Hello Jakob,
Yes. I have the following configuration:
<!-- Aegis data binding -->
<bean id="aegisBean"
class="org.apache.cxf.aegis.databinding.AegisDatabinding">
<property name="configuration">
<bean class="org.apache.cxf.aegis.type.TypeCreationOptions">
<property name="defaultMinOccurs" value="1"/>
<property name="defaultNillable" value="false"/>
</bean>
</property>
</bean>
<bean id="jaxws-and-aegis-service-factory"
class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean"
scope="prototype">
<property name="dataBinding" ref="aegisBean"/>
<property name="serviceConfigurations">
<list>
<bean
class="org.apache.cxf.jaxws.support.JaxWsServiceConfiguration"/>
<bean
class="org.apache.cxf.aegis.databinding.AegisServiceConfiguration"/>
<bean
class="org.apache.cxf.service.factory.DefaultServiceConfiguration"/>
</list>
</property>
</bean>
<bean id="usernameTokenInInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken
Timestamp" />
<entry key="passwordCallbackRef"
value-ref="usernameTokenPasswordCallback" />
<entry key="passwordType"
value="PasswordDigest" />
<entry key="timestampStrict" value="true"/>
<entry key="timeToLive" value="300"/>
</map>
</constructor-arg>
</bean>
<jaxws:endpoint id="homesSearch"
implementorClass="uk.co.fish4.fish4services.homes.services.search.IHomesSearchService"
name="homesSearch"
serviceName="s:homesSearch"
implementor="#homesSearchService"
address="/services/homesSearch"
xmlns:s="http://search.services.homes.fish4services.fish4.co.uk";>
<jaxws:serviceFactory>
<ref bean="jaxws-and-aegis-service-factory"/>
</jaxws:serviceFactory>
<jaxws:inInterceptors>
<bean
class="uk.co.fish4.fish4services.cxf.ws.security.WSSecurityInterceptor">
<property name="enabled"
value="${services.ws.security.on}"/>
<property name="wss4jInInterceptor"
ref="usernameTokenInInterceptor"/>
<property name="userTokenInterceptor"
ref="userTokenInterceptor"/>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
uk.co.fish4.fish4services.cxf.ws.security.WSSecurityInterceptor is my custom
inteceptor in which i parse the soap message like :
LoggingInterceptor loggingInterceptor = new
LoggingInterceptor(Phase.POST_PROTOCOL);
message.getInterceptorChain().add(wss4jInInterceptor);
message.getInterceptorChain().add(new SAAJInInterceptor());
message.getInterceptorChain().add(userTokenInterceptor);
message.getInterceptorChain().add(loggingInterceptor);
Jakob Guenther wrote:
>
> Hi,
>
> are you sure that you have added an interceptor on server side, that
> sets the header part as "understood"? There is an Interface
> SoapInterceptor, your configured Interceptor should implement.
> Or just use the WSS4JInInterceptor.
>
> Greetings, Jakob
>
> george.atanasov wrote:
>> Hello eveybody,
>>
>> I am trying to setup CXF2.1.3 using aegis and WS-Security on tomcat 6
>> server. Unfortunately i am getting an error:
>>
>> org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers:
>> [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
>> are not understood.
>>
>> The soap message sent from the client does contain the correct security
>> info
>> and seems ok. So i copied the message to jmeter and ran it without
>> mustUnderstand="1" flag. Strange but it works as expected and returns the
>> correct results in the response.
>>
>> Does anyone have any idea what the cause can be?
>>
>> Best Regards,
>> George
>>
>> ------------------------------------------------------------------------
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG - http://www.avg.com
>> Version: 8.0.175 / Virus Database: 270.9.10/1812 - Release Date:
>> 25.11.2008 19:53
>>
>>
>
>
>
--
View this message in context:
http://www.nabble.com/Problem-with-mustUnderstand-flag-tp20704720p20715059.html
Sent from the cxf-user mailing list archive at Nabble.com.
