Hi All, I'm running through an STS tutorial at http://web-gmazza.rhcloud.com/blog/entry/cxf-sts-tutorial and am having an issue with the client when it tries to call a secure service. The error i'm receiving is...
Caused by: org.apache.cxf.ws.security.trust.TrustException: Cannot match the address http://localhost:8080/doubleit-webapp/services/STS to the WSDL received via WS-MEX For some reason, the WSDL address returned by MEX is incorrect. It is returning http://localhost:8080/doubleit-webapp/STS (it should be http://localhost:8080/doubleit-webapp/services/STS). My client class is below... public class DoubleItClient { public static void main(String[] args) throws MalformedURLException { DoubleItService service = new DoubleItService(new URL("http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure?WSDL";)); DoubleItPortType port = service.getDoubleItPort(); doubleIt(port, 10); doubleIt(port, 0); doubleIt(port, -10); } public static void doubleIt(DoubleItPortType port, int numToDouble) { DoubleIt req = new DoubleIt(); req.setNumberToDouble(numToDouble); int resp = port.doubleIt(req).getDoubledNumber(); System.out.println("The number " + numToDouble + " doubled is " + resp); } } The DoubleItSecure wsdl is below... <wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; xmlns:wsaw="http://www.w3.org/2005/08/addressing"; xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; xmlns:tns="http://www.example.org/contract/DoubleIt"; xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:di="http://www.example.org/schema/DoubleIt"; name="DoubleIt" targetNamespace="http://www.example.org/contract/DoubleIt";> <wsdl:types> <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; xmlns:wsaw="http://www.w3.org/2005/08/addressing"; xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; xmlns:tns="http://www.example.org/contract/DoubleIt"; xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:di="http://www.example.org/schema/DoubleIt"; targetNamespace="http://www.example.org/schema/DoubleIt";> <xsd:element name="DoubleIt"> <xsd:complexType> <xsd:sequence> <xsd:element name="numberToDouble" type="xsd:int"/> </xsd:sequence> </xsd:complexType> </xsd:element> <xsd:element name="DoubleItResponse"> <xsd:complexType> <xsd:sequence> <xsd:element name="doubledNumber" type="xsd:int"/> </xsd:sequence> </xsd:complexType> </xsd:element> </xsd:schema> </wsdl:types> <wsdl:message name="DoubleItResponse"> <wsdl:part element="di:DoubleItResponse" name="parameters"></wsdl:part> </wsdl:message> <wsdl:message name="DoubleItRequest"> <wsdl:part element="di:DoubleIt" name="parameters"></wsdl:part> </wsdl:message> <wsdl:portType name="DoubleItPortType"> <wsdl:operation name="DoubleIt"> <wsdl:input message="tns:DoubleItRequest"></wsdl:input> <wsdl:output message="tns:DoubleItResponse"></wsdl:output> </wsdl:operation> </wsdl:portType> <wsdl:binding name="DoubleItBinding" type="tns:DoubleItPortType"> <wsp:PolicyReference URI="#DoubleItBindingPolicy"/> <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="DoubleIt"> <soap:operation soapAction="http://www.example.org/contract/DoubleIt/DoubleItPortType/DoubleItRequest"/> <wsdl:input> <soap:body use="literal"/> <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="DoubleItService"> <wsdl:port binding="tns:DoubleItBinding" name="DoubleItPort"> <soap:address location="http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure"/> </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="DoubleItBindingPolicy"> <wsp:ExactlyOne> <wsp:All> <wsam:Addressing wsp:Optional="false"> <wsp:Policy/> </wsam:Addressing> <sp:SymmetricBinding> <wsp:Policy> <sp:ProtectionToken> <wsp:Policy> <sp:IssuedToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> <sp:RequestSecurityTokenTemplate> <t:TokenType> http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1 </t:TokenType> <t:KeyType> http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey </t:KeyType> <t:KeySize>256</t:KeySize> </sp:RequestSecurityTokenTemplate> <wsp:Policy> <sp:RequireInternalReference/> </wsp:Policy> <sp:Issuer> <wsaw:Address>http://localhost:8080/doubleit-webapp/services/STS</wsaw:Address> <wsaw:Metadata> <wsx:Metadata> <wsx:MetadataSection> <wsx:MetadataReference> <wsaw:Address> http://localhost:8080/doubleit-webapp/services/STS/mex </wsaw:Address> </wsx:MetadataReference> </wsx:MetadataSection> </wsx:Metadata> </wsaw:Metadata> </sp:Issuer> </sp:IssuedToken> </wsp:Policy> </sp:ProtectionToken> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> <sp:OnlySignEntireHeadersAndBody/> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> </wsp:Policy> </sp:SymmetricBinding> <sp:Wss11> <wsp:Policy> <sp:MustSupportRefIssuerSerial/> <sp:MustSupportRefThumbprint/> <sp:MustSupportRefEncryptedKey/> </wsp:Policy> </sp:Wss11> <sp:Trust13> <wsp:Policy> <sp:MustSupportIssuedTokens/> <sp:RequireClientEntropy/> <sp:RequireServerEntropy/> </wsp:Policy> </sp:Trust13> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy"> <wsp:ExactlyOne> <wsp:All> <sp:EncryptedParts> <sp:Body/> </sp:EncryptedParts> <sp:SignedParts> <sp:Body/> <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> </sp:SignedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Output_Policy"> <wsp:ExactlyOne> <wsp:All> <sp:EncryptedParts> <sp:Body/> </sp:EncryptedParts> <sp:SignedParts> <sp:Body/> <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> <sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> </sp:SignedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </wsdl:definitions> When i run the client, I get the following output which shows the call to MEX and the response containing the incorrect URL... Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.BusApplicationContext prepareRefresh INFO: Refreshing org.apache.cxf.bus.spring.BusApplicationContext@425f32ae: startup date [Thu Nov 05 07:38:26 AEST 2015]; root of context hierarchy Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.BusApplicationContext getConfigResources INFO: Loaded configuration file cxf.xml. Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader loadBeanDefinitions INFO: Loading XML bean definitions from class path resource [META-INF/cxf/cxf.xml] Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader loadBeanDefinitions INFO: Loading XML bean definitions from class path resource [cxf.xml] Nov 05, 2015 7:38:29 AM org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean buildServiceFromWSDL INFO: Creating Service {http://www.example.org/contract/DoubleIt}DoubleItService from WSDL: http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure?WSDL SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. Nov 05, 2015 7:38:34 AM org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean buildServiceFromClass INFO: Creating Service {http://www.w3.org/2009/09/ws-mex}MetadataExchangeService from class org.apache.cxf.ws.mex.MetadataExchange Nov 05, 2015 7:38:35 AM org.apache.cxf.services.MetadataExchangeService.MetadataExchangePort.MetadataExchange INFO: Outbound Message --------------------------- ID: 1 Address: http://localhost:8080/doubleit-webapp/services/STS/mex Encoding: UTF-8 Http-Method: POST Content-Type: text/xml Headers: {Accept=[*/*], SOAPAction=["http://schemas.xmlsoap.org/ws/2004/09/transfer/Get"]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Header><Action xmlns="http://www.w3.org/2005/08/addressing";>http://schemas.xmlsoap.org/ws/2004/09/transfer/Get</Action><MessageID xmlns="http://www.w3.org/2005/08/addressing";>urn:uuid:ca8ef30a-0049-4d4b-b500-adcc739d6d22</MessageID><To xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8080/doubleit-webapp/services/STS/mex</To><ReplyTo xmlns="http://www.w3.org/2005/08/addressing";><Address>http://www.w3.org/2005/08/addressing/anonymous</Address></ReplyTo></soap:Header><soap:Body/></soap:Envelope> -------------------------------------- Nov 05, 2015 7:38:35 AM org.apache.cxf.services.MetadataExchangeService.MetadataExchangePort.MetadataExchange INFO: Inbound Message ---------------------------- ID: 1 Response-Code: 200 Encoding: UTF-8 Content-Type: text/xml;charset=UTF-8 Headers: {content-type=[text/xml;charset=UTF-8], Date=[Wed, 04 Nov 2015 21:38:35 GMT], Server=[Apache-Coyote/1.1], transfer-encoding=[chunked]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Header><Action xmlns="http://www.w3.org/2005/08/addressing";>http://schemas.xmlsoap.org/ws/2004/09/transfer/GetResponse</Action><MessageID xmlns="http://www.w3.org/2005/08/addressing";>urn:uuid:5e644023-10ec-45c0-97fd-aed5c00521ac</MessageID><To xmlns="http://www.w3.org/2005/08/addressing";>http://www.w3.org/2005/08/addressing/anonymous</To><RelatesTo xmlns="http://www.w3.org/2005/08/addressing";>urn:uuid:ca8ef30a-0049-4d4b-b500-adcc739d6d22</RelatesTo></soap:Header><soap:Body><Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex";><MetadataSection Dialect="http://schemas.xmlsoap.org/wsdl/"; Identifier="http://docs.oasis-open.org/ws-sx/ws-trust/200512/";><wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"; xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl"; xmlns:wsp="http://www.w3.org/ns/ws-policy"; xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; xmlns:wstrust="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:xs="http://www.w3.org/2001/XMLSchema"; targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/";> <wsdl:types> <xs:schema elementFormDefault="qualified" targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512";> <xs:complexType name="AbstractRequestSecurityTokenType"> <xs:sequence> <xs:any maxOccurs="unbounded" minOccurs="0" namespace="##any" processContents="lax"/> </xs:sequence> <xs:attribute name="Context" type="xs:anyURI" use="optional"/> <xs:anyAttribute namespace="##other" processContents="lax"/> </xs:complexType> <xs:element name="RequestSecurityToken" type="wst:AbstractRequestSecurityTokenType"/> <xs:element name="RequestSecurityTokenResponse" type="wst:AbstractRequestSecurityTokenType"/> <xs:element name="RequestSecurityTokenCollection" type="wst:RequestSecurityTokenCollectionType"/> <xs:complexType name="RequestSecurityTokenCollectionType"> <xs:sequence> <xs:element maxOccurs="unbounded" minOccurs="2" name="RequestSecurityToken" type="wst:AbstractRequestSecurityTokenType"/> </xs:sequence> </xs:complexType> <xs:element name="RequestSecurityTokenResponseCollection" type="wst:RequestSecurityTokenResponseCollectionType"/> <xs:complexType name="RequestSecurityTokenResponseCollectionType"> <xs:sequence> <xs:element maxOccurs="unbounded" minOccurs="1" ref="wst:RequestSecurityTokenResponse"/> </xs:sequence> <xs:anyAttribute namespace="##other" processContents="lax"/> </xs:complexType> </xs:schema> </wsdl:types> <wsdl:message name="RequestSecurityTokenResponseCollectionMsg"> <wsdl:part element="wst:RequestSecurityTokenResponseCollection" name="responseCollection"> </wsdl:part> </wsdl:message> <wsdl:message name="RequestSecurityTokenCollectionMsg"> <wsdl:part element="wst:RequestSecurityTokenCollection" name="requestCollection"> </wsdl:part> </wsdl:message> <wsdl:message name="RequestSecurityTokenResponseMsg"> <wsdl:part element="wst:RequestSecurityTokenResponse" name="response"> </wsdl:part> </wsdl:message> <wsdl:message name="RequestSecurityTokenMsg"> <wsdl:part element="wst:RequestSecurityToken" name="request"> </wsdl:part> </wsdl:message> <wsdl:portType name="STS"> <wsdl:operation name="Issue"> <wsdl:input message="wstrust:RequestSecurityTokenMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseCollectionMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal";> </wsdl:output> </wsdl:operation> <wsdl:operation name="Validate"> <wsdl:input message="wstrust:RequestSecurityTokenMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate";> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/ValidateFinal";> </wsdl:output> </wsdl:operation> <wsdl:operation name="Cancel"> <wsdl:input message="wstrust:RequestSecurityTokenMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel";> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/CancelFinal";> </wsdl:output> </wsdl:operation> <wsdl:operation name="Renew"> <wsdl:input message="wstrust:RequestSecurityTokenMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew";> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/RenewFinal";> </wsdl:output> </wsdl:operation> <wsdl:operation name="KeyExchangeToken"> <wsdl:input message="wstrust:RequestSecurityTokenMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KET";> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/KETFinal";> </wsdl:output> </wsdl:operation> <wsdl:operation name="RequestCollection"> <wsdl:input message="wstrust:RequestSecurityTokenCollectionMsg"> </wsdl:input> <wsdl:output message="wstrust:RequestSecurityTokenResponseCollectionMsg"> </wsdl:output> </wsdl:operation> </wsdl:portType> <wsdl:binding name="UT_Binding" type="wstrust:STS"> <wsp:PolicyReference URI="#UT_policy"/> <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="Issue"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"/> <wsdl:input> <wsp:PolicyReference URI="#Input_policy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <wsp:PolicyReference URI="#Output_policy"/> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Validate"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate"/> <wsdl:input> <wsp:PolicyReference URI="#Input_policy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <wsp:PolicyReference URI="#Output_policy"/> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Cancel"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Renew"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="KeyExchangeToken"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="RequestCollection"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:binding name="X509_Binding" type="wstrust:STS"> <wsp:PolicyReference URI="#X509_policy"/> <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> <wsdl:operation name="Issue"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"/> <wsdl:input> <wsp:PolicyReference URI="#Input_policy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <wsp:PolicyReference URI="#Output_policy"/> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Validate"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate"/> <wsdl:input> <wsp:PolicyReference URI="#Input_policy"/> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <wsp:PolicyReference URI="#Output_policy"/> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Cancel"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="Renew"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="KeyExchangeToken"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> <wsdl:operation name="RequestCollection"> <soap:operation soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection"/> <wsdl:input> <soap:body use="literal"/> </wsdl:input> <wsdl:output> <soap:body use="literal"/> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="SecurityTokenService"> <wsdl:port binding="wstrust:UT_Binding" name="STS_Port"> <soap:address location="http://localhost:8080/doubleit-webapp/STS"/> </wsdl:port> </wsdl:service> <wsp:Policy wsu:Id="X509_policy"> <wsp:ExactlyOne> <wsp:All> <wsap10:UsingAddressing/> <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:InitiatorToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> <wsp:Policy> <sp:WssX509V3Token10/> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:InitiatorToken> <sp:RecipientToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> <wsp:Policy> <sp:WssX509V3Token10/> <sp:RequireIssuerSerialReference/> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:RecipientToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Strict/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> <sp:EncryptSignature/> <sp:OnlySignEntireHeadersAndBody/> </wsp:Policy> </sp:AsymmetricBinding> <sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:MustSupportRefKeyIdentifier/> <sp:MustSupportRefIssuerSerial/> <sp:MustSupportRefThumbprint/> <sp:MustSupportRefEncryptedKey/> </wsp:Policy> </sp:Wss11> <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:MustSupportIssuedTokens/> <sp:RequireClientEntropy/> <sp:RequireServerEntropy/> </wsp:Policy> </sp:Trust13> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="UT_policy"> <wsp:ExactlyOne> <wsp:All> <wsap10:UsingAddressing/> <sp:SymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:ProtectionToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";> <wsp:Policy> <sp:RequireDerivedKeys/> <sp:RequireThumbprintReference/> <sp:WssX509V3Token10/> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:ProtectionToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> <sp:EncryptSignature/> <sp:OnlySignEntireHeadersAndBody/> </wsp:Policy> </sp:SymmetricBinding> <sp:SignedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> <wsp:Policy> <sp:WssUsernameToken10/> </wsp:Policy> </sp:UsernameToken> </wsp:Policy> </sp:SignedSupportingTokens> <sp:Wss11 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:MustSupportRefKeyIdentifier/> <sp:MustSupportRefIssuerSerial/> <sp:MustSupportRefThumbprint/> <sp:MustSupportRefEncryptedKey/> </wsp:Policy> </sp:Wss11> <sp:Trust13 xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <wsp:Policy> <sp:MustSupportIssuedTokens/> <sp:RequireClientEntropy/> <sp:RequireServerEntropy/> </wsp:Policy> </sp:Trust13> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="Input_policy"> <wsp:ExactlyOne> <wsp:All> <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> </sp:EncryptedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <wsp:Policy wsu:Id="Output_policy"> <wsp:ExactlyOne> <wsp:All> <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/> <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> <sp:Body/> </sp:EncryptedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </wsdl:definitions></MetadataSection></Metadata></soap:Body></soap:Envelope> -------------------------------------- Nov 05, 2015 7:38:35 AM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for {http://www.example.org/contract/DoubleIt}DoubleItService#{http://www.example.org/contract/DoubleIt}DoubleIt has thrown exception, unwinding now org.apache.cxf.ws.security.trust.TrustException: Exception when trying to retrieve/process a WSDL via WS-MEX at org.apache.cxf.ws.security.trust.AbstractSTSClient.configureViaEPR(AbstractSTSClient.java:592) at org.apache.cxf.ws.security.trust.STSUtils.getClientWithIssuer(STSUtils.java:153) at org.apache.cxf.ws.security.trust.STSTokenRetriever.issueToken(STSTokenRetriever.java:120) at org.apache.cxf.ws.security.trust.STSTokenRetriever.getToken(STSTokenRetriever.java:58) at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:132) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) at com.sun.proxy.$Proxy34.doubleIt(Unknown Source) at client.DoubleItClient.doubleIt(DoubleItClient.java:24) at client.DoubleItClient.main(DoubleItClient.java:16) Caused by: org.apache.cxf.ws.security.trust.TrustException: Cannot match the address http://localhost:8080/doubleit-webapp/services/STS to the WSDL received via WS-MEX at org.apache.cxf.ws.security.trust.AbstractSTSClient.configureViaEPR(AbstractSTSClient.java:582) ... 14 more -- View this message in context: http://cxf.547215.n5.nabble.com/Mex-returning-wrong-endpoint-for-STS-service-tp5762596.html Sent from the cxf-user mailing list archive at Nabble.com.
