Re: NullPointerException on Policy merge

Mon, 24 Feb 2014 02:43:23 -0800 

You need a BootstrapPolicy in your WSDL as per the following link:

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/secconv/DoubleItSecConv.wsdl;hb=HEAD

The client needs to get a SecureConversationToken as per the existing
policy. The BootstrapPolicy is used to communicate with the STS to get the
SecureConverationToken.

Colm.


On Sat, Feb 22, 2014 at 4:24 PM, wasew <[email protected]> wrote:

> Hi. Thank you. What must I set?
>
> My client Request Header must look like this:
>
> <soapenv:Header>
>     <wsse:Security
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc";>
>       <wsc:SecurityContextToken>
>         <wsc:Identifier></wsc:Identifier>
>       </wsc:SecurityContextToken>
>     </wsse:Security>
>   </soapenv:Header>
>
> My Policy on WSDL is:
> <wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
> "
>                 xmlns:wsa="
> http://schemas.xmlsoap.org/ws/2004/08/addressing";
>                 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
>                 wsu:Id="AuthSecurityPolicy">
>                 <wsp:ExactlyOne>
>                         <wsp:All>
>                                 <sp:TransportBinding>
>                                         <wsp:Policy>
>                                                 <sp:TransportToken>
>                                                         <wsp:Policy>
>
> <sp:HttpsToken RequireClientCertificate="false" />
>                                                         </wsp:Policy>
>                                                 </sp:TransportToken>
>                                         </wsp:Policy>
>                                 </sp:TransportBinding>
>                                 <sp:SupportingTokens>
>                                         <wsp:Policy>
>                                                 <sp:SecureConversationToken
>
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> ">
>                                                         <sp:Issuer>
>
> <wsa:Address>
>
> Address to STS
>
> </wsa:Address>
>                                                         </sp:Issuer>
>
> </sp:SecureConversationToken>
>                                         </wsp:Policy>
>                                 </sp:SupportingTokens>
>                         </wsp:All>
>                 </wsp:ExactlyOne>
>         </wsp:Policy>
>
> WS-Security is new for me!
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/NullPointerException-on-Policy-merge-tp5740289p5740355.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to