Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-7495

Set EXPAND_XOP_INCLUDE for WSS4JOutInterceptor to 'false' in older version

    XMLWordPrintableJSON

    Details

      Description

      I have a soap service . it support the mtom but not the xop include annotation , so it refused my request:

      <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
      <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/>
      <soap:Body>
      <ns2:receiveSip xmlns:ns2="http://sip.receive.core.iris.eng.it" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
      <ns2:sipReceive>
      <tipoSip>?</tipoSip>
      <tipoProtezione>?</tipoProtezione>
      <improntaAlgoritmo>SHA-256</improntaAlgoritmo>
      <improntaCodifica>HEX</improntaCodifica>
      <impronta>9e830c2ac56eca00023b17e3c17ed1014e055f960c3ee4778a84aa02c6dafcb9</impronta>
      </ns2:sipReceive>
      <arg1>
      <dh>
      <xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="cid:92dc39d3-e3d5-4aa2-a9cb-7582483934a4-1@cxf.apache.org"/>
      </dh>
      </arg1>
      </ns2:receiveSip>
      </soap:Body>
      </soap:Envelope>

      how can i set my request to this:

      <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
      <SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"/>
      <soap:Body>
      <ns2:receiveSip xmlns:ns2="http://sip.receive.core.iris.eng.it" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
      <ns2:sipReceive>
      <tipoSip>?</tipoSip>
      <tipoProtezione>?</tipoProtezione>
      <improntaAlgoritmo>SHA-256</improntaAlgoritmo>
      <improntaCodifica>HEX</improntaCodifica>
      <impronta>9e830c2ac56eca00023b17e3c17ed1014e055f960c3ee4778a84aa02c6dafcb9</impronta>
      </ns2:sipReceive>
      <arg1>
      <dh>
      cid:940325888173
      </dh>
      </arg1>
      </ns2:receiveSip>
      </soap:Body>
      </soap:Envelope>

      *so in the end i just want replace the:
      <xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="cid:92dc39d3-e3d5-4aa2-a9cb-7582483934a4-1@cxf.apache.org"/>
      with
      cid:940325888173*

      how can obtain this result? in more recent version there is a paramter for this https://ws.apache.org/wss4j/apidocs/org/apache/wss4j/common/ConfigurationConstants.html#EXPAND_XOP_INCLUDE

      Here the full code java i try to make it work:

        public static <T> T buildServerWsdl(String endpointWsdl,final String username,final String password,
          		final Class<T> serviceClass,boolean ignoreSSLCertificate,boolean useAuthorizationBasic,Map<String,String> supplierheaders) throws NoSuchAlgorithmException, KeyManagementException, MalformedURLException{
      
          	//Controllo wsdlurl
          	URL wsdlURL;
              java.io.File wsdlFile = new java.io.File(endpointWsdl);
      
              if (wsdlFile.exists()) {
                  wsdlURL = wsdlFile.toURI().toURL();
              } else {
                  wsdlURL = new URL(endpointWsdl);
              }
              System.out.println(wsdlURL);
          	
          	
          	JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();			
          	factory.setServiceClass(serviceClass);			
          	factory.setAddress(endpointWsdl);
          	//factory.setServiceClass(javax.xml.ws.Service.class);
          	//factory.setAddress("http://server.service.core.eng.it/");
          	//factory.setServiceBean(implementor);
          	//Abilita il loggin in ingresco ed uscita dei messaggi soap!	
          	factory.getInInterceptors().add(new LoggingInInterceptor(4*1024));
          	factory.getOutInterceptors().add(new LoggingOutInterceptor(4*1024));	
          	//factory.getInInterceptors().add(new LoggingInInterceptor());
          	//factory.getOutInterceptors().add(new LoggingOutInterceptor());	
          	
      //    	LoggingInInterceptor loggingInInterceptor = new LoggingInInterceptor();
      //    	loggingInInterceptor.setPrettyLogging(true);
      //    	LoggingOutInterceptor loggingOutInterceptor = new LoggingOutInterceptor();
      //    	loggingOutInterceptor.setPrettyLogging(true);
      //    	factory.getInInterceptors().add(loggingInInterceptor);
      //    	factory.getOutInterceptors().add(loggingOutInterceptor);
      
          	@SuppressWarnings("unchecked")
          	T server = (T) factory.create();			
      
          	// The BindingProvider interface provides access to the protocol binding and
          	// to the associated context objects for request and response message processing.
          	BindingProvider prov = (BindingProvider)server;
          	Binding binding = prov.getBinding(); 
          	((SOAPBinding)binding).setMTOMEnabled(true);
          	
          	//Add handlers to the binding jaxb 
          	java.util.List<javax.xml.ws.handler.Handler> handlers = binding.getHandlerChain();
          	handlers.add(new JaxWsLoggingHandler());
          	binding.setHandlerChain(handlers);
              	
          	Map<String, Object> req_ctx = prov.getRequestContext();
          	req_ctx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, endpointWsdl);
          	Map<String, List<String>> headers = new HashMap<String, List<String>>();
      
          	if(username != null && password != null){	
          		headers.put("Username", Arrays.asList(username));
          		headers.put("Password", Arrays.asList(password));
          		//headers.put("Content-Type", Arrays.asList("text/xml")); //necessario specificare se si usa schema-core invece di XmlSchema
      
          		prov.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, username);
          		prov.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
          		    
          		//FILE TO ELEMENT
      	        //InputStream clientPolicy = serviceClass.getResourceAsStream("webservices-client.xml");
          		// DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
          	    // builderFactory.setValidating(false);
          	    // builderFactory.setNamespaceAware(true);
          	    // builderFactory.setIgnoringElementContentWhitespace(true);
          	    // builderFactory.setIgnoringComments(true);
          	    // Element element = builderFactory.newDocumentBuilder().parse(clientPolicy).getDocumentElement();
      	        //prov.put(ClientConstants.CLIENT_CONFIG, element);รน
          		
          		//Add some configuration 
          	 
          		//prov.put(ClientConstants.WSS_KEYSTORE_TYPE, "JKS");
          		//prov.put(ClientConstants.WSS_KEYSTORE_LOCATION, "D:\\default-keystore.jks");
          		//prov.put(ClientConstants.WSS_KEYSTORE_PASSWORD, "welcome1");
          		
          		prov.getRequestContext().put("ws-security.store.bytes.in.attachment", "false");
          		//prov.getRequestContext().put("mtom-enabled", "false");
          		
          		//prov.getRequestContext().put("org.apache.cxf.http.no_io_exceptions", "true");
          		//prov.getRequestContext().put("org.apache.cxf.transport.no_io_exceptions", "true"); //for the latest cxf version
          		if(supplierheaders !=null &&  supplierheaders.size() > 0){
          			prov.getRequestContext().putAll(supplierheaders);
          			for(Map.Entry<String, String> entry : supplierheaders.entrySet()){
          				headers.put(entry.getKey(), Arrays.asList(entry.getValue()));
          			}
          		}
      
          		Authenticator myAuth = new Authenticator() {
          			@Override
          			protected PasswordAuthentication getPasswordAuthentication() {
          				return new PasswordAuthentication(username, password.toCharArray());
          			}
          		};
          		Authenticator.setDefault(myAuth);		    		    
          	}
      
          	if(useAuthorizationBasic){
          		String authorization = new sun.misc.BASE64Encoder().encode((username+":"+password).getBytes());
          		headers.put("Authorization", Arrays.asList("Basic " + authorization));
          		req_ctx.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
          		//MessageContext mctx = wsctx.getMessageContext();
          		Map<String, List<String>> http_headers = (HashMap<String, List<String>>) req_ctx.get(MessageContext.HTTP_REQUEST_HEADERS);
          		List list = (List) http_headers.get("Authorization");
          		if (list == null || list.size() == 0) {
          			throw new RuntimeException("Authentication failed! This WS needs BASIC Authentication!");
          		}
      
          		String userpass = (String) list.get(0);
          		userpass = userpass.substring(5);
          		byte[] buf = org.apache.commons.codec.binary.Base64.decodeBase64(userpass.getBytes());
          		String credentials = new String(buf);		  
          		String usernamex = null;
          		String passwordx = null;
          		int p = credentials.indexOf(":");
          		if (p > -1) {
          			usernamex = credentials.substring(0, p);
          			passwordx = credentials.substring(p+1);
          		}   
          		else {
          			throw new RuntimeException("There was an error while decoding the Authentication!");
          		}
          		// This should be changed to a DB / Ldap authentication check 
          		if (usernamex.equals(username) && passwordx.equals(password)) { 			 
          			//System.out.println("============== Authentication Basic OK =============");
          		}
          		else {
          			throw new RuntimeException("Authentication failed! Wrong username / password!");
          		}
          	} 
          	//Client cl = ClientProxy.getClient(server);
          	org.apache.cxf.endpoint.Client cl = org.apache.cxf.frontend.ClientProxy.getClient(server);
          	//=============================================================================================
          	// Set up WS-Security Encryption
              // Reference: https://ws.apache.org/wss4j/using.html
              Map<String, Object> inProps = new HashMap<String, Object>();
              //props.put(WSHandlerConstants.USER, "testkey");
              //props.put(WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT);
              //props.put(WSHandlerConstants.PASSWORD_TYPE, "PasswordText");
              //props.put(WSHandlerConstants.ENC_PROP_FILE, "clientKeystore.properties");
              //props.put(WSHandlerConstants.ENCRYPTION_PARTS, "{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
              //props.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordCallback.class.getName());
              //props.put(WSHandlerConstants.ADD_INCLUSIVE_PREFIXES,false);
              //props.put(ConfigurationConstants.EXPAND_XOP_INCLUDE_FOR_SIGNATURE, false);
              
              //inProps.put("expandXOPIncludeForSignature", false);
              //inProps.put("expandXOPInclude", false);
              //WSS4JOutInterceptor wss4jOut = new WSS4JOutInterceptor(inProps);
      
              //ClientProxy.getClient(client).getOutInterceptors().add(wss4jOut);
              //cl.getInInterceptors().add(wss4jOut);
              //cl.getOutInterceptors();
              //==============================================================================================
      	    
          	HTTPConduit httpConduit = (HTTPConduit) cl.getConduit();
      
          	//disable ssl certificate handshake
          	if(ignoreSSLCertificate){
          		String targetAddr = httpConduit.getTarget().getAddress().getValue();
          		if (targetAddr.toLowerCase().startsWith("https:")) {
          			//TRUST ALL CERTIFICATE Create a trust manager that does not validate certificate chains
          			TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {			
          				public java.security.cert.X509Certificate[] getAcceptedIssuers() {return new java.security.cert.X509Certificate[0];}
          				public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
          				public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {}
          			} };
          			//TRUST ALL HOST Ignore differences between given hostname and certificate hostname
          		    //HostnameVerifier hv = new HostnameVerifier(){public boolean verify(String hostname, SSLSession session) { return true; }};
          			//SSLContext sc = SSLContext.getInstance("SSL");
          			//sc.init(null, trustAllCerts, new SecureRandom());
          		    //hv.verify(wsdlURL.getHost(),sc.getClientSessionContext().getSession());
          			TLSClientParameters tlsParams = new TLSClientParameters();
          			tlsParams.setTrustManagers(trustAllCerts);//TRUST ALL CERTIFICATE    			
          			tlsParams.setDisableCNCheck(true); //TRUST ALL HOST
          			httpConduit.setTlsClientParameters(tlsParams);
      
          		
      
          		}
          	}
      
          	AuthorizationPolicy authorizationPolicy = httpConduit.getAuthorization();
          	authorizationPolicy.setUserName(username);
          	authorizationPolicy.setPassword(password);
      
          	HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
          	httpClientPolicy.setConnectionTimeout(10000);//10sec
          	httpClientPolicy.setReceiveTimeout(60000);
          	
          	httpClientPolicy.setContentType("application/soap+xml"); 
          	
          	//Attenzione per errore  org.apache.cxf.transport.http.HTTPException: HTTP response '415: Unsupported Media Type'
          	//qualcosa non va con encoding
          	//httpClientPolicy.setAcceptEncoding("UTF-8");
      
          	//httpClientPolicy.setConnection(ConnectionType.CLOSE);
          	//httpClientPolicy.setMaxRetransmits(1);
      
          	httpConduit.setClient(httpClientPolicy);
          	return server;		 		
          }
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              4535992 Marco Tenti
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: