  Alessio Soldano Master

                                  Btw, please note that from the stacktrace above your client is currently using Metro (JAXWS RI) instead of jbossws-cxf JAXWS implementation.

                                  • 14. Re: How can I resolve "General web Service security error"?
                                    Fernando Lozano Newbie

                                    Alessio,

                                     

                                    Thanks for the hints, but:

                                     

                                    1) I tried to programatically configure ws-security, following jbossws docs. It didn't worked. My code is the same as the samples in the docs. It looks to me the same as in UsernameTestCase, I had already read those sources.

                                     

                                    2) My Eclipse project has just jboss as 7.1.1 configured as runtime and target server. I don't have any other server in the Eclipse workspace and have not downloaded Metro. How could Metro be used instead of the jboss-suplied Apache CXF?

                                    1 2 Previous Next