i am running a .Net WCF client to call a service on linux host with CXF framework.
the inbound message looks like: Payload: <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"; xmlns:a="http://www.w3.org/2005/08/addressing"; xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <s:Header><a:Action s:mustUnderstand="1"/><a:MessageID>urn:uuid:7f809251-17cb-4319-9fd8-04889601e956</a:MessageID> <a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo> <a:To s:mustUnderstand="1">https://sas/ws/saw/services/SawSelfServices</a:To> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <u:Timestamp u:Id="_0"><u:Created>2010-02-02T22:10:48.955Z</u:Created><u:Expires>2010-02-02T22:15:48.955Z</u:Expires></u:Timestamp> <o:UsernameToken u:Id="uuid-17aef8db-845a-4b9c-bceb-f8cde31933b6-1 <o:Username>wstest</o:Username> <o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>*****</o:Password> </o:UsernameToken> </o:Security> </s:Header> <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema";>****</s:Body> </s:Envelope> I received a error message: [14:10:53.081] {http--81-5$573121065} org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad UsernameToken Values) [14:10:53.081] {http--81-5$573121065} at org.apache.ws.security.message.token.UsernameToken.<init>(UsernameToken.java:179) [14:10:53.081] {http--81-5$573121065} at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:91) [14:10:53.081] {http--81-5$573121065} at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:56) [14:10:53.081] {http--81-5$573121065} at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326) [14:10:53.081] {http--81-5$573121065} at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:199) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:78) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:109) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:98) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:406) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:178) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:142) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) [14:10:53.081] {http--81-5$573121065} at javax.servlet.http.HttpServlet.service(HttpServlet.java:153) [14:10:53.081] {http--81-5$573121065} at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:103) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.security.SecurityFilterChain.doFilter(SecurityFilterChain.java:134) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:187) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:265) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:273) [14:10:53.081] {http--81-5$573121065} at com.caucho.server.port.TcpConnection.run(TcpConnection.java:682) [14:10:53.081] {http--81-5$573121065} at com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:743) what was wrong?? i cannot see anything invalid. and a java client just runs fine. any help will be greatly appreciated! -- View this message in context: http://old.nabble.com/An-invalid-security-token-was-provided-%28Bad-UsernameToken-Values%29-tp27429163p27429163.html Sent from the cxf-user mailing list archive at Nabble.com.
