ARTICLE AD BOX
I have the following STS-WSDL service part:
<sp:SupportingTokens> <wsp:Policy> <wsp:ExactlyOne> <wsp:All> <sp:UsernameToken wsu:Id="..."/> </wsp:All> <wsp:All> <sp:X509Token sp:IncludeToken="..."> <wsp:Policy> <sp:WssX509V3Token11/> </wsp:Policy> </sp:X509Token> </wsp:All> ... </wsp:ExactlyOne> </wsp:Policy> </sp:SupportingTokens>So, the STS-WSDL service supports a few type of connections, and I want to use the second via X509Token / Certificate.
I have configured STSClient as follows:
@Test void stsTest() throws Exception { var stsClient = new STSClient(bus); stsClient.setWsdlLocation("classpath:STS.wsdl"); stsClient.setServiceQName(new QName(NAMESPACE, STS_SERVICE_NAME)); stsClient.setEndpointQName(new QName(NAMESPACE, STS_ENDPOINT_NAME)); stsClient.setSendRenewing(false); stsClient.setSendKeyType(false); var crypto = new Merlin(); crypto.setKeyStore(createInMemoryKeyStore()); stsClient.getProperties().put(SecurityConstants.SIGNATURE_USERNAME, "username"); stsClient.getProperties().put(SecurityConstants.SIGNATURE_CRYPTO, crypto); stsClient.getProperties().put(SecurityConstants.CALLBACK_HANDLER, (CallbackHandler) callbacks -> { for (Callback callback : callbacks) { if (callback instanceof WSPasswordCallback) { WSPasswordCallback pc = (WSPasswordCallback) callback; pc.setPassword("password123"); } } }); stsClient.getOutInterceptors().add(createLoggingOutInterceptor()); stsClient.requestSecurityToken(); }But I am always getting the following error:
org.apache.cxf.interceptor.Fault: No username availableIf I change SecurityConstants.SIGNATURE_USERNAME -> SecurityConstants.USERNAME in sts properties - that works, but I will get another type of request than what I've decided to use UsernameToken.
Is it possible to configure somehow STSClient to use X509Token? If I delete UsernameToken from SupportedTokens - everything works fine, but I'd not like to change the WSDL, because this one isn't mine.
