I would like to write a simple integration test with JUnit and Apache CXF to test some WS-Security-enabled services. While I try to run my code:
MyService myService = new myWsService(MY_SERVICE_WSDL).getMyWs()
Client client = ClientProxy.getClient(myService);
Map<String, Object> ctx = ((BindingProvider) myService).getRequestContext();
ctx.put("ws-security.callback-handler", new KeystorePasswordCallback());
ctx.put("ws-security.signature.crypto", new MyMerlinImpl());
Where MyMerlinImpl simply passes required Merln.* property values in overridden loadProperties
method,
I get:
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}WssX509V1Token11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequireIssuerSerialReference registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AlgorithmSuite registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Basic256Sha256 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InclusiveC14N registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Layout registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Strict registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}OnlySignEntireHeadersAndBody registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss11 registered.
sie 12, 2015 11:52:10 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}MustSupportRefIssuerSerial registered.
org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied.
What am I doing wrong? These seem to be rather standard policies... In fact, I use the same code on a JBoss EAP 6.1 WS client and it works well.
Finally solved this by adding WSS4JOutInterceptor. It seems that in JBoss this interceptor is added automatically...
Client client = ClientProxy.getClient(myService);
Endpoint endpoint = client.getEndpoint()
endpoint.getOutInterceptors().add(new WSS4JOutInterceptor())