[JBossWS] - SOAP not working with Jboss 5
by mayankmit2002
Hello All,
We've an application that is exposed to the third party as a web service, Right now we are using Jboss 4.2.2 with JDK 1.6.0_11 on Windows XP machine.
For test purpose, we've a .Net client, that connects to our service through SOAP. But now the problem is, when we deploy the same application on Jboss 5.0.0 GA, our .Net client is unable to connect to our service. Although, wsdl is published well, and is accessible on the web ( we didn't make any changes in the context path or wsdl publish location). Whenever, our .Net clients now try to connect the service, following exception is thrown on the
| See the end of this message for details on invoking
| just-in-time (JIT) debugging instead of this dialog box.
|
| ************** Exception Text **************
| System.Security.SecurityException: Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
| at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
| at System.Security.CodeAccessPermission.Demand()
| at System.Net.HttpWebRequest..ctor(Uri uri, ServicePoint servicePoint)
| at System.Net.HttpRequestCreator.Create(Uri Uri)
| at System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase)
| at System.Net.WebRequest.Create(Uri requestUri)
| at System.Web.Services.Protocols.WebClientProtocol.GetWebRequest(Uri uri)
| at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebRequest(Uri uri)
| at System.Web.Services.Protocols.SoapHttpClientProtocol.GetWebRequest(Uri uri)
| at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
| at CMS_API_Test.perspectiveService.PerspectiveMgtAPI.endSession(sessionId arg0)
| at CMS_API_Test.Form1.cB_Connect_CheckedChanged(Object sender, EventArgs e)
| at System.Windows.Forms.CheckBox.OnCheckedChanged(EventArgs e)
| at System.Windows.Forms.CheckBox.set_CheckState(CheckState value)
| at System.Windows.Forms.CheckBox.set_Checked(Boolean value)
| at CMS_API_Test.Form1.cB_Connect_CheckedChanged(Object sender, EventArgs e)
| at System.Windows.Forms.CheckBox.OnCheckedChanged(EventArgs e)
| at System.Windows.Forms.CheckBox.set_CheckState(CheckState value)
| at System.Windows.Forms.CheckBox.OnClick(EventArgs e)
| at System.Windows.Forms.CheckBox.OnMouseUp(MouseEventArgs mevent)
| at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
| at System.Windows.Forms.Control.WndProc(Message& m)
| at System.Windows.Forms.ButtonBase.WndProc(Message& m)
| at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
| at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
| at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
| The action that failed was:
| Demand
| The type of the first permission that failed was:
| System.Net.WebPermission
| The Zone of the assembly that failed was:
| Intranet
but the same application is working fine with Jboss 4.2.2,
Is there any change in the security attributes of Jboss WS, if any, how to modify them.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215570#4215570
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215570
15 years, 9 months
[JBossWS] - Re: Use of JAX-RPC in JBoss 4.2.3
by glen_s
I'll answer my own question in case anyone is trying to solve the same problem I had.
I found a tutorial at http://jaitechwriteups.blogspot.com/2006/12/simple-webservice-on-jboss-us... which admittedly was written for JBoss 4.0.4, but in comments seemed to indicate would work with Axis 1.4 on JBoss 4.2.x. By following the tutorial I was able to get a client web service running that uses soap encoding including for soap encoded arrays (particularly unsupported it seems, since from my understanding of some JBossWS documentation, JBossWS in previous versions did support soap encoding in part--just not for soap encoded arrays).
To jump to the chase, I simply put the following JARs from Axis 1.4 in my EAR's lib directory:
axis.jar, axit-ant.jar, commons-discovery-0.2.jar, jaxrpc.jar, saaj.jar, wsdl4j-1.5.1.jar
No modifications were necessary to the JARs included in JBoss libs nor to the configuration of any classloader.
Do take note that if one tries to use Axis 1.4 to implement the server for a web service, some extra configuration seem to be necessary. In my case, I only needed a client so the above JARs in the EAR's lib were enough. But since I was initially following the above tutorial quite closely, and the tutorial does take you down the path of enabling a server, I did encounter and come up with a solution for enabling a server. I found that the compiler was not able to find J2EE classes in the compiler's classpath, which I fixed by copying jboss-j2ee.jar and servlet-api.jar from the JBoss default server's lib directory to my EAR's lib. As to whether this is the "right" thing to do to enable an Axis implemented server, I'm not sure, but I didn't try too hard since it wasn't part of my goal.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215414#4215414
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215414
15 years, 9 months
[JBossWS] - Implementing WS-Security Usename Token Profile Authenticatio
by dhanushgopinath
Hi All,
The below mentioned steps will help you implementing WS-Security Usename Token Profile on for POJO based Webservices. This example is done with JBOSS 4.2.3 AS with JBOSS Native WS 3.1.0.
Assumptions
1. This is a step by step example of implementing the Username Token Authentication Profile of WS Security (based on http://xml.coverpages.org/WSS-UsernameTokenProfile-20040315.pdf ) using the JBOSS WS version 3.1.0.
2. JBOSS AS version 4.2.3 is installed.
3. JBOSS WS 3.1.0 is deployed onto the JBOSS AS by following the instructions in the location http://www.jboss.org/file-access/default/members/jbossws/downloads/Instal...
4. The web service implementation is already created using the Top Down approach.
5. JBOSS_HOME is the home directory of JBOSSAS where jboss-4.2.3.GA is unzipped.
6. While writing the WS Service Client we assume that the client side stubs are already provided.
7. Username and Password used in this implementation is the JBOSS default username and password (kermit=thefrog)
Steps - Server Side
1. Add the annotation @SecurityDomain("JBossWS") to the implementation class of web service.
a. This requires the importing of the package org.jboss.annotation.security.SecurityDomain to the web service and hence will need the jar jboss-annotations-ejb3.jar in the classpath of your application. This jar is available in the JBOSS_HOME/client directory.
b. This security domain (JBossWS )should be available under the application policy category in the login configuration xml file in JBOSS_HOME/server/default/conf/login-config.xml. (I guess it should be possible to add a custom security domain by adding a separate application policy configuration on to this file. But I have not tested it though. )
2. Create a file jboss-web.xml under the WEB-INF directory of your application and add the following content to the XML file.
<?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
| <jboss-web>
|
| <security-domain>java:/jaas/JBossWS</security-domain>
| <context-root>/CONTEXT_ROOT_OF_YOUR_APP</context-root>
| </jboss-web>
|
3. Copy the file standard-jaxws-endpoint-config.xml from the location JBOSS_HOME\server\default\deploy\jbossws.sar\META-INF to the META-INF directory of your application and edit it as follows.
a. Remove all the endpoint config elements (<endpoint-config>) except the one with the config name (Standard WSSecurity Endpoint). Your standard-jaxws-endpoint-config.xml should look like this.
| <?xml version="1.0" encoding="UTF-8"?>
| <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
| xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">
| <endpoint-config>
| <config-name>Standard WSSecurity Endpoint</config-name>
| <post-handler-chains>
| <javaee:handler-chain>
| <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings>
| <javaee:handler>
| <javaee:handler-name>WSSecurity Handler</javaee:handler-name>
| <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
| </javaee:handler>
| <javaee:handler>
| <javaee:handler-name>Recording Handler</javaee:handler-name>
| <javaee:handler-class>org.jboss.wsf.framework.invocation.RecordingServerHandler</javaee:handler-class>
| </javaee:handler>
| </javaee:handler-chain>
| </post-handler-chains>
| </endpoint-config>
|
4. Create the Server side WSSE declaration (jboss-wsse-server.xml) file as per the Jboss WS 3.1.0 User guide (http://jbossws.jboss.org/mediawiki/index.php?title=WS-Security_options#PO...) in the WEB-INF directory of your application. The contents can be as given below or can be according to the above link if your want to provide role level security.
| <?xml version="1.0" encoding="UTF-8"?>
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <config>
| <authorize>
| <unchecked />
| </authorize>
| </config>
| </jboss-ws-security>
|
5. Export the application WAR file and deploy it in JBOSS. Your application should deploy successfully. Check the log file to know more details.
Steps - Client Side
To test the application's Web Service Security we can write a sample WS Client. Before that we need to edit jbossws-users.properties file in the location JBOSS_HOME\ server\default\conf\props because the default JBossWS security domain look for the users configured in this file. Add users to this file in the username=password form. The steps to write the client are as given below.
1. Create the Client side WSSE declaration (jboss-wsse-client.xml) file in a location accessible to the web service client. The contents should be as per the JBOSS WS User guide (http://jbossws.jboss.org/mediawiki/index.php?title=JAX-WS_User_Guide#Clie... ). Since we are using Username Token Authentication, the contents of this file should be as follows.
| <?xml version="1.0" encoding="UTF-8"?>
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <config>
| <username/>
| </config>
| </jboss-ws-security>
|
2. Create the WS Service Client. The important code fragment is as given below. This will require the importing of the package org.jboss.ws.core.StubExt which is available in the jar, jboss-native-core.jar. So this jar should be added to the client class path. The skeleton code is as given.
|
| String url = "YOUR_DEPLOYED_WSDL_URL";
| URL wsdlURL = new URL(url);
| URL clientSideSecurityfile = new File("jboss-wsse-client.xml").toURL();
| QName serviceName = new QName(SERVICE_TARGET_NS, SERVICE_NAME);
| Service service = Service.create(wsdlURL, serviceName);
|
| //Get the Web Service Interface PORT
| AWFUtilityServicePortType port = (AWFUtilityServicePortType) service.getPort(AWFUtilityServicePortType.class);
|
| //Set the Security Configurations
| ((StubExt) port).setSecurityConfig(clientSideSecurityfile.toExternalForm());
| ((StubExt) port).setConfigName("Standard WSSecurity Client");
|
| //Set the user name password
| Map<String, Object> reqContext = ((BindingProvider) port).getRequestContext();
| reqContext.put(BindingProvider.USERNAME_PROPERTY, "kermit");
| reqContext.put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
| reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
|
| //Make the Call
| java.lang.String partGetIDRequest = "Hello World";
| java.lang.String result = port.getID(partGetIDRequest);
| System.out.println("Result = " + result);
|
3. So there is it we are all set. Make the call you can see the SOAP Messages when the user name and password matches
a. In Bound
| <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:awf="http://www.test.com/WF/Framework/AWFUtilityService">
| <soapenv:Header>
| <wsse:Security soapenv:mustUnderstand="1"
| xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext..."
| xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...">
| <wsse:UsernameToken wsu:Id="token-1-1236072936329-25515818">
| <wsse:Username>kermit</wsse:Username>
| <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-pr...">thefrog</wsse:Password>
| </wsse:UsernameToken>
| </wsse:Security>
| </soapenv:Header>
| <soapenv:Body>
| <awf:ID>Hi</awf:ID>
| </soapenv:Body>
| </soapenv:Envelope>
|
b. Out Bound
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
| <env:Header/>
| <env:Body>
| <ns1:IDValue xmlns:ns1="http://www.test.com/WF/Framework/AWFUtilityService">Hello World, Your ID is 1</ns1:IDValue>
| </env:Body>
| </env:Envelope>
|
c. When the User name and Password doesn't match the following SOAP fault is thrown.
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
| <env:Header/>
| <env:Body>
| <env:Fault>
| <faultcode xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...">wsse:FailedAuthentication</faultcode>
| <faultstring>The security token could not be authenticated or authorized.</faultstring>
| </env:Fault>
| </env:Body>
| </env:Envelope>
|
Hope these steps helps. If you find any issues after implementing by these steps, please post it here.
Thanks & Regards
Dhanush
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215231#4215231
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215231
15 years, 9 months
[JBossWS] - Re: WebServices logging
by alessio.soldano@jboss.com
The documentation clearly says the Record Management is available starting from version 2.0.3. Which version of JBossWS are you using? The version that comes with JBoss 4.2.2.GA is 2.0.1.SP2, thus if you did not change anything about that, you would simply need to upgrade to a more recent version. In that case, take a look at the supported target containers matrix : http://jbossws.jboss.org/mediawiki/index.php?title=Supported_Target_Conta...
This said, for a simple use of the Record Management with Native stack you don't need to do anything special besides going to the JMX console and activate the recording flag in the already installed LogRecorder instance for you endpoint. No implementation required, no changes to the endpoint config required (assuming you're using one of the provided endpoint configuration). The LogRecorder will simply log every message going through your endpoint into your server.log.
Further customization and usescases are explained in the documentation, I'm sure you'll understand everything easily once you have that stuff (i.e. you using a jbossws version that has that). Also consider taking a look at the testcases in the sources, package org.jboss.test.ws.management.recording.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215153#4215153
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215153
15 years, 9 months