Re: java client to connect .NET secured web services with x509 certificate

[Daniel Kulp]

What does the message that is sent to the server look like?   Is there 
anything in the server logs on the server side that would indicate why the 
security couldn't be validated?

You might also need to add:

<import resource="classpath*:META-INF/cxf/cxf-extension-addr.xml" />

Not really sure though.

Dan


On Thursday 22 April 2010 8:59:18 am Bandi wrote:
> Hi All,
> 
> I need to write java client which connects to .NET secured web services
> with x509 certificate. I had attached the wsdl file of the service. And
> also i written small program which will call the web method but it is
> throwing exception like WARNING: Request does not contain required
> Security header, but it's a fault.
> javax.xml.ws.soap.SOAPFaultException: An error occurred when verifying
> security for the message.
> 
> And the header information what i got is Content-Type:
> application/soap+xml; charset=utf-8
> Headers: {content-type=[application/soap+xml; charset=utf-8],
> X-AspNet-Version=[2.0.50727], connection=[close], Date=[Thu, 22 Apr 2010
> 11:48:33 GMT], Content-Length=[648], X-Powered-By=[ASP.NET],
> Server=[Microsoft-IIS/6.0], Cache-Control=[private]}
> Payload: <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope";
> xmlns:a="http://www.w3.org/2005/08/addressing";><s:Header><a:Action
> s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Act
> ion><a:RelatesTo>urn:uuid:6af587f4-90a2-48b6-a235-29026e397a0f</a:RelatesTo
> ></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value><s:Subcode>
> <s:Value
> xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
> y-secext-1.0.xsd">a:InvalidSecurity</s:Value></s:Subcode></s:Code><s:Reason
> ><s:Text xml:lang="en-US">An error occurred when verifying security for the
> message.</s:Text></s:Reason></s:Fault></s:Body></s:Envelope>
> 
> Java code what i had written is:
> Bus bus = new SpringBusFactory().createBus("cxf/client.xml");
> 
> Configuration service = new Configuration();
>         IConfiguration port = service.getWSHttpBindingIConfiguration();
>       port.getResources("r*");
> 
> And the client.xml file is:
> 
> <beans xmlns="http://www.springframework.org/schema/beans";
>        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>        xmlns:http="http://cxf.apache.org/transports/http/configuration";
>        xmlns:jaxws="http://cxf.apache.org/jaxws";
>        xmlns:cxf="http://cxf.apache.org/core";
>        xmlns:p="http://cxf.apache.org/policy";
>        xmlns:sec="http://cxf.apache.org/configuration/security";
>        xsi:schemaLocation="
>           http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
>           http://cxf.apache.org/jaxws
> http://cxf.apache.org/schemas/jaxws.xsd
>           http://cxf.apache.org/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>           http://cxf.apache.org/configuration/security
> http://cxf.apache.org/schemas/configuration/security.xsd
>           http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
>           http://cxf.apache.org/policy
> http://cxf.apache.org/schemas/policy.xsd";
> 
> <import resource="classpath*:META-INF/cxf/cxf-extension-ws-security.xml" />
>   <import resource="classpath*:META-INF/cxf/cxf-extension-policy.xml" />
>   <import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
>     <cxf:bus>
>         <cxf:features>
>             <p:policies enabled="true"/>
>             <cxf:logging/>
>         </cxf:features>
>     </cxf:bus>
> 
>      <jaxws:client name="{http://tempuri.org/}WSHttpBinding_IConfiguration";
> createdFromAPI="true">
>         <jaxws:properties>
>             <entry key="ws-security.username.sct" value="sad...@ca"/>
>                       <entry key="ws-security.password.sct" value="sadmin"/>
>             <entry key="ws-security.callback-handler.sct"
> value="cxf.ClientPasswordCallback"/>
>                       <entry key="ws-security.encryption.properties.sct"
> value="cxf/client_sign1.properties"/>
>                       <entry key="ws-security.encryption.username.sct" 
value="TempCA"/>
>                       <entry key="ws-security.signature.properties.sct"
> value="cxf/client_sign.properties"/>
>                       <entry key="ws-security.signature.username.sct" 
value="sadmin"/>
>         </jaxws:properties>
>     </jaxws:client>
> </beans>
> 
> And finally my client_sign.properties file is having:
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cr
> ypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=JKS
> org.apache.ws.security.crypto.merlin.keystore.password=notallowed
> org.apache.ws.security.crypto.merlin.keystore.alias=TempCA
> org.apache.ws.security.crypto.merlin.file=c:/TrustStore
> 
> Please respond ...we are waiting..
> 
> Thanks in advance
> http://old.nabble.com/file/p28328531/configuration.svc.xml
> configuration.svc.xml

-- 
Daniel Kulp
dk...@apache.org
http://dankulp.com/blog