Few Open issues using UserName Token Profile

Tue, 16 Jun 2009 11:51:08 -0700 

1)How do we configure the interceptors at a bus level in cxf-servlet.xml along 
with the endpoint declarations.

2)Once the ws-security(user name token profile/encryption) is enabled on each 
endpoint using the declarative method in cxf-servlet.xml we see the following 
exception if the client sends a request without user token soap header.Since we 
will be having other methods to authenticate how can we make these headers 
optional. Is commenting the ws-security interceptor declaration in the 
cxf-servlet.xml the only way?

Jun 16, 2009 1:43:28 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor 
handleMessage
WARNING: Request does not contain required Security header
Jun 16, 2009 1:43:28 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor 
handleMessage
WARNING:
org.apache.ws.security.WSSecurityException: An error was discovered processing 
the <wsse:Security> header
        at 
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:200)
        at 
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:77)
        at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
        at 
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:89)
        at 
org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:99)
        at 
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:337)
        at 
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:182)
        at 
org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:163)
        at 
org.apache.cxf.transport.servlet.AbstractCXFServlet.doPost(AbstractCXFServlet.java:141)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)

3)Does cxf support having custom tokens under the username token header ?.I do 
see the methods available on the client and server callback classes but I do 
not see the custom element getting added to the UT header.

        Document doc = docBuilder.newDocument();
        Element customToken=doc.createElement("customToken");
        dbId.setTextContent("1");
                pc.setCustomToken(customToken);



thanks and regards,
Bharath

Reply via email to