I am inserting into three tables using Box_caring feature, insertion happening properly but if some error comes in between while inserting into tables its not roll backing the data.
I'm looking for a solution to the following challenge:Have a set of related tables. They are related by primary/foreign key relations and need to update/insert objects in the related tables. Insert/update happening inside iterator mediator. what happens when one of the updates/insert fails? Will all the inserted/updated objects rolled back?.
Please give any ideas or links or code snippet to make it work.
Note: Am using wso2 esb-4.8.1, wso2 dss-3.2.2 and MSSQL database
Gone through below links:
http://charithaka.blogspot.in/2014/02/common-mistakes-to-avoid-in-wso2-esb-1.html
How we can ROLLBACK the Transaction in WSO2DSS or WSO2ESB
Thanks in advance
Here you have to implement Distributed XA transactions. Could you please refer to the article [1] which will guide you through this.
[1]https://docs.wso2.com/display/ESB490/Sample+657%3A+Distributed+Transaction+Management
When you are using box_carring feature, you have to maintain same session across all the operation calls. Otherwise, it will evaluates as separated calls and will not be atomic. Here is a sample synapse config that can be used to maintain the same session.
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="ESBService"
transports="https http"
startOnLoad="true"
trace="disable">
<description/>
<target>
<inSequence>
<transaction action="new"/>
<property name="id" expression="json-eval($.id)"/>
<property name="userName" expression="json-eval($.userName)"/>
<property name="firstName" expression="json-eval($.firstName)"/>
<property name="lastName" expression="json-eval($.lastName)"/>
<property name="address" expression="json-eval($.address)"/>
<enrich>
<source type="body" clone="true"/>
<target type="property" property="FirstBody"/>
</enrich>
<property name="messageType" value="application/xml" scope="axis2"/>
<header name="Action" value="urn:begin_boxcar"/>
<payloadFactory media-type="xml">
<format>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:dat="http://ws.wso2.org/dataservice">
<soapenv:Header/>
<soapenv:Body>
<dat:begin_boxcar/>
</soapenv:Body>
</soapenv:Envelope>
</format>
<args/>
</payloadFactory>
<call>
<endpoint>
<address uri="http://localhost:9764/services/testService.SOAP11Endpoint/"/>
</endpoint>
</call>
<property name="setCookieHeader" expression="$trp:Set-Cookie"/>
<property name="Cookie"
expression="get-property('setCookieHeader')"
scope="transport"/>
<property name="OUT_ONLY" value="true"/>
<payloadFactory media-type="xml">
<format>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:dat="http://ws.wso2.org/dataservice">
<soapenv:Header/>
<soapenv:Body>
<p:insert_employee xmlns:p="http://ws.wso2.org/dataservice">
<xs:UserId xmlns:xs="http://ws.wso2.org/dataservice">$1</xs:UserId>
<xs:userName xmlns:xs="http://ws.wso2.org/dataservice">$2</xs:userName>
<xs:firstName xmlns:xs="http://ws.wso2.org/dataservice">$3</xs:firstName>
<xs:lastName xmlns:xs="http://ws.wso2.org/dataservice">$4</xs:lastName>
</p:insert_employee>
</soapenv:Body>
</soapenv:Envelope>
</format>
<args>
<arg evaluator="xml" expression="get-property('id')"/>
<arg evaluator="xml" expression="get-property('userName')"/>
<arg evaluator="xml" expression="get-property('firstName')"/>
<arg evaluator="xml" expression="get-property('lastName')"/>
</args>
</payloadFactory>
<property name="Content-Encoding" scope="transport" action="remove"/>
<property name="Cookie"
expression="get-property('setCookieHeader')"
scope="transport"/>
<call>
<endpoint>
<address uri="http://localhost:9764/services/testService.SOAP11Endpoint/"/>
</endpoint>
</call>
<payloadFactory media-type="xml">
<format>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:dat="http://ws.wso2.org/dataservice">
<soapenv:Header/>
<soapenv:Body>
<dat:end_boxcar/>
</soapenv:Body>
</soapenv:Envelope>
</format>
<args/>
</payloadFactory>
<property name="Content-Encoding" scope="transport" action="remove"/>
<property name="Cookie"
expression="get-property('setCookieHeader')"
scope="transport"/>
<call>
<endpoint>
<address uri="http://localhost:9764/services/testService.SOAP11Endpoint/"/>
</endpoint>
</call>
<respond/>
</inSequence>
<faultSequence>
<log>
<property name="END" value="****ROLLBACK****"/>
</log>
<transaction action="rollback"/>
<respond/>
</faultSequence>
</target>
</proxy>
However, you can use request_box feature, where you do not have to maintain the session across operations.
Thanks
Related
I'm using WSO2 with the VFS. I need to take the incoming file, fileinput.xml and log the id fields together. The VFS is enabled and functional and when I move my fileinput.xml into my test_in folder it appropriately gets handled and put into test_out or test_failure correctly. I've read a lot of online documentation but have been unable to wrap my head around how to do the following.
My Question is
How do I get a property from my fileinput.xml ?
How do I iterate over the ids and concatenate them together in a log?
fileinput.xml
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header/>
<soapenv:Body>
<customers>
<customer>
<id>testid1</id>
<prop1>a</prop1>
<prop2>b</prop2>
<customer/>
<customer>
<id>testid2</id>
<prop1>3</prop1>
<prop2>4</prop2>
<customer/>
</customers>
</soapenv:Body>
</soapenv:Envelope>
My wso2 proxy file
<?xml version="1.0" encoding="UTF-8"?>
<proxy
xmlns="http://ws.apache.org/ns/synapse" name="FileProxy" transports="vfs" startOnLoad="true" trace="disable">
<target>
<parameter name="transport.vfs.ActionAfterProcess">MOVE</parameter>
<parameter name="transport.vfs.ActionAfterFailure">MOVE</parameter>
<parameter name="transport.PollInterval">5</parameter>
<parameter name="transport.vfs.FileURI">file:///Users/myuser/test_in</parameter>
<parameter name="transport.vfs.MoveAfterProcess">file:///Users/myusertest_out</parameter>
<parameter name="transport.vfs.MoveAfterFailure">file:///Users/myuser/test_failure</parameter>
<parameter name="transport.vfs.FileNamePattern">.*.xml</parameter>
<parameter name="transport.vfs.ContentType">text/xml</parameter>
<inSequence>
<log category="WARN" level="full">
<property name="MESSAGE" value="In Sequence"/>
</log>
<clone>
<target sequence="fileWriteSequence"/>
</clone>
</inSequence>
</target>
<outSequence>
<log category="WARN" level="full">
<property name="MESSAGE" value="Out Sequence"/>
</log>
<send/>
</outSequence>
</proxy>
My fileWriteSequence
<?xml version="1.0" encoding="UTF-8"?>
<sequence name="fileWriteSequence">
<log level="full">
<property name="sequence" value="fileWriteSequence"/>
</log>
<property name="transport.vfs.ReplyFileName" expression="fn:concat(fn:substring-after(get-property('MessageID'), 'urn:uuid:'), '.txt')" scope="transport"/>
<property name="OUT_ONLY" value="true"/>
<send>
<endpoint name="FileEpr">
<address uri="vfs:file:///Users/myuser/test_out"/>
</endpoint>
</send>
</sequence>
You can use the iterate mediator to iterate over 'id' element and use a property in the operation scope to concatenate all the id values. Refer this
Ok, this is a continuation to my original question. (WSo2 Esb filtering messages to an output file)
After a couple more days of research into the iterate and aggregate mediator I have reached a progress wall and would be very grateful for any advice how to resolve my blocking issue. The task at hand is simple, read and xml file, filter on certain records, and only produce an output xml file with just those records that meet the criteria. After previous discussion and research this tasks solution is as follows: use a iterate mediator to access each xml record and use a filter mediator to decide what I want to keep. Then use a aggregator mediator to write all these records to 1 file. Without the aggregator my configuration is producing 1 record per file.
Here is my proxy at this state:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="RenFileFilterProxy"
transports="vfs"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log level="full"/>
<clone>
<target sequence="RenIqtFilterSequence"/>
</clone>
</inSequence>
<outSequence>
<log level="custom">
<property name="sequence" value="In the outSequence"/>
</log>
<log level="full"/>
<aggregate id="QuizType">
<completeCondition>
<messageCount min="-1" max="-1"/>
</completeCondition>
<onComplete xmlns:z="RowsetSchema" expression="//z:row">
<call-template target="FileWriteTemplate">
<with-param name="targetFileName" value="TEST_FILE"/>
<with-param name="addressUri" value="vfs:file:///var/process/ren/rrout"/>
</call-template>
</onComplete>
</aggregate>
</outSequence>
</target>
<parameter name="transport.vfs.ActionAfterProcess">MOVE</parameter>
<parameter name="transport.PollInterval">15</parameter>
<parameter name="transport.vfs.MoveAfterProcess">file:///var/process/ren/extractedfiles</parameter>
<parameter name="transport.vfs.FileURI">file:///var/process/ren/extractedfiles</parameter>
<parameter name="transport.vfs.MoveAfterFailure">file:///var/process/ren/failure</parameter>
<parameter name="transport.vfs.FileNamePattern">test.xml</parameter>
<parameter name="transport.vfs.ContentType">application/xml</parameter>
<parameter name="transport.vfs.ActionAfterFailure">MOVE</parameter>
<description/>
</proxy>
Here is the RenIqtFilterSequence:
<sequence xmlns="http://ws.apache.org/ns/synapse" name="RenIqtFilterSequence">
<log level="custom">
<property name="sequence" value="RenIqtFilterSequence"></property>
</log>
<iterate xmlns:ns2="http://org.apache.synapse/xsd" xmlns:ns="http://org.apache.synapse/xsd" xmlns:z="RowsetSchema" expression="//z:row" id="QuizType">
<target>
<sequence>
<log>
<property name="iteratesequence" value="Iterating through the the records"></property>
</log>
<filter xmlns:rs="urn:schemas-microsoft-com:rowset" xpath="//z:row/#name='RP'">
<then>
<log level="custom">
<property name="sequence" value="Condition Write"></property>
</log>
<log level="full"></log>
<log level="custom">
<property name="sequence" value="Getting ready to aggregate"></property>
</log>
</then>
<else>
<log level="custom">
<property name="sequence" value="Condition Drop"></property>
</log>
<drop></drop>
</else>
</filter>
</sequence>
</target>
</iterate>
</sequence>
The issue I am facing now is I cannot get to the outSequence to perform my aggregator logic. The fact is I do not need to call a backend service for this process from the inSequence so I am struggling to find a clean way to get to my outSequence. Any Recomendations? I tried to include the aggregator mediator in my inSequence but it did not work, no output is produced. I figured the aggregator needs to be in the outSequence to capture all the records I filtered and then I can write them all out to 1 file.
I believe I need some configuration here:
<filter xmlns:rs="urn:schemas-microsoft-com:rowset" xpath="//z:row/#name='RP'">
<then>
<log level="custom">
<property name="sequence" value="Condition Write"></property>
</log>
<log level="full"></log>
<log level="custom">
<property name="sequence" value="Getting ready to aggregate"></property>
</log>
===============> Need to transfer to OutSequence somehow here!!!!<============
</then>
<else>
I have tried several approaches based on articles and blogs online but I just cannot put the final pieces in place. Any advice would be much appreciated. Thank you for your time reading this.
My IT infrastructure requires persistence based on a SQL Server 2008 R2 database.
I'm trying to configure SQL Server persistence for ActiveMQ 5.9 on windows, but can't figure out a correct configuration schema with or without journalling.
The default configuration uses kahadb, and it works:
<persistenceAdapter>
<kahaDB directory="${activemq.data}/kahadb" />
</persistenceAdapter>
I'm using this documentation a reference to configure SQL Server persistence:
http://activemq.apache.org/sqlserver.html
<persistenceAdapter>
<journaledJDBC journalLogFiles="5" dataDirectory="../activemq-data" dataSource="#mssql-ds">
<adapter><imageBasedJDBCAdaptor/></adapter>
</journaledJDBC>
</persistenceAdapter>
<bean id="mssql-ds" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.microsoft.sqlserver.jdbc.SQLServerDriver"/>
<property name="url" value="jdbc:sqlserver://HOST:PORT;databaseName=DBNAME;user=USER;password=PASSWORD"/>
<property name="username" value="USER"/>
<property name="password" value="PASSWORD"/>
</bean>
This is the error in xml parser I get:
ERROR | Failed to load: class path resource [activemq.xml], reason: Line 88 in XML document from class path resource [activemq.xml] is invalid; nested exception is org.xml.sax.SAXParseException; lineNumber: 88; columnNumber: 95; cvc-complex-type.2.4.a: Invalid content was found starting with element 'journaledJDBC'. One of '{"http://activemq.apache.org/schema/core":jdbcPersistenceAdapter, "http://activemq.apache.org/schema/core":journalPersistenceAdapter, "http://activemq.apache.org/schema/core":kahaDB, "http://activemq.apache.org/schema/core":levelDB, "http://activemq.apache.org/schema/core":mKahaDB, "http://activemq.apache.org/schema/core":memoryPersistenceAdapter, "http://activemq.apache.org/schema/core":replicatedLevelDB, WC[##other:"http://activemq.apache.org/schema/core"]}' is expected.
Please help me to figure out the configuration schema for SQL Server persistence, or provide a documentation link specific to version ActiveMQ 5.9
this is what I use for oracle. Maybe it's just a matter of changing the jdbc information from the datasource (as any other datasource)
(sorry, no SQL Server here to test)
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:amq="http://activemq.apache.org/schema/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd">
<broker xmlns="http://activemq.apache.org/schema/core" brokerName="localhost" dataDirectory="${activemq.data}">
<destinationPolicy>
<policyMap>
<policyEntries>
<policyEntry topic=">" producerFlowControl="true">
<pendingMessageLimitStrategy>
<constantPendingMessageLimitStrategy limit="1000" />
</pendingMessageLimitStrategy>
</policyEntry>
<policyEntry queue=">" producerFlowControl="true" memoryLimit="1mb">
</policyEntry>
</policyEntries>
</policyMap>
</destinationPolicy>
<persistenceAdapter>
<jdbcPersistenceAdapter dataSource="#oracle-ds" />
</persistenceAdapter>
<systemUsage>
<systemUsage>
<memoryUsage>
<memoryUsage limit="128 mb" />
</memoryUsage>
<storeUsage>
<storeUsage limit="100 gb" />
</storeUsage>
<tempUsage>
<tempUsage limit="50 gb" />
</tempUsage>
</systemUsage>
</systemUsage>
<transportConnectors>
<transportConnector name="tcp" uri="tcp://0.0.0.0:61616" />
</transportConnectors>
</broker>
<bean id="oracle-ds" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="oracle.jdbc.OracleDriver" />
<property name="url" value="jdbc:oracle:thin:#localhost:1521:XE" />
<property name="username" value="xxx" />
<property name="password" value="xxx" />
<property name="poolPreparedStatements" value="true" />
<property name="maxActive " value="30" />
</bean>
</beans>
I'm new to ADF mobile application development. I'm currently blocked in a scenario. I have a web service(from third party) which needs to retrieve data. In soapUI, the web service will retrieve the response only when there is this security tag. Otherwise it will give response as invalid security. The web service looks like this:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xx="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/" xmlns:get="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/">
<soapenv:Header>
<xx:SOAHeader>
<!--Optional:-->
<xx:Responsibility>XXX</xx:Responsibility>
<!--Optional:-->
<xx:RespApplication>XXX</xx:RespApplication>
<!--Optional:-->
<xx:SecurityGroup>XXX</xx:SecurityGroup>
<!--Optional:-->
<xx:NLSLanguage>XXX</xx:NLSLanguage>
<!--Optional:-->
<xx:Org_Id>XXX</xx:Org_Id>
</xx:SOAHeader>
<The portion which is excluded from the soap, but which is required for getting response>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>XXX</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXX</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">XXX</wsse:Nonce>
<wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<The portion which is excluded from the soap, but which is required for getting response>
</soapenv:Header>
<soapenv:Body>
<get:InputParameters>
<!--Optional:-->
<get:P_USERNAME>XXX</get:P_USERNAME>
</get:InputParameters>
</soapenv:Body>
</soapenv:Envelope>
I tried the steps described in ADF mobile tutorial to get web service data. But I'm getting response code 500 from the server. I tried the steps for secured web service also. But I'm not sure which security policy has been implemented in the web service. I tried with oracle/wss_username_client_token_policy and some others but didn't succeed. Later I tried by creating web service client/proxy. But as Oracle ADF only supports java 1.4, I got errors in the generated code(errors on generics and annotation).
The WSDL for the web service is as follows:
<definitions xmlns:tns="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns1="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/" name="XX_FS_MOB_LOGIN" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/">
<types>
<schema xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/">
<include schemaLocation="http://27.251.157.211:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/APPS_XX_FS_MOB_LOGIN_GET_LOGIN.xsd"/>
</schema>
<schema xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/">
<element name="SOAHeader">
<complexType>
<sequence>
<element name="Responsibility" minOccurs="0" type="string"/>
<element name="RespApplication" minOccurs="0" type="string"/>
<element name="SecurityGroup" minOccurs="0" type="string"/>
<element name="NLSLanguage" minOccurs="0" type="string"/>
<element name="Org_Id" minOccurs="0" type="string"/>
</sequence>
</complexType>
</element>
</schema>
</types>
<message name="GET_LOGIN_Input_Msg">
<part name="header" element="tns:SOAHeader"/>
<part name="body" element="tns1:InputParameters"/>
</message>
<message name="GET_LOGIN_Output_Msg">
<part name="body" element="tns1:OutputParameters"/>
</message>
<portType name="XX_FS_MOB_LOGIN_PortType">
<operation name="GET_LOGIN">
<input message="tns:GET_LOGIN_Input_Msg"/>
<output message="tns:GET_LOGIN_Output_Msg"/>
</operation>
</portType>
<binding name="XX_FS_MOB_LOGIN_Binding" type="tns:XX_FS_MOB_LOGIN_PortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="GET_LOGIN">
<soap:operation soapAction="http://XXX:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/"/>
<input>
<soap:header message="tns:GET_LOGIN_Input_Msg" part="header" use="literal"/>
<soap:body parts="body" use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="XX_FS_MOB_LOGIN_Service">
<port name="XX_FS_MOB_LOGIN_Port" binding="tns:XX_FS_MOB_LOGIN_Binding">
<soap:address location="http://XXX:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/"/>
</port>
</service>
</definitions>
Please help me to figure out a solution for this.
Thanks in advance
Rino
You won't be able to get far in accessing a secure Web service directly from ADF Mobile if you don't know the type of security it uses.
If you can create a proxy client that invokes the web service, then one solution is to run that on the server, and expose that client as a web service that the ADF Mobile layer can access.
I was wondering if it is possible to build a cxf-bc with WS-SecurityPolicy instead of just the WS-Security. WS-SecurityPolicy seems to be a more elegant solution since everything is in the WSDL. Examples welcome. :)
Well with David's help I got the CXF-BC to install and running on the ESB, but I can't seem to test it. It keeps coming back with:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
My msg:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://nwec.faa.gov/wxrec/UserAccount/types">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-25" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>bob</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">bobspassword</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<wsa:Action>http://nwec.faa.gov/wxrec/UserAccount/UserAccountPortType/ApproveDenyAccountRequest</wsa:Action>
</soapenv:Header>
<soapenv:Body>
...
</soapenv:Body>
Here's the policy in the wsdl:
<wsp:Policy wsu:Id="UserAccountBindingPolicy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:ExactlyOne>
<wsp:All>
<wsaw:UsingAddressing xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" wsp:Optional="true" />
<wsp:Policy >
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always">
<wsp:Policy>
<sp:WssUsernameToken10 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
As of the resolution of https://issues.apache.org/activemq/browse/SMXCOMP-711 and https://issues.apache.org/activemq/browse/SMXCOMP-712 (servicemix-cxf-bc-2010.01) it should be possible and easy to do.
See http://fisheye6.atlassian.com/browse/servicemix/components/bindings/servicemix-cxf-bc/trunk/src/test/java/org/apache/servicemix/cxfbc/ws/security/CxfBcSecurityJAASTest.java?r=HEAD for an example. Specifically the testJAASPolicy method.
As for the error relating to asserting the UsernameToken assertion, you may want to try putting the UsernameToken assertion inside of a SupportingToken or binding assertion depending on what you want to do with the token. It looks like you just want a username and password to be passed in the message without any other security such as a cryptographic binding of the token to the message or encryption so a supporting token will likely fit your needs.
I also urge you to consider the following additional precautions when using a UsernameToken:
Cryptographically bind the token to the message using a signature.
Use a nonce and created timestamp and cache the token on the server to prevent replay
Consider encrypting the token (before signing if you also sign) using XML enc
Using TLS either in lieu of or in addition to the above suggestions
With david's and Freeman over at the servicemix-user mailing-list. I was able finally get the correct configuration to implement WS-Security Policy.
Here's my final beans.xml for the my BC
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0" xmlns:util="http://www.springframework.org/schema/util"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:http="http://cxf.apache.org/transports/http/configuration" xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:person="http://www.mycompany.com/ws-sec-proto"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd
http://servicemix.apache.org/cxfbc/1.0
http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://cxf.apache.oarg/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
<import resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-policy.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" />
<bean id="myPasswordCallback" class="com.mycompany.ServerPasswordCallback" />
<cxfbc:consumer wsdl="classpath:wsdl/person.wsdl"
targetService="person:PersonService" targetInterface="person:Person"
properties="#properties" delegateToJaas="false" >
<!-- not important for ws-security
<cxfbc:inInterceptors>
<bean class="com.mycompany.SaveSubjectInterceptor" />
<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
</cxfbc:inInterceptors>
-->
</cxfbc:consumer>
<util:map id="properties">
<entry>
<key>
<util:constant
static-field="org.apache.cxf.ws.security.SecurityConstants.CALLBACK_HANDLER" />
</key>
<ref bean="myPasswordCallback" />
</entry>
</util:map>
<httpj:engine-factory bus="cxf">
<httpj:engine port="9001">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="password">
<sec:keyStore type="JKS" password="password" resource="certs/cherry.jks" />
</sec:keyManagers>
<sec:cipherSuitesFilter>
<sec:include>.*_WITH_3DES_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:exclude>.*_WITH_NULL_.*</sec:exclude>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<sec:clientAuthentication want="false"
required="false" />
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
<bean id="cxf" class="org.apache.cxf.bus.CXFBusImpl" />
<bean class="org.apache.servicemix.common.osgi.EndpointExporter" />
</beans>
Full example can be found here but it may not be there after a while.