[
https://issues.jboss.org/browse/JBWS-3812?page=com.atlassian.jira.plugin....
]
Juan Manuel CABRERA commented on JBWS-3812:
-------------------------------------------
Hello.
I also have this problem.
Here is a simple test reproducing it:
Checkout [
https://github.com/jmcabrera/jboss-samples/tree/JBWS-3812], then:
{code}
$ ~/gh/jboss-samples/ : cd simple-wss4j/
$ ~/gh/jboss-samples/simple-wss4j : mvn clean test -Pmanaged
{code}
This project uses Arquillian and JBoss EAP 6.3.0.
Two profiles:
- remote: if you already have a running instance of EAP 6.3.0
- managed: if you want to start one from scratch.
In both cases, you need an EAP installation and a env var named {{JBOSS_HOME}} pointing at
it.
This is the exception I get:
{code}
09:42:12,708 INFO [org.jboss.as.repository] (management-handler-thread - 1) JBAS014900:
Contenu ajouté dans location
D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:12,713 INFO [org.jboss.as.server.deployment] (MSC service thread 1-4) JBAS015876:
Lancement du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war"
(runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:12,811 INFO [org.jboss.ws.cxf.metadata] (MSC service thread 1-8) JBWS024061: Adding
service endpoint metadata: id=com.finin.jboss.samples.SimpleWSS4JImpl
address=http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
implementor=com.finin.jboss.samples.SimpleWSS4JImpl
serviceName={http://test}SimpleWSS4JImpl
portName={http://test}SimpleWSS4JImplPort
annotationWsdlLocation=null
wsdlLocationOverride=null
mtomEnabled=false
09:42:23,085 INFO [org.apache.cxf.service.factory.ReflectionServiceFactoryBean] (MSC
service thread 1-8) Creating Service {http://test}SimpleWSS4JImpl from WSDL:
WEB-INF/wsdl/test.xml
09:42:23,105 INFO [org.apache.cxf.endpoint.ServerImpl] (MSC service thread 1-8) Setting
the server's publish address to be
http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
09:42:23,115 INFO [org.jboss.ws.cxf.deployment] (MSC service thread 1-8) JBWS024074: WSDL
published to:
file:/D:/opt/jboss-eap/standalone/data/wsdl/872f2746-702b-41fc-96d1-1c789c6a7b52.war/test.xml
09:42:23,116 INFO [org.jboss.as.webservices] (MSC service thread 1-2) JBAS015539:
Démarrage de service jboss.ws.port-component-link
09:42:23,117 INFO [org.jboss.as.webservices] (MSC service thread 1-5) JBAS015539:
Démarrage de service
jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:23,256 INFO [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018210:
Enregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:23,427 INFO [org.jboss.as.server] (management-handler-thread - 1) JBAS018559:
Déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name:
"872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:26,045 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/127.0.0.1:8080-2)
Interceptor for {http://test}SimpleWSS4JImpl has thrown exception, unwinding now:
java.lang.ClassCastException: java.lang.String cannot be cast to
org.apache.ws.security.validate.Validator
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor$1.getValidator(UsernameTokenInterceptor.java:165)
at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:66)
[wss4j-1.6.15.redhat-1.jar:1.6.15.redhat-1]
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.validateToken(UsernameTokenInterceptor.java:182)
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.processToken(UsernameTokenInterceptor.java:90)
at
org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:101)
at
org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:241)
at
org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
at
org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
[jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140)
[jbossws-spi-2.3.0.Final-redhat-1.jar:2.3.0.Final-redhat-1]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
[jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
[jboss-as-web-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
[jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_05]
09:42:26,143 INFO [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018224:
Désenregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:26,185 INFO [org.jboss.as.webservices] (MSC service thread 1-6) JBAS015540: Arrêt
de service
jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:26,195 INFO [org.jboss.as.webservices] (MSC service thread 1-1) JBAS015540: Arrêt
de service jboss.ws.port-component-link
09:42:26,239 INFO [org.jboss.as.server.deployment] (MSC service thread 1-5) JBAS015877:
Arrêt du déploiement de 872f2746-702b-41fc-96d1-1c789c6a7b52.war (runtime-name:
"872f2746-702b-41fc-96d1-1c789c6a7b52.war") en 99ms
09:42:26,267 INFO [org.jboss.as.repository] (management-handler-thread - 2) JBAS014901:
Contenu supprimé de la location
D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:26,268 INFO [org.jboss.as.server] (management-handler-thread - 2) JBAS018558:
Annulation du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war"
(runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
{code}
As suggested by the OP, CXF expects an instance of a Validator in front of
{{ws-security.ut.validator}} à la Spring.
For reference, here is the endpoint config:
{code}
<jaxws-config
xmlns="urn:jboss:jbossws-jaxws-config:4.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0
schema/jbossws-jaxws-config_4_0.xsd">
<endpoint-config>
<config-name>com.finin.jboss.samples.SimpleWSS4JImpl</config-name>
<property>
<property-name>ws-security.ut.validator</property-name>
<property-value>com.finin.jboss.samples.CustomUTValidator</property-value>
</property>
</endpoint-config>
</jaxws-config>
{code}
You might want to have a look
[
here|http://grepcode.com/file/repo1.maven.org/maven2/org.apache.openejb/o...]
for an example of what I think is a very flexible configuration.
Regards,
Juan Manuel
Incorrect value for ws-security.ut.validator
--------------------------------------------
Key: JBWS-3812
URL:
https://issues.jboss.org/browse/JBWS-3812
Project: JBoss Web Services
Issue Type: Bug
Components: jbossws-cxf
Affects Versions: jbossws-cxf-4.2.4
Reporter: John Ament
Assignee: Alessio Soldano
Fix For: jbossws-cxf-5.0
I found a forum post indicating that this value should work, in my hunt to make security
work in WildFly.
https://community.jboss.org/thread/229071
When you set the parameter ws-security.ut.validator in jaxws-endpoint-config.xml, the
value that gets set is in fact the string value, e.g.
com.mycompany.cxf.validators.MySpecialValidator
CXF is expecting that this is an instantiated instance of the class, not a classname. It
results in a ClassCastException. You can see here for reference:
http://cxf.apache.org/docs/ws-securitypolicy.html look under Validator implementations.
To work around this, you can register a custom InInterceptor and set the value in the
message context. It's not ideal, but you could read the value from
jaxws-endpoint-config.xml and instantiate that class, passing it back to the message
context.
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)