[JBossWS] - WSSecurity not working
by jopere
I have created web service that uses a POJO endpoint and have successfully connected to it from a servlet. Now I am trying to add WSSecurity to it, using signed certificates. When I run the client, it connects to the web service, but the message is not signed. I verify this by monitoring the soap message, which does not include any of the wsse tags.
I am using:
JBoss 4.0.4.GA with the default JBossWS installed
JDK 1.5.0_07
JWSDP 2.0
Compiling the service using wstools
Compiling the client using wscompile
I Used OpenSSL to created the signed certificates/keystore/truststore
After reading both the JBossWS User Guide and the JAX-WS User Guide as well as many posts to this forum I used the following setup for the web serivice and client.
Web Service: included jboss-wsse-server.xml, standard-jaxrpc-endpoint-config.xml, server.truststore and client.keystore in web-inf, along with normal deployment descriptors.
jboss-wsse-server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<key-store-file>META-INF/client.keystore</key-store-file>
<key-store-password>webservicec</key-store-password>
<trust-store-file>META-INF/server.truststore</trust-store-file>
<trust-store-password>jbossws</trust-store-password>
</jboss-ws-security>
standard-jaxrpc-endpoint-config.xml:
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">
<endpoint-config>
<config-name>Standard WSSecurity Endpoint</config-name>
<pre-handler-chains>
<javaee:handler-chain>
<javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
<javaee:handler>
<javaee:handler-name>WSSecurity Handler</javaee:handler-name>
<javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
</javaee:handler>
</javaee:handler-chain>
</pre-handler-chains>
</endpoint-config>
</jaxws-config>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
.. servlet mappings ...
<context-param>
<param-name>jbossws-config-name</param-name>>
<param-value>Standard Secure Endpoint</param-value>
</context-param>
</web-app>
Client: Included jboss-wsse-client.xml, standard-jaxrpc-client-config.xml, and client.keystore in web-inf, as well as normal deployment descriptorts.
jboss-wsse-client.xml:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<key-store-file>META-INF/client.keystore</key-store-file>
<key-store-password>jbossws</key-store-password>
</jboss-ws-security>
standard-jaxrpc-client-config.xml:
<jaxrpc-config xmlns="urn:jboss:jaxrpc-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
xsi:schemaLocation="urn:jboss:jaxrpc-config:2.0 jaxrpc-config_2_0.xsd">
<client-config>
<config-name>Standard WSSecurity Client</config-name>
<post-handler-chain>
<handler-chain-name>WSSecurity Handlers</handler-chain-name>
<j2ee:handler-name>WSSecurityHandlerOutbound</j2ee:handler-name>
<j2ee:handler-class>org.jboss.ws.extensions.security.jaxrpc.WSSecurityHandlerOutbound</j2ee:handler-class>
</post-handler-chain>
</client-config>
</jaxrpc-config>
I also included several libs from libraries from the JAXRPC and SAAJ libs in the JWSDP. I did not add any special code to web.wml.
Both the web service and client deploy without error, and when I run the service is runs without error. But when I look at the SOAP message that was sent it is not signed.
Next I tried upgrading to JBossWS 1.2.1. With this configuration both web the service and client install correctly, but when I run the code I get this error:
19:54:23,064 WARN [[WebClient]] Servlet.service() for servlet WebClient threw exception
java.rmi.RemoteException: Couldn't create SOAP message factory due to exception: javax.xml.soap.SOAP
Exception: Unable to create message factory for SOAP: org.jboss.ws.core.soap.MessageFactoryImpl; nes
ted exception is:
Couldn't create SOAP message factory due to exception: javax.xml.soap.SOAPException: Unable
to create message factory for SOAP: org.jboss.ws.core.soap.MessageFactoryImpl
at com.acxiom.mypkg.Purchaser_Stub.purchase(Purchaser_Stub.java:88)
at com.acxiom.webclient.Client.doGet(Client.java:41)
at com.acxiom.webclient.Client.doPost(Client.java:95)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
...
Can somebody please help me to see what I am doing wrong?
Thanks!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045319#4045319
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045319
19 years, 1 month
[JBoss Seam] - Conversation picker either not working or conversations won'
by tony.herstell@gmail.com
As requested I have put this into the forum (was originally http://jira.jboss.com/jira/browse/JBSEAM-1051):
I have done some more work investigating this, with base latest seam 1.2.1GA and NO icefaces.
I can get a the conversation picker to render!
But if I hit the destory button then it does not destroy the conversation, it seems, as its still displayed and the conversation-id in the address bar remains the same!
It stays displayed until after I call an @End on the conversation.
At this point the conversation still appears to not be killed, BUT the display of the conversation now stops!
Am I missing something?
This is a VERY VERY simple seam app!
| <!DOCTYPE pages PUBLIC
| "-//JBoss/Seam Pages Configuration DTD 1.2//EN"
| "http://jboss.com/products/seam/pages-1.2.dtd">
|
| <!-- no-conversation-view-id sends the user to a given screen if there is no conversation when the given page is accessed -->
| <!-- timeout will keep the bean alive a lot longer than the session timeout so it will not be removed whilst the session is still reasonably "active" -->
| <pages no-conversation-view-id="/pages/prospectRegistration.xhtml">
|
| <!-- Gives conversations a name to make the visible in the coversation picker -->
| <page view-id="/pages/prospectRegistration.xhtml" timeout="300000" action="#{conversation.begin}">
| Reason: Registration of Prospect
| </page>
|
| <!-- Gives conversations a name to make the visible in the coversation picker -->
| <page view-id="/pages/prospectRegistrationSuccessful.xhtml" timeout="300000">
| Reason: Successful Registration of Prospect
| </page>
|
| </pages>
|
| /* (non-Javadoc)
| * @see org.adscale.prospect.ProspectRegistrationController#processDetails()
| */
| public String process() {
| log.debug(">processUserDetails" +prospect.toString());
| facesMessages.addFromResourceBundle(FacesMessage.SEVERITY_INFO, "prospect_registered_successfully");
| em.persist(prospect);
| log.debug("<processUserDetails");
| return "success";
| }
|
| /* (non-Javadoc)
| * @see org.adscale.prospect.ProspectRegistrationController#finish()
| */
| public String finish() { <<<<<<<<----- Putting @End on this does not change the conversationId, but it DOES stop the conversation picker displaying anyhting..
| log.debug(">finish");
| log.debug("<finish");
| return "gotoProspectRegistration";
| }
|
| /* (non-Javadoc)
| * @see org.adscale.prospect.ProspectRegistrationController#destroy()
| */
| @Remove @Destroy
| public void destroy() {
| log.debug(">destroy");
| log.debug("<destroy");
| }
|
| <!-- Navigation rules for the AdScale App -->
| <navigation-rule>
| <navigation-case>
| <from-outcome>prospectRegistration</from-outcome>
| <to-view-id>/pages/prospectRegistration.xhtml</to-view-id>
| <redirect />
| </navigation-case>
| </navigation-rule>
|
| <navigation-rule>
| <from-view-id>
| /pages/prospectRegistration.xhtml
| </from-view-id>
| <navigation-case>
| <from-outcome>success</from-outcome>
| <to-view-id>/pages/prospectRegistrationSuccessful.xhtml</to-view-id>
| <redirect/>
| </navigation-case>
| </navigation-rule>
|
| <navigation-rule>
| <from-view-id>
| /pages/prospectRegistrationSuccessful.xhtml
| </from-view-id>
| <navigation-case>
| <from-outcome>gotoProspectRegistration</from-outcome>
| <to-view-id>/pages/prospectRegistration.xhtml</to-view-id>
| <redirect/>
| </navigation-case>
| </navigation-rule>
|
Is this related to
http://jira.jboss.com/jira/browse/JBSEAM-1005
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045315#4045315
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045315
19 years, 1 month
[JBoss Seam] - Target Unreachable
by amontobin
Hi,
I've got an ear working. i can display my first index.seam page (login page) but when i hit login button, i've got this error :
javax.servlet.ServletException: /index.jsp(15,15) '#{backOfficeLoginController.username}' Target Unreachable, identifier 'backOfficeLoginController' resolved to null
javax.faces.webapp.FacesServlet.service(FacesServlet.java:256)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
EJB is deployed :
00:02:40,260 INFO [EJBContainer] STARTED EJB: org.jboss.seam.core.Dispatcher ejbName: Dispatcher
00:02:40,310 INFO [MCKernelAbstraction] installing bean: jboss.j2ee:ear=assurix.ear,jar=jboss-seam-1.2.1.GA.jar,name=TransactionListener,service=EJB3 with dependencies:
00:02:40,357 INFO [EJBContainer] STARTED EJB: org.jboss.seam.core.TransactionListener ejbName: TransactionListener
00:02:40,395 INFO [MCKernelAbstraction] installing bean: jboss.j2ee:ear=assurix.ear,jar=presentation-1.0-SNAPSHOT.jar,name=LoginController,service=EJB3 with dependencies:
00:02:40,412 INFO [EJBContainer] STARTED EJB: com.assurix.presentation.extranet.backoffice.LoginController ejbName: LoginController
My Controller code :
Stateful
@Name("backOfficeLoginController")
public class LoginController extends PresentationController implements LoginControllerInterface {
@Logger
private Log log;
private LoginModule loginModule;
}
Have you any ideas for solving this problem ?
Thank you a lot,
Sébastien
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045311#4045311
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045311
19 years, 1 month