Hi, As far as I can see password type is missing in your request (Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";) The correct variant will look like:
<wsse:Security xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; SOAP-ENV:mustUnderstand="1"> <wsse:UsernameToken> <wsse:Password xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>TestPassword</wsse:Password> <wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; >TestUser</wsse:Username> </wsse:UsernameToken> </wsse:Security> I would anyway recommend you to use WSS4JOutInterceptor or WS-Policy on the client side to create Security Token instead doing it manually in SOAPMessage. Regards, Andrei. > -----Original Message----- > From: Nidhi Sharma [mailto:[email protected]] > Sent: Montag, 29. April 2013 19:54 > To: [email protected] > Subject: Re: Problem with UsernameToken > > Hi Daniel, > > Sorry for late reply.... > > POST /eskm/services/eventNotification HTTP/1.1 > Content-Type: text/xml; charset=UTF-8 > Accept: */* > SOAPAction: "" > User-Agent: Apache CXF 2.6.5 > Cache-Control: no-cache > Pragma: no-cache > Host: localhost:8081 > Connection: keep-alive > Content-Length: 1544 > > I looged this request while creating service throught java client. > > <soap:Envelope > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Header> > <wsse:Security > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > wssecurity-secext-1.0.xsd" > SOAP-ENV:mustUnderstand="1"><wsse:UsernameToken><wsse:Password > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > wssecurity-secext- > 1.0.xsd">TestPassword</wsse:Password><wsse:Username > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > wssecurity-secext- > 1.0.xsd">TestUser</wsse:Username></wsse:UsernameToken></wsse:Secu > rity></soap:Header><soap:Body><ns1:sendNotification > xmlns:ns1="http://webservice.oasys.ets.org";><EventNotificationInfo_1 > xmlns:ns2="http://webservice.oasys.ets.org/types";><sourceName>IBIS</s > ourceName><sourceType>ITEM > BANK</sourceType><eventType>ADMIN_FINALIZED</eventType><xmlDat > a><questestinterop><qticomment>Event > Notification XML</qticomment> <context> <generic_identifier> > <type_label>TestProgramCode</type_label> > <identifier_string>GRI</identifier_string> </generic_identifier> > <generic_identifier> <type_label>TestSubjectCode</type_label> > <identifier_string>GEN</identifier_string> > </generic_identifier><generic_identifier> > <type_label>TestAdminCode</type_label> > <identifier_string>20100917A</identifier_string> > </generic_identifier></context></questestinterop></xmlData></Ev > entNotificationInfo_1></ns1:sendNotification></soap:Body></soap:Envelop > e> > > This is the request created by java client while calling the webservice. > > And below is the response M getting from server.. > HTTP/1.1 500 Internal Server Error > Server: Apache-Coyote/1.1 > X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1 > Content-Type: text/xml;charset=UTF-8 > Content-Length: 361 > Date: Mon, 29 Apr 2013 17:44:30 GMT > Connection: close > > <soap:Envelope > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><s > oap:Fault><faultcode > xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring>An > error was discovered processing the <wsse:Security> > header</faultstring></soap:Fault></soap:Body></soap:Envelope> > > > Will appreciate your help...on server side in its not able to find > UsernameToken. > > Nidhi > > > > > > > -- > View this message in context: http://cxf.547215.n5.nabble.com/Problem- > with-UsernameToken-tp5726788p5726913.html > Sent from the cxf-user mailing list archive at Nabble.com.
