December 2008 - jbossws-issues - Jboss List Archives

[JBoss JIRA] Created: (JBWS-2409) Fix jbws771 testcase binding customization file

by Alessio Soldano (JIRA)

Fix jbws771 testcase binding customization file ----------------------------------------------- Key: JBWS-2409 URL: https://jira.jboss.org/jira/browse/JBWS-2409 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Components: jbossws-native Affects Versions: jbossws-native-3.0.4 Reporter: Alessio Soldano Fix For: jbossws-native-3.0.6 When running the JBWS771 testcase, I currently see: Running org.jboss.test.ws.jaxws.jbws771.JBWS771TestCase Retrieving document at 'http://localhost:8080/jaxws-jbws771/IWebsvcImpl?wsdl'. Executing command: /dati/jboss-5.0.0.GA/bin/wsconsume.sh -k -o /home/alessio/dati/jbossws/stack/native/tags/jbossws-native-3.0.4.SP1/modules/testsuite/native-tests/target/test-resources/wsconsume/java --extension --binding=/home/alessio/dati/jbossws/stack/native/tags/jbossws-native-3.0.4.SP1/modules/testsuite/native-tests/target/test-resources/./jaxws/jbws771/binding.xml http://localhost:8080/jaxws-jbws771/IWebsvcImpl?wsdl Process input stream: [WARNING] Ignoring: binding file ""file:/home/alessio/dati/jbossws/stack/native/tags/jbossws-native-3.0.4.SP1/modules/testsuite/native-tests/target/test-resources/jaxws/jbws771/binding.xml". It is not a jaxws or a jaxb binding file. line 2 of file:/home/alessio/dati/jbossws/stack/native/tags/jbossws-native-3.0.4.SP1/modules/testsuite/native-tests/target/test-resources/jaxws/jbws771/binding.xml This sometimes results in a test failure (intermittent issue?), for instance we spotted failures most probably because of this in the 3.0.4 testsuite against AS5 trunk before AS5 GA release. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
3
0 / 0

[JBoss JIRA] Created: (JBWS-2416) Search is not working on the mediawiki

by Alessio Soldano (JIRA)

Search is not working on the mediawiki -------------------------------------- Key: JBWS-2416 URL: https://jira.jboss.org/jira/browse/JBWS-2416 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Alessio Soldano -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
4
0 / 0

[JBoss JIRA] Created: (JBWS-2150) Migrate AddressRewritingTestCase to jaxws

by Thomas Diesler (JIRA)

Migrate AddressRewritingTestCase to jaxws ----------------------------------------- Key: JBWS-2150 URL: http://jira.jboss.com/jira/browse/JBWS-2150 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Thomas Diesler Fix For: jbossws-native-3.0.3 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

3
4
0 / 0

[JBoss JIRA] Created: (JBWS-1999) WS-Security Usename Token Profile JAAS Implementation for JSE based WebServices

by Thomas Diesler (JIRA)

WS-Security Usename Token Profile JAAS Implementation for JSE based WebServices ------------------------------------------------------------------------------- Key: JBWS-1999 URL: http://jira.jboss.com/jira/browse/JBWS-1999 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Thomas Diesler Fix For: jbossws-native-2.0.4 Karl de Boer sais: I created a Username TokenProfile implementation where the userid pwd are verified against the active JAAS SecurityManager I want to share this with you. It appears to me there is only support for EJB based webservices for this. So i had to create it myself in the form of a messagehandler and some glue to integrate with JBossSX. In general i think the focus is to much on EJB Based services. I prefer the WSDL first approach to define a proper SOA. It is not a perfect implementation. I do'nt do anything with Nonce and Timestamp and i also do not support passwordDigest. So i also do not use any keystores (PasswordText is protect by the transport layer in my case (SSL)). I saw there is an issue in JIRA where the keystore shoud not be required. This is such a case. I also was surprised that JBossWS does not check anymore for the requires Username section in Jboss-wsse-server.xml. But for this there is also as JIRA issue What i did in a separate messagehandler should perhaps be moved to the WSSecurityDispatcher, which takes care of all WSSecurity related stuff. To activate the messagehandler processing i simply adjusted the default the standard-jaxws-endpoint-config.xml <endpoint-config> <config-name>Standard WSSecurity Endpoint</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurity Handler</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> </javaee:handler> <javaee:handler> <javaee:handler-name>UserNameTokenProfileMessageHandler</javaee:handler-name> <javaee:handler-class>nl.jnc.common.services.wssecurity.UserNameTokenProfileMessageHandler</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </endpoint-config> I did not investigate how to link the authenticated user (principal) and associated roles to the WebServiceContext. I directly refer to the SecurityAssociation class which stores Subject and Principal in threadlocal. In the SEI implementaion is use the princiap and roles like this (cloul be improved): private boolean isUserInRole(String roleName) { Subject sub = SecurityAssociation.getSubject(); if (sub != null) { Set<Principal> set = SecurityAssociation.getSubject().getPrincipals(); if (set!= null) { for (Principal p : set) { if (p instanceof SimpleGroup) { SimpleGroup ng = (SimpleGroup) p; Enumeration mem = ng.members(); while (mem.hasMoreElements()) { Principal p1 = (Principal) mem.nextElement(); if (p1.getName().equalsIgnoreCase(roleName)) return true; } } } } } return false; } Attached you will find the rest. You are free to use it the way you like. In the WsSecurityManager you will also find some a method to authenticate a user with a certificate but this is not tested. I use the security implementation against an LDAP (LdapLoginModule). The users are system accounts, the data(sections) returned by the service are governed by the roles a system users has. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

3
10
0 / 0

[JBoss JIRA] Created: (JBWS-2414) jboss-ws-security_1_0.xsd is broken

by Juergen Zimmermann (JIRA)

jboss-ws-security_1_0.xsd is broken ----------------------------------- Key: JBWS-2414 URL: https://jira.jboss.org/jira/browse/JBWS-2414 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Components: jbossws-native Affects Versions: jbossws-native-3.0.4 Environment: JBossAS 4.2.3, JBossWS-Native 3.0.4 Reporter: Juergen Zimmermann jboss-ws-security_1_0.xsd is broken: The example file found at http://jbossws.jboss.org/mediawiki/index.php?title=WS-Security_options#Us... would be incorrect because <xs:complexType name="requiresType"> : doesn't have the element "username" (see line 158ff). These lines should be added: <xs:element name="username" type="usernameType" minOccurs="0" maxOccurs="1"> <xs:annotation> <xs:documentation>Indicates that a username element must be present in the message.</xs:documentation> </xs:annotation> </xs:element> Without this declaration schema validation fails regarding <username/> e.g. when editing jboss-wsse-server.xml and jboss-wsse-client.xml by using JBossTools. For completeness: here is the example file of the Wiki page (see above): <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <config> <username/> <timestamp ttl="300"/> </config> </jboss-ws-security> -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
2
0 / 0

[JBoss JIRA] Created: (JBWS-2415) Inconsistent namespace in jboss-ws-security_1_0.xsd

by Juergen Zimmermann (JIRA)

Inconsistent namespace in jboss-ws-security_1_0.xsd --------------------------------------------------- Key: JBWS-2415 URL: https://jira.jboss.org/jira/browse/JBWS-2415 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Components: jbossws-native Affects Versions: jbossws-native-3.0.4 Environment: JBossAS 4.2.3, JBossWS 3.0.4 Reporter: Juergen Zimmermann jboss-ws-security_1_0.xsd declares the namespace http://www.jboss.com/ws-security/config. However, other .xsd files in $JBOSS_HOME/docs/dtd or schema are declaring http://www.jboss.org/j2ee/schema Just use a webbrowser like FF or IE and have a look at the http://www.jboss.org/j2ee/schema/jboss_5_0.xsd Invoking http://www.jboss.com/ws-security/config or http://www.jboss.com/ws-security/config/jboss-ws-security_1_0.xsd fails. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
2
0 / 0

[JBoss JIRA] Created: (JBWS-2430) WS-RX: Anonymous client that offers a sequenceId should not be rejected (sequenceId should be disregarded instead)

by Jean-Christophe Durand (JIRA)

WS-RX: Anonymous client that offers a sequenceId should not be rejected (sequenceId should be disregarded instead) ------------------------------------------------------------------------------------------------------------------ Key: JBWS-2430 URL: https://jira.jboss.org/jira/browse/JBWS-2430 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Components: ws-reliable Affects Versions: jbossws-native-3.0.4 Environment: JBoss 4.2.2.GA; WS-RX 2007/08 Reporter: Jean-Christophe Durand Hi, I had a big fight when I tried to get JBossWS work with WSF/PHP (using WS-RX). Everything was working fine when using the Java client but for no evident reason, it was failing when I used WSF as client. After hours and hours of investigation, I figured out that it was at conversation initiation that the process was failing. The reason is that the client is registering under the "http://www.w3.org/2005/08/addressing/anonymous" address and is proposing a sequence Id under the CreateSequence node: <wsrm:CreateSequence> <wsrm:AcksTo> <wsa:Address xmlns:wsa='http://www.w3.org/2005/08/addressing'>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address> </wsrm:AcksTo> <wsrm:Offer> <wsrm:Identifier xmlns:wsrm='http://docs.oasis-open.org/ws-rx/wsrm/200702'>57540fe2-c21b-1dd1-3acc-001143a00b7a</wsrm:Identifier> <wsrm:Endpoint xmlns:wsrm='http://docs.oasis-open.org/ws-rx/wsrm/200702'/> </wsrm:Offer> </wsrm:CreateSequence> >From what I read in Oasis specification, a server should not accept the proposed identifier of an anonymous client but I do not see that it MUST reject any client that provides such a combination. What I would suggest is that rather than rejecting the conversation, the server should only disregard the Offer/Identifier value and behave as if no sequence id had been provided. I tried to find out where to do this in JBossWS with no luck. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
4
0 / 0

[JBoss JIRA] Created: (JBWS-2117) web.xml modified to web.xml.org - Subsequent runs fail

by Thomas Diesler (JIRA)

web.xml modified to web.xml.org - Subsequent runs fail ------------------------------------------------------ Key: JBWS-2117 URL: http://jira.jboss.com/jira/browse/JBWS-2117 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: jbossws-2.0.0 Reporter: Thomas Diesler Assigned To: Thomas Diesler Fix For: jbossws-native-2.0.3 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
7
0 / 0

[JBoss JIRA] Created: (JBWS-1683) Fix JAXR samples for XFire

by Thomas Diesler (JIRA)

Fix JAXR samples for XFire -------------------------- Key: JBWS-1683 URL: http://jira.jboss.com/jira/browse/JBWS-1683 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Components: integration-sunri Reporter: Thomas Diesler Fix For: jbossws-2.1.0 2007-06-01 06:12:43,257 ERROR [org.jboss.jaxr.juddi.transport.SaajTransport:94] Exception:: org.w3c.dom.DOMException: NAMESPACE_ERR: An attempt is made to create or change an object in a way which is incorrect with regard to namespaces. at com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.checkDOMNSErr(CoreDocumentImpl.java:2409) at com.sun.org.apache.xerces.internal.dom.AttrNSImpl.setName(AttrNSImpl.java:150) at com.sun.org.apache.xerces.internal.dom.AttrNSImpl.<init>(AttrNSImpl.java:111) at com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.createAttributeNS(CoreDocumentImpl.java:2012) at com.sun.xml.messaging.saaj.soap.SOAPDocumentImpl.createAttributeNS(SOAPDocumentImpl.java:161) at com.sun.org.apache.xerces.internal.dom.ElementImpl.setAttributeNS(ElementImpl.java:684) at com.sun.xml.messaging.saaj.soap.impl.ElementImpl.setAttributeNS(ElementImpl.java:1241) at com.sun.xml.messaging.saaj.soap.impl.ElementImpl.addAttributeBare(ElementImpl.java:499) at com.sun.xml.messaging.saaj.soap.impl.ElementImpl.addAttributeBare(ElementImpl.java:471) at com.sun.xml.messaging.saaj.soap.impl.ElementImpl.addAttribute(ElementImpl.java:454) at org.jboss.jaxr.juddi.transport.SaajTransport.appendAttributes(SaajTransport.java:156) at org.jboss.jaxr.juddi.transport.SaajTransport.appendElements(SaajTransport.java:180) at org.jboss.jaxr.juddi.transport.SaajTransport.appendElements(SaajTransport.java:181) at org.jboss.jaxr.juddi.transport.SaajTransport.createSOAPMessage(SaajTransport.java:136) at org.jboss.jaxr.juddi.transport.SaajTransport.send(SaajTransport.java:77) at org.apache.juddi.proxy.RegistryProxy.execute(RegistryProxy.java:368) at org.apache.juddi.AbstractRegistry.saveBusiness(AbstractRegistry.java:582) at org.apache.ws.scout.registry.BusinessLifeCycleManagerImpl.executeOperation(BusinessLifeCycleManagerImpl.java:532) at org.apache.ws.scout.registry.BusinessLifeCycleManagerImpl.saveOrganizations(BusinessLifeCycleManagerImpl.java:389) at org.jboss.test.ws.jaxws.samples.jaxr.scout.query.JaxrBusinessQueryTestCase.setUp(JaxrBusinessQueryTestCase.java:58) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

2
12
0 / 0

[JBoss JIRA] Created: (JBWS-2431) Update native deployment macros to don't publish jaxb-api.jar and stax-api.jar to JBOSS_HOME/lib directory

by Richard Opalka (JIRA)

Update native deployment macros to don't publish jaxb-api.jar and stax-api.jar to JBOSS_HOME/lib directory ---------------------------------------------------------------------------------------------------------- Key: JBWS-2431 URL: https://jira.jboss.org/jira/browse/JBWS-2431 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-native Affects Versions: jbossws-native-3.0.5 Reporter: Richard Opalka Assignee: Richard Opalka Fix For: jbossws-native-3.0.6 Don't forget to update native batch scripts when necessary -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 3 months

1
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jbossws-issues December 2008