Thanks! That seemed to work. Sent from my iPhone
On Jan 11, 2013, at 9:51 AM, Colm O hEigeartaigh <[email protected]> wrote: > Try using the action configuration: > > <entry key="action" value="UsernameTokenNoPassword Timestamp"/> > > Colm. > > On Fri, Jan 11, 2013 at 12:35 PM, Mike Thomsen <[email protected]>wrote: > >> I turned on debugging at the log4j root logger and saw this: >> >> 07:06:22,754 DEBUG UsernameTokenProcessor:49 - Found UsernameToken list >> element >> 07:06:22,754 DEBUG UsernameTokenValidator:78 - UsernameToken user Mike >> 07:06:22,754 DEBUG UsernameTokenValidator:79 - UsernameToken password type >> null >> 07:06:22,754 DEBUG TimestampProcessor:46 - Found Timestamp list element >> 07:06:22,754 DEBUG Timestamp:151 - Current time: 2013-01-11T12:06:22.754Z >> 07:06:22,754 DEBUG Timestamp:156 - Timestamp created: >> 2013-01-11T12:06:22.738Z >> 07:06:22,754 DEBUG Timestamp:162 - Timestamp expires: >> 2013-01-11T12:11:22.738Z >> 07:06:22,785 DEBUG Timestamp:342 - Validation of Timestamp: Everything is >> ok >> Jan 11, 2013 7:06:22 AM >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor checkActions >> WARNING: Security processing failed (actions mismatch) >> Jan 11, 2013 7:06:22 AM >> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage >> WARNING: >> org.apache.ws.security.WSSecurityException: An error was discovered >> processing the <wsse:Security> header >> >> I then tried these changes: >> >> 1. Changed the client to send a dummy password in plain text. >> 2. Put the dummy password into the CXF service's interceptor configuration. >> 3. Added a CallbackHandler to the service's WSS4JInInterceptor that set >> the dummy password on the WSPasswordCallback. >> >> That passed through the security checks just fine. Do you have any >> suggestions on how to make UsernameToken validation pass without any >> password tag? >> >> Thanks, >> >> Mike >> >> >> On Fri, Jan 11, 2013 at 5:34 AM, Colm O hEigeartaigh >> <[email protected]>wrote: >> >>> Hi Mike, >>> >>> Turn logging to "DEBUG" and see what the reason for the >>> "WSSecurityException" was. >>> >>> Colm. >>> >>> On Thu, Jan 10, 2013 at 9:14 PM, Mike Thomsen <[email protected] >>>> wrote: >>> >>>> I'm still fairly new to CXF and Java web services, so please bear with >>> me. >>>> The service I am calling expects a WS-Security header like this: >>>> >>>> <SOAP-ENV:Header> >>>> <wsse:Security xmlns:wsse=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >>>> " >>>> soapenv:mustUnderstand="1"> >>>> <wsu:Timestamp xmlns:wsu=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>> " >>>> wsu:Id="Timestamp-29345020"> >>>> <wsu:Created>2008-11-24T19:17:43.880Z</wsu:Created> >>>> <wsu:Expires>2008-11-24T19:22:43.880Z</wsu:Expires> >>>> </wsu:Timestamp> >>>> <wsse:UsernameToken xmlns:wsu=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>> " >>>> wsu:Id="UsernameToken-18724539"> >>>> <wsse:Username>Mike</wsse:Username> >>>> </wsse:UsernameToken> >>>> </wsse:Security> >>>> </SOAP-ENV:Header> >>>> >>>> (No password) >>>> >>>> This is how I have it configured in my beans.xml file: >>>> >>>> <jaxws:endpoint id="managementService" >>>> implementor="com.mycompany.ManagementService" >>> address="/ManagementService"> >>>> <jaxws:inInterceptors> >>>> <bean >>>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> >>>> <constructor-arg> >>>> <map> >>>> <entry key="action" value="UsernameToken >>>> Timestamp"/> >>>> <entry key="passwordType" value="PasswordNone"/> >>>> </map> >>>> </constructor-arg> >>>> </bean> >>>> </jaxws:inInterceptors> >>>> </jaxws:endpoint> >>>> >>>> When I run the client I get this exception: >>>> >>>> org.apache.ws.security.WSSecurityException: An error was discovered >>>> processing the <wsse:Security> header >>>> >>>> I know the client (Spring-WS, not CXF) is sending WS-Security headers >>> based >>>> on the debugging output from it. >>>> >>>> Any help would be appreciated. >>>> >>>> Thanks, >>>> >>>> Mike >>> >>> >>> >>> -- >>> Colm O hEigeartaigh >>> >>> Talend Community Coder >>> http://coders.talend.com > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com
