Instead of the tag name "isBSPCompliant" you should use "ws-security.is-bsp-compliant". The former is a WSS4J tag name, and the latter is the CXF equivalent.
Colm. On Mon, May 2, 2011 at 6:40 PM, Darrin Thompson <[email protected]> wrote: > On Mon, May 2, 2011 at 12:30 PM, Darrin Thompson <[email protected]> wrote: >> On Mon, May 2, 2011 at 11:02 AM, Darrin Thompson <[email protected]> wrote: >>> While trying to make a CXF 2.4.0 service inter-operate with a WCF/.NET >>> 3.5 client, I got this error: >>> >>> WARNING: Interceptor for {http://wstest4.visionsolutions.com/}MySvc >>> has thrown exception, unwinding now >>> org.apache.cxf.binding.soap.SoapFault: An invalid security token was >>> provided (Bad TokenType "") >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:645) >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:307) >>> at >>> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:84) >> >> So browsing around a bit, I think my question is how do I disable BSP >> compliance checking in a web service that is configured by policy? >> > > So I found the answer to my own question. These settings fixed the problem: > > <jaxws:endpoint id="com.visionsolutions.uvra.XLMath" > bindingUri="http://schemas.xmlsoap.org/wsdl/soap12/"; > ...whatever...> > <jaxws:properties> > ... > <entry key="isBSPCompliant" value="false" /> > <entry key="allowNamespaceQualifiedPasswordTypes" > value="true" /> > </jaxws:properties> > </jaxws:endpoint> > > -- > Darrin >
