Hi, Are you using an up-to-date version of CXF? If not then please try again and let me know if it works. If not, then would it be possible to put together a test-case to reproduce the problem, without having to follow steps from a tutorial?
Colm. On Wed, Nov 4, 2015 at 9:53 PM, Anthony Fryer <[email protected]> wrote: > Hi All, > > I'm running through an STS tutorial at > http://web-gmazza.rhcloud.com/blog/entry/cxf-sts-tutorial and am having an > issue with the client when it tries to call a secure service. The error > i'm > receiving is... > > Caused by: org.apache.cxf.ws.security.trust.TrustException: Cannot match > the > address http://localhost:8080/doubleit-webapp/services/STS to the WSDL > received via WS-MEX > > For some reason, the WSDL address returned by MEX is incorrect. It is > returning http://localhost:8080/doubleit-webapp/STS (it should be > http://localhost:8080/doubleit-webapp/services/STS). > > > My client class is below... > > public class DoubleItClient { > > public static void main(String[] args) throws > MalformedURLException { > DoubleItService service = new DoubleItService(new > URL("http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure?WSDL > ")); > DoubleItPortType port = service.getDoubleItPort(); > > doubleIt(port, 10); > doubleIt(port, 0); > doubleIt(port, -10); > } > > public static void doubleIt(DoubleItPortType port, int > numToDouble) { > DoubleIt req = new DoubleIt(); > req.setNumberToDouble(numToDouble); > int resp = port.doubleIt(req).getDoubledNumber(); > System.out.println("The number " + numToDouble + " doubled > is " + resp); > } > > } > > The DoubleItSecure wsdl is below... > > <wsdl:definitions xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://www.w3.org/ns/ws-policy"; > xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; > xmlns:wsaw="http://www.w3.org/2005/08/addressing"; > xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; > xmlns:tns="http://www.example.org/contract/DoubleIt"; > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; > xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; > xmlns:di="http://www.example.org/schema/DoubleIt"; name="DoubleIt" > targetNamespace="http://www.example.org/contract/DoubleIt";> > <wsdl:types> > <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://www.w3.org/ns/ws-policy"; > xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; > xmlns:wsaw="http://www.w3.org/2005/08/addressing"; > xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; > xmlns:tns="http://www.example.org/contract/DoubleIt"; > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; > xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; > xmlns:di="http://www.example.org/schema/DoubleIt"; > targetNamespace="http://www.example.org/schema/DoubleIt";> > <xsd:element name="DoubleIt"> > <xsd:complexType> > <xsd:sequence> > <xsd:element name="numberToDouble" type="xsd:int"/> > </xsd:sequence> > </xsd:complexType> > </xsd:element> > <xsd:element name="DoubleItResponse"> > <xsd:complexType> > <xsd:sequence> > <xsd:element name="doubledNumber" type="xsd:int"/> > </xsd:sequence> > </xsd:complexType> > </xsd:element> > </xsd:schema> > </wsdl:types> > <wsdl:message name="DoubleItResponse"> > <wsdl:part element="di:DoubleItResponse" name="parameters"></wsdl:part> > </wsdl:message> > <wsdl:message name="DoubleItRequest"> > <wsdl:part element="di:DoubleIt" name="parameters"></wsdl:part> > </wsdl:message> > <wsdl:portType name="DoubleItPortType"> > <wsdl:operation name="DoubleIt"> > <wsdl:input message="tns:DoubleItRequest"></wsdl:input> > <wsdl:output message="tns:DoubleItResponse"></wsdl:output> > </wsdl:operation> > </wsdl:portType> > <wsdl:binding name="DoubleItBinding" type="tns:DoubleItPortType"> > <wsp:PolicyReference URI="#DoubleItBindingPolicy"/> > <soap:binding style="document" > transport="http://schemas.xmlsoap.org/soap/http"/> > <wsdl:operation name="DoubleIt"> > <soap:operation > soapAction=" > http://www.example.org/contract/DoubleIt/DoubleItPortType/DoubleItRequest > "/> > <wsdl:input> > <soap:body use="literal"/> > <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Input_Policy"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > <wsp:PolicyReference URI="#DoubleItBinding_DoubleIt_Output_Policy"/> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:service name="DoubleItService"> > <wsdl:port binding="tns:DoubleItBinding" name="DoubleItPort"> > <soap:address > location="http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure > "/> > </wsdl:port> > </wsdl:service> > <wsp:Policy wsu:Id="DoubleItBindingPolicy"> > <wsp:ExactlyOne> > <wsp:All> > <wsam:Addressing wsp:Optional="false"> > <wsp:Policy/> > </wsam:Addressing> > <sp:SymmetricBinding> > <wsp:Policy> > <sp:ProtectionToken> > <wsp:Policy> > <sp:IssuedToken > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "> > <sp:RequestSecurityTokenTemplate> > <t:TokenType> > http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1 > </t:TokenType> > <t:KeyType> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey > </t:KeyType> > <t:KeySize>256</t:KeySize> > </sp:RequestSecurityTokenTemplate> > <wsp:Policy> > <sp:RequireInternalReference/> > </wsp:Policy> > <sp:Issuer> > <wsaw:Address>http://localhost:8080/doubleit-webapp/services/STS > </wsaw:Address> > <wsaw:Metadata> > <wsx:Metadata> > <wsx:MetadataSection> > <wsx:MetadataReference> > <wsaw:Address> > http://localhost:8080/doubleit-webapp/services/STS/mex > </wsaw:Address> > </wsx:MetadataReference> > </wsx:MetadataSection> > </wsx:Metadata> > </wsaw:Metadata> > </sp:Issuer> > </sp:IssuedToken> > </wsp:Policy> > </sp:ProtectionToken> > <sp:Layout> > <wsp:Policy> > <sp:Lax/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > <sp:OnlySignEntireHeadersAndBody/> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > </wsp:Policy> > </sp:SymmetricBinding> > <sp:Wss11> > <wsp:Policy> > <sp:MustSupportRefIssuerSerial/> > <sp:MustSupportRefThumbprint/> > <sp:MustSupportRefEncryptedKey/> > </wsp:Policy> > </sp:Wss11> > <sp:Trust13> > <wsp:Policy> > <sp:MustSupportIssuedTokens/> > <sp:RequireClientEntropy/> > <sp:RequireServerEntropy/> > </wsp:Policy> > </sp:Trust13> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Input_Policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:EncryptedParts> > <sp:Body/> > </sp:EncryptedParts> > <sp:SignedParts> > <sp:Body/> > <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="MessageID" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="RelatesTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="AckRequested" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="SequenceAcknowledgement" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="Sequence" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="CreateSequence" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > > </sp:SignedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="DoubleItBinding_DoubleIt_Output_Policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:EncryptedParts> > <sp:Body/> > </sp:EncryptedParts> > <sp:SignedParts> > <sp:Body/> > <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="MessageID" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="RelatesTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing > "/> > <sp:Header Name="AckRequested" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="SequenceAcknowledgement" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="Sequence" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > <sp:Header Name="CreateSequence" > Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/> > </sp:SignedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > </wsdl:definitions> > > When i run the client, I get the following output which shows the call to > MEX and the response containing the incorrect URL... > > Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.BusApplicationContext > prepareRefresh > INFO: Refreshing org.apache.cxf.bus.spring.BusApplicationContext@425f32ae: > startup date [Thu Nov 05 07:38:26 AEST 2015]; root of context hierarchy > Nov 05, 2015 7:38:26 AM org.apache.cxf.bus.spring.BusApplicationContext > getConfigResources > INFO: Loaded configuration file cxf.xml. > Nov 05, 2015 7:38:26 AM > org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader > loadBeanDefinitions > INFO: Loading XML bean definitions from class path resource > [META-INF/cxf/cxf.xml] > Nov 05, 2015 7:38:26 AM > org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader > loadBeanDefinitions > INFO: Loading XML bean definitions from class path resource [cxf.xml] > Nov 05, 2015 7:38:29 AM > org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean > buildServiceFromWSDL > INFO: Creating Service > {http://www.example.org/contract/DoubleIt}DoubleItService from WSDL: > http://localhost:8080/doubleit-webapp/services/v1/DoubleItSecure?WSDL > SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". > SLF4J: Defaulting to no-operation (NOP) logger implementation > SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further > details. > Nov 05, 2015 7:38:34 AM > org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean > buildServiceFromClass > INFO: Creating Service > {http://www.w3.org/2009/09/ws-mex}MetadataExchangeService from class > org.apache.cxf.ws.mex.MetadataExchange > Nov 05, 2015 7:38:35 AM > > org.apache.cxf.services.MetadataExchangeService.MetadataExchangePort.MetadataExchange > INFO: Outbound Message > --------------------------- > ID: 1 > Address: http://localhost:8080/doubleit-webapp/services/STS/mex > Encoding: UTF-8 > Http-Method: POST > Content-Type: text/xml > Headers: {Accept=[*/*], > SOAPAction=["http://schemas.xmlsoap.org/ws/2004/09/transfer/Get"]} > Payload: <soap:Envelope > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/ > "><soap:Header><Action > xmlns="http://www.w3.org/2005/08/addressing";> > http://schemas.xmlsoap.org/ws/2004/09/transfer/Get</Action><MessageID > xmlns="http://www.w3.org/2005/08/addressing > ">urn:uuid:ca8ef30a-0049-4d4b-b500-adcc739d6d22</MessageID><To > xmlns="http://www.w3.org/2005/08/addressing";> > http://localhost:8080/doubleit-webapp/services/STS/mex</To><ReplyTo > xmlns="http://www.w3.org/2005/08/addressing";><Address> > http://www.w3.org/2005/08/addressing/anonymous > </Address></ReplyTo></soap:Header><soap:Body/></soap:Envelope> > -------------------------------------- > Nov 05, 2015 7:38:35 AM > > org.apache.cxf.services.MetadataExchangeService.MetadataExchangePort.MetadataExchange > INFO: Inbound Message > ---------------------------- > ID: 1 > Response-Code: 200 > Encoding: UTF-8 > Content-Type: text/xml;charset=UTF-8 > Headers: {content-type=[text/xml;charset=UTF-8], Date=[Wed, 04 Nov 2015 > 21:38:35 GMT], Server=[Apache-Coyote/1.1], transfer-encoding=[chunked]} > Payload: <soap:Envelope > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/ > "><soap:Header><Action > xmlns="http://www.w3.org/2005/08/addressing";> > http://schemas.xmlsoap.org/ws/2004/09/transfer/GetResponse > </Action><MessageID > xmlns="http://www.w3.org/2005/08/addressing > ">urn:uuid:5e644023-10ec-45c0-97fd-aed5c00521ac</MessageID><To > xmlns="http://www.w3.org/2005/08/addressing";> > http://www.w3.org/2005/08/addressing/anonymous</To><RelatesTo > xmlns="http://www.w3.org/2005/08/addressing > ">urn:uuid:ca8ef30a-0049-4d4b-b500-adcc739d6d22</RelatesTo></soap:Header><soap:Body><Metadata > xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex";><MetadataSection > Dialect="http://schemas.xmlsoap.org/wsdl/"; > Identifier="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ > "><wsdl:definitions > xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"; > xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; > xmlns:tns="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"; > xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; > xmlns:wsap10="http://www.w3.org/2006/05/addressing/wsdl"; > xmlns:wsp="http://www.w3.org/ns/ws-policy"; > xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; > xmlns:wstrust="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:xs="http://www.w3.org/2001/XMLSchema"; > targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512/";> > <wsdl:types> > <xs:schema elementFormDefault="qualified" > targetNamespace="http://docs.oasis-open.org/ws-sx/ws-trust/200512";> > > > <xs:complexType name="AbstractRequestSecurityTokenType"> > > <xs:sequence> > > <xs:any maxOccurs="unbounded" minOccurs="0" namespace="##any" > processContents="lax"/> > > </xs:sequence> > > <xs:attribute name="Context" type="xs:anyURI" use="optional"/> > > <xs:anyAttribute namespace="##other" processContents="lax"/> > > </xs:complexType> > > > <xs:element name="RequestSecurityToken" > type="wst:AbstractRequestSecurityTokenType"/> > > <xs:element name="RequestSecurityTokenResponse" > type="wst:AbstractRequestSecurityTokenType"/> > > > <xs:element name="RequestSecurityTokenCollection" > type="wst:RequestSecurityTokenCollectionType"/> > > <xs:complexType name="RequestSecurityTokenCollectionType"> > > <xs:sequence> > > <xs:element maxOccurs="unbounded" minOccurs="2" > name="RequestSecurityToken" type="wst:AbstractRequestSecurityTokenType"/> > > </xs:sequence> > > </xs:complexType> > > > <xs:element name="RequestSecurityTokenResponseCollection" > type="wst:RequestSecurityTokenResponseCollectionType"/> > > <xs:complexType name="RequestSecurityTokenResponseCollectionType"> > > <xs:sequence> > > <xs:element maxOccurs="unbounded" minOccurs="1" > ref="wst:RequestSecurityTokenResponse"/> > > </xs:sequence> > > <xs:anyAttribute namespace="##other" processContents="lax"/> > > </xs:complexType> > > > </xs:schema> > </wsdl:types> > <wsdl:message name="RequestSecurityTokenResponseCollectionMsg"> > <wsdl:part element="wst:RequestSecurityTokenResponseCollection" > name="responseCollection"> > </wsdl:part> > </wsdl:message> > <wsdl:message name="RequestSecurityTokenCollectionMsg"> > <wsdl:part element="wst:RequestSecurityTokenCollection" > name="requestCollection"> > </wsdl:part> > </wsdl:message> > <wsdl:message name="RequestSecurityTokenResponseMsg"> > <wsdl:part element="wst:RequestSecurityTokenResponse" name="response"> > </wsdl:part> > </wsdl:message> > <wsdl:message name="RequestSecurityTokenMsg"> > <wsdl:part element="wst:RequestSecurityToken" name="request"> > </wsdl:part> > </wsdl:message> > <wsdl:portType name="STS"> > <wsdl:operation name="Issue"> > <wsdl:input message="wstrust:RequestSecurityTokenMsg" > wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";> > </wsdl:input> > <wsdl:output > message="wstrust:RequestSecurityTokenResponseCollectionMsg" > wsam:Action=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal";> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Validate"> > <wsdl:input message="wstrust:RequestSecurityTokenMsg" > wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate > "> > </wsdl:input> > <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" > wsam:Action=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/ValidateFinal";> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Cancel"> > <wsdl:input message="wstrust:RequestSecurityTokenMsg" > wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel";> > </wsdl:input> > <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" > wsam:Action=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/CancelFinal";> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Renew"> > <wsdl:input message="wstrust:RequestSecurityTokenMsg" > wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew";> > </wsdl:input> > <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" > wsam:Action=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/RenewFinal";> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="KeyExchangeToken"> > <wsdl:input message="wstrust:RequestSecurityTokenMsg" > wsam:Action="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KET";> > </wsdl:input> > <wsdl:output message="wstrust:RequestSecurityTokenResponseMsg" > wsam:Action=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/KETFinal";> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="RequestCollection"> > <wsdl:input message="wstrust:RequestSecurityTokenCollectionMsg"> > </wsdl:input> > <wsdl:output > message="wstrust:RequestSecurityTokenResponseCollectionMsg"> > </wsdl:output> > </wsdl:operation> > </wsdl:portType> > <wsdl:binding name="UT_Binding" type="wstrust:STS"> > <wsp:PolicyReference URI="#UT_policy"/> > <soap:binding style="document" > transport="http://schemas.xmlsoap.org/soap/http"/> > <wsdl:operation name="Issue"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"/> > <wsdl:input> > <wsp:PolicyReference URI="#Input_policy"/> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <wsp:PolicyReference URI="#Output_policy"/> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Validate"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate > "/> > <wsdl:input> > <wsp:PolicyReference URI="#Input_policy"/> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <wsp:PolicyReference URI="#Output_policy"/> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Cancel"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Renew"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="KeyExchangeToken"> > <soap:operation > soapAction=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="RequestCollection"> > <soap:operation > soapAction=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:binding name="X509_Binding" type="wstrust:STS"> > <wsp:PolicyReference URI="#X509_policy"/> > <soap:binding style="document" > transport="http://schemas.xmlsoap.org/soap/http"/> > <wsdl:operation name="Issue"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"/> > <wsdl:input> > <wsp:PolicyReference URI="#Input_policy"/> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <wsp:PolicyReference URI="#Output_policy"/> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Validate"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Validate > "/> > <wsdl:input> > <wsp:PolicyReference URI="#Input_policy"/> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <wsp:PolicyReference URI="#Output_policy"/> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Cancel"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Cancel"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="Renew"> > <soap:operation > soapAction="http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Renew"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="KeyExchangeToken"> > <soap:operation > soapAction=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/KeyExchangeToken"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > <wsdl:operation name="RequestCollection"> > <soap:operation > soapAction=" > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/RequestCollection"/> > <wsdl:input> > <soap:body use="literal"/> > </wsdl:input> > <wsdl:output> > <soap:body use="literal"/> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:service name="SecurityTokenService"> > <wsdl:port binding="wstrust:UT_Binding" name="STS_Port"> > <soap:address location="http://localhost:8080/doubleit-webapp/STS"/> > </wsdl:port> > </wsdl:service> > <wsp:Policy wsu:Id="X509_policy"> > <wsp:ExactlyOne> > <wsp:All> > <wsap10:UsingAddressing/> > <sp:AsymmetricBinding > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "> > <wsp:Policy> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never > "> > <wsp:Policy> > <sp:WssX509V3Token10/> > <sp:RequireIssuerSerialReference/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > <sp:EncryptSignature/> > <sp:OnlySignEntireHeadersAndBody/> > </wsp:Policy> > </sp:AsymmetricBinding> > <sp:Wss11 > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier/> > <sp:MustSupportRefIssuerSerial/> > <sp:MustSupportRefThumbprint/> > <sp:MustSupportRefEncryptedKey/> > </wsp:Policy> > </sp:Wss11> > <sp:Trust13 > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:MustSupportIssuedTokens/> > <sp:RequireClientEntropy/> > <sp:RequireServerEntropy/> > </wsp:Policy> > </sp:Trust13> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="UT_policy"> > <wsp:ExactlyOne> > <wsp:All> > <wsap10:UsingAddressing/> > <sp:SymmetricBinding > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:ProtectionToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never > "> > <wsp:Policy> > <sp:RequireDerivedKeys/> > <sp:RequireThumbprintReference/> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:ProtectionToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Lax/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > <sp:EncryptSignature/> > <sp:OnlySignEntireHeadersAndBody/> > </wsp:Policy> > </sp:SymmetricBinding> > <sp:SignedSupportingTokens > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "> > <wsp:Policy> > <sp:WssUsernameToken10/> > </wsp:Policy> > </sp:UsernameToken> > </wsp:Policy> > </sp:SignedSupportingTokens> > <sp:Wss11 > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier/> > <sp:MustSupportRefIssuerSerial/> > <sp:MustSupportRefThumbprint/> > <sp:MustSupportRefEncryptedKey/> > </wsp:Policy> > </sp:Wss11> > <sp:Trust13 > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:MustSupportIssuedTokens/> > <sp:RequireClientEntropy/> > <sp:RequireServerEntropy/> > </wsp:Policy> > </sp:Trust13> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="Input_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <sp:Body/> > <sp:Header Name="To" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="From" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="FaultTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="ReplyTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="MessageID" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="RelatesTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="Action" > Namespace="http://www.w3.org/2005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <sp:Body/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="Output_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <sp:Body/> > <sp:Header Name="To" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="From" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="FaultTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="ReplyTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="MessageID" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="RelatesTo" > Namespace="http://www.w3.org/2005/08/addressing"/> > <sp:Header Name="Action" > Namespace="http://www.w3.org/2005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <sp:Body/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > </wsdl:definitions></MetadataSection></Metadata></soap:Body></soap:Envelope> > -------------------------------------- > Nov 05, 2015 7:38:35 AM org.apache.cxf.phase.PhaseInterceptorChain > doDefaultLogging > WARNING: Interceptor for > { > http://www.example.org/contract/DoubleIt}DoubleItService#{http://www.example.org/contract/DoubleIt}DoubleIt > has thrown exception, unwinding now > org.apache.cxf.ws.security.trust.TrustException: Exception when trying to > retrieve/process a WSDL via WS-MEX > at > > org.apache.cxf.ws.security.trust.AbstractSTSClient.configureViaEPR(AbstractSTSClient.java:592) > at > > org.apache.cxf.ws.security.trust.STSUtils.getClientWithIssuer(STSUtils.java:153) > at > > org.apache.cxf.ws.security.trust.STSTokenRetriever.issueToken(STSTokenRetriever.java:120) > at > > org.apache.cxf.ws.security.trust.STSTokenRetriever.getToken(STSTokenRetriever.java:58) > at > > org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:132) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) > at com.sun.proxy.$Proxy34.doubleIt(Unknown Source) > at client.DoubleItClient.doubleIt(DoubleItClient.java:24) > at client.DoubleItClient.main(DoubleItClient.java:16) > Caused by: org.apache.cxf.ws.security.trust.TrustException: Cannot match > the > address http://localhost:8080/doubleit-webapp/services/STS to the WSDL > received via WS-MEX > at > > org.apache.cxf.ws.security.trust.AbstractSTSClient.configureViaEPR(AbstractSTSClient.java:582) > ... 14 more > > > > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Mex-returning-wrong-endpoint-for-STS-service-tp5762596.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
