2011/11/24 pep25abril <[email protected]>: > Hi Dan, > > Finally I have seen that my problem wasn't related with node names, but > with policies. My Soap request, needs a policy that I see it's not > implemented in CXF, concretely, policy ' > http://www.bea.com/wls90/security/policy'. I use the Weblogic policy as > explained in: > > http://docs.oracle.com/cd/E11035_01/wls100/webserv_ref/sec_assert.html > > <wsp:Policy WL5G3N1:Id="SignBody"><wsp:ExactlyOne><wsp:All><wssp:Integrity > SignToken="false"><wssp:SignatureAlgorithm URI=" > http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><wssp:CanonicalizationAlgorithm > URI="http://www.w3.org/2001/10/xml-exc-c14n#"/><wssp:Target><wssp:DigestAlgorithm > URI="http://www.w3.org/2000/09/xmldsig#sha1"/><wssp:MessageParts Dialect=" > http://schemas.xmlsoap.org/2002/12/wsse#part";>wsp:Body()</wssp:MessageParts></wssp:Target><wssp:SupportedTokens><wssp:SecurityToken > IncludeInMessage="true" TokenType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 > "><wssp:TokenIssuer> > ... > > In order to be able to handler that policy, should I define this policy in > CXF source code? In that case, is there some how-to, doc, etc. explaining > how to implement it? Or am I wrong and there is some other easy solution? >
Hi, One approach is that you implement your policy provider to process those BEA policy assertions. You can find some documentation in http://cxf.apache.org/docs/ws-policy.html. Alternatively, if you know what those assertions are and if you can appropriately configure the interceptors directly, you can use the IgnorablePolicyInterceptorProvider (See the example in Dan's previous reply) to assert them so that you can omit the validation phase. In this case, you need to set each of the BEA policy assertion's QNames in this bean's constructor argument (that bean example is ignoring OneWay and Duplex of namespace http://tempuri.org/policy). regards, aki > Thanks, > > Pep > > > 2011/11/22 Daniel Kulp [via CXF] <[email protected]> > >> >> >> If using CXF 2.5.0, you can handle this a LOT easier if you just want to >> ignore those policies. You can add a bean in the configuration somewhat >> like: >> >> <bean >> class="org.apache.cxf.ws.policy.IgnorablePolicyInterceptorProvider"> >> <constructor-arg> >> <!-- the list of assertion types that can be ignored --> >> <list> >> <bean class="javax.xml.namespace.QName"> >> <constructor-arg value="http://tempuri.org/policy"/> >> <constructor-arg value="Duplex"/> >> </bean> >> <bean class="javax.xml.namespace.QName"> >> <constructor-arg value="http://tempuri.org/policy"/> >> <constructor-arg value="OneWay"/> >> </bean> >> </list> >> </constructor-arg> >> </bean> >> >> which will tell the runtime to automatically assert those assertions. >> >> >> Dan >> >> >> >> >> >> On Tuesday, November 22, 2011 9:35:14 AM pep25abril wrote: >> >> > Hi guys, >> > >> > I've generated with wsdl2java, a client to invoke a webservice placed in >> an >> > Oracle OSB. The WSDL definition, has ws-security properties, and it uses >> > standard assertions (<wsp:Policy>, <wsp:UsingPolicy>, ...) and others >> that >> > are generated automatically like <WL5G3N0:binding>. >> > >> > Once I execute my client in order to invoke the server, I always get the >> > error: >> > Caused by: org.apache.cxf.ws.policy.PolicyException: None of the policy >> > alternatives can be satisfied. >> > >> > I've been seeing forums and others, and finally I've included a >> > policyinterceptor in order to assert the policies, as it's said in >> > >> http://cxf.547215.n5.nabble.com/Adding-custom-ws-policy-assertions-td558439. >> >> > html . >> > >> > The problem is that when I get the message in handler method, when I >> execute >> > 'aim = message.get(AssertionInfoMap.class);', aim always gets null >> value... >> > so I can't assert any policy later. >> > >> > I think I have used almost all the alternatives I have seen in docs, >> apache >> > CXF website, other forums, etc. without succes. Would you have any idea >> or >> > suggestion about this? >> > >> > Thanks, >> > >> > Pep >> > >> > >> > >> > -- >> > View this message in context: >> > >> http://cxf.547215.n5.nabble.com/Getting-error-None-of-the-policy-alternativ >> > >> es-can-be-satisfied-and-no-possibilities-to-solve-it-tp5014166p5014166.html >> > Sent from the cxf-user mailing list archive at Nabble.com. >> -- >> Daniel Kulp >> [hidden email] <http://user/SendEmail.jtp?type=node&node=5014931&i=0> - >> http://dankulp.com/blog >> >> Talend Community Coder - http://coders.talend.com >> >> >> ------------------------------ >> If you reply to this email, your message will be added to the discussion >> below: >> >> http://cxf.547215.n5.nabble.com/Getting-error-None-of-the-policy-alternatives-can-be-satisfied-and-no-possibilities-to-solve-it-tp5014166p5014931.html >> To unsubscribe from Getting error 'None of the policy alternatives can be >> satisfied.' and no possibilities to solve it, click >> here<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=5014166&code=cGVwMjVhYnJpbEBnbWFpbC5jb218NTAxNDE2NnwxMzc1MjMzMjA1> >> . >> NAML<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.InstantMailNamespace&breadcrumbs=instant+emails%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> >> > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Getting-error-None-of-the-policy-alternatives-can-be-satisfied-and-no-possibilities-to-solve-it-tp5014166p5020741.html > Sent from the cxf-user mailing list archive at Nabble.com. >
