We are trying to implement ADF JAX-WS proxy client to access secured webservice(E-Business Suite). How to pass username/password?
If I run without passing it, I am getting the below error
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Missing in SOAP Header
Have you considered Google to ask that question? I did and this is what it found in 0.02 seconds
http://biemond.blogspot.co.uk/2009/04/jax-ws-web-service-proxy-client-and.html
Related
I'm trying to run a simple test with Apache Camel:
from("http://localhost:61554/api/v1/MyController/my-endpoint")
.to("direct:a")
.log("$({body}");
I'm getting the following error: "No endpoint could be found for: http://localhost:61554/api/v1/MyController/my-endpoint, please check your classpath contains the needed Camel component jar"
I'm very new to Camel and Java. Can someone please tell me why this error is coming up? Should I be using from("direct:x")... ? If, so where do I map my "direct" endpoints to concrete ones?
Thanks
You cannot use the http component as consumer (eg in from) - its a http client for calling HTTP servers (so its a producer, eg to).
Instead to have HTTP as consumer you can use camel-servlet, camel-jetty, camel-undertow, etc.
I have an application written with Spring Boot and AngularJS. When I try to hit a REST service as part of this application, I am able to hit it with POST method wherever POST is configured for request mapping.
But if I try to request AngularJS bind pages, I get a "405 method not supported" exception. So I try to create HTML and JSP pages too, which are not bound to Angular but still, I am getting the same exception.
Where can I start debugging this, and what is the likely reason?
i am sharing here furthere details about issue.
Basically this existing application created/developed with Jhipster, angularjs, Spring boot and spring security does not allow to access html/angularjs related resources with POST from outside. I will explain here what different scenarios work and what is not not working. 1.Postman trying to access base url trying to fetch index.html from same application- Give 405 Post method not allowed.2.Created an independent Test.html in same application and trying to access it from postman- Gives 405 Post method not allowed.3.Created a service which allows POST access in same application- Able to hit service from WSO2 IS IDP and also from Postman.4.Created a separate application on tomcat and provided as callback in WSO2 IDP with starting point for SSO from base url of existing application- Able to hit callback URL on tomcat server. Firefox shows that a POST request was generated for callback URL from WSO2 IS IDP to tomcat based application 5.Created a separate application with Angular js and Spring boot and provided as callback in WSO2 IDP with starting point for SSO from base url of existing application- Able to hit callback URL on tomcat server. Firefox shows that a POST request was generated for callback URL from WSO2 IS IDP to new application with Spring boot and Angularjs. This took me down to conclusion that one of three is causing this issue
1. Spring security generated from JHipster
2. Angularjs
3. Some CORS or other filter from Spring Security is causing this issue.
Till now we have tried to different debugging methods like
1. disable CORS,
2. in angularjs-resource.js enable POST for get operation,
3. In SecurityCOnfigurer, try to permit POST method for base URL or resolve it to GET in httpsercurity authorizerequest etc.
4. Also ignoring resources in websecurity.
Application stack for existing application which we are trying to implement SSO is as below
1. Angularjs 1.5.8
2. Springboot 1.5.9.release
3. WSO2IS 5.4.1
4. WSO2AM 2.1.0
5. JHipster
Let me know if any particular area which we might have missed to analyze or different methods to try.
Thanks,
Sandeep
Try to disable CSRF in security config
#Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
...
#Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
...
}
...
}
#SpringBootApplication
#Import({
...
SecurityConfig.class
...
})
public class SpringBootApp {
...
}
Objective: Get information (using Apache CXF) from a third party (thus no control or access to the service backend) web service
which use WS-Trust i.e. it authenticates the user using a Secure Token Service in this case with UsernameToken authentication.
I have spent a LONG time trying to learn about the WS-* security standards and at the same time trying out different frameworks and
tools (Axis, Apache CXF, METRO with NetBeans, Microsoft .net, SoapUI plugin for Eclipse etc.) to connect to a specific service in
the cloud. I am trying to develop a backend client that fetch information from the service. Apache CXF is attractive here
because it seems to be the only Java framework which does not assume that everyone connecting to web services use clients deployed on a web application server.
The service providers have provided the necessary certificates and user credentials to connect to the service using STS.
They have also provided a detailed user guide using NetBeans and METRO to create a web application that is deployed on a GlassFish server.
I have followed this guide and managed to get data from the web service. Conclusion so far: The certificates are valid.
There are three certificates stored in a keystore (including chains):
webservice-encryption-certificate.cer (keystore alias: webservice-encryption)
token-signing-certificate.cer (keystore alias:
token-signing)
token-encryption-certificate.cer (keystore alias: token-encryption)
=================================================================
NetBeans configuration:
Service client:
Keystore -> token-signing-certificate.cer
Truststore -> webservice-encryption-certificate.cer
STS client:
Truststore -> token-encryption-certificate.cer
Username -> user
Password -> xxx
=================================================================
THE BIG QUESTION: How can I make a similar configuration in CXF as in NetBeans?
I'm using CXF version: 3.0.2
"Translating" this to CXF gives me the follownig exception:
WARNING: Interceptor for {http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}SecurityTokenService#{http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}Trust13IssueAsync has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: The signature or decryption was invalid
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:841)
Here is what i tried in CXF (amongst MANY other things):
MyService service = new MyService(); // Stub created from WSDL (real service name has been renamed to MyService)
MyServiceInterface port = service.getPort();
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(port);
Bus bus = ((EndpointImpl) client.getEndpoint()).getBus();
STSClient stsClient = new STSClient(bus);
stsClient.setWsdlLocation("https://login.some-domain.com/adfs/services/trust/mex"); // Web service is using ADFS 2.0 with MEX
stsClient.setServiceQName(new QName("http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice", "SecurityTokenService"));
stsClient.setEndpointQName(new QName("http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice", "UserNameWSTrustBinding_IWSTrust13Async"));
stsClient.setSendRenewing(false);
stsClient.getRequestContext().put("ws-security.sts.token.properties", "clientTruststore.properties");
stsClient.getRequestContext().put("ws-security.sts.token.username", "webservice-encryption"); // MOST LIKELY WRONG - WHERE DO I PUT THIS CERTIFICATE?
Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
ctx.put("ws-security.sts.prefer-wsmex", true); // If set to false some policies will not be satisfied
ctx.put("ws-security.username", "user"); // REQUIRED OR FAIL WITH: No username available
ctx.put("ws-security.password", "xxx"); // REQUIRED OR FAIL: No username available
ctx.put("ws-security.encryption.properties", "clientTruststore.properties"); // REQUIRED OR FAIL WITH: A encryption username needs to be declared
ctx.put("ws-security.encryption.username", "token-encryption"); // REQUIRED OR FAIL WITH: A encryption username needs to be declared
ctx.put("ws-security.signature.properties", "clientTruststore.properties");
ctx.put("ws-security.signature.username", "token-signing");
ctx.put("ws-security.is-bsp-compliant", "false");
ctx.put("ws-security.sts.client", stsClient);
port.callSomething(createMyRequestObject());
I have tried to "decrypt" the meaning of the properties used in the code snippet above based on the following link (along many other tutorials and articles on the subject) to make sense in relation to WS-Trust and the certificates at hand.
http://cxf.apache.org/javadoc/latest/org/apache/cxf/ws/security/SecurityConstants.html
I have tried all sorts of combinations using the constants but with no success.
How do I "pass" the service certificate (webservice-encryption) to the STS to tell it "this is the service that I want to use"?
By the way I have captured the traffic with Fiddler, and the request looks perfectly right compared to traffic captured with the NetBeans solution i.e. it contains timestamp, encrypted sections etc.
I KEEP GETTING "The signature or decryption was invalid"
Can anyone help please?
What does the response method from the STS look like? Is it an error message or does it look like the call succeeded? If it is an error message then it looks like you may be using the wrong certificates...you will need to enable logging on the service to figure out what the exact error is. If the call succeeded, then enable DEBUG logging on the client side and see what the problem is.
Colm.
We had a similar problem. Perhaps you must add JCE Unlimited Strength Policy jar files to JDK?
I need to send a response unsolicitedly from my server side to client side using cxf.I am very much comfortable in making synchronous JAX-WS calls from client to server(I used SOPAUI to invoke my server which is a webservice_..I am following JAX-WS wsdl first approach.I am using cxf 'wsdltojava' to convert wsdl to java classes.
To make it simple,my question is 'how to send a response(without a request from client) from server to client in CXF,JAX-WS wsdl first approach?
When calling a web service from Force.com, I am getting:
System.CalloutException: Web service callout failed: Unexpected
element. Parser was expecting element
'http://schemas.xmlsoap.org/soap/envelope/:Envelope' but found ':HTML'
The network guys at the other end has asked to see the full response that Salesforce is getting from their server.
Is there a way to achieve that? I have tried running with debug level 'Finest' from execute anonymous, but that yields the same little message with no further detail.
The message you are getting is because an error is generated as Saleforce is trying to parse the response is and it isn't logged unfortunately.
The parsing error is happening because instead of a SOAP message response you are getting an HTML page. This usually happens when you are accessing a service that is protected behind a firewall. Which means you may be able to see the service when browsing on your computer but remember that Salesforce is outside of your firewall and thus any communication by Salesforce to your service will be blocked.
Couple of ways to address this but this wiki topic from Salesforce best covers the options:
http://www.salesforce.com/us/developer/docs/api/Content/sforce_api_om_outboundmessaging_security.htm
The above is specific to outbound messaging but essentially the technology issues are the same.
Don't forget that Apex includes an HttpRequest Class that works as a lower layer than the SOAP APIs. You should be able to write up a test method that sends a hard-coded XML request to the server and dumps the HttpResponse so you can see it.
Adding my own best answer, based on some internet research:
You can use an external tool like Runscope as a webservice proxy to automatically forward requests and pass through responses and view the XML SOAP messages. This is not a native solution on SFDC but it does do the job.
https://www.runscope.com/
The issue is that Force.com is trying to parse a SOAP response that's actually just HTML. This happens sometimes when an error occurred server-side and the response is meant for a browser to display, rather than sending back an exception report via a properly formatted SOAP response.
If they can't figure out why they are not sending back a consumable SOAP response, then you can try using other tools (outside of Force.com) to make the same webservice call from your browser and then see what the HTML actually says on return.