]
Alessio Soldano updated JBWS-3812:
----------------------------------
Fix Version/s: jbossws-cxf-5.0
Incorrect value for ws-security.ut.validator
--------------------------------------------
Key: JBWS-3812
URL:
https://issues.jboss.org/browse/JBWS-3812
Project: JBoss Web Services
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: jbossws-cxf
Affects Versions: jbossws-cxf-4.2.4
Reporter: John Ament
Fix For: jbossws-cxf-5.0
I found a forum post indicating that this value should work, in my hunt to make security
work in WildFly.
https://community.jboss.org/thread/229071
When you set the parameter ws-security.ut.validator in jaxws-endpoint-config.xml, the
value that gets set is in fact the string value, e.g.
com.mycompany.cxf.validators.MySpecialValidator
CXF is expecting that this is an instantiated instance of the class, not a classname. It
results in a ClassCastException. You can see here for reference:
http://cxf.apache.org/docs/ws-securitypolicy.html look under Validator implementations.
To work around this, you can register a custom InInterceptor and set the value in the
message context. It's not ideal, but you could read the value from
jaxws-endpoint-config.xml and instantiate that class, passing it back to the message
context.