My apologies if this is going to the wrong list. I couldn't find a users list.
I am new to OpenCMIS. I have run a number of tests inside of JUnit and all have
contacted the server, returned a proper response in the form of meta data or a
document; however, when I move this same code, unchanged, into WebLogic 10.3, I
get an exception:
javax.xml.ws.soap.SOAPFaultException: MustUnderstand
headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood
The failure happens during the call to the SessionFactory createSession method.
I've read quite a bit about this on various forums, but have yet to find a
solution. It appears, if I understand things correctly, that the server is
replying with a mustUnderstand="1", as referenced by the response, but that my
client is unable to process the header and, per security rules, must fail.
What do I need to do to make this work properly inside of WebLogic? Am I
missing a configuration file somewhere?
Thank you!
Paul
SOAP request
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/";>
<S:Header>
<Security
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<Timestamp
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<Created>2013-07-03T13:55:29Z</Created>
<Expires>2013-07-04T13:55:29Z</Expires>
</Timestamp>
<UsernameToken>
<Username>some_user</Username>
<Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>somepassword</Password>
<Created
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2013-07-03T13:55:29Z</Created>
</UsernameToken>
</Security>
</S:Header>
<S:Body>
<ns2:getRepositoryInfo
xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/";
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/";>
<ns2:repositoryId>ECMSFITDEV</ns2:repositoryId>
</ns2:getRepositoryInfo>
</S:Body>
</S:Envelope>
SOAP response
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xs="http://www.w3.org/2001/XMLSchema";>
<S:Header>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp
xmlns:ns15="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";
xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
xmlns:ns13="http://www.w3.org/2003/05/soap-envelope";
wsu:Id="XWSSGID-1372296452640-685270172">
<wsu:Created>2013-07-03T13:55:29Z</wsu:Created>
<wsu:Expires>2013-07-03T14:00:29Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:getRepositoryInfoResponse
xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/";
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/";>
<ns2:repositoryInfo>
<repositoryId>ECMSFITDEV</repositoryId>
<repositoryName>ECMSFITDEV</repositoryName>
<repositoryDescription>ECMSFITDEV</repositoryDescription>
<vendorName>EMC</vendorName>
<productName>Documentum</productName>
<productVersion>6.7.1000.0038</productVersion>
<rootFolderId>root</rootFolderId>
<capabilities>
<capabilityACL>manage</capabilityACL>
<capabilityAllVersionsSearchable>true</capabilityAllVersionsSearchable>
<capabilityChanges>none</capabilityChanges>
<capabilityContentStreamUpdatability>anytime</capabilityContentStreamUpdatability>
<capabilityGetDescendants>true</capabilityGetDescendants>
<capabilityGetFolderTree>true</capabilityGetFolderTree>
<capabilityMultifiling>true</capabilityMultifiling>
<capabilityPWCSearchable>false</capabilityPWCSearchable>
<capabilityPWCUpdatable>false</capabilityPWCUpdatable>
<capabilityQuery>bothcombined</capabilityQuery>
<capabilityRenditions>read</capabilityRenditions>
<capabilityUnfiling>false</capabilityUnfiling>
<capabilityVersionSpecificFiling>false</capabilityVersionSpecificFiling>
<capabilityJoin>inneronly</capabilityJoin>
</capabilities>
<aclCapability>
<supportedPermissions>both</supportedPermissions>
<propagation>repositorydetermined</propagation>
<permissions>
<permission>none</permission>
<description>No access is permitted.</description>
</permissions>
<permissions>
<permission>browse</permission>
<description>The user can look at property values but not at associated
content.</description>
</permissions>
<permissions>
<permission>cmis:read</permission>
<description>The user can read content but not update. It includes browse
permission.</description>
</permissions>
<permissions>
<permission>relate</permission>
<description>The user can attach an annotation to the object. It includes
browse and read permissions.</description>
</permissions>
<permissions>
<permission>version</permission>
<description>The user can version the object. It includes browse, read and
relate permissions.</description>
</permissions>
<permissions>
<permission>cmis:write</permission>
<description>The user can write and update the object. It includes browse,
read, relate and version permissions.</description>
</permissions>
<permissions>
<permission>delete</permission>
<description>The user can delete the object. It includes browse, read, relate,
version and write permissions.</description>
</permissions>
<permissions>
<permission>change_location</permission>
<description>In conjunction with the appropriate base permission level, allows
the user to move an object from one folder to another.</description>
</permissions>
<permissions>
<permission>change_owner</permission>
<description>The user can change the owner of the object.</description>
</permissions>
<permissions>
<permission>change_permit</permission>
<description>The user can change the basic permissions of the
object.</description>
</permissions>
<permissions>
<permission>change_state</permission>
<description>The user can change the document lifecycle state of the
object.</description>
</permissions>
<permissions>
<permission>change_folder_links</permission>
<description>Allows a user to link an object to a folder or unlink an object
from a folder.</description>
</permissions>
<permissions>
<permission>delete_object</permission>
<description>The user can delete the object. The delete object extended
permission is not equivalent to the base delete permission. Delete Object
extended permission does not grant browse, read, relate, version, or write
permission.</description>
</permissions>
<permissions>
<permission>execute_proc</permission>
<description>The user can run the external procedure associated with the
object.</description>
</permissions>
<permissions>
<permission>cmis:all</permission>
<description>The user has all basic and extended permissions.</description>
</permissions>
<mapping>
<key>canGetDescendents.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetChildren.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetParents.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetFolderParent.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canCreateDocument.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCreateFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCreateRelationship.Source</key>
<permission>relate</permission>
</mapping>
<mapping>
<key>canCreateRelationship.Target</key>
<permission>relate</permission>
</mapping>
<mapping>
<key>canGetProperties.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canViewContent.Object</key>
<permission>cmis:read</permission>
</mapping>
<mapping>
<key>canUpdateProperties.Object</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canMove.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canMove.Target</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canMove.Source</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canDelete.Object</key>
<permission>delete</permission>
</mapping>
<mapping>
<key>canDeleteTree.Folder</key>
<permission>delete</permission>
</mapping>
<mapping>
<key>canSetContent.Document</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canDeleteContent.Document</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canAddToFolder.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canAddToFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canRemoveFromFolder.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canRemoveFromFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCheckout.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canCancelCheckout.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canCheckin.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canGetAllVersions.VersionSeries</key>
<permission>cmis:read</permission>
</mapping>
<mapping>
<key>canGetObjectRelationships.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetACL.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canApplyACL.Object</key>
<permission>change_permit</permission>
</mapping>
</aclCapability>
<cmisVersionSupported>1.0</cmisVersionSupported>
</ns2:repositoryInfo>
</ns2:getRepositoryInfoResponse>
</S:Body>
</S:Envelope>
----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may
contain information that is privileged, confidential and/or proprietary and
subject to important terms and conditions available at
http://www.bankofamerica.com/emaildisclaimer. If you are not the intended
recipient, please delete this message.
