3 Replies Latest reply on May 12, 2008 3:12 PM by mielket

    How to configure servicemix-http to use WS-Security UsernameToken authentic

    mielket

      Hi there,

       

      I am trying to configure servicemix-http to use WS-Security UsernameToken based authentication. My http bc consumer reads:

       

      <?xml version="1.0" encoding="UTF-8"?>
      <beans xmlns:http="http://servicemix.apache.org/http/1.0"
             xmlns:greeter="http://apache.org/hello_world_soap_http"
             xmlns:soap="http://servicemix.apache.org/soap/1.0">
        <http:endpoint service="greeter:SOAPServiceWSSecurity"
          endpoint="TimestampSignEncrypt"
          role="consumer"
          targetService="greeter:SOAPServiceWSSecurity"
          targetEndpoint="TimestampSignEncrypt"
          targetInterfaceName="greeter:Greeter"
          defaultOperation ="greeter:greetMe"
          locationURI="http://localhost:9000/"
          defaultMep="http://www.w3.org/2004/08/wsdl/in-out"
          soap="false">
          <http:policies>
            <soap:ws-security receiveAction="UsernameToken" />
          </http:policies>
        </http:endpoint>
      </beans>

      My external client correctly sends a WS-Security header in the SOAP request with username and password digest information.

       

      However, the http bc fails to process the message with an IllegalStateException.

      I debugged through the code and noticed that ConsumerProcess.process() creates a SOAPMessage object and assignes the stream Source to the SOAPMessage correctly.

       

      SoapMessage message = soapHelper.getSoapMarshaler().createReader().read(request.getInputStream(), request.getHeader(HEADER_CONTENT_TYPE));

       

      It then calls

      exchange = soapHelper.onReceive(ctx);

       

      which iteratest through all policy handlers and calls WSSecurityHandler.onReceive(). That method tries to get the Document from the SOAPMessage object, however the Document has not been set yet (only the stream Source is set on the SOAPMessage object), so this returns null, causing the IllegalStateException.

       

      Am I missing any essential configuration to get the authentication working?

      By who and when is the document supposed to be set on the SoapMessage object?

       

      Edited by: tmielke on May 8, 2008 11:09 AM

        • 1. Re: How to configure servicemix-http to use WS-Security UsernameToken authe
          mielket

          Can someone please also teach me how to get proper formatting of the xml config?

           

          Edited by: tmielke on May 8, 2008 11:13 AM

          • 2. Re: How to configure servicemix-http to use WS-Security UsernameToken authe
            mielket

            Got it sorted. Need to set soap="true" in my http-bc consumer. So a valid configuration looks as follows:

             

            <?xml version="1.0" encoding="UTF-8"?>
            <beans xmlns:http="http://servicemix.apache.org/http/1.0"
                   xmlns:greeter="http://apache.org/hello_world_soap_http"
                   xmlns:soap="http://servicemix.apache.org/soap/1.0">
              <http:endpoint service="greeter:SOAPServiceWSSecurity"
                endpoint="TimestampSignEncrypt"
                role="consumer"
                targetService="greeter:SOAPServiceWSSecurity"
                targetEndpoint="TimestampSignEncrypt"
                targetInterfaceName="greeter:Greeter"
                defaultOperation ="greeter:greetMe"
                locationURI="http://localhost:9000/"
                defaultMep="http://www.w3.org/2004/08/wsdl/in-out"
                soap="true">
                <http:policies>
                  <soap:ws-addressing />
                  <soap:ws-security receiveAction="UsernameToken" keystore="default" />
                </http:policies>
              </http:endpoint>
            </beans>
            

             

            Notice, it is necessary to set a keystore in the ws-security conf, due to SM-1344.

             

            Edited by: tmielke on May 9, 2008 11:56 AM

            • 3. Re: How to configure servicemix-http to use WS-Security UsernameToken authe
              bsnyder

               

              Can someone please also teach me how to get proper formatting of the xml config?

               

               

              Just wrap the code in the  macro similar to Confluence.

               

              Bruce