What I'm doing seems like it should work, on the server side the policy is being read in and enforced because messages are being denied. I'm trying to do a simple username/password to get started but the client does seem interested in reacting to the policy. Messages are being sent across the queues successfully but they contain no username/password information, causing the receiving server to deny the request.
I have spent a good bit of time searching the internet so I wouldn't bother anyone, but I haven't been able to find the answer. One thing I did notice is that the examples used jaxws:client for their policies to work. I'm not sure that's an option since we are using JMS for the transport.
I've also debugged as much as I can and nothing obvious seems to stand out, it seems to enter the policy interceptor and then exit without doing any work.
Any help is greatly appreciated, thanks in advance.
CXF Version is 2.7.7 (included with JBoss Fuse)
Spring configuration file (for the web service):
************************************************************************************************************
<!-- *** Sender service creator *** -->
<bean id="securityFileTransferServiceProxyFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass"
value="com.hp.usa.es.csg.filetransfer.SecurityFileTransferServicePortPortType" />
<property name="address"
value="camel://direct:SecurityFileTransferServicePortPortType" />
<property name="username" value="admin"/>
<property name="password" value="admin"/>
<property name="outInterceptors">
<list>
<bean class="org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor"/>
</list>
</property>
</bean>
<bean id="securityFileTransferServiceClient" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"
factory-bean="securityFileTransferServiceProxyFactory" factory-method="create"
scope="prototype" />
************************************************************************************************************
I have tried removing the interceptor shown above and leaving it in.
I also have the following defined in the spring framework:
************************************************************************************************************
<cxf:bus>
<cxf:features>
<p:policies/>
</cxf:features>
</cxf:bus>
************************************************************************************************************
My application is as follows:
************************************************************************************************************
SecurityFileTransferServicePortPortType serviceClient = (SecurityFileTransferServicePortPortType)applicationContext.getBean("securityFileTransferServiceClient");
Send in = new Send();
Send.Properties properties = new Send.Properties();
in.setProperties(properties);
<.. a bunch of code that doesn't matter ..>
in.setData(sendData);
************************************************************************************************************
The WSDL looks like the following, I took the policy directly from the CXF policy example:
************************************************************************************************************
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="FileTransferServiceService" targetNamespace="http://soa.jboss.org/SecurityFileTransferServiceService" xmlns:ns1="http://com.hp.usa.csg.services.filetransfer.service/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://soa.jboss.org/SecurityFileTransferServiceService" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
<wsdl:types>
<xs:schema xmlns:tns="http://com.hp.usa.csg.services.filetransfer.service/" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://com.hp.usa.csg.services.filetransfer.service/" version="1.0">
<xs:import namespace="http://soa.jboss.org/SecurityFileTransferServiceService"/>
<xs:element name="send" type="tns:send"/>
<xs:complexType name="send">
<xs:sequence>
<xs:element name="properties">
<xs:complexType>
<xs:sequence>
<xs:element maxOccurs="unbounded" minOccurs="0" name="entry" nillable="true">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="key" type="xs:string"/>
<xs:element minOccurs="0" name="value" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" name="data" type="xs:base64Binary"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
</wsdl:types>
<wsdl:message name="SecurityFileTransferServicePortOp">
<wsdl:part name="in" element="ns1:send">
</wsdl:part>
</wsdl:message>
<wsdl:portType name="SecurityFileTransferServicePortPortType">
<wsdl:operation name="SecurityFileTransferServicePortOp">
<wsdl:input name="SecurityFileTransferServicePortOp" message="tns:SecurityFileTransferServicePortOp">
</wsdl:input>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="FileTransferServiceServiceSoapBinding" type="tns:SecurityFileTransferServicePortPortType">
<wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#UP_policy"/>
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="SecurityFileTransferServicePortOp">
<soap:operation soapAction="http://soa.jboss.org/SecurityFileTransferServiceService/SecurityFileTransferServicePortOp" style="document"/>
<wsdl:input name="SecurityFileTransferServicePortOp">
<soap:body use="literal"/>
</wsdl:input>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="FileTransferServiceService">
<wsdl:port name="SecurityFileTransferServicePortPortTypePort" binding="tns:FileTransferServiceServiceSoapBinding">
<soap:address location="https://localhost:8183/SecurityFileTransferServicePortPortTypePort"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="UP_policy" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
************************************************************************************************************
I have spent a good bit of time searching the internet so I wouldn't bother anyone, but I haven't been able to find the answer. One thing I did notice is that the examples used jaxws:client for their policies to work. I'm not sure that's an option since we are using JMS for the transport.
I've also debugged as much as I can and nothing obvious seems to stand out, it seems to enter the policy interceptor and then exit without doing any work.
Any help is greatly appreciated, thanks in advance.
CXF Version is 2.7.7 (included with JBoss Fuse)
Spring configuration file (for the web service):
************************************************************************************************************
<!-- *** Sender service creator *** -->
<bean id="securityFileTransferServiceProxyFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">
<property name="serviceClass"
value="com.hp.usa.es.csg.filetransfer.SecurityFileTransferServicePortPortType" />
<property name="address"
value="camel://direct:SecurityFileTransferServicePortPortType" />
<property name="username" value="admin"/>
<property name="password" value="admin"/>
<property name="outInterceptors">
<list>
<bean class="org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor"/>
</list>
</property>
</bean>
<bean id="securityFileTransferServiceClient" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"
factory-bean="securityFileTransferServiceProxyFactory" factory-method="create"
scope="prototype" />
************************************************************************************************************
I have tried removing the interceptor shown above and leaving it in.
I also have the following defined in the spring framework:
************************************************************************************************************
<cxf:bus>
<cxf:features>
<p:policies/>
</cxf:features>
</cxf:bus>
************************************************************************************************************
My application is as follows:
************************************************************************************************************
SecurityFileTransferServicePortPortType serviceClient = (SecurityFileTransferServicePortPortType)applicationContext.getBean("securityFileTransferServiceClient");
Send in = new Send();
Send.Properties properties = new Send.Properties();
in.setProperties(properties);
<.. a bunch of code that doesn't matter ..>
in.setData(sendData);
************************************************************************************************************
The WSDL looks like the following, I took the policy directly from the CXF policy example:
************************************************************************************************************
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="FileTransferServiceService" targetNamespace="http://soa.jboss.org/SecurityFileTransferServiceService" xmlns:ns1="http://com.hp.usa.csg.services.filetransfer.service/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://soa.jboss.org/SecurityFileTransferServiceService" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
<wsdl:types>
<xs:schema xmlns:tns="http://com.hp.usa.csg.services.filetransfer.service/" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://com.hp.usa.csg.services.filetransfer.service/" version="1.0">
<xs:import namespace="http://soa.jboss.org/SecurityFileTransferServiceService"/>
<xs:element name="send" type="tns:send"/>
<xs:complexType name="send">
<xs:sequence>
<xs:element name="properties">
<xs:complexType>
<xs:sequence>
<xs:element maxOccurs="unbounded" minOccurs="0" name="entry" nillable="true">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" name="key" type="xs:string"/>
<xs:element minOccurs="0" name="value" type="xs:string"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element minOccurs="0" name="data" type="xs:base64Binary"/>
</xs:sequence>
</xs:complexType>
</xs:schema>
</wsdl:types>
<wsdl:message name="SecurityFileTransferServicePortOp">
<wsdl:part name="in" element="ns1:send">
</wsdl:part>
</wsdl:message>
<wsdl:portType name="SecurityFileTransferServicePortPortType">
<wsdl:operation name="SecurityFileTransferServicePortOp">
<wsdl:input name="SecurityFileTransferServicePortOp" message="tns:SecurityFileTransferServicePortOp">
</wsdl:input>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="FileTransferServiceServiceSoapBinding" type="tns:SecurityFileTransferServicePortPortType">
<wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#UP_policy"/>
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="SecurityFileTransferServicePortOp">
<soap:operation soapAction="http://soa.jboss.org/SecurityFileTransferServiceService/SecurityFileTransferServicePortOp" style="document"/>
<wsdl:input name="SecurityFileTransferServicePortOp">
<soap:body use="literal"/>
</wsdl:input>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="FileTransferServiceService">
<wsdl:port name="SecurityFileTransferServicePortPortTypePort" binding="tns:FileTransferServiceServiceSoapBinding">
<soap:address location="https://localhost:8183/SecurityFileTransferServicePortPortTypePort"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="UP_policy" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy/>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken11/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
************************************************************************************************************