I forgot to mention that I am setting ws-security.username and ws-security.password programmatically onto BindingProvider.
Thanks, Giriraj On Feb 24, 2016 11:07 PM, "Giriraj Bhojak" <[email protected]> wrote: > Hi, > > I have been trying to use UsernameToken WS-SecurityPolicy assertion, but I > do not see the SOAP headers in the payload. > Hence I keep getting the following exception on the server side: > > org.apache.cxf.ws.policy.PolicyException: These policy alternatives can > not be satisfied: > > { > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}SupportingTokens > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}UsernameToken > at > org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:179) > I am using CXF 2.7.11 and following are the relevant client side > configurations. > > Spring config has following entries: > > <cxf:bus> > > <cxf:features> > > <p:policies/> > > </cxf:features> > > </cxf:bus> > > <jaxws:client id="endpoint" > serviceClass="com.company.EndpointClassName" > > </jaxws:client> > > WSDL refers to policy as follows: > > <wsp:Policy wsu:Id="DoubleItPlaintextPolicy"> > <sp:SupportingTokens> > > <wsp:Policy> <sp:UsernameToken > sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > "> > > <wsp:Policy/> > </sp:UsernameToken> > </wsp:Policy> > > </sp:SupportingTokens> > </wsp:Policy> > …. > > <wsdl:binding name="xyz_Binding" type="tns:XYZ_PortType"> > <wsp:PolicyReference URI="#DoubleItPlaintextPolicy"/> > > ... > > The client has cxf-rt-ws-security and cxf-rt-ws-policy dependencies in the > classpath. > > I am using cxf-codegen-plugin to generate the source classes using the > WSDL. The serviceClass attribute of jaxws:client element above points to > the generated endpoint interface. > > I am unable to get to the root cause of why SOAP headers are absent in the > request, could someone please help me with it? > > Thanks, > Giriraj. >
