santosh kumar das created CMIS-997: -------------------------------------- Summary: MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood Key: CMIS-997 URL: https://issues.apache.org/jira/browse/CMIS-997 Project: Chemistry Issue Type: Bug Affects Versions: OpenCMIS 0.12.0 Reporter: santosh kumar das Priority: Critical
When trying to use SOAP binding using OpenCMIS and connecting to documentum server we are getting the following exception com.sun.xml.internal.ws.protocol.soap.MUTube getMisUnderstoodHeaders INFO: Element not understood={http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security Exception: MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0. After initial analysis I found that though openCMIS generates the Ws-Security headers for Outbound side, in inbound side it is unable to process Ws-security headers. Please note that Documentum version 7.1 sends Ws-security headers in the Response. I have found a workaround where in we can engage SOAP handlers the WSBindingProvider to implicitly instruct JAX-WS to understand the headers, https://dwuysan.wordpress.com/2012/04/02/jax-ws-wsimport-and-the-error-mustunderstand-headers-not-understood/#comment-215 if we do the changes in PortProvider.java initPortObject() it should resolve the issue. but In my opinion either OpenCMIS should be modified to provide full support for WS-Security in inbound side. -- This message was sent by Atlassian JIRA (v6.3.4#6332)