wood burning stoves 2.0*
The moose likes Web Services Certification (SCDJWS/OCEJWSD) and the fly likes Running the WS-Security example from Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Services Certification (SCDJWS/OCEJWSD)
Bookmark "Running the WS-Security example from "Java Web Services Up And Running" book" Watch "Running the WS-Security example from "Java Web Services Up And Running" book" New topic
Author

Running the WS-Security example from "Java Web Services Up And Running" book

Sanjay Singh
Ranch Hand

Joined: Mar 02, 2006
Posts: 37

Hi All,
I am trying to test the WS-Security example (Echo example on page 229) from webservices Up and running book. However the Prompter (CallbankHandler) is not being invoked so I am not able to pass the username/password so I get No Security Header found in message" error in EchoSecurityHandler.handleMessage(). Also I don't see Verifier (CallbankHandler) being invoked when msg is received at EchoSecurityHandler. I have followed the steps given in the book.
If someone was able to run and test example then please guide me.

Thanks in advance.


Regards, Sanjay Singh
SCJP-1.6, OCEWCD 6
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
I downloaded the source code of the Java Web Service Up and Running book from the publisher's web site.
I attach a missing code of EchoClientWSS.java
When you open the jwsur_code folder, you will see chapter05. There I put jaxws-tools-2.1.4.jar and xws-security-3.0.jar

Step 1. Open one command prompt, set your Java_Home to where you have your jdk installed. The command looks like this:
set path=%Path%;c:\jdk1.7\bin;
(Let me know if it does not work for you)

Step 2. From the command prompt, cd to your jwsur_code directory and go to chapter5. Under jwsur_code\chapter5\ directory, type java -cp jaxws-tools-2.14.jar; xws-security-3.0.jar; ch05.wss.EchoPublisher
You should see http://localhost:7777/echo printed out.

Step 3: Open another command prompt. Go to jwsur_code\chapter5. Type java -cp jax-ws-tools-2.1.4.jar;xws-security-3.0.jar; ch05.wss.EchoClientWSS
Type fred for Username and rockbed for password.

Let me know if any question comes up.
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
You can actually download the Up and Running book's code from : http://examples.oreilly.com/9780596521134/
Sanjay Singh
Ranch Hand

Joined: Mar 02, 2006
Posts: 37

Thanks Himai for your input. I had tried the same as given in the book and also compared from the downloaded code from given link. However when I run my program it doesn't asks for username/password and that' what I believe is causing the issue. I am listing my client side source code (note: I had used existing TimeServer service instead of creating new Echo service):

Client code:



Handler code:



Prompter


When I run the client program after publishing the service I get following error from service, indicating that security header is missing:

C:\pbx_u01\apps\JavaWrkspcs\WebService\target\classes>java -cp .;..\WebService-1.0-SNAPSHOT\WEB-INF\lib\log4j-1.2.14.jar;..\WebService-1.0-SNAPSHOT\WEB-INF\lib\xws-security-3.0.jar;..\WebService-1.0-SNAPSHOT\WEB-INF\lib\jaxws-tools-2.2.8.jar com.java.jaxws.security.wss.SecureTimeServerClient
09:55:58,572 DEBUG main wss.SecureTimeServerClient:32 - adding ClientHandler
09:55:58,606 DEBUG main wss.ClientHandler:34 - costructor
09:55:58,632 DEBUG main wss.ClientHandler:43 - reading the config file
09:55:59,204 DEBUG main wss.ClientHandler:68 - handleMessage
09:55:59,205 DEBUG main wss.ClientHandler:71 - outbound: true
Sep 5, 2013 9:55:59 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:getTimeAsString xmlns:ns2="http://ts.ch02/"/>
</S:Body>
</S:Envelope>
==== Sending Message End ====

09:55:59,994 DEBUG main wss.ClientHandler:102 - Outgoing message:

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><ns2:getTimeAsString xmlns:ns2="http://ts.ch02/"/></S:Body></S:Envelope>Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ AuthenticationTokenPolicy(S) ]: No Security Header found
at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(Unknown Source)
at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(Unknown Source)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown Source)
at $Proxy28.getTimeAsString(Unknown Source)
at com.java.jaxws.security.wss.SecureTimeServerClient.main(SecureTimeServerClient.java:36)
Caused by: java.lang.RuntimeException: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ AuthenticationTokenPolicy(S) ]: No Security Header found
at com.java.jaxws.security.wss.EchoSecurityHandler.handleMessage(EchoSecurityHandler.java:100)
at com.java.jaxws.security.wss.EchoSecurityHandler.handleMessage(EchoSecurityHandler.java:1)
at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:292)

Note: I have removed the logger statement from the code to reduce the no of lines and also not given the server code as I believe it has no issue.
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
Maybe, run the code directory from the downloaded code and include these files : jax-ws-tools-2.1.4.jar;xws-security-3.0.jar; in the classpath.
In my case, I started the server and then start the client. The client was asked for username and password.
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
Maybe, compare your server.xml and the server.xml from the sample code.
Sanjay Singh
Ranch Hand

Joined: Mar 02, 2006
Posts: 37

Sure I will try the running the downloaded code as is.
I had compared server.xml and its same. Will give a try again.
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
Sanjay,
I figure out the issue.
Here are the steps:
1. Run your TimeServerPublisher created in Chapter 1.
2. Type http://localhost:9876/ts?wsdl on your browser
3. Save this wsdl file as ts.wsdl
4. Save the schema in this wsdl as ts.xsd
5. Open the ts.wsdl, and change the schemalocation to where your ts.xsd is.
6. Suppose your ts.wsdl is under c:\users\myProject directory. Go to this directory, type wsimport -keep -p tsClient ts.wsdl to generate the artifacts for the client in tsClient package.
7. Develop your SecureTimeServer in this way :


8. Suppose your file structure is :
Chapter5
-> ch05
----->wss
-> tsClient
->SecureTimeServerClient.class
->xws-security-3.0.jar
-> jaxws-tools-2.14.jar

9. Start your EchoPublisher by typing java -cp jaxws-tools-2.14.jar; xws-security-3.0.jar; ch05.wss.EchoPublisher
You should see http://localhost:7777/echo printed out.

10. java -cp jaxws-tools-2.14.jar; xws-security-3.0.jar; SecureTimeServerClient
Himai Minh
Ranch Hand

Joined: Jul 29, 2012
Posts: 722
Hi, Sanjay,
Let me correct my mistake.
Here are the correct steps:
1. Create this under chapter05 directory for example :


2. Compile the Time server related Java files. Run this publisher under chapter5 directory:
java -cp javaxws-tools-2.14.jar;xws-security-3.0.jar; ch05.wss.TimePublisher

3. Open a new command prompt to generate the client artifacts:
Under chapter5, type : wsimport -keep -p tsClient http://localhost:7777/echo?wsdl

4. A "tsClient" folder created.

5. Assume you have your SecureTimeServerClient.class in the chapter5 directory, run this file.
And it will prompt your for username / password. It will output the xml incoming /outgoing messages.'

Let me know if you have any questions.


Sanjay Singh
Ranch Hand

Joined: Mar 02, 2006
Posts: 37

Thanks Himai. I didn't check this since quite long.
I have fixed the problem. The issue was with the client.xml. The code given in the book had:


but when i downloaded the book code i found that it was "UsernameToken" instead of "RequiredUsernameToken".

After correcting this it prompted me the username/password and then everything worked fine. Thank you so much for your time & help.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Running the WS-Security example from "Java Web Services Up And Running" book
 
Similar Threads
WS-Sercurity
WS Security example not running
XFIRE
Securing XML based Web Services.---Author ?
Doubt regarding invocation of JAX-WS through java client code