Security Issues from WSDL to java

[nsaran5]

Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: These policy alternatives can not be
satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
TLS is not enabled
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens:
The received token does not match the signed supporting token requirement
        at
org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:47)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
        at
org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
        at 
org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
        at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
TLS is not enabled
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens:
The received token does not match the signed supporting token requirement
        at
org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:166)
        at
org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
        at
org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:45)
        ... 7 more

Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
has thrown exception, unwinding now
java.lang.NullPointerException
        at
org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
        at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:323)
        at
org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
        at 
org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
        at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)

My Beans.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
 xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0";
xmlns:util="http://www.springframework.org/schema/util";
 xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
 xmlns:http="http://cxf.apache.org/transports/http/configuration";
xmlns:sec="http://cxf.apache.org/configuration/security";
 xmlns:person="http://www.mycompany.com/ws-sec-proto";
 xmlns:wsa="http://cxf.apache.org/ws/addressing";

 xmlns:jaxws="http://cxf.apache.org/jaxws";
  xmlns:cxf="http://cxf.apache.org/core";
 xsi:schemaLocation="
   http://www.springframework.org/schema/beans
   http://www.springframework.org/schema/beans/spring-beans.xsd
   http://www.springframework.org/schema/util
   http://www.springframework.org/schema/util/spring-util.xsd
   http://servicemix.apache.org/cxfbc/1.0
  
http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
   http://cxf.apache.org/transports/http-jetty/configuration
   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
   http://cxf.apache.oarg/transports/http/configuration
   http://cxf.apache.org/schemas/configuration/http-conf.xsd
   http://cxf.apache.org/jaxws 
   http://cxf.apache.org/schemas/jaxws.xsd
   http://cxf.apache.org/core
   http://cxf.apache.org/schemas/core.xsd";>
        
        
        <import resource="classpath:META-INF/cxf/cxf.xml" />
        <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
        <import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
        <import resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
        <import resource="classpath:META-INF/cxf/cxf-extension-policy.xml" />
        <import resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" 
/>
        <import resource="classpath:META-INF/cxf/cxf.xml" />
        <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
        <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
        <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
        <jaxws:endpoint xmlns:tns="http://hyatt.com/hyatt/reserve/2011/05";
                id="reserveservicecontract"
implementor="com.hyatt.hyatt.reserve.ReserveServiceContractImpl"
                wsdlLocation="ReserveService.svc.wsdl"
endpointName="tns:Soap12Addr10Endpoint"
                serviceName="tns:ReserveService" 
address="/Soap12Addr10Endpoint">
                <jaxws:inInterceptors>
                        <ref bean="InSoapInterceptor"/>
                        
                </jaxws:inInterceptors> 
        

           <jaxws:properties>
         <entry key="ws-security.callback-handler"
value-ref="myPasswordCallback"/>

        
      </jaxws:properties> 
      
        </jaxws:endpoint>
        
        <bean id="myPasswordCallback"
class="com.hyatt.hyatt.reserve.ServerPasswordCallback"/>    
        
        <bean id="InSoapInterceptor"
class="com.hyatt.hyatt.cxf.interceptors.InLogInterceptor"/>     
    
    
                <cxf:bus>
                 <cxf:features>                 
                        <cxf:logging/>
                        <wsa:addressing />                      
                </cxf:features>         
        </cxf:bus>
        
</beans>

I tried all the options but still getting the error. Please help





--
View this message in context: 
http://cxf.547215.n5.nabble.com/Security-Issues-from-WSDL-to-java-tp5753886.html
Sent from the cxf-user mailing list archive at Nabble.com.