Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1258530

Summary:	WSRP: Unable to create a JPP 6.2 consumer in Liferay 6.2
Product:	[JBoss] JBoss Enterprise Portal Platform 6	Reporter:	Martin Weiler <mweiler>
Component:	Portal	Assignee:	Nobody <nobody>
Status:	CLOSED UPSTREAM	QA Contact:	Tomas Kyjovsky <tkyjovsk>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	6.2.0	CC:	epp-bugs, vramik
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2025-02-10 03:48:06 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Martin Weiler 2015-08-31 14:45:59 UTC

Description of problem:
Trying to create a liferay consumer for JPP 6.2, but when entering the producer wsdl url (provided by JBoss Portal interface) in the liferay consumer setup it always says url does not point to a valid wsrp producer. 

Version-Release number of selected component (if applicable):
JPP 6.2 + Liferay 6.2 CE

How reproducible:
always

Steps to Reproduce:
1. Start JPP 6.2
2. Start Liferay 6.2 CE + WSRP CE portlet
3. In Liferay, go to Control Panel -> Apps -> WSRP
4. Click Add Consumer
5. Enter Name and URL field (using JPP 6.2 producer URL)

Actual results:
Registration fails with the following error on the JPP producer side:
16:34:24,088 SEVERE [org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor] (http-/192.168.0.11:8080-2) Failed Authentication : Subject has not been created
16:34:24,089 WARNING [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] (http-/192.168.0.11:8080-2) : org.apache.ws.security.WSSecurityException: Failed Authentication : Subject has not been created
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor.setSubject(SubjectCreatingInterceptor.java:161)
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor$CustomValidator.verifyUnknownPassword(SubjectCreatingInterceptor.java:236)
	at org.apache.ws.security.validate.UsernameTokenValidator.validate(UsernameTokenValidator.java:110)
	at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:181)
	at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:67)
	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402)
	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:272)
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor.handleMessage(SubjectCreatingInterceptor.java:101)
	at org.gatein.wsrp.wss.cxf.producer.GTNSubjectCreatingInterceptor.handleMessage(GTNSubjectCreatingInterceptor.java:89) [wsrp-wss-jboss7-2.3.4.Final-redhat-1.jar:2.3.4.Final-redhat-1]
	at org.gatein.wsrp.wss.cxf.producer.GTNSubjectCreatingInterceptor.handleMessage(GTNSubjectCreatingInterceptor.java:49) [wsrp-wss-jboss7-2.3.4.Final-redhat-1.jar:2.3.4.Final-redhat-1]
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) [cxf-api-2.7.14.redhat-1.jar:2.7.14.redhat-1]
	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-api-2.7.14.redhat-1.jar:2.7.14.redhat-1]
	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249)
	at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
	at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
	at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
	at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.3.1.Final-redhat-1.jar:2.3.1.Final-redhat-1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.gatein.wsrp.servlet.ServletAccessFilter.doFilter(ServletAccessFilter.java:56) [wsrp-common-2.3.4.Final-redhat-1.jar:2.3.4.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:420) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: java.lang.SecurityException: JBWS024047: Authentication failed, principal=test
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreator.createSubject(SubjectCreator.java:101)
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor.createSubject(SubjectCreatingInterceptor.java:245)
	at org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingInterceptor.setSubject(SubjectCreatingInterceptor.java:155)
	... 38 more



Expected results:
Registration is successful

Additional info:
Starting the producer with -Dorg.apache.cxf.logging.enabled=true shows the following request coming from Liferay:

Address: http://192.168.0.11:8080/wsrp-producer/v2/ServiceDescriptionService
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml; charset=utf-8
Headers: {Accept=[application/soap+xml, application/dime, multipart/related, text/*], cache-control=[no-cache], Content-Length=[837], content-type=[text/xml; charset=utf-8], host=[192.168.0.11:8080], pragma=[no-cache], SOAPAction=["urn:oasis:names:tc:wsrp:v2:getServiceDescription"], user-agent=[Axis/1.4]}
Payload: <?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-19"><wsse:Username>test</wsse:Username></wsse:UsernameToken></wsse:Security></soapenv:Header>
 <soapenv:Body>
  <getServiceDescription xmlns="urn:oasis:names:tc:wsrp:v2:types">
   <registrationContext xsi:nil="true"></registrationContext>
   <userContext xsi:nil="true"></userContext>
  </getServiceDescription>
 </soapenv:Body>
</soapenv:Envelope>

Note that a <wsse:Username> eleement is present in the request, but no <wsse:Password> element.

Note also that this failure shows up even if the user (here: test) is present in the JPP 6.2 producer instance.

Comment 3 Red Hat Bugzilla 2025-02-10 03:48:06 UTC

This product has been discontinued or is no longer tracked in Red Hat Bugzilla.