Basically, with 2.1.3, we are properly enforcing any MustUnderstand markers on the headers. SOMETHING on the chain needs to make sure the header is handled. Basically, you would need an out interceptor that subclasses the SoapInterceptor and have it's getUnderstoodHeaders() method return the security header qname. The interceptor doesn't need to do anything really, just marks itself has handling that header.
That said, for client side, if the header is marked for the ultimate receiver role, then a must understand shouldn't trigger an exception as the receiver is the client. I'll fix that. Dan On Wednesday 21 January 2009 1:25:16 pm Thomas Engelschmidt wrote: > Hi, > > I'm trying to migrate a working WS-Client using cxf 2.1.2 to 2.1.3. > > The Client only uses WSS for request, therefore only a > WSS4JOutInterceptor with the following actions is configured: > > Action : Timestamp Signature UsernameToken > > This client work fine using cxf 2.1.2, but under cxf 2.1.3 it fails > with an MustUnderstand headers fault. I suppose the problem is that > I'm not using an WSS InInterceptors. > > How can i get around this issue without using an WSS4JInInterceptor ? > > > Using : > wsdl2java option : -client > spring > jdk 1.6 10 > > btw, my reason for upgrading to 2.1.3 > http://www.nabble.com/CXF-and-Java-6-Update-10-td19463818.html > > > Stacktrace : > > javax.xml.ws.soap.SOAPFaultException: MustUnderstand headers: > [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext >-1.0.xsd }Security] are not understood. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145) > at $Proxy57.getIndkomstOplysningKlassiskAbonnentHentI(Unknown > Source) > at > dk.dst.eindkomst.client.IOKAhandler.bestilDataImpl(IOKAhandler.java:126) > at > dk > .dst > .eindkomst.client.EindkomstHandler.bestilData(EindkomstHandler.java:57) > at > dk.dst.eindkomst.client.SoapClient.startEIndkomst(SoapClient.java:31) > at dk.dst.eindkomst.client.SoapClient.main(SoapClient.java:16) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun > .reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > 39) > at > sun > .reflect > .DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java: > 25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > com.intellij.rt.execution.application.AppMain.main(AppMain.java:90) > Caused by: org.apache.cxf.binding.soap.SoapFault: MustUnderstand > headers: > [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext >-1.0.xsd }Security] are not understood. > at > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor > $ > UltimateReceiverMustUnderstandInterceptor > .handleMessage(MustUnderstandInterceptor.java:177) > at > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor > $ > UltimateReceiverMustUnderstandInterceptor > .handleMessage(MustUnderstandInterceptor.java:151) > at > org > .apache > .cxf > .phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220) > at > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:633) > at org.apache.cxf.transport.http.HTTPConduit > $WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2064) > at org.apache.cxf.transport.http.HTTPConduit > $WrappedOutputStream.handleResponse(HTTPConduit.java:1942) > at org.apache.cxf.transport.http.HTTPConduit > $WrappedOutputStream.close(HTTPConduit.java:1867) > at > org > .apache > .cxf > .io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java: > 47) > at > org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:170) > at > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) > at > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:595) > at org.apache.cxf.interceptor.MessageSenderInterceptor > $ > MessageSenderEndingInterceptor > .handleMessage(MessageSenderInterceptor.java:62) > at > org > .apache > .cxf > .phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java: > 466) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java: > 299) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java: > 251) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > ... 10 more -- Daniel Kulp [email protected] http://dankulp.com/blog
