My "gut feeling" is that it maybe caused by: SOAPFactory soapFactory = SOAPFactory.newInstance(); SOAPElement userNameTokenElm = soapFactory.createElement(…..) ….. securitynHeader.addChildElement(userNameTokenElm);
The userNameTokenElm is not in the correct "document" at that point and thus may not be added. Instead of using the SOAPFactory, you likely should use: SOAPElement userNameTokenElm = securitynHeader.addChildElement(new QName(AUTH_NS, "UsernameToken", AUTH_PREFIX)); and such to create the elements directly as children of the appropriate elements. Dan On Apr 25, 2013, at 3:23 PM, Nidhi Sharma <[email protected]> wrote: > Hi, > > I am trying to apply UsernameToken Security to my cxf webservice using > WSS4jInIterceptor.Here is my endpoint declaration: > <jaxws:endpoint id="ibis-webservice" > mplementor="org.ets.skm.oasys.webservice.event.EventNotificationBean" > > address="/eventNotification"> > <jaxws:inInterceptors> > <bean id="saajIn" > class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/> > <bean id="wss4jIn" > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > <constructor-arg> > <map> > <entry key="action" > value="UsernameToken"/> > <entry > key="passwordType" value="PasswordText"/> > <entry > key="passwordCallbackRef"> > <ref > bean="myPasswordCallback" /> > </entry> > </map> > </constructor-arg> > </bean> > <bean id="saajOut" > class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/> > </jaxws:inInterceptors> > <jaxws:properties> > <entry key="ws-security.enable.nonce.cache" > value="false" /> > <entry > key="ws-security.enable.timestamp.cache" value="false" /> > <entry key="ws-security.is-bsp-compliant" > value="false"/> > </jaxws:properties> > </jaxws:endpoint> > > I am invoking this webservice fron java client: > EventNotificationService ss = new EventNotificationService(wsdlURL, > SERVICE_NAME); > HeaderHandlerResolver handlerResolver = new > HeaderHandlerResolver(); > > ss.setHandlerResolver(handlerResolver);ss.setHandlerResolver(handlerResolver); > EventNotificationEndPoint port = > ss.getEventNotificationEndPointPort(); > > final Client proxy = ClientProxy.getClient(port); > final HTTPConduit conduit = (HTTPConduit) > proxy.getConduit(); > HTTPClientPolicy httpClientPolicy = new > HTTPClientPolicy(); > httpClientPolicy.setConnectionTimeout(1800000); > httpClientPolicy.setReceiveTimeout(1800000); > TLSClientParameters param = new > TLSClientParameters(); > param.setDisableCNCheck(true); > conduit.setTlsClientParameters(param); > conduit.setClient(httpClientPolicy); > org.ets.skm.oasys.webservice.event.Status _sendNotification__return > = port.sendNotification(info); > > Using handlerResolver to create my SOAP message: > private static final String AUTH_NS = > "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";; > > private static final String AUTH_PREFIX="wsse"; > > SOAPEnvelope envelope = smc.getMessage().getSOAPPart().getEnvelope(); > SOAPHeader header = envelope.getHeader(); > QName security = new QName(AUTH_NS, "Security", AUTH_PREFIX); > SOAPHeaderElement securitynHeader = > header.addHeaderElement(security); > securitynHeader.setMustUnderstand(true); > SOAPFactory soapFactory = > SOAPFactory.newInstance(); > SOAPElement userNameTokenElm = soapFactory.createElement("UsernameToken", > AUTH_PREFIX, > AUTH_NS); > SOAPElement userNameElm = > soapFactory.createElement("Username", > AUTH_PREFIX, > AUTH_NS); > userNameElm.addTextNode("TestUser"); > SOAPElement passwdElm = > soapFactory.createElement("Password", > AUTH_PREFIX, > AUTH_NS); > passwdElm.addTextNode("TestPassword"); > userNameTokenElm.addChildElement(passwdElm); > > userNameTokenElm.addChildElement(userNameElm); > > securitynHeader.addChildElement(userNameTokenElm); > > > BUT my call come to WSS4jInInterceptor at server side and internally when it > is calling WSSecurityEngine.processSecurityHeader() it didn't find any > UsernameToken and related nodes so while calling Node node = > securityHeader.getFirstChild(); in this method it is returning null. > > As I am adding UsernameToken in my request why at server side it cannot find > it and its throwing ActionMismatch WebService Exception. > > Any help is appreciated, I am not able to understand the problem. > > Nidhi > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/UsernameToken-Credentials-not-coming-to-Server-side-Wss4jInInterceptor-tp5726797.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
