Supporting WCF UsernamePassword WS-Profile spec violations in CXF

If you have clients using .Net connecting to your CXF web service, they may encounter the following exception:

An invalid security token was provided (An error happened processing a Username Token “{0}”)

This is actually due to Microsoft .Net violating the WS-BasicProfile spec for the username token.  They are qualifying the Type attribute which is not allowed.

A few posts on the subject:

http://marc.info/?l=wss4j-dev&m=124386256631302&w=2

http://mail-archives.apache.org/mod_mbox/servicemix-users/201004.mbox/%3C28242884.post@talk.nabble.com%3E

https://issues.apache.org/jira/browse/WSS-148

 

A work around is to provide a custom WSSConfig object and inject it.  I am using a feature.

https://github.com/pellcorp/cxf/commit/0797863188ebf90beddf0d704eadf8208f916d5a

WS Policy Config

This approach only works where you are not using WS-Policy.  If you are using WS-Policy the code overwrites the custom WSSConfig object.

The call chain is:

com.pellcorp.server.ReadonlyWSSConfig.setAllowNamespaceQualifiedPasswordTypes(ReadonlyWSSConfig.java:27)
 at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:297)
 at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:258)
 at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
 at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)

 

So instead of the custom WSSConfig object, you need to pass in some properties to the endpoint definition, either in the application context:

<jaxws:properties>
 <entry key="allowNamespaceQualifiedPasswordTypes" value="true" />
 <entry key="isBSPCompliant" value="false" />
 </jaxws:properties>

You can also add the following code to the ServerConfigFeature:

properties.put(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES, "true");
 properties.put(WSHandlerConstants.IS_BSP_COMPLIANT, "false");

 

 

 

Using Docker for light weight app deployments on linux

A couple of articles on using docker for lightweight app deployments from linux.  I am finding this interesting as a potential way to manage multiple versions of our app on a single environment, as well as potentially multiple instances without having to worry about directory naming conventions, etc.

Deploy Java Apps With Docker = Awesome – Atlassian Blogs.

http://www.infoq.com/articles/docker-containers/

 

Random Notes – Noah.org

Random Notes – Noah.org.

Oracle JDBC Debugging

You will need the _g version of the jdbc driver, the standard jdbc drivers don’t support enabling logging.

In order to get some low level debugging from the Oracle JDBC drivers you need some java util logging magic.  I am not sure if this is just because our app uses SLF4J and LOG4J, but I had to add the following environment variables to the jsw wrapper.con file.  I could not get the logging working without all 3 of those lines

wrapper.java.additional.6=-Doracle.jdbc.Trace=true
wrapper.java.additional.7=-Djava.util.logging.configureByLoggingPropertiesFile=true
wrapper.java.additional.8=-Djava.util.logging.config.file=/tmp/OracleLog.properties

And then the contents of the OracleLog.properties file are:

handlers = java.util.logging.FileHandler
java.util.logging.FileHandler.pattern = /tmp/jdbc.log
java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter
oracle.jdbc.driver.level = FINE

But the problem is that all I actually wanted was the OracleDriver connect entries to find out how long a connection was taking to construct.  Time for some grep magic I think.

Unfortunately I am restricted to java 6 for this particular installation and so the log file outputs entries on more than one line so its harder to parse.

 

 

How to Start Your Reply on Top in Mozilla Thunderbird – About Email

This was really bugging me – too easy.

How to Start Your Reply on Top in Mozilla Thunderbird – About Email.

Install Google Chrome in Ubuntu 14.04 / 13.10 / 12.04 PPA

Install Google Chrome in Ubuntu 14.04 / 13.10 / 12.04 PPA.

wireless – Ubuntu 13.10 – Wifi not re-connecting after suspend – Ask Ubuntu

wireless – Ubuntu 13.10 – Wifi not re-connecting after suspend – Ask Ubuntu.