我的一个项目的Spring Security身份验证存在问题。
这是我项目的技术架构:
bpm-wrapper-ws可以通过以下方式调用:
示例:
public void completeWorkitemForProcess(@WebParam(name = "processId") String processId, @WebParam(name = "workItemName") String workItemName, @WebParam(name= "username") String username) {
// Authenticated with a generic user
// Setting the login of the user passed in the parameters of the method
TibcoAuthenticationHolder.setLogin(username);
final WorkItemSearchCriteria searchCriteria = new WorkItemSearchCriteria();
searchCriteria.setProcessId(processId);
searchCriteria.setWorkItemName(workItemName);
searchCriteria.setFirstResult(0);
searchCriteria.setMaxResults(1);
final SearchResult<WorkItem> result = findWorkItems(userGuid, username, searchCriteria);
if (result != null && result.getTotalRecords() == 1) {
WorkItem workItem = result.getResult().get(0);
if (workItem.getState() == WorkItemState.OFFERED) {
workItem = openWorkitem(userGuid, workItem.getId());
}
// do the TIBCO BPM call (use ClientPasswordCallback and BpmAuthenticator)
completeWorkitem(workItem);
} else {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("completeWorkitemForProcess - aucun workItem trouvé [username=" + username
+ ", processId=" + processId + ", workItemName=" + workItemName + "]");
}
}
// Delete the authentication
TibcoAuthenticationHolder.clear();
SecurityContextHolder.clearContext();
}
我必须添加以下行才能完全调用BPM:
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass"
value="org.springframework.security.core.context.SecurityContextHolder" />
<property name="targetMethod" value="setStrategyName" />
<property name="arguments">
<list>
<value>MODE_INHERITABLETHREADLOCAL</value>
</list>
</property>
</bean>
显然,问题是CXF创建了一个工作队列(因为它是一个新线程),其中没有上面的行我没有身份验证(SecurityContextHolder.getContext()。getAuthentication()返回null)。
第一个问题:我是对的吗?
我的问题是,有时经过身份验证的用户会混淆不同类型的身份验证。 示例:
我有一个处理BPM调用的事件收集器,我看到:userB完成method1,userA完成方法2
你知道我的问题在哪里吗?以及如何纠正这个问题?
此致
的Jérémy
ws-security-context.xml:Spring安全配置文件
<sec:http authentication-manager-ref="authenticationManager"
use-expressions="true">
<sec:http-basic />
<sec:intercept-url pattern="/**"
access="isAuthenticated() and hasRole('ACCES_APP')" />
<sec:custom-filter ref="casAuthenticationFilter"
position="CAS_FILTER" />
<sec:custom-filter ref="usernameTokenAuthenticationFilter"
after="BASIC_AUTH_FILTER" />
</sec:http>
<sec:authentication-manager alias="authenticationManager"
erase-credentials="false">
<sec:authentication-provider ref="casAuthenticationProvider" />
<sec:authentication-provider
user-service-ref="inMemoryUserService">
<sec:password-encoder base64="true" ref="passwordEncoder" />
</sec:authentication-provider>
</sec:authentication-manager>
<bean
class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="targetClass"
value="org.springframework.security.core.context.SecurityContextHolder" />
<property name="targetMethod" value="setStrategyName" />
<property name="arguments">
<list>
<value>MODE_INHERITABLETHREADLOCAL</value>
</list>
</property>
</bean>
<bean id="usernameTokenAuthenticationFilter"
class="com.agipi.spring.commons.security.wss.filter.UsernameTokenAuthenticationFilter">
<constructor-arg ref="authenticationManager" />
</bean>
<bean id="casAuthenticationFilter"
class="com.agipi.spring.commons.security.cas.filter.WebServiceCasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
<property name="proxyReceptorUrl" value="/j_spring_cas_security_proxyreceptor" />
<property name="authenticationDetailsSource">
<bean
class="org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource" />
</property>
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="authenticationUserDetailsService" ref="userDetailsService" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator" ref="proxyTicketValidator" />
<property name="key" value="an_id_for_this_auth_provider_only" />
<property name="statelessTicketCache">
<bean
class="org.springframework.security.cas.authentication.EhCacheBasedTicketCache">
<property name="cache">
<bean class="net.sf.ehcache.Cache" init-method="initialise"
destroy-method="dispose">
<constructor-arg value="casTickets" />
<constructor-arg value="50" />
<constructor-arg value="false" />
<constructor-arg value="false" />
<constructor-arg value="3600" />
<constructor-arg value="900" />
</bean>
</property>
</bean>
</property>
</bean>
<bean id="proxyTicketValidator"
class="com.agipi.spring.commons.security.cas.validator.ProxyTicketValidator">
<constructor-arg index="0" value="${cas.url}" />
<property name="proxyCallbackUrl" value="${proxy.callback.url}" />
<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
<property name="acceptAnyProxy" value="true" />
<property name="customParameters">
<util:map>
<entry key="profil" value="${cas.profil}" />
<entry key="ptr" value="j_spring_cas_security_proxyreceptor" />
</util:map>
</property>
</bean>
<bean id="proxyGrantingTicketStorage"
class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="${service.url}" />
<property name="sendRenew" value="false" />
<property name="authenticateAllArtifacts" value="true" />
</bean>
<bean id="userDetailsService"
class="com.agipi.spring.commons.security.service.impl.UserDetailsServiceImpl">
<property name="userDetailsClass"
value="com.agipi.spring.commons.security.domain.DefaultUserDetails" />
</bean>
<bean id="inMemoryUserService"
class="com.agipi.spring.commons.security.service.impl.InMemoryUserDetailsServiceImpl">
<constructor-arg ref="usersProps" />
<constructor-arg>
<list>
<value>service.pid</value>
<value>fabric.zookeeper.pid</value>
</list>
</constructor-arg>
</bean>
<bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.PlaintextPasswordEncoder" />
TibcoAuthenticationHolder:保存登录名的类 当前登录的用户(仅在使用soap消息的情况下使用) WSS标题):
public class TibcoAuthenticationHolder {
private static final ThreadLocal<String> CONTEXT_HOLDER = new InheritableThreadLocal<String>();
public static boolean hasLogin() {
return StringUtils.isNotBlank(CONTEXT_HOLDER.get());
}
public static String getLogin() {
return CONTEXT_HOLDER.get();
}
public static void setLogin(String login) {
CONTEXT_HOLDER.set(login);
}
public static void clear() {
CONTEXT_HOLDER.remove();
}
}
BpmAuthenticator:返回当前经过身份验证的用户(登录名/密码)的实用程序类
public String[] getCurrentCredentials() {
String[] currentCredentials = null;
// Hack permettant d'authentifier un utilisateur ayant appelé le service depuis un process BPM
if (TibcoAuthenticationHolder.hasLogin()) {
currentCredentials = new String[2];
currentCredentials[0] = StringUtils.lowerCase(TibcoAuthenticationHolder.getLogin());
currentCredentials[1] = globalPassword;
} else {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && springAuthentication) {
if (authentication instanceof CasAuthenticationToken) {
currentCredentials = new String[2];
currentCredentials[0] = StringUtils.lowerCase(authentication.getName());
currentCredentials[1] = globalPassword;
} else if (authentication instanceof UsernamePasswordAuthenticationToken) {
currentCredentials = new String[2];
currentCredentials[0] = StringUtils.lowerCase(authentication.getName());
currentCredentials[1] = globalPassword;
}
}
}
return currentCredentials;
}
ws-standalone-context.xml:全局弹簧配置文件
<!-- Web services -->
<bean id="workItemService" class="com.agipi.bpm.wrapper.service.impl.WorkItemServiceImpl" />
<bean id="processService" class="com.agipi.bpm.wrapper.service.impl.ProcessServiceImpl" />
<bean id="orgModelService" class="com.agipi.bpm.wrapper.service.impl.OrgModelServiceImpl" />
<bean id="userService" class="com.agipi.bpm.wrapper.service.impl.UserServiceImpl" />
<!-- Intercepteur pour supprimer les headers WSS -->
<bean id="wssHeaderInterceptor" class="com.agipi.bpm.wrapper.util.WssHeaderInterceptor" />
<!-- JAX-WS Service Endpoint -->
<jaxws:endpoint id="workItemWs" implementor="#workItemService"
address="${ws.workitem.url}">
<jaxws:inInterceptors>
<ref bean="wssHeaderInterceptor" />
</jaxws:inInterceptors>
<jaxws:dataBinding>
<bean class="com.agipi.commons.xml.CustomJAXBDataBinding">
<property name="basePackage" value="com.agipi.bpm" />
</bean>
</jaxws:dataBinding>
</jaxws:endpoint>
<jaxws:endpoint id="processWs" implementor="#processService"
address="${ws.process.url}">
<jaxws:inInterceptors>
<ref bean="wssHeaderInterceptor" />
</jaxws:inInterceptors>
<jaxws:dataBinding>
<bean class="com.agipi.commons.xml.CustomJAXBDataBinding">
<property name="basePackage" value="com.agipi.bpm" />
</bean>
</jaxws:dataBinding>
</jaxws:endpoint>
答案 0 :(得分:0)
log_error.log:来自CAS认证用户的呼叫的调试日志文件(没有MODE_INHERITABLETHREADLOCAL)
18:24:28 | [DEBUG] | [http-bio-8082-exec-9] (ProxyGrantingTicketStorageImpl.java:save:94) Saving ProxyGrantingTicketIOU and ProxyGrantingTicket combo: [PGTIOU-4798-NWBAuWFslzNucvHilQxHaWKcteRmGgDwIto3USoFotyx9ZOjoZ, PGT-4797-P66p0r8rrg52Gas7tsaFCCtXdbrs5ABrf7Qq4AhweAzOcBOg1j]
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (ProxyGrantingTicketStorageImpl.java:retrieve:83) Returned ProxyGrantingTicket of [PGT-4797-P66p0r8rrg52Gas7tsaFCCtXdbrs5ABrf7Qq4AhweAzOcBOg1j]
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (UsernameTokenAuthenticationFilter.java:doFilter:101) Header soapaction : "completeWorkitem"
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (ServletController.java:invokeDestination:244) Service http request on thread: Thread[http-bio-8082-exec-10,5,main]
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (AbstractHTTPDestination.java:invoke:230) Create a new message for processing
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (Headers.java:copyFromRequest:358) Request Headers: {Accept=[*/*], cache-control=[no-cache], connection=[keep-alive], content-type=[text/xml; charset=UTF-8], host=[10.70.5.233:8082], pragma=[no-cache], SOAPAction=["completeWorkitem"], ticket=[PT-4796-nmG9YRBHG4zZt3wybQkn], transfer-encoding=[chunked], user-agent=[Apache CXF 2.7.14]}
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@5b467a6b to phase pre-stream
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:outputChainToLog:687) Chain org.apache.cxf.phase.PhaseInterceptorChain@3279db7a was created. Current flow:
receive [PolicyInInterceptor, AttachmentInInterceptor]
pre-stream [CertConstraintsInterceptor]
post-stream [StaxInInterceptor]
read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor]
pre-protocol [WssHeaderInterceptor, MustUnderstandInterceptor]
post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack]
unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor]
pre-logical [OneWayProcessorInterceptor]
post-logical [WrapperClassInInterceptor]
pre-invoke [SwAInInterceptor, HolderInInterceptor]
invoke [ServiceInvokerInterceptor]
post-invoke [OutgoingChainInterceptor]
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@c93f9d
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@275c67aa
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@5b467a6b
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.StaxInInterceptor@2399de16
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.interceptor.StaxInEndingInterceptor@4d30cb64 to phase post-invoke
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@3279db7a was modified. Current flow:
receive [PolicyInInterceptor, AttachmentInInterceptor]
pre-stream [CertConstraintsInterceptor]
post-stream [StaxInInterceptor]
read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor]
pre-protocol [WssHeaderInterceptor, MustUnderstandInterceptor]
post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack]
unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor]
pre-logical [OneWayProcessorInterceptor]
post-logical [WrapperClassInInterceptor]
pre-invoke [SwAInInterceptor, HolderInInterceptor]
invoke [ServiceInvokerInterceptor]
post-invoke [OutgoingChainInterceptor, StaxInEndingInterceptor]
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@e3419f
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@1f898b34
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@4ac3889c
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@7f121318
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor com.agipi.bpm.wrapper.util.WssHeaderInterceptor@47e92e2d
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@3f1e58b6
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@7ba3cdd4
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@8e685a5
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.DocLiteralInInterceptor@6b3de01c
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderInterceptor@2b448545
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.OneWayProcessorInterceptor@7ce87a47
18:24:28 | [DEBUG] | [http-bio-8082-exec-10] (ServletController.java:invokeDestination:253) Finished servicing http request on thread: Thread[http-bio-8082-exec-10,5,main]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassInInterceptor@2b40b62
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.SwAInInterceptor@7a59f2ef
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.HolderInInterceptor@7a575050
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.ServiceInvokerInterceptor@3f201aec
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:doInvoke:502) Invoke, operation info: [BindingOperationInfo: {http://services.brm.n2.tibco.com}completeWorkItem], params: [com.tibco.n2.brm.api.CompleteWorkItem@512f7220[workItemID=com.tibco.n2.brm.api.ManagedObjectID@1edbc84[version=7,id=1130],workItemPayload=com.tibco.n2.brm.api.WorkItemBody@1ef37f19[dataModel=com.tibco.n2.common.datamodel.DataModel@41d522f[inputs=[com.tibco.n2.common.datamodel.FieldType@35416116[simpleSpec=com.tibco.n2.common.datamodel.FieldType$SimpleSpec@20fe8dc5[value=[processName: 'processSouscriptionAN', pvmId: 'pvm:0a1213d', idActe: '43411'],length=<null>,decimal=<null>],complexSpec=<null>,name=refLog,type=String,optional=false,array=<null>]],outputs=[],inouts=[com.tibco.n2.common.datamodel.FieldType@50053e75[simpleSpec=<null>,complexSpec=com.tibco.n2.common.datamodel.FieldType$ComplexSpec@280d916f[value=[[value: null]],className=<null>],name=processData,type=Complex,optional=false,array=<null>]]]],getNextPiledItem=false]]
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setContext:711) set requestContext to message be{java.lang.reflect.Method=public abstract com.tibco.n2.brm.api.CompleteWorkItemResponse com.tibco.n2.brm.services.WorkItemManagementService.completeWorkItem(com.tibco.n2.brm.api.CompleteWorkItem) throws com.tibco.n2.brm.services.SecurityFault,com.tibco.n2.brm.services.WorkItemRescheduledFault,com.tibco.n2.brm.services.WorkItemAPIScriptCancelFault,com.tibco.n2.brm.services.InvalidVersionFault,com.tibco.n2.brm.services.InternalServiceFault,com.tibco.n2.brm.services.InvalidWorkItemFault,com.tibco.n2.brm.services.WorkItemFault, org.apache.cxf.jaxws.context.WrappedMessageContext.SCOPES={org.apache.cxf.message.Message.ENDPOINT_ADDRESS=APPLICATION}, org.apache.cxf.message.Message.ENDPOINT_ADDRESS=http://virbpm03dev.devlinuxagipi.local:8090/amxbpm/WorkItemManagementService}
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setupInterceptorChain:989) Interceptors contributed by bus: [org.apache.cxf.ws.policy.PolicyOutInterceptor@4a8b0c11]
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setupInterceptorChain:993) Interceptors contributed by client: [org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor@6ec55652]
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setupInterceptorChain:997) Interceptors contributed by endpoint: [org.apache.cxf.interceptor.MessageSenderInterceptor@3eaaee02, org.apache.cxf.jaxws.interceptors.SwAOutInterceptor@47efe572, org.apache.cxf.jaxws.interceptors.WrapperClassOutInterceptor@56c0c443, org.apache.cxf.jaxws.interceptors.HolderOutInterceptor@9953734]
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setupInterceptorChain:1001) Interceptors contributed by binding: [org.apache.cxf.interceptor.AttachmentOutInterceptor@235b3bd6, org.apache.cxf.interceptor.StaxOutInterceptor@3ab570bc, org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInterceptor@d32608f, org.apache.cxf.interceptor.WrappedOutInterceptor@5dfc64c0, org.apache.cxf.interceptor.BareOutInterceptor@653aa974, org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor@6e4b3297, org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@ae69013]
18:24:28 | [DEBUG] | [default-workqueue-2] (ClientImpl.java:setupInterceptorChain:1007) Interceptors contributed by databinding: []
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:687) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was created. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.ws.policy.PolicyOutInterceptor@4a8b0c11
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.HolderOutInterceptor@9953734
18:24:28 | [DEBUG] | [default-workqueue-2] (HolderOutInterceptor.java:handleMessage:57) op: [OperationInfo: {http://services.brm.n2.tibco.com}completeWorkItem]
18:24:28 | [DEBUG] | [default-workqueue-2] (HolderOutInterceptor.java:handleMessage:59) op.hasOutput(): true
18:24:28 | [DEBUG] | [default-workqueue-2] (HolderOutInterceptor.java:handleMessage:61) op.getOutput().size(): 1
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.SwAOutInterceptor@47efe572
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassOutInterceptor@56c0c443
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInterceptor@d32608f
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor@6e4b3297
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@3eaaee02
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor@49036b77 to phase prepare-send-ending
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was modified. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
prepare-send-ending [MessageSenderEndingInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor@235b3bd6
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.StaxOutInterceptor@3ab570bc
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.interceptor.StaxOutEndingInterceptor@2be6e01e to phase pre-stream-ending
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was modified. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
pre-stream-ending [StaxOutEndingInterceptor]
prepare-send-ending [MessageSenderEndingInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor@6ec55652
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterceptor@3a9c384d to phase pre-protocol-ending
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was modified. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
pre-protocol-ending [SAAJOutEndingInterceptor]
pre-stream-ending [StaxOutEndingInterceptor]
prepare-send-ending [MessageSenderEndingInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal@6634654a to phase post-protocol
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was modified. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
post-protocol [WSS4JOutInterceptorInternal]
pre-protocol-ending [SAAJOutEndingInterceptor]
pre-stream-ending [StaxOutEndingInterceptor]
prepare-send-ending [MessageSenderEndingInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@ae69013
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:add:206) Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEndingInterceptor@6dd141a0 to phase write-ending
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:outputChainToLog:685) Chain org.apache.cxf.phase.PhaseInterceptorChain@4fc7cacd was modified. Current flow:
setup [PolicyOutInterceptor]
pre-logical [HolderOutInterceptor, SwAOutInterceptor, WrapperClassOutInterceptor, SoapHeaderOutFilterInterceptor]
post-logical [SoapPreProtocolOutInterceptor]
prepare-send [MessageSenderInterceptor]
pre-stream [AttachmentOutInterceptor, StaxOutInterceptor]
pre-protocol [WSS4JOutInterceptor]
write [SoapOutInterceptor]
marshal [WrappedOutInterceptor, BareOutInterceptor]
post-protocol [WSS4JOutInterceptorInternal]
write-ending [SoapOutEndingInterceptor]
pre-protocol-ending [SAAJOutEndingInterceptor]
pre-stream-ending [StaxOutEndingInterceptor]
prepare-send-ending [MessageSenderEndingInterceptor]
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.WrappedOutInterceptor@5dfc64c0
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.interceptor.BareOutInterceptor@653aa974
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:doIntercept:269) Invoking handleMessage on interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal@6634654a
18:24:28 | [DEBUG] | [default-workqueue-2] (WSS4JOutInterceptor.java:handleMessage:161) WSS4JOutInterceptor: enter handleMessage()
18:24:28 | [DEBUG] | [default-workqueue-2] (WSS4JOutInterceptor.java:handleMessage:235) Action: 1
18:24:28 | [DEBUG] | [default-workqueue-2] (WSS4JOutInterceptor.java:handleMessage:236) Actor: null
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal@6634654a
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.interceptor.BareOutInterceptor@653aa974
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.interceptor.WrappedOutInterceptor@5dfc64c0
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@ae69013
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor@6ec55652
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.interceptor.StaxOutInterceptor@3ab570bc
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor@235b3bd6
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@3eaaee02
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterceptor@6e4b3297
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInterceptor@d32608f
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.WrapperClassOutInterceptor@56c0c443
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.SwAOutInterceptor@47efe572
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.jaxws.interceptors.HolderOutInterceptor@9953734
18:24:28 | [DEBUG] | [default-workqueue-2] (PhaseInterceptorChain.java:unwind:442) Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyOutInterceptor@4a8b0c11
18:24:28 | [ WARN] | [default-workqueue-2] (LogUtils.java:doLog:452) Interceptor for {http://services.brm.n2.tibco.com}WorkItemManagementServiceService#{http://services.brm.n2.tibco.com}completeWorkItem has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.