How is the client configured? From the stacktrace, the policy states that it needs to output a UsernameToken into the security header. However, it's not finding configuration that can provide a username. That suggests that a username isn't being passed in (either via config or via the RequestContext).
Dan On Tue June 30 2009 6:56:19 pm Blair Jennings wrote: > Hello everyone, > > > > I have a CXF client which was working fine against a WCF 3.0 webservice > which uses both SSL and message encryption. The IIS server was slightly > reconfigured in the way it was doing SSL, and now my client is throwing > these errors: > > > > INFO: The cipher suite filters have not been configured, falling back to > default filters. > > Jun 30, 2009 3:19:41 PM org.apache.cxf.transport.https.SSLUtils > getCiphersFromList > > INFO: The cipher suites have been set to SSL_RSA_WITH_RC4_128_MD5, > SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, > SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, > SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, > SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, > SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, > SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_RC4_128_SHA, > TLS_KRB5_WITH_RC4_128_MD5, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, > TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, > TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_RC4_40_SHA, > TLS_KRB5_EXPORT_WITH_RC4_40_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, > TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5. > > Jun 30, 2009 3:19:41 PM org.apache.cxf.phase.PhaseInterceptorChain > doIntercept > > INFO: Interceptor has thrown exception, unwinding now > > org.apache.cxf.interceptor.Fault: No username available > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > handleBinding(TransportBindingHandler.java:211) > > at > org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBa > sedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutIntercep > tor.java:127) > > at > org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBa > sedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutIntercep > tor.java:73) > > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC > hain.java:236) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:471) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:301) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:253) > > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClien > t.java:404) > > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClien > t.java:311) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.issueToken(SecureConversationOutInterceptor.java:156) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.handleMessage(SecureConversationOutInterceptor.java:68) > > at > org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInte > rceptor.handleMessage(SecureConversationOutInterceptor.java:43) > > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC > hain.java:236) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:471) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:301) > > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:253) > > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:121) > > at $Proxy41.ping(Unknown Source) > > at com.alifemedical.JavaTest.main(JavaTest.java:21) > > Caused by: org.apache.cxf.ws.policy.PolicyException: No username > available > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.p > olicyNotAsserted(AbstractBindingBuilder.java:277) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.a > ddUsernameToken(AbstractBindingBuilder.java:600) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > addUsernameTokens(TransportBindingHandler.java:80) > > at > org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler. > handleBinding(TransportBindingHandler.java:127) > > ... 19 more > > > > I am at a loss why is it looking for a username now when it seemed to be > able to find it before? I have looked through the mailing list and other > places for any possible help but nothing seems to address this issue. > FYI I have a .NET client which still connects perfectly fine to the > service. > > > > Any suggestions are appreciated. > > Thanks, > > > > Blair Jennings > > Sr. Software Engineer > > A-Life Medical -- Daniel Kulp [email protected] http://www.dankulp.com/blog
