Do you have a policy assertion to turn addressing on in the WSDL of the STS? The example I linked to previously has "<wsap10:UsingAddressing/>" Assertions.
Colm. On Mon, Feb 3, 2014 at 5:16 PM, bob45 <[email protected]> wrote: > Great that works! > > But now I get the another error: > > WARNING - PhaseInterceptorChain.doDefaultLogging(364) | Interceptor for > { > http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Validate > has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: > MustUnderstand headers: [{http://www.w3.org/2005/08/addressing}Action, > {http://www.w3.org/2005/08/addressing}To] are not understood. > at > > org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor.checkUltimateReceiverHeaders(MustUnderstandInterceptor.java:150) > > The request contains the To Header, which is not understood: > > <a:To s:mustUnderstand="1">https://192.168.1.47:8443/sts/sts</a:To> > > Is it really required to understand this header? > > This is the full RST sent from the .NEt side: > > <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"; > xmlns:a="http://www.w3.org/2005/08/addressing"; > > xmlns:u=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "> > <s:Header> > <a:Action > s:mustUnderstand="1"> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue > </a:Action> > <a:MessageID>urn:uuid:8abe9005-5bd8-4019-b58a-670ab5921fef > </a:MessageID> > <a:ReplyTo> > <a:Address> > http://www.w3.org/2005/08/addressing/anonymous</a:Address> > </a:ReplyTo> > <VsDebuggerCausalityData > > xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink > ">uIDPo4wA1Z37YxxLp4P0dODqk3IAAAAAtMmwqMeKzkaN5zYC5weCWSl4jmCBgstPgi7V7Ol58GYACQAA > </VsDebuggerCausalityData> > <a:To s:mustUnderstand="1">https://192.168.1.47:8443/sts > </a:To> > <o:Security s:mustUnderstand="1" > > xmlns:o=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "> > <u:Timestamp u:Id="_0"> > > <u:Created>2014-02-03T17:06:36.553Z</u:Created> > > <u:Expires>2014-02-03T17:11:36.553Z</u:Expires> > </u:Timestamp> > <o:UsernameToken > u:Id="uuid-91185bf8-3c7e-472f-adad-83b9ce53511e-1"> > <o:Username>alice</o:Username> > <o:Password > > Type=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText > ">secret</o:Password> > </o:UsernameToken> > </o:Security> > </s:Header> > <s:Body> > <trust:RequestSecurityToken > xmlns:trust=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512";> > <wsp:AppliesTo xmlns:wsp=" > http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsa:EndpointReference xmlns:wsa=" > http://www.w3.org/2005/08/addressing";> > <wsa:Address> > http://localhost:8080/myservice > </wsa:Address> > </wsa:EndpointReference> > </wsp:AppliesTo> > <trust:KeyType> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer > </trust:KeyType> > <trust:RequestType> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue > </trust:RequestType> > </trust:RequestSecurityToken> > </s:Body> > </s:Envelope> > > > Do you have an idea how to teach the STS to accept the header? > > Thank you very much. > > > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/STS-via-SOAP1-2-tp5739393p5739420.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
