3

I've a problem with wsdl2java in CXF. It generates a java.lang.Object parameter instead of the correct XACMLAuthzDecisionType. It complains about:
Operation {urn:com:test:se:authz:AuthzService}Evaluate cannot be unwrapped, input message must reference global element declaration with same localname as operation

I've tried to change the name of the input parameter and the corresponding message part but it doesn't help.

The generated server interface is as follows:

@WebService(targetNamespace = "urn:com:test:se:authz:AuthzService", name = "AuthzServicePort")
@XmlSeeAlso({org.w3._2000._09.xmldsig_.ObjectFactory.class, oasis.names.tc.xacml._3_0.profile.saml2_0.v2.schema.assertion.wd_13.ObjectFactory.class, oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory.class, oasis.names.tc.saml._2_0.protocol.ObjectFactory.class, org.w3._2001._04.xmlenc_.ObjectFactory.class, oasis.names.tc.saml._2_0.assertion.ObjectFactory.class, oasis.names.tc.xacml._3_0.profile.saml2_0.v2.schema.protocol.wd_13.ObjectFactory.class})
@SOAPBinding(parameterStyle = SOAPBinding.ParameterStyle.BARE)
public interface AuthzServicePort {

    @WebResult(name = "Response", targetNamespace = "urn:oasis:names:tc:SAML:2.0:protocol", partName = "parameters")
    @WebMethod(operationName = "Evaluate", action = "urn:com:test:se:authz:AuthzService:Evaluate")
    public oasis.names.tc.saml._2_0.protocol.ResponseType evaluate(
        @WebParam(partName = "parameters", name = "XACMLAuthzDecisionQuery", targetNamespace = "urn:oasis:names:tc:xacml:3.0:profile:saml2.0:v2:schema:protocol:wd-13")
        java.lang.Object parameters
    );
}


I'm using CXF 3.1.2 from the command line:

apache-cxf-3.1.2\bin\wsdl2java -d c:\temp\gensrc\AuthzServiceTest -server -validate=all -autoNameResolution -verbose -xjc-verbose AuthzServiceTest.wsdl

Does anyone know why it cannot generate the correct parameter?

The Java class XACMLAuthzDecisionQueryType gets the 'You are getting this "catch-all" property because the field name "Extensions" is used by two different parts of a schema'.

I don't know if this somehow causes the generation of the parameter to fail.

The WSDL I use:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<wsdl:definitions 
    xmlns="urn:com:test:se:authz:AuthzService"
    xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 
    xmlns:tns="urn:com:test:se:authz:AuthzService" 
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
    xmlns:xacml="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
    xmlns:xacml-samlp="urn:oasis:names:tc:xacml:3.0:profile:saml2.0:v2:schema:protocol:wd-13"
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
    name="AuthzService" 
    targetNamespace="urn:com:test:se:authz:AuthzService"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    >

    <wsdl:types>
        <xsd:schema>
            <xsd:import namespace="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" 
                        schemaLocation="http://docs.oasis-open.org/xacml/3.0/xacml-core-v3-schema-wd-17.xsd"/>

            <xsd:import namespace="urn:oasis:names:tc:xacml:3.0:profile:saml2.0:v2:schema:protocol:wd-13" 
                        schemaLocation="http://docs.oasis-open.org/xacml/3.0/xacml-3.0-profile-saml2.0-v2-schema-protocol-wd-13.xsd"/>

            <xsd:import namespace="urn:oasis:names:tc:SAML:2.0:protocol" 
                        schemaLocation="http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd"/>
        </xsd:schema>
    </wsdl:types>

  <wsdl:message name="Evaluate">
    <wsdl:part name="parameters" element="xacml-samlp:XACMLAuthzDecisionQuery"/>
  </wsdl:message>

  <wsdl:message name="EvaluateResponse">
    <wsdl:part name="parameters" element="samlp:Response"/>
  </wsdl:message>

  <wsdl:portType name="AuthzServicePort">
    <wsdl:operation name="Evaluate">
      <wsdl:input message="tns:Evaluate"/>
      <wsdl:output message="tns:EvaluateResponse"/>
    </wsdl:operation>
  </wsdl:portType>

  <wsdl:binding name="AuthzServiceSOAPBinding" type="tns:AuthzServicePort">
    <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsdl:operation name="Evaluate">
      <soap:operation soapAction="urn:com:test:se:authz:AuthzService:Evaluate" style="document"/>
      <wsdl:input>
        <soap:body use="literal"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal"/>
      </wsdl:output>
    </wsdl:operation>
  </wsdl:binding>

  <wsdl:service name="AuthzService">
    <wsdl:port name="AuthzService" binding="tns:AuthzServiceSOAPBinding" >
        <soap:address location="http://localhost:8080/AuthzService/"/>
    </wsdl:port>
  </wsdl:service>

</wsdl:definitions>
Filburt
  • 17,626
  • 12
  • 64
  • 115
Stef
  • 93
  • 1
  • 12

1 Answers1

3

I finally found the solution to this problem. OASIS have published a new working draft (wd-14) that solves this problem. Can be found here: http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/schemas/xacml-3.0-profile-saml2.0-v2-schema-protocol-wd-14.xsd.

You need to download the xsd file and change the import schema statement for the assertion xsd to:

<import namespace="urn:oasis:names:tc:xacml:3.0:profile:saml2.0:v2:schema:assertion:wd-14"
        schemaLocation="http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/schemas/xacml-3.0-profile-saml2.0-v2-schema-assertion-wd-14.xsd" />

You need to use a binding file to avoid the problem with two defined Extension elements.

<?xml version="1.0" encoding="UTF-8"?>
<jxb:bindings 
    xmlns:xs="http://www.w3.org/2001/XMLSchema" 
    xmlns:jxb="http://java.sun.com/xml/ns/jaxb"
    version="2.1">
    <jxb:bindings schemaLocation="xacml-3.0-profile-saml2.0-v2-schema-protocol-wd-14.xsd">
            <jxb:bindings node="//xs:complexType[@name='XACMLAuthzDecisionQueryType']//xs:element[@ref='xacml-samlp:Extensions']">
                <jxb:property name="ExtensionList"/>
            </jxb:bindings>
    </jxb:bindings>
</jxb:bindings>
Stef
  • 93
  • 1
  • 12
  • HiI @Stef! I have the same problem. I appreciate all the help I can get. https://stackoverflow.com/questions/75682845/org-apache-cxf-wsdl11-wsdlservicebuilder-checkforwrapped – user1766169 Mar 14 '23 at 06:43