Announcement Announcement Module
Collapse
No announcement yet.
Spring-WS security Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring-WS security

    Hi,

    I am trying to implement Spring-WS security using Plain Text Username Authentication mechanism.

    I have got my security policy file defined as follows
    <xwss:SecurityConfiguration dumpMessages="false" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
    <xwss:RequireUsernameToken passwordDigestRequired="false" nonceRequired="false"/>
    </xwss:SecurityConfiguration>

    And I am using org.springframework.ws.soap.security.xwss.callback .SimplePasswordValidationCallbackHandler
    on the servier side.

    I have my WSDL coming up that means it is working fine. If it I try to Invoke it through SOAPUI it comes back with the following response

    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Body>
    <soapenv:Fault>
    <faultcode>soapenv:Server</faultcode>
    <faultstring xml:lang="en">XwsSecurityInterceptor requires a SaajSoapMessage. Use a SaajSoapMessageFactory to create the SOAP messages.</faultstring>
    </soapenv:Fault>
    </soapenv:Body>
    </soapenv:Envelope>

    I know I am not passing any security credentials through SOAPUI since I do not know how to configure that.

    Alternatively I have written my own client using WebServiceGatewaySupport class. But I still get the same message from my own client too.

    I know I am doing something wrong. Could somebody direct me to the proper example where I can get some assistance.

    I have already wasted lot of time on this, I kindly request to help me get out of this.

    Also for your reference I have my client configuration below

    Client security policy file
    <?xml version="1.0" encoding="UTF-8"?>

    <beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">

    <bean id="test" class="com.SecuredClient">
    <property name="defaultUri" value="http://localhost:9080/services/services.wsdl" />
    <property name="marshaller" ref="marshaller" />
    <property name="unmarshaller" ref="marshaller" />
    <property name="interceptors">
    <list>
    <ref bean="wsSecurityInterceptor"/>
    </list>
    </property>
    </bean>


    <bean id="marshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshalle r">
    <property name="contextPath" value="com.schema" />
    </bean>

    <bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.X wsSecurityInterceptor">
    <property name="secureResponse" value="true"/>
    <property name="policyConfiguration" value="classpath:wss-client-config.xml"/>
    <property name="callbackHandler">
    <bean id="passwordValidationHandler"
    class="org.springframework.ws.soap.security.xwss.c allback.SimplePasswordValidationCallbackHandler">
    <property name="users">
    <props>
    <prop key="test">test123</prop>
    </props>
    </property>
    </bean>
    </property>
    </bean>

    </beans>

    And my client java code is

    public class SecuredClient extends WebServiceGatewaySupport{


    public void invokeService(Request request) {
    try{
    getWebServiceTemplate().marshalSendAndReceive(requ est);
    }catch(Exception ex){
    ex.printStackTrace();
    }

    }
    }
Working...
X