From: lanabe.lan...@gmail.com
Date: Thu, 14 Jul 2016 08:16:46 +0000
Subject: Re: Axis2 1.7.3 + Rampart 1.7.0 WS-Security not invoked
To: java-user@axis.apache.org
Hi, apparently I found a workaround.
Axis2 1.7.3 + Rampart 1.6.4 works fine(ofc, I suspect there should be more
proper way with Rampart 1.7.0).I noticed that Rampart 1.7.0 doesn't have
WSDoAllHandler which processes WS-Security Header.
MG>Ianabe please file Urgent priority JIRA bug on missing WSDoAllHandler for
Rampart 1.70
https://issues.apache.org/jira/browse/RAMPART/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel
So, I should change the question. Should I use Rampart 1.6.4? Or, is there any
proper way to use Rampart 1.7.0?
On Wed, Jul 13, 2016 at 10:29 PM lanabe <lanabe.lan...@gmail.com> wrote:
Hi, I'm working on using WS-Security with Axis2 1.7.3 .
Axis2 1.6.4 + Rampart 1.6.4 works perfectly, but in Axis2 1.7.3 + Rampart
1.7.0, I got the following error.
---
13-Jul-2016 22:10:21.222 SEVERE [http-nio-8080-exec-4]
org.apache.axis2.engine.AxisEngine.receive Must Understand check failed for
headers:
{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
org.apache.axis2.AxisFault: Must Understand check failed for headers:
{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
at
org.apache.axis2.jaxws.handler.HandlerUtils.checkMustUnderstand(HandlerUtils.java:160)
at
org.apache.axis2.jaxws.server.EndpointController.inboundHeaderAndHandlerProcessing(EndpointController.java:336)
at
org.apache.axis2.jaxws.server.EndpointController.handleRequest(EndpointController.java:258)
at
org.apache.axis2.jaxws.server.EndpointController.invoke(EndpointController.java:101)
[...]
---
It seems not to be enable the settings for InflowSecurity.
I've created a simple reproducer, which has 2 projects in each version(1.6.4,
1.7.3).
https://github.com/emag-notes/axis2-ws-security
Any Idea?
