i've generated client ws-client wsdl:
<wsdl:definitions name="arkivservicebasis" targetnamespace="http://acos.no/websak/appservices/contracts/interface/arkivservicebasis/2011/08" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:i0="http://tempuri.org/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:xsd="http://www.w3.org/2001/xmlschema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://acos.no/websak/appservices/contracts/interface/arkivservicebasis/2011/08" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"> <wsp:policy wsu:id="arkivservicebasisep_policy"> <wsp:exactlyone> <wsp:all> <sp:transportbinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:policy> <sp:transporttoken> <wsp:policy> <sp:httpstoken requireclientcertificate="false"/> </wsp:policy> </sp:transporttoken> <sp:algorithmsuite> <wsp:policy> <sp:basic256/> </wsp:policy> </sp:algorithmsuite> <sp:layout> <wsp:policy> <sp:strict/> </wsp:policy> </sp:layout> <sp:includetimestamp/> </wsp:policy> </sp:transportbinding> <sp:signedsupportingtokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:policy> <sp:usernametoken sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/alwaystorecipient"> <wsp:policy> <sp:wssusernametoken10/> </wsp:policy> </sp:usernametoken> </wsp:policy> </sp:signedsupportingtokens> <sp:wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:policy/> </sp:wss11> <sp:trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:policy> <sp:mustsupportissuedtokens/> <sp:requirecliententropy/> <sp:requireserverentropy/> </wsp:policy> </sp:trust10> <wsaw:usingaddressing/> </wsp:all> </wsp:exactlyone> </wsp:policy> <!-- types,messages,opertaions goes here --> </wsdl:definitions> i've added certificate wsdls endpoint's website java cacerts (also wl keystores - normal paranoid)
also i'm using securityhandler:
public final class securityhandler implements soaphandler<soapmessagecontext> { private string username; private string password; public securityhandler() { super(); } public securityhandler(string username, string password) { super(); this.username = username; this.password = password; } @override public boolean handlemessage(final soapmessagecontext msgctx) { // indicator telling direction message going in final boolean outind = (boolean) msgctx.get(messagecontext.message_outbound_property); // handler must add security headers outbound messages if (outind.booleanvalue()) { try { // soap envelope final soapenvelope envelope = msgctx.getmessage().getsoappart().getenvelope(); // header may or may not exist yet soapheader header = envelope.getheader(); if (header == null) { header = envelope.addheader(); } // add wss usertoken element tree final soapelement security = header.addchildelement("security", "wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); final soapelement usertoken = security.addchildelement("usernametoken", "wsse"); usertoken.addchildelement("username", "wsse").addtextnode(username); usertoken.addchildelement("password", "wsse").addtextnode(password); msgctx.getmessage().writeto(system.out); system.out.println(); } catch (final exception e) { return false; } } return true; } public set<qname> getheaders() { qname securityheader = new qname("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "security"); set<qname> headers = new hashset<qname>(); headers.add(securityheader); return headers; } @override public boolean handlefault(soapmessagecontext context) { return false; } @override public void close(messagecontext context) { } } and, finally, test class:
public class websakpingtest { private static final string login = "login"; private static final string pass = "pass"; @suppresswarnings("rawtypes") @test public void testsendpingrequest() throws datatypeconfigurationexception, malformedurlexception, soapexception { system.setproperty("javax.net.debug", "all"); system.setproperty("com.sun.xml.internal.ws.transport.http.client.httptransportpipe.dump", "true"); addressingfeature feature = new addressingfeature(true, false); arkivservicebasis service = new arkivservicebasis(); iarkivservicebasis port = service.getarkivservicebasisep(feature); final binding binding = ((bindingprovider) port).getbinding(); list<handler> handlerlist = binding.gethandlerchain(); handlerlist.add(new securityhandler(login, pass)); binding.sethandlerchain(handlerlist); port.ping("ping test message"); } } and works perfectly!
but when deploy code weblogic - receive exception:
javax.ejb.ejbexception: ejb exception: ; nested exception is: com.sun.xml.ws.fault.serversoapfaultexception: client received soap fault server: unable add security token identity, token uri =http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#usernametoken please see server log find more detail regarding exact cause of failure. @ com.sun.xml.ws.fault.soap12fault.getprotocolexception(soap12fault.java:229) @ com.sun.xml.ws.fault.soapfaultbuilder.createexception(soapfaultbuilder.java:125) @ com.sun.xml.ws.client.sei.stubhandler.readresponse(stubhandler.java:253) @ com.sun.xml.ws.db.databindingimpl.deserializeresponse(databindingimpl.java:181) @ com.sun.xml.ws.db.databindingimpl.deserializeresponse(databindingimpl.java:258) @ com.sun.xml.ws.client.sei.syncmethodhandler.invoke(syncmethodhandler.java:117) @ com.sun.xml.ws.client.sei.syncmethodhandler.invoke(syncmethodhandler.java:91) @ com.sun.xml.ws.client.sei.seistub.invoke(seistub.java:154) @ com.sun.proxy.$proxy303.nyjournalpostgittjournalpostinformasjon(unknown source) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:57) @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43) @ java.lang.reflect.method.invoke(method.java:606) @ weblogic.wsee.jaxws.spi.clientinstanceinvocationhandler.invoke(clientinstanceinvocationhandler.java:84) @ com.sun.proxy.$proxy304.nyjournalpostgittjournalpostinformasjon(unknown source) @ com.computas.service.websakws.websakservicehandler.nyjournalpostgittjournalpostinformasjon(websakservicehandler.java:82) @ com.computas.lovisa.server.websakmanagerbean.addjournalpost(websakmanagerbean.java:91) @ com.computas.lovisa.server.documentstoragemanager_h43t3b_documentstoragemanagerimpl.__wl_invoke(unknown source) @ weblogic.ejb.container.internal.sessionremotemethodinvoker.invoke(sessionremotemethodinvoker.java:34) @ com.computas.lovisa.server.documentstoragemanager_h43t3b_documentstoragemanagerimpl.addjournalpost(unknown source) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:57) @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43) @ java.lang.reflect.method.invoke(method.java:606) @ weblogic.ejb.container.internal.remotebusinessintfproxy.invoke(remotebusinessintfproxy.java:84) @ com.sun.proxy.$proxy261.addjournalpost(unknown source) @ com.computas.lovisa.websakpoc.websakpoc.testskrivsak(websakpoc.java:44) don't know do
solution
i've tried this article jax-ws (not rpc). i've changed code stays in example, omitting clientbstcredentialprovider - i've imported certificates java default key-store. final code looks this:
addressingfeature feature = new addressingfeature(true, false); port = service.getarkivservicebasisep(feature); objectfactory = new objectfactory(); datatypefactory = datatypefactory.newinstance(); list<credentialprovider> credproviders = new arraylist<credentialprovider>(); credentialprovider cp = new clientuntcredentialprovider(username.getbytes(), password.getbytes()); credproviders.add(cp); map<string, object> requestcontext = ((bindingprovider) port).getrequestcontext(); requestcontext.put(wssecuritycontext.credential_provider_list, credproviders); requestcontext.put(wssecuritycontext.trust_manager, new trustmanager() { public boolean certificatecallback(x509certificate[] chain, int validateerr) {return true;} }); so works wl!
Comments
Post a Comment