Correct. It should be straightforward to fix though when CXF-4977 gets fixed.
Colm. On Tue, Apr 23, 2013 at 4:24 PM, Gagnon, David <[email protected]> wrote: > Thanks for you anwser ! > > So I understand from your mail that more likely even the latest CXF > version won't work ? > > Thanks for your confirmation > > Regards > David > > -----Message d'origine----- > De : Colm O hEigeartaigh [mailto:[email protected]] > Envoyé : 23 avril 2013 10:27 > À : [email protected] > Objet : Re: No signature token Error with CXF 2.4.3 trying to access > Microsoft Dynamics GP 2010 (using WS-Security ) > > CXF 2.4.3 doesn't support the SpnegoContextToken policy, you'll need to > upgrade to a newer version of CXF. See here: > > https://issues.apache.org/jira/browse/CXF-3635 > > That said, that policy is quite complicated...it will probably require > more work in CXF to support both SecureConveration + Spnego at the same > time. > > Colm. > > > On Tue, Apr 23, 2013 at 3:20 PM, Gagnon, David <[email protected]> > wrote: > > > Hi all, > > > > I failed so far to configure CXF 2.4.3 to talk with MS Dynamics GP > 2010. > > Partly because I'm pretty new to CXF and WS-Security :-/. After > > searching the web and tested for several hours .... I haven`t found > > how to configure CXF properly. > > > > So here is what I know: > > > > * The class SymmetricBindingHandler is throwing a No signature > > token error. > > > > * There is 2 SymmetricBinding elements in the policies (which I > > included below). > > > > I searched how to configure the SecurityToken in cxf.xml to avoid that > > error but I'm not even sure what the source of the problem. > > > > I'm kind of lost in the complexity and any information that can help > > me put some light and understand will be greatly appreciated > > > > Best Regards > > David > > > > > > > > > > > > <wsp:Policy wsu:Id="GPWebService_policy"> > > <wsp:ExactlyOne> > > <wsp:All> > > <sp:SymmetricBinding xmlns:sp=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <wsp:Policy> > > <sp:ProtectionToken> > > <wsp:Policy> > > <sp:SecureConversationToken sp:IncludeToken=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Alwa > > ysToRecipient > > "> > > <wsp:Policy> > > <sp:RequireDerivedKeys /> > > <sp:BootstrapPolicy> > > <wsp:Policy> > > <sp:SignedParts> > > <sp:Body /> > > <sp:Header Name="To" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="From" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="FaultTo" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="ReplyTo" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="MessageID" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="RelatesTo" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > <sp:Header Name="Action" Namespace=" > > http://www.w3.org/2005/08/addressing"; /> > > </sp:SignedParts> > > <sp:EncryptedParts> > > <sp:Body /> > > </sp:EncryptedParts> > > <sp:SymmetricBinding> > > <wsp:Policy> > > <sp:ProtectionToken> > > <wsp:Policy> > > <sp:SpnegoContextToken sp:IncludeToken=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Alwa > > ysToRecipient > > "> > > <wsp:Policy> > > <sp:RequireDerivedKeys /> > > </wsp:Policy> > > </sp:SpnegoContextToken> > > </wsp:Policy> > > </sp:ProtectionToken> > > <sp:AlgorithmSuite> > > <wsp:Policy> > > <sp:Basic256 /> > > </wsp:Policy> > > </sp:AlgorithmSuite> > > <sp:Layout> > > <wsp:Policy> > > <sp:Strict /> > > </wsp:Policy> > > </sp:Layout> > > <sp:IncludeTimestamp /> > > <sp:EncryptSignature /> > > <sp:OnlySignEntireHeadersAndBody /> > > </wsp:Policy> > > </sp:SymmetricBinding> > > <sp:Wss11> > > <wsp:Policy> > > <sp:MustSupportRefKeyIdentifier /> > > <sp:MustSupportRefIssuerSerial /> > > <sp:MustSupportRefThumbprint /> > > <sp:MustSupportRefEncryptedKey /> > > </wsp:Policy> > > </sp:Wss11> > > <sp:Trust10> > > <wsp:Policy> > > <sp:MustSupportIssuedTokens /> > > <sp:RequireClientEntropy /> > > <sp:RequireServerEntropy /> > > </wsp:Policy> > > </sp:Trust10> > > </wsp:Policy> > > </sp:BootstrapPolicy> > > </wsp:Policy> > > </sp:SecureConversationToken> > > </wsp:Policy> > > </sp:ProtectionToken> > > <sp:AlgorithmSuite> > > <wsp:Policy> > > <sp:Basic256 /> > > </wsp:Policy> > > </sp:AlgorithmSuite> > > <sp:Layout> > > <wsp:Policy> > > <sp:Strict /> > > </wsp:Policy> > > </sp:Layout> > > <sp:IncludeTimestamp /> > > <sp:EncryptSignature /> > > <sp:OnlySignEntireHeadersAndBody /> > > </wsp:Policy> > > </sp:SymmetricBinding> > > <sp:Wss11 xmlns:sp=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <wsp:Policy> > > <sp:MustSupportRefKeyIdentifier /> > > <sp:MustSupportRefIssuerSerial /> > > <sp:MustSupportRefThumbprint /> > > <sp:MustSupportRefEncryptedKey /> > > </wsp:Policy> > > </sp:Wss11> > > <sp:Trust10 xmlns:sp=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <wsp:Policy> > > <sp:MustSupportIssuedTokens /> > > <sp:RequireClientEntropy /> > > <sp:RequireServerEntropy /> > > </wsp:Policy> > > </sp:Trust10> > > <wsaw:UsingAddressing /> > > </wsp:All> > > </wsp:ExactlyOne> > > </wsp:Policy> > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
