[JBoss JIRA] (JBWS-3812) Incorrect value for ws-security.ut.validator
by Juan Manuel CABRERA (JIRA)
[ https://issues.jboss.org/browse/JBWS-3812?page=com.atlassian.jira.plugin.... ]
Juan Manuel CABRERA commented on JBWS-3812:
-------------------------------------------
Hello.
I also have this problem.
Here is a simple test reproducing it:
Checkout [https://github.com/jmcabrera/jboss-samples/tree/JBWS-3812], then:
{code}
$ ~/gh/jboss-samples/ : cd simple-wss4j/
$ ~/gh/jboss-samples/simple-wss4j : mvn clean test -Pmanaged
{code}
This project uses Arquillian and JBoss EAP 6.3.0.
Two profiles:
- remote: if you already have a running instance of EAP 6.3.0
- managed: if you want to start one from scratch.
In both cases, you need an EAP installation and a env var named {{JBOSS_HOME}} pointing at it.
This is the exception I get:
{code}
09:42:12,708 INFO [org.jboss.as.repository] (management-handler-thread - 1) JBAS014900: Contenu ajouté dans location D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:12,713 INFO [org.jboss.as.server.deployment] (MSC service thread 1-4) JBAS015876: Lancement du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:12,811 INFO [org.jboss.ws.cxf.metadata] (MSC service thread 1-8) JBWS024061: Adding service endpoint metadata: id=com.finin.jboss.samples.SimpleWSS4JImpl
address=http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
implementor=com.finin.jboss.samples.SimpleWSS4JImpl
serviceName={http://test}SimpleWSS4JImpl
portName={http://test}SimpleWSS4JImplPort
annotationWsdlLocation=null
wsdlLocationOverride=null
mtomEnabled=false
09:42:23,085 INFO [org.apache.cxf.service.factory.ReflectionServiceFactoryBean] (MSC service thread 1-8) Creating Service {http://test}SimpleWSS4JImpl from WSDL: WEB-INF/wsdl/test.xml
09:42:23,105 INFO [org.apache.cxf.endpoint.ServerImpl] (MSC service thread 1-8) Setting the server's publish address to be http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
09:42:23,115 INFO [org.jboss.ws.cxf.deployment] (MSC service thread 1-8) JBWS024074: WSDL published to: file:/D:/opt/jboss-eap/standalone/data/wsdl/872f2746-702b-41fc-96d1-1c789c6a7b52.war/test.xml
09:42:23,116 INFO [org.jboss.as.webservices] (MSC service thread 1-2) JBAS015539: Démarrage de service jboss.ws.port-component-link
09:42:23,117 INFO [org.jboss.as.webservices] (MSC service thread 1-5) JBAS015539: Démarrage de service jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:23,256 INFO [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018210: Enregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:23,427 INFO [org.jboss.as.server] (management-handler-thread - 1) JBAS018559: Déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:26,045 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/127.0.0.1:8080-2) Interceptor for {http://test}SimpleWSS4JImpl has thrown exception, unwinding now: java.lang.ClassCastException: java.lang.String cannot be cast to org.apache.ws.security.validate.Validator
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor$1.getValidator(UsernameTokenInterceptor.java:165)
at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:66) [wss4j-1.6.15.redhat-1.jar:1.6.15.redhat-1]
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.validateToken(UsernameTokenInterceptor.java:182)
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.processToken(UsernameTokenInterceptor.java:90)
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:101)
at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:241)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.3.0.Final-redhat-1.jar:2.3.0.Final-redhat-1]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_05]
09:42:26,143 INFO [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018224: Désenregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:26,185 INFO [org.jboss.as.webservices] (MSC service thread 1-6) JBAS015540: Arrêt de service jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:26,195 INFO [org.jboss.as.webservices] (MSC service thread 1-1) JBAS015540: Arrêt de service jboss.ws.port-component-link
09:42:26,239 INFO [org.jboss.as.server.deployment] (MSC service thread 1-5) JBAS015877: Arrêt du déploiement de 872f2746-702b-41fc-96d1-1c789c6a7b52.war (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war") en 99ms
09:42:26,267 INFO [org.jboss.as.repository] (management-handler-thread - 2) JBAS014901: Contenu supprimé de la location D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:26,268 INFO [org.jboss.as.server] (management-handler-thread - 2) JBAS018558: Annulation du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
{code}
As suggested by the OP, CXF expects an instance of a Validator in front of {{ws-security.ut.validator}} à la Spring.
For reference, here is the endpoint config:
{code}
<jaxws-config
xmlns="urn:jboss:jbossws-jaxws-config:4.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">
<endpoint-config>
<config-name>com.finin.jboss.samples.SimpleWSS4JImpl</config-name>
<property>
<property-name>ws-security.ut.validator</property-name>
<property-value>com.finin.jboss.samples.CustomUTValidator</property-value>
</property>
</endpoint-config>
</jaxws-config>
{code}
You might want to have a look [here|http://grepcode.com/file/repo1.maven.org/maven2/org.apache.openejb/o...] for an example of what I think is a very flexible configuration.
Regards,
Juan Manuel
> Incorrect value for ws-security.ut.validator
> --------------------------------------------
>
> Key: JBWS-3812
> URL: https://issues.jboss.org/browse/JBWS-3812
> Project: JBoss Web Services
> Issue Type: Bug
> Components: jbossws-cxf
> Affects Versions: jbossws-cxf-4.2.4
> Reporter: John Ament
> Assignee: Alessio Soldano
> Fix For: jbossws-cxf-5.0
>
>
> I found a forum post indicating that this value should work, in my hunt to make security work in WildFly. https://community.jboss.org/thread/229071
> When you set the parameter ws-security.ut.validator in jaxws-endpoint-config.xml, the value that gets set is in fact the string value, e.g. com.mycompany.cxf.validators.MySpecialValidator
> CXF is expecting that this is an instantiated instance of the class, not a classname. It results in a ClassCastException. You can see here for reference: http://cxf.apache.org/docs/ws-securitypolicy.html look under Validator implementations.
> To work around this, you can register a custom InInterceptor and set the value in the message context. It's not ideal, but you could read the value from jaxws-endpoint-config.xml and instantiate that class, passing it back to the message context.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)