I have implemented WS-security in CXF webservice and following is the Mule flow :-
<context:property-placeholder location="classpath:conf/DBConnectionProp.properties"/>
<!-- Authentication security-->
<mule-ss:security-manager>
<mule-ss:delegate-security-provider name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>
<spring:beans>
<ss:authentication-manager alias="authenticationManager">
<ss:authentication-provider>
<ss:user-service id="userService" >
<ss:user name="${username}" password="${password}" authorities="ROLE_ADMIN" />
</ss:user-service>
</ss:authentication-provider>
</ss:authentication-manager>
</spring:beans>
<cxf:ws-security name="inboundSecurityConfig">
<cxf:mule-security-manager />
<cxf:ws-config>
<cxf:property key="action" value="UsernameToken" />
</cxf:ws-config>
</cxf:ws-security>
<!-- Authentication security ends-->
<flow name="securedSoapService">
<http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8090" path="designation" doc:name="HTTP">
<cxf:jaxws-service serviceClass="com.getdesignation.test.services.schema.maindata.v1.GetDesignation">
<cxf:ws-security ref="inboundSecurityConfig"/>
</cxf:jaxws-service>
</http:inbound-endpoint>
<component class="com.getdesignation.vertu.services.schema.maindata.v1.Impl.GetDesignationImpl" />
</flow>
Now the issue is, it is not reading the value of username and password from properties file .. If I try to read the values from properties file <ss:user name="${username}" password="${password}" authorities="ROLE_ADMIN" />
then it will read the whole value as a string and will result following exception as invalid username and password :-
WARN 2014-09-18 21:23:41,426 [[SOAPSecurity2].connector.http.mule.default.receiver.02] org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor:
org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized
at org.mule.module.cxf.support.MuleSecurityManagerValidator.validate(MuleSecurityManagerValidator.java:57)
at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:153)
at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:66)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:281)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:100)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)
But if the remove ${username} and ${password} and provide the username and password directly then it runs fine .. I am not getting how to make it to read the username and password from the properties file .. Please help .. Is there a way to implement ws-security reading from a proprties file ???
Try using:
username1=username
password1=password
and:
<ss:user name="${username1}" password="${password1}" authorities="ROLE_ADMIN" />
as there's maybe an issue with properties with same values as names.
Thanks to David... This was a strange issue and the working solution as David said is :
<ss:user name="${username1}" password="${password1}" authorities="ROLE_ADMIN" />
Where I cannot use the key as username or password
UPDATE I found that the error is caused by the fact that the property " userName
" is overridden by the Windows environment variable " USERNAME
".
ref:- https://support.mulesoft.com/s/article/ka434000000TOoDAAW/Bad-credentials-error-when-configuring-the-Spring-Security-Manager-with-properties
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.