It's not enough to have a "SignedParts" policy in the WSDL, you also need a security binding policy so that CXF knows how to sign the request.
Colm. On Fri, Mar 11, 2016 at 2:34 PM, chmokbel <[email protected]> wrote: > I'm trying to use a webservice at > https://ws.conf.ebs.health.gov.on.ca:1441/EDTService/EDTService?wsdl > > The first "Invalid Policy" error i got was caused by requiredParts headers > with empty namespace. I modified the RequiredPartsBuilder.java to ignore > this error. > > Then i got the following error, which i'm not sure how to handle: > > Mar 11, 2016 9:29:23 AM > org.apache.cxf.wsdl.service.factory.ReflectionServiceFactoryBean > buildServiceFromWSDL > INFO: Creating Service {http://edt.health.ontario.ca/}EDTService from > WSDL: > https://ws.conf.ebs.health.gov.on.ca:1441/EDTService/EDTService?wsdl > Mar 11, 2016 9:29:24 AM > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor > handleMessage > SEVERE: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > assertion cannot be fulfilled without binding. At least one binding > assertion (TransportBinding, AsymmetricBinding, SymmetricBinding) must be > specified in policy. > Mar 11, 2016 9:29:24 AM org.apache.cxf.phase.PhaseInterceptorChain > doDefaultLogging > WARNING: Interceptor for > { > http://edt.health.ontario.ca/}EDTService#{http://edt.health.ontario.ca/}getTypeList > has thrown exception, unwinding now > org.apache.cxf.ws.policy.PolicyException: Assertion of type > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > could > not be asserted: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > assertion cannot be fulfilled without binding. At least one binding > assertion (TransportBinding, AsymmetricBinding, SymmetricBinding) must be > specified in policy. > at > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor.handleMessage(SecurityVerificationOutInterceptor.java:72) > at > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor.handleMessage(SecurityVerificationOutInterceptor.java:72) > at > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor.handleMessage(SecurityVerificationOutInterceptor.java:40) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) > at com.sun.proxy.$Proxy41.getTypeList(Unknown Source) > at com.pointofviewsoftware.ohip.OHIP.main(OHIP.java:248) > > Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Assertion > of type > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > could > not be asserted: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > assertion cannot be fulfilled without binding. At least one binding > assertion (TransportBinding, AsymmetricBinding, SymmetricBinding) must be > specified in policy. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:161) > at com.sun.proxy.$Proxy41.getTypeList(Unknown Source) > at com.pointofviewsoftware.ohip.OHIP.main(OHIP.java:248) > Caused by: org.apache.cxf.ws.policy.PolicyException: Assertion of type > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > could > not be asserted: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts > assertion cannot be fulfilled without binding. At least one binding > assertion (TransportBinding, AsymmetricBinding, SymmetricBinding) must be > specified in policy. > at > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor.handleMessage(SecurityVerificationOutInterceptor.java:72) > at > > org.apache.cxf.ws.security.policy.interceptors.SecurityVerificationOutInterceptor.handleMessage(SecurityVerificationOutInterceptor.java:40) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) > ... 2 more > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/SignedParts-assertion-cannot-be-fulfilled-without-binding-tp5766838.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
