Unable to use secured components without using SSL in FSW 6

Issue

We hit an issue with FSW when using secured components without using SSL.

We have deployed the FSW Switchyard demo policy-security-basic-propagate but we’ve removed the CONFIDENTIALITY policy from the BackEndService and WorkServiceBeans. The beans still have the Client Authentication and Authorization policies attached, as per the following change:

@Requires(security = {CONFIDENTIALITY, CLIENT_AUTHENTICATION, AUTHORIZATION})

@Requires(security = {CLIENT_AUTHENTICATION, AUTHORIZATION })

Our rational behind this is that FSW would reside behind a SSL terminating firewall but the FSW services still required authentication.

When we run the demo without using SSL we get the following exception :

14:19:12,177 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (http-/192.168.2.10:8080-1) Application {urn:switchyard-quickstart-demo:policy-security-basic-propagate:0.1.0}WorkService#{urn:switchyard-quickstart-demo:policy-security-basic-propagate:0.1.0}doWork has thrown exception, unwinding now: org.apache.cxf.interceptor.Fault: org.switchyard.HandlerException: SWITCHYARD014014: Required policies have not been provided:
at org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.createFault(AbstractJAXWSMethodInvoker.java:213) [cxf-rt-frontend-jaxws-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke(AbstractJAXWSMethodInvoker.java:178) [cxf-rt-frontend-jaxws-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:66) [cxf-rt-frontend-jaxws-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.jboss.wsf.stack.cxf.JBossWSInvoker.invoke(JBossWSInvoker.java:129) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_45]
at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_45]
at org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:107) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237) [cxf-rt-transports-http-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:156) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:87) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:225) [cxf-rt-transports-http-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:145) [cxf-rt-transports-http-2.6.8.redhat-7.jar:2.6.8.redhat-7]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:135) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.1.3.Final-redhat-1.jar:2.1.3.Final-redhat-1]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.switchyard.SwitchYardException: org.switchyard.HandlerException: SWITCHYARD014014: Required policies have not been provided:
at org.switchyard.component.soap.InboundHandler.invoke(InboundHandler.java:339) [switchyard-component-soap-1.1.1-p5-redhat-1.jar:1.1.1-p5-redhat-1]
at org.switchyard.component.soap.endpoint.BaseWebService.invoke(BaseWebService.java:112) [switchyard-component-soap-1.1.1-p5-redhat-1.jar:1.1.1-p5-redhat-1]
at org.switchyard.component.soap.endpoint.BaseWebService.invoke(BaseWebService.java:41) [switchyard-component-soap-1.1.1-p5-redhat-1.jar:1.1.1-p5-redhat-1]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45]
at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45]
at org.jboss.ws.common.invocation.AbstractInvocationHandlerJSE.invoke(AbstractInvocationHandlerJSE.java:108)
at org.jboss.wsf.stack.cxf.JBossWSInvoker.performInvocation(JBossWSInvoker.java:149) [jbossws-cxf-server-4.1.4.Final-redhat-7.jar:4.1.4.Final-redhat-7]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) [cxf-api-2.6.8.redhat-7.jar:2.6.8.redhat-7]
... 32 more
Caused by: org.switchyard.HandlerException: SWITCHYARD014014: Required policies have not been provided:
at org.switchyard.handlers.PolicyHandler.handleMessage(PolicyHandler.java:61) [switchyard-runtime-1.1.1-p5-redhat-1.jar:1.1.1-p5-redhat-1]
at org.switchyard.bus.camel.processors.HandlerProcessor.process(HandlerProcessor.java:62) [switchyard-bus-camel-1.1.1-p5-redhat-1.jar:1.1.1-p5-redhat-1]
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61) [camel-core-2.10.0.redhat-60024.jar:2.10.0.redhat-60024]

Environment

Red Hat JBoss Fuse Service Works (FSW)
- 6.0.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

New to Red Hat?

Learn more about Red Hat subscriptions

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories