[jboss-user] [JBoss Web Services] - WS-Security, < wsse:Security> Missing in client request
Ravi Choudhari
do-not-reply at jboss.com
Fri Dec 24 00:42:25 EST 2010
Ravi Choudhari [http://community.jboss.org/people/ravichoudhari] created the discussion
"WS-Security, <wsse:Security> Missing in client request"
To view the discussion, visit: http://community.jboss.org/message/577450#577450
--------------------------------------------------------------
Hi,
I am trying to implement a secure webservice using WS-Security in
http://www.coderanch.com/forums/f-63/JBoss JBoss 5.1 following the steps in
http://www.developer.com/java/other/article.php/3802631/Securing-Web-Services-in-JBoss-Application-Server-with-WS-Security.htm http://www.developer.com/java/other/article.php/38...on-Server-with-WS-Security.htm,
On the server Side I have:
Service:
1. @WebService()
2. @MTOM
3. @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
4. @BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING)
5. @HandlerChain(file = "META-INF/handlers/userlogin-services-handlers-server.xml")
6. @Stateless
7. @Clustered(loadBalancePolicy = "FirstAvailable", partition = "ClusterA")
8. @EndpointConfig(configName = "Standard WSSecurity Endpoint",
9. configFile = "META-INF/standard-jaxws-endpoint-config.xml")
10. @WebContext(authMethod = "BASIC", secureWSDLAccess = true)
11. @RolesAllowed("member")
12. public class UsersLoginServices {
13. @WebMethod(operationName = "userLogin")
14. public boolean userLogin(@WebParam(name = "userName") String userName,
15. @WebParam(name = "password") String password) {
16.
17. return usersLoginServices.userLogin(userName, password);
18. }
19. }
@WebService() @MTOM @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) @BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING) @HandlerChain(file = "META-INF/handlers/userlogin-services-handlers-server.xml") @Stateless @Clustered(loadBalancePolicy = "FirstAvailable", partition = "ClusterA") @EndpointConfig(configName = "Standard WSSecurity Endpoint", configFile = "META-INF/standard-jaxws-endpoint-config.xml") @WebContext(authMethod = "BASIC", secureWSDLAccess = true) @RolesAllowed("member") public class UsersLoginServices { @WebMethod(operationName = "userLogin") public boolean userLogin(@WebParam(name = "userName") String userName, @WebParam(name = "password") String password) { return usersLoginServices.userLogin(userName, password); } }
standard-jaxws-endpoint-config.xml
1. <?xml version="1.0" encoding="UTF-8"?>
2.
3. <jaxws-config xmlns="urn:jboss:jaxws-config:2.0"
4. xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee"
5. xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd">
6.
7. <endpoint-config>
8. <config-name>Standard WSSecurity Endpoint</config-name>
9. <post-handler-chains>
10. <javaee:handler-chain>
11. <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
12. <javaee:handler>
13. <javaee:handler-name>WSSecurity Handler</javaee:handler-name>
14. <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
15. </javaee:handler>
16. </javaee:handler-chain>
17. </post-handler-chains>
18. </endpoint-config>
19.
20. </jaxws-config>
<?xml version="1.0" encoding="UTF-8"?> <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Standard WSSecurity Endpoint</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurity Handler</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </endpoint-config> </jaxws-config>
jboss-wsse-server.xml
1. <?xml version="1.0" encoding="UTF-8"?>
2. <jboss-ws-security xmlns=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config"
3. xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"
4. xsi:schemaLocation=" http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
5.
6. <key-store-file>META-INF/server.keystore</key-store-file>
7. <key-store-password>mypassword</key-store-password>
8. <key-store-type>jks</key-store-type>
9.
10. <trust-store-file>META-INF/server.truststore</trust-store-file>
11. <trust-store-password>mypassword</trust-store-password>
12. <trust-store-type>jks</trust-store-type>
13.
14. <key-passwords>
15. <key-password alias="server" password="mypassword" />
16. </key-passwords>
17.
18. <config>
19. <timestamp ttl="300"/>
20. <sign type="x509v3" alias="serverkeys" includeTimestamp="true"></sign>
21. <encrypt type="x509v3" alias="clientkeys" algorithm="aes-256"
22. keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt>
23. <requires>
24. <!--<signature></signature>-->
25. <encryption></encryption>
26. </requires>
27. </config>
28. </jboss-ws-security>
<?xml version="1.0" encoding="UTF-8"?> <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>META-INF/server.keystore</key-store-file> <key-store-password>mypassword</key-store-password> <key-store-type>jks</key-store-type> <trust-store-file>META-INF/server.truststore</trust-store-file> <trust-store-password>mypassword</trust-store-password> <trust-store-type>jks</trust-store-type> <key-passwords> <key-password alias="server" password="mypassword" /> </key-passwords> <config> <timestamp ttl="300"/> <sign type="x509v3" alias="serverkeys" includeTimestamp="true"></sign> <encrypt type="x509v3" alias="clientkeys" algorithm="aes-256" keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> <requires> <!--<signature></signature>--> <encryption></encryption> </requires> </config> </jboss-ws-security>
I have copied jboss-wsse-server.xml, standard-jaxws-endpoint-config.xml, server.keystore, server.truststore to META-INF directory of the server project.
And on the client side I have:
standard-jaxws-client-config.xml
1. <?xml version="1.0" encoding="UTF-8"?>
2.
3. <jaxws-config xmlns="urn:jboss:jaxws-config:2.0"
4. xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee"
5. xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd">
6.
7. <client-config>
8. <config-name>Standard WSSecurity Client</config-name>
9. <post-handler-chains>
10. <javaee:handler-chain>
11. <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
12. <javaee:handler>
13. <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
14. <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
15. </javaee:handler>
16. </javaee:handler-chain>
17. </post-handler-chains>
18. </client-config>
19.
20. </jaxws-config>
<?xml version="1.0" encoding="UTF-8"?> <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <client-config> <config-name>Standard WSSecurity Client</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </client-config> </jaxws-config>
jboss-wsse-client.xml
1. <?xml version="1.0" encoding="UTF-8"?>
2. <jboss-ws-security xmlns=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config"
3. xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"
4. xsi:schemaLocation=" http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
5.
6. <key-store-file>META-INF/client.keystore</key-store-file>
7. <key-store-password>mypassword</key-store-password>
8. <key-store-type>jks</key-store-type>
9.
10. <trust-store-file>META-INF/client.truststore</trust-store-file>
11. <trust-store-password>mypassword</trust-store-password>
12. <trust-store-type>jks</trust-store-type>
13.
14. <key-passwords>
15. <key-password alias="clientkyes" password="mypassword" />
16. </key-passwords>
17.
18. <config>
19. <sign type="x509v3" alias="clientkyes" includeTimestamp="true"></sign>
20. <encrypt type="x509v3" alias="serverkeys" algorithm="aes-256"
21. keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt>
22. <requires>
23. <!-- <signature></signature> -->
24. <encryption></encryption>
25. </requires>
26. </config>
27. </jboss-ws-security>
<?xml version="1.0" encoding="UTF-8"?> <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>META-INF/client.keystore</key-store-file> <key-store-password>mypassword</key-store-password> <key-store-type>jks</key-store-type> <trust-store-file>META-INF/client.truststore</trust-store-file> <trust-store-password>mypassword</trust-store-password> <trust-store-type>jks</trust-store-type> <key-passwords> <key-password alias="clientkyes" password="mypassword" /> </key-passwords> <config> <sign type="x509v3" alias="clientkyes" includeTimestamp="true"></sign> <encrypt type="x509v3" alias="serverkeys" algorithm="aes-256" keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> <requires> <!-- <signature></signature> --> <encryption></encryption> </requires> </config> </jboss-ws-security>
Client Application:
1. @EndpointConfig(configName = "Standard WSSecurity Client")
2. public static void main(String[] args) throws MalformedURLException {
3.
4. public static void main(String[] args) throws MalformedURLException {
5. UsersLoginServicesService service = new UsersLoginServicesService();
6. UsersLoginServices port = service.getUsersLoginServicesPort();
7.
8. BindingProvider bindingProvider = (BindingProvider) port;
9. Map<String, Object> requestContext = bindingProvider
10. .getRequestContext();
11.
12. requestContext.put(BindingProvider.USERNAME_PROPERTY, "username");
13. requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password");
14.
15. try {
16. boolean result = port.userLogin("username", "password");
17. // System.out.println(result);
18. if (result) {
19. System.out.println("Logged in");
20. } else {
21. System.out.println("Not logged in");
22. }
23. } catch (Exception ex) {
24. System.out.println(ex.getMessage());
25. }
26. }
27. }
@EndpointConfig(configName = "Standard WSSecurity Client") public static void main(String[] args) throws MalformedURLException { public static void main(String[] args) throws MalformedURLException { UsersLoginServicesService service = new UsersLoginServicesService(); UsersLoginServices port = service.getUsersLoginServicesPort(); BindingProvider bindingProvider = (BindingProvider) port; Map<String, Object> requestContext = bindingProvider .getRequestContext(); requestContext.put(BindingProvider.USERNAME_PROPERTY, "username"); requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password"); try { boolean result = port.userLogin("username", "password"); // System.out.println(result); if (result) { System.out.println("Logged in"); } else { System.out.println("Not logged in"); } } catch (Exception ex) { System.out.println(ex.getMessage()); } } }
I have copied standard-jaxws-client-config.xml, jboss-wsse-client.xml and client.keystore, client.truststore to META-INF directory of the client.
But, When there is request from the client, I am getting the following Execption.
Exception in thread "main"
http://download.oracle.com/javase/6/docs/api/javax/xml/ws/soap/SOAPFaultException.html javax.xml.ws.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.
I have checked the request SOAP message & response messages, The client is not adding any <wsse:Security>, which is expected by the server.
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/577450#577450]
Start a new discussion in JBoss Web Services at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20101224/cb157389/attachment-0001.html
More information about the jboss-user
mailing list