Re: STS via SOAP1.2?

Mon, 03 Feb 2014 09:17:06 -0800 

Great that works!

But now I get the another error:

WARNING - PhaseInterceptorChain.doDefaultLogging(364) | Interceptor for
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Validate
has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault:
MustUnderstand headers: [{http://www.w3.org/2005/08/addressing}Action,
{http://www.w3.org/2005/08/addressing}To] are not understood.
        at
org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor.checkUltimateReceiverHeaders(MustUnderstandInterceptor.java:150)

The request contains the To Header, which is not understood:

<a:To s:mustUnderstand="1">https://192.168.1.47:8443/sts/sts</a:To>

Is it really required to understand this header? 

This is the full RST sent from the .NEt side:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope";
        xmlns:a="http://www.w3.org/2005/08/addressing";

xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
        <s:Header>
                <a:Action
s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
                </a:Action>
                <a:MessageID>urn:uuid:8abe9005-5bd8-4019-b58a-670ab5921fef
                </a:MessageID>
                <a:ReplyTo>
                        
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
                </a:ReplyTo>
                <VsDebuggerCausalityData
                
xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink";>uIDPo4wA1Z37YxxLp4P0dODqk3IAAAAAtMmwqMeKzkaN5zYC5weCWSl4jmCBgstPgi7V7Ol58GYACQAA
                </VsDebuggerCausalityData>
                <a:To s:mustUnderstand="1">https://192.168.1.47:8443/sts</a:To>
                <o:Security s:mustUnderstand="1"
                
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
                        <u:Timestamp u:Id="_0">
                                <u:Created>2014-02-03T17:06:36.553Z</u:Created>
                                <u:Expires>2014-02-03T17:11:36.553Z</u:Expires>
                        </u:Timestamp>
                        <o:UsernameToken 
u:Id="uuid-91185bf8-3c7e-472f-adad-83b9ce53511e-1">
                                <o:Username>alice</o:Username>
                                <o:Password
                                
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>secret</o:Password>
                        </o:UsernameToken>
                </o:Security>
        </s:Header>
        <s:Body>
                <trust:RequestSecurityToken
                        
xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>
                        <wsp:AppliesTo 
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
                                <wsa:EndpointReference 
xmlns:wsa="http://www.w3.org/2005/08/addressing";>
                                        
<wsa:Address>http://localhost:8080/myservice
                                        </wsa:Address>
                                </wsa:EndpointReference>
                        </wsp:AppliesTo>
                        
<trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer
                        </trust:KeyType>
                        
<trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue
                        </trust:RequestType>
                </trust:RequestSecurityToken>
        </s:Body>
</s:Envelope>


Do you have an idea how to teach the STS to accept the header?

Thank you very much.






--
View this message in context: 
http://cxf.547215.n5.nabble.com/STS-via-SOAP1-2-tp5739393p5739420.html
Sent from the cxf-user mailing list archive at Nabble.com.

Reply via email to