I have code like this:
private WSSecurityEngine engine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler();
#Test
public void testWss4jEngine() {
InputStream in = getClass().getClassLoader().getResourceAsStream("soap/soapWithUsernameTokenRequest.xml");
DocumentBuilderFactory builderFactory = DocumentBuilderFactory.newInstance();
DocumentBuilder docBuilder;
Document doc = null;
try {
docBuilder = builderFactory.newDocumentBuilder();
doc = docBuilder.parse(in);
} catch (Exception e) {
LOG.error("Error parsing incoming request. Probably it is not a valid XML/SOAP message.", e);
return;
}
List<WSSecurityEngineResult> results = null;
try {
results = engine.processSecurityHeader(doc, null, callbackHandler, null);
} catch (WSSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// the following line raises a NullPointerException
WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(results, WSConstants.UT);
UsernameToken receivedToken = (UsernameToken) actionResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
Assert.assertTrue(receivedToken != null);
}
The SOAP message from the file that is passed to the WSS4j engine is:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-2">
<wsse:Username>wernerd</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">+dCtKLCG5+uDxNM8tLh8BSQSqgY=</wsse:Password>
<wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">lZlpivFFQ3nhpp2Wf6pu+g==</wsse:Nonce>
<wsu:Created>2012-07-10T15:25:46.627Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<tem:Add xmlns:tem="http://tempuri.org/">
<tem:a>1</tem:a>
<tem:b>2</tem:b>
</tem:Add>
</SOAP-ENV:Body>
In my opinion it is a fully compliant WS-Security UsernameToken message!
However, the engine.processSecurityHeader() does not return any security result. The results variable remains null which then raises a NPE in the next line. Here is the stack trace:
java.lang.NullPointerException
at org.apache.ws.security.util.WSSecurityUtil.fetchActionResult(WSSecurityUtil.java:845)
at de.justworks.wssproxy.servlet.test.WssProxyServletTestIT.testWss4jEngine(WssProxyServletTestIT.java:121)
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:76)
Anyone has any idea what I am doing wrong?
Thanks
Frank
Hooray!
Found the problem.
It's the setting
builderFactory.setNamespaceAware(true)
that you have to set for the document builder factory!
Cheers!
Frank
Related
I am sending a SOAP request to a webservice but it is sending its WSDL definition back as its response.
What would lead to this?
Response:
<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://www.sample.com/test_request" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://www.sample.com/test_request" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">
<wsdl:types>
<xsd:schema e
Code:
import javax.xml.soap.*;
import javax.xml.transform.*;
import javax.xml.transform.stream.*;
public class Test {
/**
* Starting point for the SAAJ - SOAP Client Testing
*/
public static void main(String args[]) {
try {
// Create SOAP Connection
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory.newInstance();
SOAPConnection soapConnection = soapConnectionFactory.createConnection();
// Send SOAP Message to SOAP Server
String url = "https://xxxxxxxxxxx.xxxxxxxxx.com/xxxxxxxx.do?WSDL&xxxxxxxxx=qualified";
SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(), url);
// Process the SOAP Response
printSOAPResponse(soapResponse);
soapConnection.close();
} catch (Exception e) {
System.err.println("Error occurred while sending SOAP Request to Server");
e.printStackTrace();
}
}
private static SOAPMessage createSOAPRequest() throws Exception {
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage soapMessage = messageFactory.createMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
String serverURI = "http://www.xxxxxxxx.com/xxxxxx";
// SOAP Envelope
SOAPEnvelope envelope = soapPart.getEnvelope();
envelope.addNamespaceDeclaration("a", "http://www.xxxxxxw.com/xxxxxxxx");
// SOAP Body
SOAPBody soapBody = envelope.getBody();
SOAPElement soapBodyElem = soapBody.addChildElement("test", "a");
SOAPElement soapBodyElem1 = soapBodyElem.addChildElement("testid", "a");
soapBodyElem1.addTextNode("xxxxxxxxx");
MimeHeaders headers = soapMessage.getMimeHeaders();
headers.addHeader("SOAPAction", "http://www.xxxxxx-xxxxx.com/xxxxxxx/xxxx");
String username = "123";
String password = "123";
String authorization = new sun.misc.BASE64Encoder().encode((username + ":" + password).getBytes());
System.out.println(authorization);
headers.addHeader("Authorization", "Basic " + authorization);
headers.addHeader("Proxy-Connection","Keep-Alive");
soapMessage.saveChanges();
/* Print the request message */
System.out.println("Request: ");
soapMessage.writeTo(System.out);
System.out.println();
return soapMessage;
}
/**
* Method used to print the SOAP Response
*/
private static void printSOAPResponse(SOAPMessage soapResponse) throws Exception {
TransformerFactory transformerFactory = TransformerFactory.newInstance();
Transformer transformer = transformerFactory.newTransformer();
Source sourceContent = soapResponse.getSOAPPart().getContent();
System.out.print("\nResponse SOAP Message = ");
StreamResult result = new StreamResult(System.out);
transformer.transform(sourceContent, result);
}
}
What have caused this issue?
I am getting proper response from SOAP UI
You specified in the URL to get the WSDL (Parameter ?WSDL). You need to specify the proper URL for the service operation you want to call.
I have a problem about SOAP request.I want to explain what am I doing.
This is my SOAP request.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://www.webserviceX.NET">
<soapenv:Header/>
<soapenv:Body>
<web:GetWeather>
<!--Optional:-->
<web:CityName>Istanbul</web:CityName>
<!--Optional:-->
<web:CountryName>Turkey</web:CountryName>
</web:GetWeather>
</soapenv:Body>
</soapenv:Envelope>
Endpoint : http://www.webservicex.net/globalweather.asmx
WSDL link : http://www.webservicex.net/globalweather.asmx?WSDL
Also this is my code.
public static void main(String args[]) {
try {
// Create SOAP Connection
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory
.newInstance();
SOAPConnection soapConnection = soapConnectionFactory
.createConnection();
// Send SOAP Message to SOAP Server
String url = "http://www.webservicex.net/globalweather.asmx?WSDL";
// SOAPMessage soapResponse =
SOAPMessage soapResponse = soapConnection.call(createSOAPRequest(),
url);
// Process the SOAP Response
printSOAPResponse(soapResponse);
soapConnection.close();
} catch (Exception e) {
System.err.println("Error occurred while sending SOAP Request to Server");
e.printStackTrace();
}
}
private static SOAPMessage createSOAPRequest() throws Exception {
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage soapMessage = messageFactory.createMessage();
SOAPPart soapPart = soapMessage.getSOAPPart();
String serverURL = "http://www.webserviceX.NET/";
SOAPEnvelope envelope = soapPart.getEnvelope();
envelope.addNamespaceDeclaration("web", serverURL);
// SOAP Body
SOAPBody soapBody = envelope.getBody();
SOAPElement soapElement = soapBody.addChildElement("GetWeather", "web");
SOAPElement soapElement1 = soapElement.addChildElement("CityName",
"web");
soapElement1.addTextNode("Istanbul");
SOAPElement soapElement2 = soapElement.addChildElement("CountryName",
"web");
soapElement2.addTextNode("Turkey");
MimeHeaders headers = soapMessage.getMimeHeaders();
headers.addHeader("SOAPAction", serverURL + "GetWeather");
soapMessage.saveChanges();
return soapMessage;
}
/**
* Method used to print the SOAP Response
*/
private static void printSOAPResponse(SOAPMessage soapResponse)
throws Exception {
TransformerFactory transformerFactory = TransformerFactory
.newInstance();
Transformer transformer = transformerFactory.newTransformer();
Source sourceContent = soapResponse.getSOAPPart().getContent();
System.out.print("\nResponse SOAP Message = ");
StreamResult result = new StreamResult(System.out);
transformer.transform(sourceContent, result);
}}
As a result, I got "Server was unable to process.Procedure or function 'getWeather' expects parameter '#CountryName', which was not supplied."
What does it mean ? Why am I taking this exception ?
Any suggestion about solution ?
You are using the variable serverUrl as both the HTTP server URL and as the XML namespace name. They are close but not exactly the same. The namespace name is http://www.webserviceX.NET but your server URL is http://www.webserviceX.NET/ (notice the trailing slash). The string for an XML namespace must be an exact match to the namespace name in the schema.
Recommend you create a separate variable for the namespace (or just inline it):
String serverURL = "http://www.webserviceX.NET/";
SOAPEnvelope envelope = soapPart.getEnvelope();
envelope.addNamespaceDeclaration("web", "http://www.webserviceX.NET");
...
With this change, your code works for me.
I need to publish notification events to external systems over JMS, when data is updated. Id like this to be done within the same transaction as the objects are committed to the database to ensure integrity.
The ApplicationLifecycle events that spring-data-rest emits seemed like the logical place to implement this logic.
#org.springframework.transaction.annotation.Transactional
public class TestEventListener extends AbstractRepositoryEventListener<Object> {
private static final Logger LOG = LoggerFactory.getLogger(TestEventListener.class);
#Override
protected void onBeforeCreate(Object entity) {
LOG.info("XXX before create");
}
#Override
protected void onBeforeSave(Object entity) {
LOG.info("XXX before save");
}
#Override
protected void onAfterCreate(Object entity) {
LOG.info("XXX after create");
}
#Override
protected void onAfterSave(Object entity) {
LOG.info("XXX after save");
}
}
However, these events happen before and after the tx starts and commits.
08 15:32:37.119 [http-nio-9000-exec-1] INFO n.c.v.vcidb.TestEventListener - XXX before create
08 15:32:37.135 [http-nio-9000-exec-1] TRACE o.s.t.i.TransactionInterceptor - Getting transaction for [org.springframework.data.jpa.repository.support.SimpleJpaRepository.save]
08 15:32:37.432 [http-nio-9000-exec-1] TRACE o.s.t.i.TransactionInterceptor - Completing transaction for [org.springframework.data.jpa.repository.support.SimpleJpaRepository.save]
08 15:32:37.479 [http-nio-9000-exec-1] INFO n.c.v.vcidb.TestEventListener - XXX after create
What extension point does spring-data-rest have for adding behaviour that will execute within the spring managed transaction?
I use aop (pointcut and tx advice) to solve this problem:
#Configuration
#ImportResource("classpath:/aop-config.xml")
public class AopConfig { ...
and aop-config.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"
default-autowire="byName">
<aop:config>
<aop:pointcut id="restRepositoryTx"
expression="execution(* org.springframework.data.rest.webmvc.RepositoryEntityController.*(..))" />
<aop:advisor id="managerTx" advice-ref="txAdvice" pointcut-ref="restRepositoryTx" order="20" />
</aop:config>
<tx:advice id="txAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="postCollectionResource*" propagation="REQUIRES_NEW" rollback-for="Exception" />
<tx:method name="putItemResource*" propagation="REQUIRES_NEW" rollback-for="Exception" />
<tx:method name="patchItemResource*" propagation="REQUIRES_NEW" rollback-for="Exception" />
<tx:method name="deleteItemResource*" propagation="REQUIRES_NEW" rollback-for="Exception" />
<!-- <tx:method name="*" rollback-for="Exception" /> -->
</tx:attributes>
</tx:advice>
</beans>
This is the same as having controller methods annotated with #Transactional.
The solution described by phlebas work. And I also think "Run event handler within a same transaction" should be a feature which should be provided by Spring Data Rest. There are many common use cases to need to split logic to sepreate eventHandler. just like "triggers in database". The version show below is same as phlebas solution.
#Aspect
#Component
public class SpringDataRestTransactionAspect {
private TransactionTemplate transactionTemplate;
public SpringDataRestTransactionAspect(PlatformTransactionManager transactionManager) {
this.transactionTemplate = new TransactionTemplate(transactionManager);
this.transactionTemplate.setName("around-data-rest-transaction");
}
#Pointcut("execution(* org.springframework.data.rest.webmvc.*Controller.*(..))")
public void aroundDataRestCall(){}
#Around("aroundDataRestCall()")
public Object aroundDataRestCall(ProceedingJoinPoint joinPoint) throws Throwable {
return transactionTemplate.execute(transactionStatus -> {
try {
return joinPoint.proceed();
} catch (Throwable e) {
transactionStatus.setRollbackOnly();
if(e instanceof RuntimeException) {
throw (RuntimeException)e;
} else {
throw new RuntimeException(e);
}
}
});
}
}
I have not worked on spring-data-rest, but with spring, this can be handled the following way.
1) Define custom TransactionSynchronizationAdapter, and register the bean in TransactionSynchronizationManager.
Usually, I have a method registerSynchronizaiton with a #Before pointcut for this.
#SuppressWarnings("rawtypes") #Before("#annotation(org.springframework.transaction.annotation.Transactional)")
public void registerSynchronization() {
// TransactionStatus transStatus = TransactionAspectSupport.currentTransactionStatus();
TransactionSynchronizationManager.registerSynchronization(this);
final String transId = UUID.randomUUID().toString();
TransactionSynchronizationManager.setCurrentTransactionName(transId);
transactionIds.get().push(transId);
if (TransactionSynchronizationManager.isActualTransactionActive() && TransactionSynchronizationManager
.isSynchronizationActive() && !TransactionSynchronizationManager.isCurrentTransactionReadOnly()) {
if (!TransactionSynchronizationManager.hasResource(KEY)) {
final List<NotificationPayload> notifications = new ArrayList<NotificationPayload>();
TransactionSynchronizationManager.bindResource(KEY, notifications);
}
}
}
2) And, implement Override method as follows
#Override public void afterCompletion(final int status) {
CurrentContext context = null;
try {
context = ExecutionContext.get().getContext();
} catch (final ContextNotFoundException ex) {
logger.debug("Current Context is not available");
return;
}
if (status == STATUS_COMMITTED) {
transactionIds.get().removeAllElements();
publishedEventStorage.sendAllStoredNotifications();
// customize here for commit actions
} else if ((status == STATUS_ROLLED_BACK) || (status == STATUS_UNKNOWN)) {
// you can write your code for rollback actions
}
}
I am trying to create a web service to produce a simple soap response to a ping request:
<soap:Envelope>
<soap:Body>
<CustomRS attr="somevalue">
<Success/>
</CustomRS>
</soap:Body>
</soap:Envelope>
Instead, I get this response
<soap:Envelope>
<soap:Body>
<PingResponse>
<CustomRS attr="somevalue">
<Success/>
</CustomRS>
</PingResponse>
</soap:Body>
</soap:Envelope>
"Ping" is the name of my WebMethod and CustomRS is my Serializable response object. How do I get rid of the PingResponse element and just have the CustomRS as the root element?
My Implementation
#WebService (name = '', serviceName = ''targetNamespace = '')
#Stateless (mappedName = '')
public class TestEjb implements Testnterface {
#SOAPBinding(style=Style.DOCUMENT, use=Use.LITERAL, parameterStyle=ParameterStyle.BARE)
#WebResult (name = "CustomRS", targetNamespace = "name space")
#WebMethod (operationName = "CustomRS")
public CustomRS_OutPut Ping( #WebParam (name = "header",Type type,
#WebParam (name = "parameters", Param param) throws Exception
{
}
public SoapObject soap(String METHOD_NAME, String SOAP_ACTION,
String NAMESPACE, String URL) throws IOException,
XmlPullParserException {
SoapObject request = new SoapObject(NAMESPACE, METHOD_NAME); // set up
// request
request.addProperty("iTruckId", "1");
request.addProperty("iLocationId", "1");// variable name, value. I got
// the variable name, from the
// wsdl file!
SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(
SoapEnvelope.VER11); // put all required data into a soap
// envelope
envelope.setOutputSoapObject(request); // prepare request
AndroidHttpTransport httpTransport = new AndroidHttpTransport(URL);
httpTransport.debug = true; // this is optional, use it if you don't
// want to use a packet sniffer to check
// what the sent
// message was (httpTransport.requestDump)
httpTransport.call(SOAP_ACTION, envelope); // send request
SoapObject result = (SoapObject) envelope.getResponse(); // get response
return result;
}
}
Could some one tell me how to capture SOAP messages passed between the client and the server webservice applications.
I tried using both tools.
pocket soap
http://www.pocketsoap.com/pocketsoap/
Fiddler
http://www.fiddlertool.com/fiddler/
I may miss some settings, it is not working for me.
help will be more appreciated.
Try tcpmon.
soapUI integrates with tcpmon, and may provide a nicer interface for you.
See also; You can try the MS Visual Roundtrip Analyzer analyzer as well.
if you're interested, you can write a handler in Java which extends the GenericSOAPHandler class, and print the output to wherever you like. In this (simple) case, the server log:
#SuppressWarnings("rawtypes")
public class MyHandler extends GenericSOAPHandler {
private void print(InputStream input, OutputStream out) throws Exception {
try {
DocumentBuilder parser;
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
parser = factory.newDocumentBuilder();
Document document = parser.parse(input);
Transformer serializer = TransformerFactory.newInstance().newTransformer();
serializer.setOutputProperty(OutputKeys.INDENT, "yes");
serializer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2");
serializer.transform(new DOMSource(document), new StreamResult(out));
} catch (TransformerException e) {
// A fatal error occurred
throw new Exception(e);
}
}
#Override
protected boolean handleInbound(MessageContext msgContext) {
SOAPMessageContext soapMessageCtx = (SOAPMessageContext) msgContext;
SOAPMessage soapMessage = soapMessageCtx.getMessage();
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try {
soapMessage.writeTo(outputStream);
byte[] array = outputStream.toByteArray();
ByteArrayInputStream inputStream = new ByteArrayInputStream(array);
System.out.println("SOAP request message:\n");
print(inputStream, System.out);
} catch (SOAPException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return true;
}
#Override
protected boolean handleOutbound(MessageContext msgContext) {
SOAPMessageContext soapMessageCtx = (SOAPMessageContext) msgContext;
SOAPMessage soapMessage = soapMessageCtx.getMessage();
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try {
soapMessage.writeTo(outputStream);
byte[] array = outputStream.toByteArray();
ByteArrayInputStream inputStream = new ByteArrayInputStream(array);
System.out.println("SOAP response message:\n");
print(inputStream, System.out);
} catch (SOAPException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return true;
}
}
You also need to make sure your handler is included in the jaxws-handlers-server.xml of your server implementation:
<handler-chains xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee javaee_web_services_1_2.xsd">
<handler-chain>
<protocol-bindings>##SOAP11_HTTP</protocol-bindings>
<handler>
<handler-name>DebugHandler</handler-name>
<handler-class>handlers.MyHandler</handler-class>
</handler>
</handler-chain>
</handler-chains>
Here my code in C++ for retrieve xml message using Soap Toolkit 3.0 before sending.
.
.
.
Serializer->EndEnvelope();
/* ___________________ */
char * bufferxml = NULL;
_variant_t punt = _variant_t((IUnknown*)Serializer);
punt.lVal += 48;
_variant_t punt1 = *punt.ppunkVal;
punt1.lVal += 32;
_variant_t punt2 = *punt1.ppunkVal;
punt2.lVal += 4;
memcpy(&bufferxml, (char *) *punt2.ppunkVal, sizeof(char *));
punt2.lVal += 4;
int lengxml = *(punt2.pintVal);
bufferxml[lengxml] = '\0';
/* ___________________ */
// Send the message to the web service
Connector->EndMessage();
.
.
.
punt.Detach();
punt1.Detach();
punt2.Detach();
punt.Clear();
punt1.Clear();
punt2.Clear();
Serializer.Release();
.
.
.
I hope really help you, it´s my design and it had worked for me.
There is also TCP/IP Monitor which comes bundled with WTP plugin for eclipse which allows you to set up a monitor on a port to look into the SOAP requests.