Well, you would need to configure something in to handle WS-Security. There are really two options: 1) Configure in the older WSS4JInInterceptor to handle it 2) Define a WS-SecurityPolicy in the wsdl that defines what is expected.
Some docs at: http://cxf.apache.org/docs/ws-security.html Dan On Thu February 18 2010 3:02:36 pm PrSd wrote: > Sending the following SOAP Header : > > <soap:Header><wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur > ity-secext-1.0.xsd" mustUnderstand="1">.... > > and getting back a > > org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: > [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext > -1.0.xsd}Security] are not understood. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:141) > > I am using CXF 2.2.6. I am new to CXF so if you can reply in detail I would > really be grateful to you. > > thanks > > Christopher Riley wrote: > > The 2.3 migration notes describe the change from earlier releases and the > > requirement to use the property endpoint-processes-headers set to the > > QName of the header. I cannot find any details in the documentation as to > > where and how this property should be set. > > > > Christopher Riley | Manager > > HKM Consulting LLC > > (o)508.923.8685 | (m)508.273.3102 > > [email protected] > > hkmconsultingllc.com -- Daniel Kulp [email protected] http://www.dankulp.com/blog
