after migrating to 1.4, the error msg on the server side is more verbose, hopefully someone has an idea. the client callback is being executed. but the service throws this exception:
07:16:41,853 INFO [Server] JBoss (MX MicroKernel) [4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)] Started in 24s:374ms 07:20:34,844 INFO [STDOUT] - Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-20040 1-wss-wssecurity-secext-1.0.xsd : Security org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401- wss-wssecurity-secext-1.0.xsd : Security at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:166) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.tuscany.sca.host.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:107) at org.apache.tuscany.sca.host.webapp.TuscanyServletFilter.doFilter(TuscanyServletFilter.java:93) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446) at java.lang.Thread.run(Thread.java:619) $ thx abe ________________________________ From: Simon Laws <[email protected]> To: [email protected] Sent: Thursday, January 15, 2009 4:06:39 AM Subject: Re: security module not executed on service On Tue, Jan 13, 2009 at 7:43 PM, Abraham Washington <[email protected]> wrote: hi, i have a service hosted on jboss 4.2.3.ga using jdk 1.6, which requires authentication. my client references the service. here's my client definitions.xml: <!-- WS Security POLICY SETS --><sca:policySet name="soasecurity:wsClientAuthenticationPolicy" provides="authentication" appliesTo="sca:reference/sca:binding.ws"><tuscany:wsConfigParam><parameter name="OutflowSecurity"><action><items>UsernameToken</items><user>TuscanyWsUser</user><passwordCallbackClass>org.soa.services.security.ClientPWCBHandler</passwordCallbackClass><passwordType>PasswordText</passwordType></action></parameter></tuscany:wsConfigParam></sca:policySet> here's the service (my tuscany service) security. it's running in a separate vm (jboss 4.2.3). <sca:definitions xmlns="http://www.osoa.org/xmlns/sca/1.0"; targetNamespace="http://www.osoa.org/xmlns/sca/1.0"; xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"; xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"; xmlns:soasecurity="http://org.soa.services";> <sca:policySet name="oasecurity:wsAuthenticationPolicy" provides="authentication" appliesTo="sca:binding.ws" ><tuscany:wsConfigParam><parameter name="InflowSecurity"><action><items>UsernameToken</items><passwordCallbackClass>org.soa.services.security.server.ServerPWCBHandler</passwordCallbackClass></action></parameter></tuscany:wsConfigParam></sca:policySet> the service is never invoked. on the client side, an exception is thrown: 10:56:01,694 INFO [STDOUT] message -> org.apache.tuscany.sca.interfacedef.util.FaultException: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security 10:56:01,695 ERROR [STDERR] org.osoa.sca.ServiceRuntimeException: org.apache.tuscany.sca.interfacedef.util.FaultExceptio n: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security 10:56:01,697 ERROR [STDERR] at org.apache.tuscany.sca.core.databinding.wire.DataTransformationInterceptor.invoke(Dat aTransformationInterceptor.java:136) 10:56:01,697 ERROR [STDERR] at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl er.java:287) 10:56:01,698 ERROR [STDERR] at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl er.java:154) 10:56:01,698 ERROR [STDERR] at $Proxy72.findOrganization(Unknown Source) 10:56:01,699 ERROR [STDERR] at org.soa.services.OrganizationServiceImpl.findOrganization(OrganizationServiceImp l.java:21) 10:56:01,699 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 10:56:01,699 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 10:56:01,700 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 10:56:01,700 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:597) 10:56:01,701 ERROR [STDERR] at org.apache.tuscany.sca.implementation.java.invocation.JavaImplementationInvoker.invok e(JavaImplementationInvoker.java:132) 10:56:01,701 ERROR [STDERR] at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValu eInterceptor.java:112) 10:56:01,702 ERROR [STDERR] at org.apache.tuscany.sca.binding.sca.impl.SCABindingInvoker.invoke(SCABindingInvoker.ja va:61) 10:56:01,702 ERROR [STDERR] at org.apache.tuscany.sca.core.databinding.wire.PassByValueInterceptor.invoke(PassByValu eInterceptor.java:112) 10:56:01,703 ERROR [STDERR] at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl er.java:287) 10:56:01,703 ERROR [STDERR] at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandl er.java:154) ideas, thx abe Hi Abe Sorry for this slightly tardy reply. Do you see any Rampart errors reported in the output. What seems to be happening is that the ws-security header is being flowed but the server end doesn't have the appropriate modules loaded to process it. Hence it is complaining about being unable to process and element that is marked as "mustUnderstand". I'll try and run the security sample here and see what happens. Regards Simon
