Hi, Thanks for the quick reply. I just did some more tests concerning your Mtom remark below, but I noticed that it seem to run ok, that is: I don't seem to get the "SOAP 1.1 only endpoint" error anymore. I also looked on the nightly build server, and it seem to run ok for the last few days... But I can't even remember changing anything... strange... Currently I do get another exception, but I am pretty sure that has to do with the test environment of the server I am connecting to. The "Soap 1.1." error I got was on the client side already.
Anyway, I am a bit confused about your mtom remark below, as to me it seems to work (besides having the exception currently, it works during nightly build last night and before) and changing it has no effect on my unit tests.. I see in the debug that it goes out as with the correct mime type " <mimeType>application/octet-stream</mimeType>". Why does this not work together? The class DynamicWsaSignaturePartsInterceptor does basically what is described here: http://davidvaleri.wordpress.com/2010/09/15/signing-ws-addressing-headers-in-apache-cxf/ I use this as I am signing some headers that can be null, such that they must be excluded. Sorry, but don't understand what more you want to see of client code, I don't have think I have more that what I list below. The DeliveryService bean comes from the cxf-client.xml config and is injected by Spring and is an cxf axWasClientProxy instance. - Ed > -----Original Message----- > From: Freeman Fang [mailto:[email protected]] > Sent: donderdag 9 mei 2013 9:35 > To: [email protected] > Subject: Re: A SOAP 1.2 message is not valid when sent to a SOAP 1.1 > only endpoint > > Hi, > > What's the > DynamicWsaSignaturePartsInterceptor > like? > > Also, could you please append the client code where you send out > request? > > Btw, now MTOM + WS-Security does not work together in CXF, please > remove <entry key="mtom-enabled" value="true"/> from your > configuration to see if it helps > ------------- > Freeman(Yue) Fang > > Red Hat, Inc. > FuseSource is now part of Red Hat > Web: http://fusesource.com | http://www.redhat.com/ > Twitter: freemanfang > Blog: http://freemanfang.blogspot.com > http://blog.sina.com.cn/u/1473905042 > weibo: @Freeman?? > > On 2013-5-9, at ??3:15, Ed Bras wrote: > > > Hi, > > I hoped the info below would be enough. Here the cxf client config > and code of usage. > > Spring config: I have 3 cxf spring config files, listed below: > > A) cxf-general.xml that includes the B) cxf-client.xml and C) > > cxf-tls.xml > > > > I hope you can see the cause of this error (see subject mail). If > more config/code is needed, please let me know. > > > > > > Code usage: > > ------------------ > > private final DeliveryService digiDelivery; // injected by > Spring, contained in client spring config below. > > private Response deliver(final Request request) { > > return this.digiDelivery.deliver(request); > > } > > > > // The class DeliveryService is generated: > > > > @WebService(targetNamespace = "http://Bla/1.2/";, name = > > "DeliveryService") @XmlSeeAlso({ObjectFactory.class }) > > @SOAPBinding(parameterStyle = SOAPBinding.ParameterStyle.BARE) public > > interface DeliveryService { > > > > @WebResult(name = "response", targetNamespace = > "http://Bla/1.2/";, partName = "response") > > @Action(output = > "http://Bka/1.2/DeliveryService/deliveryResponse";, fault = { > @FaultAction(className = DeliveryServiceFault.class, value = > "http://Bla/1.2/DeliveryService/delivery/Fault/";) }) > > @WebMethod(action = "http://Bla/1.2/DeliveryService/Request";) > > public Response aanleveren(@WebParam(partName = "request", name = > > "request", targetNamespace = "http://Bla/services/1.2/";) Request > > request) throws AanleverServiceFault; } > > ------------------ > > > > > > > > A) CXF-general.xml: > > ------------------ > > <import resource="cxf-tls.xml" /> > > <import resource="cxf-client.xml" /> > > > > <!-- General CXF config: > > 1) http://cxf.apache.org/docs/configuration.html > > --> > > <cxf:bus> > > <cxf:features> > > <cxf:logging/> > > > > <policy:policies/> > > > > <!-- WS-addressing required, see 2) --> > > <wsa:addressing/> <!-- see: > http://en.wikipedia.org/wiki/WS-Addressing --> > > </cxf:features> > > </cxf:bus> > > ------------------ > > > > > > > > B) CXF-tls.xml: > > ---------------------- > > <http:conduit > name="{http://bla/1.2/}AanleverService_V1_2Port.http-conduit";> > > <http:tlsClientParameters> > > > > <!-- "keyPassword" is the password to access/retrieve > the private key in the key store it self --> > > <sec:keyManagers > keyPassword="${tls.keystore.private.key.pwd}" > > > <!-- The keystore that contains our private key to > encrypt send data (1 key only) --> > > <sec:keyStore > resource="${tls.keystore.private}" > password="${tls.keystore.private.pwd}" /> > > </sec:keyManagers> > > > > <sec:trustManagers> > > <!-- This list of certificates that is used to decide > whether or not to trust certificates --> > > <sec:keyStore > resource="${tls.keystore.trusted}" > password="${tls.keystore.trusted.pwd}"/> > > </sec:trustManagers> > > > > <sec:cipherSuitesFilter> > > <sec:include>.*_EXPORT_.*</sec:include> > > <sec:include>.*_EXPORT1024_.*</sec:include> > > <sec:include>.*_WITH_DES_.*</sec:include> > > <sec:include>.*_WITH_AES_.*</sec:include> > > <sec:include>.*_WITH_NULL_.*</sec:include> > > <sec:exclude>.*_DH_anon_.*</sec:exclude> > > </sec:cipherSuitesFilter> > > </http:tlsClientParameters> > > </http:conduit> > > ---------------------- > > > > > > > > C) CXF client spring config (don't own the server side): > > ---------------------- > > <jaxws:client id="digiDelivery" serviceClass="DeliverService" > address="${ deliver.url}"> > > <jaxws:inInterceptors> > > <ref bean="SigningInterceptorIn"/> > > <ref bean="wsaSignaturePartsInterceptor"/> > > </jaxws:inInterceptors> > > > > <jaxws:outInterceptors> > > <ref bean="SigningInterceptorOut"/> > > <ref bean="wsaSignaturePartsInterceptor"/> > > </jaxws:outInterceptors> > > > > <jaxws:properties> > > <entry key="mtom-enabled" value="true"/> > > <entry key="signatureParts" > value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401- > wss-wssecurity-utility-1.0.xsd}Timestamp; > > > {Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> > > </jaxws:properties> > > > > <!--Tried this, but had no effect: jaxws:binding> > > <soap:soapBinding version="1.1"/> > > </jaxws:binding--> > > </jaxws:client> > > > > <!-- It will dynamically set the WSA signing parts if required, > depending if they contain any value. > > See the class for details --> > > <bean id="wsaSignaturePartsInterceptor" > class="DynamicWsaSignaturePartsInterceptor"/> > > <!-- Required to Sign an outgoing message. --> > > <bean id="SigningInterceptorOut" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > > <constructor-arg> > > <map> > > <entry key="action" value="Timestamp Signature"/> > > <entry key="timeToLive" value="300" /> > > <entry key="user" > > value="${deliver.keystore.private.sign.key.alias}"/> > > > > <!-- Used to retrieve the passwords of an alias. --> > > <entry key="passwordCallbackRef" > > value-ref="pwCallback"/> > > > > <!-- Required to send the signature certificate a > long with the message --> > > <entry key="signatureKeyIdentifier" > > value="DirectReference" /> > > > > <!-- A reference to the Crypto security > properties --> > > <entry key="signaturePropRefId" > value="cryptoProperties"/> > > <entry key="cryptoProperties" value- > ref="cryptoProperties"/> > > </map> > > </constructor-arg> > > </bean> > > > > <!-- Required to validate an incoming signed message. --> > > <bean id="SigningInterceptorIn" > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > > <constructor-arg> > > <map> > > <entry key="action" value="Timestamp Signature"/> > > <entry key="signaturePropRefId" > value="cryptoProperties"/> > > <entry key="cryptoProperties" value- > ref="cryptoProperties"/> > > </map> > > </constructor-arg> > > </bean> > > > > <!-- A callback that returns the keystore password of an alias. - > -> > > <bean id="pwCallback" class="ClientKeystorePasswordCallback"> > > <property name="passwords"> > > <util:map key-type="java.lang.String" value- > type="java.lang.String"> > > <entry key="${deliver.keystore.private.sign.key.alias}" > value="${deliver.keystore.private.sign.key.pwd}"/> > > </util:map> > > </property> > > </bean> > > > > <!-- Ref: > > 1) http://ws.apache.org/wss4j/config.html > > 2) https://sites.google.com/site/ddmwsst/ws-security-impl > --> > > <util:properties id="cryptoProperties"> > > <!-- The private keystore info to sign the message --> > > <prop > key="org.apache.ws.security.crypto.merlin.keystore.file">${deliver.keys > tore.private}</prop> > > <prop > key="org.apache.ws.security.crypto.merlin.keystore.password">${deliver. > keystore.private.pwd}</prop> > > <!-- The trusted keystore info for unsigning received messages -- > > > > <prop > key="org.apache.ws.security.crypto.merlin.truststore.file">${deliver.ke > ystore.trusted}</prop> > > <prop > key="org.apache.ws.security.crypto.merlin.truststore.password">${delive > r.keystore.trusted.pwd}</prop> > > </util:properties> > > > > ---------------------- > > > > > >> -----Original Message----- > >> From: Freeman Fang [mailto:[email protected]] > >> Sent: woensdag 8 mei 2013 5:00 > >> To: [email protected] > >> Subject: Re: A SOAP 1.2 message is not valid when sent to a SOAP 1.1 > >> only endpoint > >> > >> Hi, > >> > >> You need append your client side configuration and code so that we > >> can take a look > >> ------------- > >> Freeman(Yue) Fang > >> > >> Red Hat, Inc. > >> FuseSource is now part of Red Hat > >> Web: http://fusesource.com | http://www.redhat.com/ > >> Twitter: freemanfang > >> Blog: http://freemanfang.blogspot.com > >> http://blog.sina.com.cn/u/1473905042 > >> weibo: @Freeman?? > >> > >> On 2013-5-8, at ??2:20, Ed Bras wrote: > >> > >>> Hi All, > >>> I don't know what I changed anymore :(... But I have ended up with > >>> this exception which I don't seem to solve: > >>> --- > >>> Caused by: javax.xml.ws.soap.SOAPFaultException: A SOAP 1.2 message > >> is > >>> not valid when sent to a SOAP 1.1 only endpoint. > >>> --- > >>> > >>> I am using CXF 2.7.4 and have the classes generated from the wsdl. > I > >>> am using the MTOM and WSS4JOutInterceptor for signing outgoing > >> messages. > >>> > >>> The wsdl contains things like: > >>> ---- > >>> <wsdl:definitions ... xmlns:soap11="http ... > <soap11:binding > >>> <soap11:operation soap11:address > >>> ---- > >>> > >>> So that all sound like soap 1.1, but somehow soap 1.2 is being used > >> in > >>> the client for the created message. I have added this in my jaxws > >>> client config, but it had no effect. > >>> ---- > >>> <jaxws:binding> > >>> <soap:soapBinding version="1.1"/> </jaxws:binding> > >>> ---- > >>> > >>> Why does CXF try to use soap 1.2 at all? > >>> > >>> Please some advice on how to solve this? > >>> - Ed > >>> > > > >
