Announcement Announcement Module
Collapse
No announcement yet.
How To configure Security client side Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How To configure Security client side

    Hi all,

    I'm new in the world of spring-WS and I try to used WS Security on the echo exemple.

    On the server side I configured righlty the server. But now on the client side how I can add security information to my SOAP message ?

    The server answer me :
    Message does not conform to configured policy [ EncryptionPolicy(P) ]: No Security Header found;

    Here is my
    securitypolicy.xml :
    Code:
    <xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
    	<xwss:Encrypt />
    </xwss:SecurityConfiguration>
    applicationContext.xml:
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
    
        <bean id="echoClient" class="org.springframework.ws.samples.echo.client.sws.EchoClient">
            <property name="defaultUri" value="http://localhost:8080/echo"/>
            <property name="request" value="classpath:org/springframework/ws/samples/echo/client/sws/echoRequest.xml"/>
        </bean>
    
        <bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler">
            <property name="trustStore" ref="trustStore"/>
        </bean>
    
        <bean id="trustStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">
            <property name="location" value="classpath:service.jks"/>
            <property name="password" value="apache"/>
        </bean>
    
        <bean id="wsSecurityInterceptor"
            class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
            <property name="policyConfiguration" value="classpath:securityPolicy.xml"/>
            <property name="callbackHandlers">
                <list>
                    <ref bean="keyStoreHandler"/>
                </list>
            </property>
        </bean>
    </beans>
    My echorequest.xml :
    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <echoRequest xmlns="http://www.springframework.org/spring-ws/samples/echo">Hello</echoRequest>
    and my client code :
    Code:
    package org.springframework.ws.samples.echo.client.sws;
    
    import java.io.IOException;
    import java.io.StringReader;
    
    import javax.xml.transform.Source;
    import javax.xml.transform.stream.StreamSource;
    
    import org.springframework.context.ApplicationContext;
    import org.springframework.context.support.ClassPathXmlApplicationContext;
    import org.springframework.core.io.Resource;
    import org.springframework.ws.client.core.WebServiceTemplate;
    import org.springframework.ws.client.core.support.WebServiceGatewaySupport;
    import org.springframework.xml.transform.ResourceSource;
    import org.springframework.xml.transform.StringResult;
    
    public class EchoClient extends WebServiceGatewaySupport {
        
    	private static Resource request;
    
        public void setRequest(Resource request) {
            this.request = request;
        }
        public void echo() throws IOException {
            Source requestSource = new ResourceSource(request);
            StringResult result = new StringResult();
            getWebServiceTemplate().sendSourceAndReceiveToResult(requestSource, result);
            System.out.println(result);
        }
        
    	public static void main(String[] args) throws IOException {
            
    		ApplicationContext applicationContext =
                new ClassPathXmlApplicationContext("applicationContext.xml", EchoClient.class);
    
            EchoClient echoClient = (EchoClient) applicationContext.getBean("echoClient");
            echoClient.echo();
    	}
    }

    Help pliz
    Last edited by couvertf; May 6th, 2008, 09:47 AM.

  • #2
    Can you increase the logging level to TRACE to see what messages arrive at the server, and are sent from the client? It looks like there is not WS-Security header, which is weird.

    Comment


    • #3
      With trace ate debug level the server said me :

      I got this exception :
      Code:
      2008-05-06 16:28:27,717 DEBUG [org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver] - Loaded mappings [{http://www.springframework.org/schema/p=org.springframework.beans.factory.xml.SimplePropertyNamespaceHandler, http://www.springframework.org/schema/lang=org.springframework.scripting.config.LangNamespaceHandler, http://www.springframework.org/schema/jee=org.springframework.ejb.config.JeeNamespaceHandler, http://www.springframework.org/schema/aop=org.springframework.aop.config.AopNamespaceHandler, http://www.springframework.org/schema/util=org.springframework.beans.factory.xml.UtilNamespaceHandler, http://www.springframework.org/schema/tx=org.springframework.transaction.config.TxNamespaceHandler}]
      2008-05-06 16:28:27,733 DEBUG [org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver] - Ignoring namespace handler [org.springframework.scripting.config.LangNamespaceHandler]: handler class not found
      java.lang.ClassNotFoundException: org.springframework.scripting.config.LangNamespaceHandler
      	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1360)
      	at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1206)
      	at org.springframework.util.ClassUtils.forName(ClassUtils.java:229)
      	at org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver.initHandlerMappings(DefaultNamespaceHandlerResolver.java:117)
      	at org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver.<init>(DefaultNamespaceHandlerResolver.java:96)
      	at org.springframework.beans.factory.xml.DefaultNamespaceHandlerResolver.<init>(DefaultNamespaceHandlerResolver.java:83)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.createDefaultNamespaceHandlerResolver(XmlBeanDefinitionReader.java:498)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.createReaderContext(XmlBeanDefinitionReader.java:487)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.registerBeanDefinitions(XmlBeanDefinitionReader.java:468)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:363)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:313)
      	at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:290)
      	at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:131)
      	at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:147)
      	at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124)
      	at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:92)
      	at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:101)
      	at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:389)
      	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:324)
      	at org.springframework.web.servlet.FrameworkServlet.createWebApplicationContext(FrameworkServlet.java:332)
      	at org.springframework.web.servlet.FrameworkServlet.initWebApplicationContext(FrameworkServlet.java:266)
      	at org.springframework.web.servlet.FrameworkServlet.initServletBean(FrameworkServlet.java:236)
      	at org.springframework.web.servlet.HttpServletBean.init(HttpServletBean.java:126)
      	at javax.servlet.GenericServlet.init(GenericServlet.java:212)
      	at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1161)
      	at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:806)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:129)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
      	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
      	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
      	at java.lang.Thread.run(Unknown Source)
      is it normal when the message doesn't containt a security header ?

      Comment


      • #4
        Here is my client information :

        Code:
        2008-05-07 10:07:59,708 INFO [org.springframework.context.support.ClassPathXmlApplicationContext] - Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@192b996: display name [org.springframework.context.support.ClassPathXmlApplicationContext@192b996]; startup date [Wed May 07 10:07:59 CEST 2008]; root of context hierarchy
        2008-05-07 10:07:59,786 INFO [org.springframework.beans.factory.xml.XmlBeanDefinitionReader] - Loading XML bean definitions from class path resource [applicationContext.xml]
        2008-05-07 10:08:00,472 INFO [org.springframework.context.support.ClassPathXmlApplicationContext] - Bean factory for application context [org.springframework.context.support.ClassPathXmlApplicationContext@192b996]: org.springframework.beans.factory.support.DefaultListableBeanFactory@76ab2f
        2008-05-07 10:08:00,534 INFO [org.springframework.beans.factory.support.DefaultListableBeanFactory] - Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@76ab2f: defining beans [echoClient,keyStoreHandler,trustStore,wsSecurityInterceptor]; root of factory hierarchy
        2008-05-07 10:08:00,597 INFO [org.springframework.ws.soap.saaj.SaajSoapMessageFactory] - Creating SAAJ 1.3 MessageFactory with SOAP 1.1 Protocol
        2008-05-07 10:08:00,690 INFO [org.springframework.ws.soap.security.support.KeyStoreFactoryBean] - Loading key store from class path resource [client.jks]
        2008-05-07 10:08:00,706 WARN [org.springframework.ws.soap.security.support.KeyStoreFactoryBean] - Creating empty key store
        2008-05-07 10:08:00,706 DEBUG [org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler] - Loaded default key store
        2008-05-07 10:08:00,737 INFO [org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor] - Loading policy configuration from from 'securitypolicy.xml'
        2008-05-07 10:08:01,018 DEBUG [org.springframework.ws.client.core.WebServiceTemplate] - Opening connection to [http://localhost:8080/echo] using [org.springframework.ws.transport.http.HttpUrlConnectionMessageSender@be49e0]
        2008-05-07 10:08:01,158 DEBUG [org.springframework.ws.client.MessageTracing] - Sent request [SaajSoapMessage {http://www.springframework.org/spring-ws/samples/echo}echoRequest]
        2008-05-07 10:08:01,298 DEBUG [org.springframework.ws.client.core.WebServiceTemplate] - Received Fault message for request [SaajSoapMessage {http://www.springframework.org/spring-ws/samples/echo}echoRequest]
        Exception in thread "main" org.springframework.ws.soap.client.SoapFaultClientException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ EncryptionPolicy(P) ]:  No Security Header found; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ EncryptionPolicy(P) ]:  No Security Header found
        	at org.springframework.ws.soap.client.core.SoapFaultMessageResolver.resolveFault(SoapFaultMessageResolver.java:37)
        	at org.springframework.ws.client.core.WebServiceTemplate.handleFault(WebServiceTemplate.java:529)
        	at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:412)
        	at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:358)
        	at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:304)
        	at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:295)
        	at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:285)
        	at org.springframework.ws.samples.echo.client.sws.EchoClient.echo(EchoClient.java:43)
        	at org.springframework.ws.samples.echo.client.sws.EchoClient.main(EchoClient.java:53)
        Anyone know why it doesn't add encryption headers please ?
        Last edited by couvertf; May 7th, 2008, 04:12 AM.

        Comment


        • #5
          Where and How can I specify to use wsSecurityInterceptor like an interceptor in my applicationContexte.xml client file please ?

          Comment


          • #6
            Since 1.5, WebServiceTemplate has property interceptors, and you can insert your client interceptor there.

            It looks like your interceptor isn't called from anywhere.

            Try setting the dumpMessages in the security policy to true, so you can see what you actualy send (just add dumpMessages="true" atribute to the SecurityConfiguration element, and watch the console).

            I had some xwss problems with decryption myself (1.5 version)....but outgoing messages were properly secured.
            Last edited by dspoljaric; May 7th, 2008, 05:59 PM.

            Comment

            Working...
            X