On Tue, Jan 13, 2009 at 7:43 PM, Abraham Washington <[email protected]>wrote:
> hi, i have a service hosted on jboss 4.2.3.ga using jdk 1.6, which > requires authentication. my client references the service. > > > > here's my client definitions.xml: > > > > <!-- WS Security POLICY SETS --> > > < > sca:policySet name="soasecurity:wsClientAuthenticationPolicy" > > provides="authentication" > > appliesTo="sca:reference/sca:binding.ws"> > > <tuscany:wsConfigParam> > > <parameter name="OutflowSecurity"> > > <action> > > <items>UsernameToken</items> > > <user>TuscanyWsUser</user> > > <passwordCallbackClass>org.soa.services.security.ClientPWCBHandler</ > passwordCallbackClass> > > <passwordType>PasswordText</passwordType> > > </action> > > </parameter> > > </tuscany:wsConfigParam> > > </sca:policySet> > > > > here's the service (my tuscany service) security. it's running in a > separate vm (jboss 4.2.3). > > > < > sca:definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"; > > targetNamespace="http://www.osoa.org/xmlns/sca/1.0"; > > xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"; > > xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"; > > xmlns:soasecurity="http://org.soa.services";> > > > > <sca:policySet name="oasecurity:wsAuthenticationPolicy" > > provides="authentication" > > appliesTo="sca:binding.ws" > > > > > <tuscany:wsConfigParam> > > <parameter name="InflowSecurity"> > > <action> > > <items>UsernameToken</items> > > <passwordCallbackClass>org.soa.services.security.server.ServerPWCBHandler > </passwordCallbackClass> > > </action> > > </parameter> > > </tuscany:wsConfigParam> > > </sca:policySet> > > > > the service is never invoked. on the client side, an exception is thrown: > > > > > 10:56:01,694 INFO [STDOUT] message -> > org.apache.tuscany.sca.interfacedef.util.FaultException: Must Understand > check failed for header > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd: > Security > 10:56:01,695 ERROR [STDERR] org.osoa.sca.ServiceRuntimeException: > org.apache.tuscany.sca.interfacedef.util.FaultExceptio > n: Must Understand check failed for header > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd: > Security > 10:56:01,697 ERROR [STDERR] at > org.apache.tuscany.sca.core.databinding.wire.DataTransformationInterceptor.invoke(Dat > aTransformationInterceptor.java:136) > 10:56:01,697 ERROR [STDERR] at > org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl > er.java:287) > 10:56:01,698 ERROR [STDERR] at > org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl > er.java:154) > 10:56:01,698 ERROR [STDERR] at $Proxy72.findOrganization(Unknown > Source) > 10:56:01,699 ERROR [STDERR] at > org.soa.services.OrganizationServiceImpl.findOrganization(OrganizationServiceImp > l.java:21) > 10:56:01,699 ERROR [STDERR] at > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > 10:56:01,699 ERROR [STDERR] at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > 10:56:01,700 ERROR [STDERR] at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > 10:56:01,700 ERROR [STDERR] at > java.lang.reflect.Method.invoke(Method.java:597) > 10:56:01,701 ERROR [STDERR] at > org.apache.tuscany.sca.implementation.java.invocation.JavaImplementationInvoker.invok > e(JavaImplementationInvoker.java:132) > 10:56:01,701 ERROR [STDERR] at > org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValu > eInterceptor.java:112) > 10:56:01,702 ERROR [STDERR] at > org.apache.tuscany.sca.binding.sca.impl.SCABindingInvoker.invoke(SCABindingInvoker.ja > va:61) > 10:56:01,702 ERROR [STDERR] at > org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValu > eInterceptor.java:112) > 10:56:01,703 ERROR [STDERR] at > org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl > er.java:287) > 10:56:01,703 ERROR [STDERR] at > org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl > er.java:154) > > ideas, thx abe > > > Hi Abe Sorry for this slightly tardy reply. Do you see any Rampart errors reported in the output. What seems to be happening is that the ws-security header is being flowed but the server end doesn't have the appropriate modules loaded to process it. Hence it is complaining about being unable to process and element that is marked as "mustUnderstand". I'll try and run the security sample here and see what happens. Regards Simon
