Hi,
the WSS4JInInterceptor normally says, that it understands the
security-header. I'm not sure, but it could be that you should add the
saajininterceptor to the chain before you add the wss4jininterceptor,
because it transforms the message to a DOM-Object which is necessary
for wss4jininterceptor.
hope this helps,
Jakob
george.atanasov schrieb:
Hello Jakob,
Yes. I have the following configuration:
<!-- Aegis data binding -->
<bean id="aegisBean"
class="org.apache.cxf.aegis.databinding.AegisDatabinding">
<property name="configuration">
<bean class="org.apache.cxf.aegis.type.TypeCreationOptions">
<property name="defaultMinOccurs" value="1"/>
<property name="defaultNillable" value="false"/>
</bean>
</property>
</bean>
<bean id="jaxws-and-aegis-service-factory"
class="org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean"
scope="prototype">
<property name="dataBinding" ref="aegisBean"/>
<property name="serviceConfigurations">
<list>
<bean
class="org.apache.cxf.jaxws.support.JaxWsServiceConfiguration"/>
<bean
class="org.apache.cxf.aegis.databinding.AegisServiceConfiguration"/>
<bean
class="org.apache.cxf.service.factory.DefaultServiceConfiguration"/>
</list>
</property>
</bean>
<bean id="usernameTokenInInterceptor"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken
Timestamp" />
<entry key="passwordCallbackRef"
value-ref="usernameTokenPasswordCallback" />
<entry key="passwordType" value="PasswordDigest"
/>
<entry key="timestampStrict" value="true"/>
<entry key="timeToLive" value="300"/>
</map>
</constructor-arg>
</bean>
<jaxws:endpoint id="homesSearch"
implementorClass="uk.co.fish4.fish4services.homes.services.search.IHomesSearchService"
name="homesSearch"
serviceName="s:homesSearch"
implementor="#homesSearchService"
address="/services/homesSearch"
xmlns:s="http://search.services.homes.fish4services.fish4.co.uk";>
<jaxws:serviceFactory>
<ref bean="jaxws-and-aegis-service-factory"/>
</jaxws:serviceFactory>
<jaxws:inInterceptors>
<bean
class="uk.co.fish4.fish4services.cxf.ws.security.WSSecurityInterceptor">
<property name="enabled"
value="${services.ws.security.on}"/>
<property name="wss4jInInterceptor"
ref="usernameTokenInInterceptor"/>
<property name="userTokenInterceptor"
ref="userTokenInterceptor"/>
</bean>
</jaxws:inInterceptors>
</jaxws:endpoint>
uk.co.fish4.fish4services.cxf.ws.security.WSSecurityInterceptor is my custom
inteceptor in which i parse the soap message like :
LoggingInterceptor loggingInterceptor = new
LoggingInterceptor(Phase.POST_PROTOCOL);
message.getInterceptorChain().add(wss4jInInterceptor);
message.getInterceptorChain().add(new SAAJInInterceptor());
message.getInterceptorChain().add(userTokenInterceptor);
message.getInterceptorChain().add(loggingInterceptor);
Jakob Guenther wrote:
Hi,
are you sure that you have added an interceptor on server side, that
sets the header part as "understood"? There is an Interface
SoapInterceptor, your configured Interceptor should implement.
Or just use the WSS4JInInterceptor.
Greetings, Jakob
george.atanasov wrote:
Hello eveybody,
I am trying to setup CXF2.1.3 using aegis and WS-Security on tomcat 6
server. Unfortunately i am getting an error:
org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers:
[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood.
The soap message sent from the client does contain the correct security
info
and seems ok. So i copied the message to jmeter and ran it without
mustUnderstand="1" flag. Strange but it works as expected and returns the
correct results in the response.
Does anyone have any idea what the cause can be?
Best Regards,
George
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.175 / Virus Database: 270.9.10/1812 - Release Date:
25.11.2008 19:53
--
Jakob Günther
Badstraße 20, D-13357 Berlin
Tel.: 030/28033888
Mobil-Tel.: 0177/3787328
Email: [EMAIL PROTECTED]
