Hi Colm,
We were doing exactly the same thing which you wrote in the test case. I
have removed the addressing and we are getting the same fault.
package com.cxf.sample;
import static
org.apache.cxf.ws.addressing.JAXWSAConstants.CLIENT_ADDRESSING_PROPERTIES;
import java.util.HashMap;
import java.util.Map;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPConstants;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
import javax.xml.ws.Dispatch;
import javax.xml.ws.soap.SOAPBinding;
import org.apache.cxf.Bus;
import org.apache.cxf.endpoint.Client;
import org.apache.cxf.jaxws.DispatchImpl;
import org.apache.cxf.ws.addressing.AddressingProperties;
import org.apache.cxf.ws.addressing.AttributedURIType;
import org.apache.cxf.ws.addressing.EndpointReferenceType;
import org.apache.cxf.ws.addressing.MetadataType;
import org.apache.cxf.ws.addressing.ObjectFactory;
import org.apache.cxf.ws.addressing.ReferenceParametersType;
import org.apache.cxf.ws.addressing.RelatesToType;
import org.apache.cxf.ws.addressing.impl.AddressingPropertiesImpl;
import org.apache.cxf.ws.policy.PolicyConstants;
import org.apache.cxf.ws.security.trust.STSClient;
import org.apache.neethi.Policy;
import org.apache.cxf.ws.security.SecurityConstants;
public class TestCXFSTSS {
private static final ObjectFactory WSA_OBJECT_FACTORY = new
ObjectFactory();
/**
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
testService1();
}
private static void testService1() throws Exception {
Dispatch<SOAPMessage> dispatch = CXFUtils.getDispatch(
SOAPBinding.SOAP11HTTP_BINDING,
"http://127.0.0.1:9999/SoapContext/SoapPort";);
Client disPatchClient = ((DispatchImpl<SOAPMessage>)
dispatch).getClient();
//Engage the policy after parsing with neethi library
Policy wsaPolicy = PolicyHelper.parsePolicy(disPatchClient,
"c://wsa-policy.xml");
Policy policy = PolicyHelper.parsePolicy(disPatchClient,
"c://wsa-policy2.xml");
Policy policy2 = PolicyHelper.parsePolicy(disPatchClient,
"c://wsa-policy3.xml");
wsaPolicy.merge(policy);
wsaPolicy.merge(policy2);
dispatch.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE,
wsaPolicy);
Map<String,Object> stsmap = setSTSMaps();
disPatchClient.getRequestContext().putAll(stsmap);
//Create the STSClient and set the properties
STSClient stsClient =
createDispatchSTSClient(disPatchClient.getBus());
stsClient.setWsdlLocation("http://localhost:9989/SecurityTokenService/UT?wsdl";);
//stsClient.setEnableAppliesTo(false);
disPatchClient.getRequestContext().put("ws-security.sts.client", stsClient
);
MessageFactory mf =
MessageFactory.newInstance(SOAPConstants.SOAP_1_1_PROTOCOL);
SOAPMessage request = mf.createMessage();
SOAPPart part = request.getSOAPPart();
// Obtain the SOAPEnvelope and header and body elements.
SOAPEnvelope env = part.getEnvelope();
SOAPBody body = env.getBody();
disPatchClient.getRequestContext().put("ws-security.enable.streaming",
"true");
// Construct the message payload.
SOAPElement operation = body.addChildElement("greetMe", "tns",
"http://apache.org/hello_world_soap_http/types";);
SOAPElement value = operation.addChildElement("requestType",
"tns","http://apache.org/hello_world_soap_http/types";);
value.addTextNode("Renu");
request.saveChanges();
SOAPMessage response = dispatch.invoke(request);
System.out.println(response.getSOAPBody().getTextContent());
}
private static Map<String,Object> setSTSMaps(){
Map<String,Object> stsmap = new HashMap<String, Object>();
stsmap.put("ws-security.signature.properties",
"clientKeystore.properties");
stsmap.put("ws-security.signature.username", "myclientkey");
stsmap.put("ws-security.callback-handler",
"com.cxf.sample.ClientCallbackHandler");
stsmap.put("ws-security.encryption.properties",
"clientKeystore.properties");
stsmap.put("ws-security.encryption.username", "myservicekey");
return stsmap;
}
private static STSClient createDispatchSTSClient(Bus bus) {
STSClient stsClient = new STSClient(bus);
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService";);
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port";);
Map<String, Object> stsprop = new HashMap<String, Object>();
stsprop.put("ws-security.username","alice");
stsprop.put("ws-security.callback-handler","com.cxf.sample.ClientCallbackHandler");
stsprop.put("ws-security.encryption.properties","clientKeystore.properties");
stsprop.put("ws-security.encryption.username","mystskey");
stsprop.put("ws-security.sts.token.username","myclientkey");
stsprop.put("ws-security.sts.token.properties","clientKeystore.properties");
stsprop.put("ws-security.sts.token.usecert","true");
stsprop.put("ws-security.is-bsp-compliant", "false");
stsClient.setProperties(stsprop);
return stsClient;
}
}
Exception:
Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.addressing.soap.MAPCodec
restoreExchange
WARNING: Response message does not contain WS-Addressing properties. Not
correlating response.
Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
WARNING: Request does not contain Security header, but it's a fault.
Feb 18, 2014 7:20:32 PM org.apache.cxf.ws.addressing.ContextUtils
retrieveMAPs
WARNING: WS-Addressing - failed to retrieve Message Addressing Properties
from context
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These
policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRYPTED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
at org.apache.cxf.jaxws.DispatchImpl.mapException(DispatchImpl.java:287)
at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:388)
at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243)
at com.cxf.sample.TestCXFSTSS.testService1(TestCXFSTSS.java:86)
at com.cxf.sample.TestCXFSTSS.main(TestCXFSTSS.java:42)
Caused by: org.apache.cxf.binding.soap.SoapFault: These policy alternatives
can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRYPTED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:84)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:51)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:40)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:835)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1612)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1503)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1310)
at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:628)
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:565)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:474)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:377)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:330)
at org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:365)
at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:381)
... 3 more
"One thing to note is that the security policy associated with the binding
must contain the SignedParts/EncryptedParts (this may explain the error you
give above). Any policy attached to the messages input/output of the
binding does not get picked up for the Dispatch case. "
So according to this , if I understood it correctly the example given for
STS has input and output policy which contains the signed part, encrypted
part won't work for Dispatch case?
--
View this message in context:
http://cxf.547215.n5.nabble.com/Facing-issue-while-building-STS-Client-USing-Dispatch-API-tp5739992p5740102.html
Sent from the cxf-user mailing list archive at Nabble.com.
