Re: Unable to see SOAP headers while using UsernameToken assertion

Thu, 25 Feb 2016 02:10:09 -0800 

It looks like you are using the wrong namespace for "sp". It should be:

xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";

whereas from the error above it appears that you are using "
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802";.

Colm.

On Thu, Feb 25, 2016 at 4:07 AM, Giriraj Bhojak <[email protected]> wrote:

> Hi,
>
> I have been trying to use UsernameToken WS-SecurityPolicy assertion, but I
> do not see the SOAP headers in the payload.
> Hence I keep getting the following exception on the server side:
>
> org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not
> be satisfied:
>
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}SupportingTokens
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}UsernameToken
>          at
>
> org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:179)
> I am using CXF 2.7.11 and following are the relevant client side
> configurations.
>
> Spring config has following entries:
>
>             <cxf:bus>
>
>             <cxf:features>
>
>                    <p:policies/>
>
>                </cxf:features>
>
>            </cxf:bus>
>
>      <jaxws:client id="endpoint"
>    serviceClass="com.company.EndpointClassName"
>
>        </jaxws:client>
>
> WSDL refers to policy as follows:
>
>            <wsp:Policy wsu:Id="DoubleItPlaintextPolicy">
>       <sp:SupportingTokens>
>
>           <wsp:Policy>                      <sp:UsernameToken
> sp:IncludeToken="
>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
> ">
>
>                        <wsp:Policy/>
>                    </sp:UsernameToken>
>                 </wsp:Policy>
>
>             </sp:SupportingTokens>
>       </wsp:Policy>
> ….
>
>      <wsdl:binding name="xyz_Binding" type="tns:XYZ_PortType">
>            <wsp:PolicyReference URI="#DoubleItPlaintextPolicy"/>
>
> ...
>
> The client has cxf-rt-ws-security and cxf-rt-ws-policy dependencies in the
> classpath.
>
> I am using cxf-codegen-plugin to generate the source classes using the
> WSDL. The serviceClass attribute of jaxws:client element above points to
> the generated endpoint interface.
>
> I am unable to get to the root cause of why SOAP headers are absent in the
> request, could someone please help me with it?
>
> Thanks,
> Giriraj.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to