Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-4688

CXF Security Interceptor does not work in Camel Proxy

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 2.8.2
    • Fix Version/s: 2.12.0
    • Component/s: camel-cxf
    • Environment:
    • Estimated Complexity:
      Moderate

      Description

      In tried to setup a proxy webservice which takes care for authentication.
      But even thou I added the right interceptor in my cxf:cxfEndpoint I receive the following soap fault, when providing my credentials to the proxy service:

      <soap:Fault>
      <faultcode>soap:MustUnderstand</faultcode>
      <faultstring>MustUnderstand headers: [

      {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}

      Security] are not understood.</faultstring>
      </soap:Fault>

      I was looking in the debug modus, if the method getUnderstoodHeaders() in AbstractWSS4JInterceptor was called and discoverd that it was not. Therefore cxf does not know that it could handle my security-token.

      I tried to extend the cxf proxy example, which is shipped with camel. Here is my cxfEndpoint configuration:

      <!-- this is the CXF webservice we use as front end -->
      <cxf:cxfEndpoint id="reportIncident"
      address="http://localhost:9080/camel-example-cxf-proxy/webservices/incident"
      endpointName="s:ReportIncidentEndpoint"
      serviceName="s:ReportIncidentEndpointService"
      wsdlURL="etc/report_incident.wsdl"
      xmlns:s="http://reportincident.example.camel.apache.org">

      <cxf:inInterceptors>
      <bean id="logInbound" class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
      <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
      <bean id="authenticationInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
      <constructor-arg>
      <map>
      <entry key="action" value="UsernameToken" />
      <entry key="passwordType" value="PasswordText" />
      <entry key="passwordCallbackClass" value="org.apache.cxf.systest.ws.wssec10.client.KeystorePasswordCallback" />
      </map>
      </constructor-arg>
      </bean>
      </cxf:inInterceptors>
      </cxf:cxfEndpoint>

        Attachments

          Activity

            People

            • Assignee:
              davsclaus Claus Ibsen
              Reporter:
              jan4talend Jan Bernhardt
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2h
                2h
                Remaining:
                Remaining Estimate - 2h
                2h
                Logged:
                Time Spent - Not Specified
                Not Specified