Issue In Loding Policy File Using Interception password, running, access

amy

This is relatively old but thought of sharing it with all as it might help others. I will posting the solution also below.Let me give you the back ground of the issue.
We have some web services running on Weblogic 10.3.1. All the client services are routed through OSB(Oracle Service Bus 10.3.1), it uses native Auth.xml as policy file and plain username/password authenticating.
The problem is that client side systems are upgraded to to Weblogic 10.3.2 and now when they are trying to access the web services through OSB they are getting the below exception. weblogic.wsee.ws.init.WsDeploymentException: The WebLogic Server 9.x-style policy is not supported in JAX-WS web services

The Limitations:
1. Services proxy can't be movied to 10.3.2 (OSB) as it might take lot of time and effort.
2. We can't mute the authentication
3. Oracle-Weblogic doen't have straightforward fix, they want us to move to 10.3.2.

Work Around Provided By Oracle:

They have given us the below solution which will work fine with pure java web services but not for Spring based web services. It is like uploading server side policy file on to client side programatically so that it will overwrite the latest policies on the client side.

You can use Wssp1.2-2007-froms-UsernameToken-Plain.xml or
Wssp1.2-2007-froms-UsernameToken-Digest.xml. froms is required for plain
password. For digest, you can remove the TransportBinding.
ClientPolicyFeature feature = new ClientPolicyFeature();
InputStream [] inputPolicies = new InputStream[1];
inputPolicies[0] = this.getClass().getResourceAsStream(quot;policy.xmlquot;);
feature.setEffectivePolicyForInputMessage( new
InputStreamPolicySource(inputPolicies));
port = service.getXXXPort(feature);

lt;?xml version=quot;1.0quot;?gt;
lt;wspolicy
xmlns:wsp=quot;ws/2004/09/policyquot;
xmlns:sp=quot;ws-sx/ws-securitypolicy/200702quot;
gt;
lt;sp:SupportingTokensgt;
lt;wspolicygt;
lt;sp:UsernameToken

sp:IncludeToken=quot;ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipientquot;gt;
lt;wspolicygt;
lt;sp:HashPassword/gt;
lt;sp:WssUsernameToken10/gt;
lt;/wspolicygt;
lt;/sp:UsernameTokengt;
lt;/wspolicygt;
lt;/sp:SupportingTokensgt;
lt;/wspolicygt;
=============================  

Now, I am trying to load the policy using the below Interceptor, but I am getting the below error message

cvc-elt.1: Cannot find the declaration of element 'wspolicy'

The configuration is as below.

lt;bean id=quot;wsSecurityInterceptorquot;
class=quot;org..ws.soap.security.xwss.X wsSecurityInterceptorquot;gt;
lt;property name=quot;policyConfigurationquot; value=quot;classpath:com/..../policies/Wssp1.2-2007-froms-UsernameToken-Plain.xmlquot;/gt;
lt;property name=quot;callbackHandlerquot;gt;
lt;bean class=quot;org..ws.soap.security.xwss.c allback.MockValidationCallbackHandlerquot; /gt;
lt;/propertygt;
lt;/beangt;  

The policy file is as below.
lt;?xml version=quot;1.0quot;?gt;
lt;wspolicy
xmlns:wsp=quot;ws/2004/09/policyquot;
xmlns:sp=quot;ws-sx/ws-securitypolicy/200702quot;gt;
lt;sp:SupportingTokensgt;
lt;wspolicygt;
lt;sp:UsernameToken
sp:IncludeToken=quot;ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipientquot;gt;
lt;wspolicygt;
lt;sp:WssUsernameToken10/gt;
lt;/wsp:Policygt;
lt;/sp:UsernameTokengt;
lt;/wsp:Policygt;
lt;/sp:SupportingTokensgt;
lt;/wsp:Policygt;  

could any one help us where is could be the problem. Thanks.

Though it is Oracle Service Bus And Web Logic Versioning Issue. There is work around , if it is pure Java implementation of web services.

But when we have spring framework we have some limitations. There below example will give us the how to apply the work around with Spring framework.

Overwrite public void prepare() JaxWsPortClientInterceptor, because Spring with this version didn't directly exposed a method for setting web services features. There is JIRA on this and same is been available in the latest versions.
package com.xxxxx.wssecurity;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;

import org..context.support.ClassPathXmlAp plicationContext;
import org..core.io.Resource;

import weblogic.jws.jaxws.ClientPolicyFeature;
import weblogic.jws.jaxws.policy.InputStreamPolicySource;
import weblogic.wsee.security.unt.ClientUNTCredentialProv ider;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvide r;public class WsSecurityJaxWsPortProxyFactoryBean extends
JaxWsPortClientInterceptor {
private static final GseLog logger = GseLogFactory
.getLog(WsSecurityJaxWsPortProxyFactoryBean.class) ;

private QName portQName;

/**
* @return the portStub
*/
public Object getPortStub() {
return portStub;
}

private Object portStub;

@SuppressWarnings(quot;uncheckedquot;)
public void prepare() {

ClientPolicyFeature clientPolicyFeature = new ClientPolicyFeature();
ClassPathXmlApplicationContext classPathXmlApplicationContext = new ClassPathXmlApplicationContext();
Resource res = classPathXmlApplicationContext
.getResource(quot;/customPolicy.xmlquot;);

InputStreamPolicySource policySource = null;
try {
policySource = new InputStreamPolicySource(res.getInputStream());
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
clientPolicyFeature.setEffectivePolicyForInputMess age(policySource);
if (getServiceInterface() == null) {
throw new IllegalArgumentException(
quotroperty 'serviceInterface' is requiredquot;);
}
Service serviceToUse = getJaxWsService();
if (serviceToUse == null) {
serviceToUse = createJaxWsService();
}
this.portQName = getQName(getPortName() != null ? getPortName()
: getServiceInterface().getName());
Object stub = (getPortName() != null ? serviceToUse.getPort(
this.portQName, getServiceInterface(), clientPolicyFeature)
: serviceToUse.getPort(getServiceInterface(),
clientPolicyFeature));

preparePortStub(stub);

Listlt;CredentialProvidergt; credProviders = new ArrayListlt;CredentialProvidergt;();
String username = quot;eceeadmin2quot;;
String password = quot;welcome1quot;;

try {
// For Authenticated services pass in login username and password
Maplt;?, ?gt; credentialMap = (Maplt;?, ?gt;) ExternalSpringApplicationContext
.getBean(quot;xxxx-service-credentialsquot;);
username = (String) credentialMap.get(quot;xxx-usernamequot;);
password = (String) credentialMap.get(quot;xxx-passwordquot;);
} catch (Exception e) {
logger.error(quot;Ignore this error if thrown during server restart or deployment quot;, e);
}
CredentialProvider cp = new ClientUNTCredentialProvider(username
.getBytes(), password.getBytes());
credProviders.add(cp);
Maplt;String, Objectgt; rc = ((BindingProvider) stub).getRequestContext();
rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
this.portStub = stub;
}

}  User the below Custom policy file.

lt;?xml version=quot;1.0quot;?gt;
lt;wsp:Policy xmlns:wsp=quot;ws/2004/09/policyquot; xmlns:sp=quot;ws-sx/ws-securitypolicy/200702quot; gt;
lt;sp:SupportingTokensgt;
lt;wsp:Policygt;
lt;sp:UsernameToken sp:IncludeToken=quot;ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipientquot;gt;
lt;wsp:Policygt;
lt;sp:WssUsernameToken10/gt;
lt;/wsp:Policygt;
lt;/sp:UsernameTokengt;
lt;/wsp:Policygt;
lt;/sp:SupportingTokensgt;
lt;/wsp:Policygt;