Thanks Colm, I changed the namespace to the one you mentioned. Now I am
getting similar error, though the stack trace has the class referring to
200702.
org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not
be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SupportingTokens
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken
at
org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:179)
at
org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
at
org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:44)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
Here are the relevant declarations from my files:
WSDL:
<wsdl:definitions xmlns:http="http://schemas.xmlsoap.org/wsdl/http/";
xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
xmlns:wsoap12="http://schemas.xmlsoap.org/wsdl/soap12/";
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
xmlns:wsp="http://www.w3.org/ns/ws-policy";
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";
xmlns:wsam="http://www.w3.org/2007/02/addressing/metadata";
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
xmlns:xs="http://www.w3.org/2001/XMLSchema";>
<wsdl:binding name="XYZ_Binding"type="tns:XYZ_PortType">
<wsp:PolicyReferenceURI="#DoubleItPlaintextPolicy"/>
………
</wsdl:binding>
<wsp:Policy wsu:Id="DoubleItPlaintextPolicy">
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
">
<wsp:Policy />
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>
Spring config:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:jaxws="http://cxf.apache.org/jaxws";
xmlns:util="http://www.springframework.org/schema/util";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:cxf="http://cxf.apache.org/core";
xmlns:p="http://cxf.apache.org/policy";
xsi:schemaLocation="
http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
http://www.springframework.org/schema/utilhttp://www.springframework.org/schema/util/spring-util.xsd
">
<jaxws:client id="Endpoint"
serviceClass="com.company.Endpoint”
<jaxws:outInterceptors>
<bean id="xyzInterceptor" class="xyz" />
</jaxws:outInterceptors>
</jaxws:client>
<cxf:bus>
<cxf:features>
<p:policies />
</cxf:features>
<cxf:inInterceptors>
<ref bean="logInbound" />
</cxf:inInterceptors>
<cxf:outInterceptors>
<ref bean="logOutbound" />
</cxf:outInterceptors>
</cxf:bus>
Client side Java code:
bindingProvider.getRequestContext().put(SecurityConstants.USERNAME,
user);
bindingProvider.getRequestContext().put(SecurityConstants.PASSWORD, password);
sendRequest();
Would you be able to tell me if I am missing any config or if I am using
the CXF guidelines plain wrong?
Thanks,
Giriraj
On Feb 25, 2016 5:09 AM, "Colm O hEigeartaigh" <[email protected]> wrote:
> It looks like you are using the wrong namespace for "sp". It should be:
>
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";
>
> whereas from the error above it appears that you are using "
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802";.
>
> Colm.
>
> On Thu, Feb 25, 2016 at 4:07 AM, Giriraj Bhojak <[email protected]>
> wrote:
>
> > Hi,
> >
> > I have been trying to use UsernameToken WS-SecurityPolicy assertion, but
> I
> > do not see the SOAP headers in the payload.
> > Hence I keep getting the following exception on the server side:
> >
> > org.apache.cxf.ws.policy.PolicyException: These policy alternatives can
> not
> > be satisfied:
> >
> > {
> >
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}SupportingTokens
> > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802}UsernameToken
> > at
> >
> >
> org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:179)
> > I am using CXF 2.7.11 and following are the relevant client side
> > configurations.
> >
> > Spring config has following entries:
> >
> > <cxf:bus>
> >
> > <cxf:features>
> >
> > <p:policies/>
> >
> > </cxf:features>
> >
> > </cxf:bus>
> >
> > <jaxws:client id="endpoint"
> > serviceClass="com.company.EndpointClassName"
> >
> > </jaxws:client>
> >
> > WSDL refers to policy as follows:
> >
> > <wsp:Policy wsu:Id="DoubleItPlaintextPolicy">
> > <sp:SupportingTokens>
> >
> > <wsp:Policy> <sp:UsernameToken
> > sp:IncludeToken="
> >
> >
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
> > ">
> >
> > <wsp:Policy/>
> > </sp:UsernameToken>
> > </wsp:Policy>
> >
> > </sp:SupportingTokens>
> > </wsp:Policy>
> > ….
> >
> > <wsdl:binding name="xyz_Binding" type="tns:XYZ_PortType">
> > <wsp:PolicyReference URI="#DoubleItPlaintextPolicy"/>
> >
> > ...
> >
> > The client has cxf-rt-ws-security and cxf-rt-ws-policy dependencies in
> the
> > classpath.
> >
> > I am using cxf-codegen-plugin to generate the source classes using the
> > WSDL. The serviceClass attribute of jaxws:client element above points to
> > the generated endpoint interface.
> >
> > I am unable to get to the root cause of why SOAP headers are absent in
> the
> > request, could someone please help me with it?
> >
> > Thanks,
> > Giriraj.
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
