[jbossws-issues] [JBoss JIRA] (JBWS-3812) Incorrect value for ws-security.ut.validator

Juan Manuel CABRERA (JIRA) issues at jboss.org
Thu Feb 5 04:08:49 EST 2015 

    [ https://issues.jboss.org/browse/JBWS-3812?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13037761#comment-13037761 ] 

Juan Manuel CABRERA commented on JBWS-3812:
-------------------------------------------

Hello.

I also have this problem.
Here is a simple test reproducing it:
Checkout [https://github.com/jmcabrera/jboss-samples/tree/JBWS-3812], then:
{code}
$ ~/gh/jboss-samples/ : cd simple-wss4j/
$ ~/gh/jboss-samples/simple-wss4j : mvn clean test -Pmanaged
{code}

This project uses Arquillian and JBoss EAP 6.3.0.
Two profiles:
  - remote: if you already have a running instance of EAP 6.3.0
  - managed: if you want to start one from scratch.

In both cases, you need an EAP installation and a env var named {{JBOSS_HOME}} pointing at it.

This is the exception I get:
{code}
09:42:12,708 INFO  [org.jboss.as.repository] (management-handler-thread - 1) JBAS014900: Contenu ajouté dans location D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:12,713 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-4) JBAS015876: Lancement du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:12,811 INFO  [org.jboss.ws.cxf.metadata] (MSC service thread 1-8) JBWS024061: Adding service endpoint metadata: id=com.finin.jboss.samples.SimpleWSS4JImpl
 address=http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
 implementor=com.finin.jboss.samples.SimpleWSS4JImpl
 serviceName={http://test}SimpleWSS4JImpl
 portName={http://test}SimpleWSS4JImplPort
 annotationWsdlLocation=null
 wsdlLocationOverride=null
 mtomEnabled=false
09:42:23,085 INFO  [org.apache.cxf.service.factory.ReflectionServiceFactoryBean] (MSC service thread 1-8) Creating Service {http://test}SimpleWSS4JImpl from WSDL: WEB-INF/wsdl/test.xml
09:42:23,105 INFO  [org.apache.cxf.endpoint.ServerImpl] (MSC service thread 1-8) Setting the server's publish address to be http://localhost:8080/872f2746-702b-41fc-96d1-1c789c6a7b52/SimpleWSS4JImpl
09:42:23,115 INFO  [org.jboss.ws.cxf.deployment] (MSC service thread 1-8) JBWS024074: WSDL published to: file:/D:/opt/jboss-eap/standalone/data/wsdl/872f2746-702b-41fc-96d1-1c789c6a7b52.war/test.xml
09:42:23,116 INFO  [org.jboss.as.webservices] (MSC service thread 1-2) JBAS015539: Démarrage de service jboss.ws.port-component-link
09:42:23,117 INFO  [org.jboss.as.webservices] (MSC service thread 1-5) JBAS015539: Démarrage de service jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:23,256 INFO  [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018210: Enregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:23,427 INFO  [org.jboss.as.server] (management-handler-thread - 1) JBAS018559: Déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
09:42:26,045 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/127.0.0.1:8080-2) Interceptor for {http://test}SimpleWSS4JImpl has thrown exception, unwinding now: java.lang.ClassCastException: java.lang.String cannot be cast to org.apache.ws.security.validate.Validator
        at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor$1.getValidator(UsernameTokenInterceptor.java:165)
        at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:66) [wss4j-1.6.15.redhat-1.jar:1.6.15.redhat-1]
        at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.validateToken(UsernameTokenInterceptor.java:182)
        at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.processToken(UsernameTokenInterceptor.java:90)
        at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:101)
        at org.apache.cxf.ws.security.wss4j.AbstractTokenInterceptor.handleMessage(AbstractTokenInterceptor.java:61)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
        at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:241)
        at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
        at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
        at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
        at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
        at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.3.0.Final-redhat-1.jar:2.3.0.Final-redhat-1]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.4.0.Final-redhat-19.jar:7.4.0.Final-redhat-19]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.4.8.Final-redhat-4.jar:7.4.8.Final-redhat-4]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_05]

09:42:26,143 INFO  [org.jboss.web] (ServerService Thread Pool -- 53) JBAS018224: Désenregistrement du contexte web /872f2746-702b-41fc-96d1-1c789c6a7b52
09:42:26,185 INFO  [org.jboss.as.webservices] (MSC service thread 1-6) JBAS015540: Arrêt de service jboss.ws.endpoint."872f2746-702b-41fc-96d1-1c789c6a7b52.war"."com.finin.jboss.samples.SimpleWSS4JImpl"
09:42:26,195 INFO  [org.jboss.as.webservices] (MSC service thread 1-1) JBAS015540: Arrêt de service jboss.ws.port-component-link
09:42:26,239 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-5) JBAS015877: Arrêt du déploiement de 872f2746-702b-41fc-96d1-1c789c6a7b52.war (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war") en 99ms
09:42:26,267 INFO  [org.jboss.as.repository] (management-handler-thread - 2) JBAS014901: Contenu supprimé de la location D:\opt\jboss-eap\standalone\data\content\f7\9b53daa66957309e77bd960b7c93a9a75423de\content
09:42:26,268 INFO  [org.jboss.as.server] (management-handler-thread - 2) JBAS018558: Annulation du déploiement de "872f2746-702b-41fc-96d1-1c789c6a7b52.war" (runtime-name: "872f2746-702b-41fc-96d1-1c789c6a7b52.war")
{code}

As suggested by the OP, CXF expects an instance of a Validator in front of {{ws-security.ut.validator}} à la Spring.

For reference, here is the endpoint config:

{code}
<jaxws-config
  xmlns="urn:jboss:jbossws-jaxws-config:4.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:javaee="http://java.sun.com/xml/ns/javaee"
  xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">
  <endpoint-config>
    <config-name>com.finin.jboss.samples.SimpleWSS4JImpl</config-name>
    <property>
      <property-name>ws-security.ut.validator</property-name>
      <property-value>com.finin.jboss.samples.CustomUTValidator</property-value>
    </property>
  </endpoint-config>
</jaxws-config>
{code}

You might want to have a look [here|http://grepcode.com/file/repo1.maven.org/maven2/org.apache.openejb/openejb-cxf/4.7.1/org/apache/openejb/server/cxf/ConfigureCxfSecurity.java#ConfigureCxfSecurity.setupWSS4JChain%28org.apache.cxf.endpoint.Endpoint%2Cjava.util.Properties%29] for an example of what I think is a very flexible configuration.

Regards,

Juan Manuel

> Incorrect value for ws-security.ut.validator
> --------------------------------------------
>
>                 Key: JBWS-3812
>                 URL: https://issues.jboss.org/browse/JBWS-3812
>             Project: JBoss Web Services
>          Issue Type: Bug
>          Components: jbossws-cxf
>    Affects Versions: jbossws-cxf-4.2.4
>            Reporter: John Ament
>            Assignee: Alessio Soldano
>             Fix For: jbossws-cxf-5.0
>
>
> I found a forum post indicating that this value should work, in my hunt to make security work in WildFly.  https://community.jboss.org/thread/229071
> When you set the parameter ws-security.ut.validator in jaxws-endpoint-config.xml, the value that gets set is in fact the string value, e.g. com.mycompany.cxf.validators.MySpecialValidator
> CXF is expecting that this is an instantiated instance of the class, not a classname.  It results in a ClassCastException.  You can see here for reference: http://cxf.apache.org/docs/ws-securitypolicy.html look under Validator implementations.
> To work around this, you can register a custom InInterceptor and set the value in the message context.  It's not ideal, but you could read the value from jaxws-endpoint-config.xml and instantiate that class, passing it back to the message context.



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

More information about the jbossws-issues mailing list