Here is the problem: > <entry key="action" value="Signature Encrypt"/> > <entry key="action" value="Timestamp Signature Encrypt"/>
The "action" list must match on both the outbound and inbound sides. Colm. On Mon, Dec 3, 2012 at 10:14 AM, marcin.kasinski <[email protected]>wrote: > My client configuration: > > > <bean id="RequestInterceptor" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <constructor-arg> > <map> > > > <entry key="action" value="Signature Encrypt"/> > <entry key="user" value="client" /> > > <entry key="signaturePropFile" > value="client_sign.properties"/> > <entry key="encryptionPropFile" > value="client_encrypt.properties"/> > > <entry key="encryptionUser" value="server cert" /> > > > <entry key="signatureKeyIdentifier" > value="DirectReference"/> > > > > <entry key="encryptionParts" > value="{Element}{ > http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{Null}arg0"/> > > > <entry key="encryptionSymAlgorithm" > value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> > > <entry key="passwordCallbackClass" > value="mkcallbackpackage.ServiceKeystorePasswordCallback"/> > > </map> > </constructor-arg> > </bean> > > > > My service configuration: > > <bean id="RequestInterceptor" > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > <constructor-arg> > <map> > > <entry key="action" value="Timestamp Signature Encrypt"/> > > > <entry key="signaturePropFile" > value="server_sign.properties"/> > <entry key="decryptionPropFile" > value="server_sign.properties"/> > > <entry key="timestampStrict" value="false"/> > > <entry key="passwordCallbackClass" > value="mkcallbackpackage.ServiceKeystorePasswordCallback"/> > > > > > > > > > </map> > </constructor-arg> > </bean> > > > Error message: > > gru 03, 2012 11:13:28 AM > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor > checkActions > WARNING: Security processing failed (actions mismatch) > gru 03, 2012 11:13:28 AM > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor > handleMessage > WARNING: > org.apache.ws.security.WSSecurityException: An error was discovered > processing the <wsse:Security> header > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:380) > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:301) > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:94) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) > at > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > at > > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:238) > at > > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:222) > at > > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:202) > at > > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137) > at > > org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:158) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:239) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:159) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:215) > at > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) > at > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > at > > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) > at > > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) > at > > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) > at > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) > at > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929) > at > > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) > at > > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1002) > at > > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585) > at > > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) > at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown > Source) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown > Source) > at java.lang.Thread.run(Unknown Source) > > gru 03, 2012 11:13:28 AM org.apache.cxf.phase.PhaseInterceptorChain > doDefaultLogging > WARNING: Interceptor for > {http://mkpackage/}HelloMgrImplService#{http://mkpackage/}hello has thrown > exception, unwinding now > org.apache.cxf.binding.soap.SoapFault: An error was discovered processing > the <wsse:Security> header > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:797) > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:354) > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:94) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) > at > > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > at > > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:238) > at > > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:222) > at > > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:202) > at > > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137) > at > > org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:158) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:239) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:159) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) > at > > org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:215) > at > > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) > at > > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) > at > > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) > at > > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) > at > > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) > at > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) > at > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929) > at > > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) > at > > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1002) > at > > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585) > at > > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) > at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown > Source) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown > Source) > at java.lang.Thread.run(Unknown Source) > Caused by: org.apache.ws.security.WSSecurityException: An error was > discovered processing the <wsse:Security> header > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:380) > at > > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:301) > ... 28 more > > > > > ----- > > Regards > Marcin Kasinski > http://itzone.com.pl > -- > View this message in context: > http://cxf.547215.n5.nabble.com/CXF-WSS4J-and-timestampStrict-tp5719532p5719566.html > Sent from the cxf-dev mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
