Hi, This error (PostDispatchVerificationHandler.java:152) means that security policy was not available at the time rampart was called.
Thanks, Ruchith On Sat, Apr 9, 2011 at 1:05 PM, Stephen Cresswell <em...@stephen-cresswell.net> wrote: > We're running into problems added authentication to our web services. It > works for our simple "hello world" web service, but when we try it with the > real web service we get an InvalidSecurity fault. I've stripped the WSDL > back so that the hello world and post code service are almost identical, but > I still get this error. Any ideas? > > Failing Request > <soapenv:Envelope xmlns:car="http://xyzi.mycomp.co.uk/postcodedata_1"; > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> > <soapenv:Header> > <wsse:Security soapenv:mustUnderstand="1" > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> > <wsse:UsernameToken wsu:Id="UsernameToken-1" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> > <wsse:Username>BILL</wsse:Username> > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>SECRET</wsse:Password> > </wsse:UsernameToken> > </wsse:Security> > </soapenv:Header> > <soapenv:Body> > <car:getValidAddressTypes> > <car:category>X</car:category> > </car:getValidAddressTypes> > </soapenv:Body> > </soapenv:Envelope> > > Response > <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> > <soapenv:Body> > <soapenv:Fault> > <faultcode>soapenv:Server</faultcode> > <faultstring>InvalidSecurity</faultstring> > <detail/> > </soapenv:Fault> > </soapenv:Body> > </soapenv:Envelope> > > services.xml > <?xml version="1.0" encoding="UTF-8"?> > <!-- This file was auto-generated from WSDL --> > <!-- by the Apache Axis2 version: 1.5.2 Built on : Sep 06, 2010 (09:42:01 > CEST) --> > <serviceGroup> > <service name="PostCodeService_1_0"> > <messageReceivers> > <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out"; > class="uk.co.mycomp.foo.PostCodeService_1_0MessageReceiverInOut"/> > </messageReceivers> > <parameter > name="ServiceClass">uk.co.mycomp.foo.PostCodeService_1_0Skeleton</parameter> > <parameter name="useOriginalwsdl">true</parameter> > <parameter name="modifyUserWSDLPortAddress">true</parameter> > <operation name="getValidAddressTypes" > mep="http://www.w3.org/ns/wsdl/in-out"; > namespace="http://xyzi.mycomp.co.uk/postcodeservice_1";> > > <actionMapping>http://xyzi.mycomp.co.uk/postcodeservice_1/PostCodePortType/getValidAddressTypesRequest</actionMapping> > > <outputActionMapping>http://xyzi.mycomp.co.uk/postcodeservice_1/PostCodePortType/getValidAddressTypesResponse</outputActionMapping> > </operation> > <module ref="SmartintegratorModule"/> > <module ref="rampart"/> > > <wsp:Policy wsu:Id="UsernameToken" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsp:ExactlyOne> > <wsp:All> > <sp:SupportingTokens > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> > </sp:UsernameToken> > </wsp:Policy> > </sp:SupportingTokens> > <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> > > <ramp:passwordCallbackClass>com.mycomp.ext.auth.PasswordCallbackHandler</ramp:passwordCallbackClass> > </ramp:RampartConfig> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > </service> > <service name="SpringAwareService" > class="com.mycomp.ext.spring.SpringInit"> > <description>Spring initialiser</description> > </service> > </serviceGroup> > > debug > [ERROR] InvalidSecurity > org.apache.axis2.AxisFault: InvalidSecurity > at > org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:152) > at org.apache.axis2.engine.Phase.invoke(Phase.java:318) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160) > at > org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167) > at > org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:266) > at > org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281) > at > org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187) > at > org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:662) > -- http://ruchith.org --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For additional commands, e-mail: java-dev-h...@axis.apache.org
