This SOUNDS like the server doesn't have all the security and policy things enabled. My suggestion is to move to 2.4.1 if possible and make sure the cxf-rt-ws-policy, cxf-rt-ws-addr, and cfx-rt-ws-security jars are found.
With 2.3.1, in addition to making sure they are found, you likely need to make sure your spring config also imports the appropriate META-INF/cxf/cxf-extension-*.xml files. That would likely include: cxf-extension-ws-security.xml cxf-extension-policy.xml cxf-extension-addr.xml Dan On Sunday, August 07, 2011 3:55:16 PM ovi wrote: > The problem is: > I use jboss 6.0.0.Final with cxf 2.3.1 > I have a wsdl with a policy: > <wsp:Policy wsu:Id="BasicSecurityPolicy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:TransportBinding> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > > <sp:HttpsToken RequireClientCertificate="false" /> > </wsp:Policy> > </sp:TransportToken> > <sp:Layout> > <wsp:Policy> > <sp:Lax /> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp /> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic128 > /> > </wsp:Policy> > </sp:AlgorithmSuite> > </wsp:Policy> > </sp:TransportBinding> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > The <sp:IncludeTimestamp /> generates a security header like > <wsse:Security > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri > ty-secext-1.0.xsd" soap:mustUnderstand="1"> > The problem is that the cxf server thows an exception in > > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateRe > ceiverMustUnderstandInterceptor The exception is: > has thrown exception, unwinding now: > org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: > [{http://docs.oasis-open.org/wss/2004/01/oasis-2 > 00401-wss-wssecurity-secext-1.0.xsd}Security] are not understood. > To correct this problem I read > http://cxf.apache.org/docs/23-migration-guide.html and I put this in my > endpoint > <jaxws:properties> > <entry key="endpoint-processes-headers" > > value="{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-s > ecext-1.0.xsd}Security"/> </jaxws:properties> > That tells the cxf that this header should be understood. > With this property put in place the > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor is > fine but the > > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateRe > ceiverMustUnderstandInterceptor still throws the exception. > Possible solutions that I think of: > put an actor in the wsse:Security header but I don't know how to do this. > > But if you have any ideas how to deal with must understand headers let me > know because its urgent. > > thanks in advance for the advice > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/mustunderstand-header-not-understood-tp4675 > 945p4675945.html Sent from the cxf-dev mailing list archive at Nabble.com. -- Daniel Kulp [email protected] http://dankulp.com/blog Talend - http://www.talend.com
