I am trying to get a simple SOAP client working based off a WSDL that has
various policies defined.
- I do not own the service and have no way to modify it.
- Spring is not involved in anyway and will not be.
- Using jaxws-maven-plugin to generate the proxy code. Version 2.4.1
- Using version 3.1.6 of CXF
- Including the following dependencies: cxf-rt-rs-client, cxf-rt-security,
cxf-rt-ws-policy, cxf-rt-ws-security, cxf-rt-frontend-jaxws,
cxf-rt-features-logging
(The JAX-RS client dependency is included because this app will call a REST
service after getting a response from the SOAP service. The JAX-RS stuff is
working fine).
The SOAP message generated by CXF appears to be properly formed. I can
successfully send the exact same message to the service endpoint using cURL and
get the expected response. I can see in the logging that CXF is receiving the
same response as cURL, but then blowing up on:
org.apache.cxf.ws.policy.PolicyVerificationInInterceptor handle SEVERE: Inbound
policy verification failed: These policy alternatives can not be satisfied:
org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not be
satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpBasicAuthentication
The response from the SOAP service does not include the Authorization header.
Is that why this is happening? Why does CXF care about authentication on the
inbound message? My client doesn’t have or require authentication… the service
does.
Stepping through in the debugger shows that the AssertionInfoMap has
ServiceModelPolicyProvider and Wsdl11AttachmentPolicyProvider instances
available, but nothing referring to HTTP Basic Auth. Am I missing a dependency?
Here is my client code
public static void main(String[] args) {
// Get a proxy for the SOAP endpoint. This is generated from their WSDL
file as part of the Maven build.
Zcustomer1 soap = new Zcustomer1();
ZUDSCUSTOMER1 port = soap.getZcustomer1();
LoggingInInterceptor logInbound = new LoggingInInterceptor();
logInbound.setPrettyLogging(true);
LoggingOutInterceptor logOutbound = new LoggingOutInterceptor();
logOutbound.setPrettyLogging(true);
Client cxf = ClientProxy.getClient(port);
cxf.getInInterceptors().add(logInbound);
cxf.getOutInterceptors().add(logOutbound);
// The SOAP service uses HTTP Basic Authentication
Map<String, Object> requestContext = ((BindingProvider)
port).getRequestContext();
requestContext.put(BindingProvider.USERNAME_PROPERTY, "username");
requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password");
// Invoke the SOAP service
String iKUNNR = "foo";
KNA1 response = port.zudsCUSTOMER1(iKUNNR);
}
Here is the WSDL
<?xml version="1.0" encoding="utf-8"?>
<wsdl:definitions targetNamespace="urn:sap-com:document:sap:rfc:functions"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/";
xmlns:wsoap12="http://schemas.xmlsoap.org/wsdl/soap12/";
xmlns:http="http://schemas.xmlsoap.org/wsdl/http/";
xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/";
xmlns:tns="urn:sap-com:document:sap:rfc:functions"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsp:UsingPolicy wsdl:required="true"/>
<wsp:Policy wsu:Id="BN__zcustomer1">
<wsp:ExactlyOne>
<wsp:All>
<wsp:All
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<sp:TransportBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<wsp:Policy>
<sp:HttpBasicAuthentication/>
</wsp:Policy>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
</wsp:All>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema attributeFormDefault="qualified"
targetNamespace="urn:sap-com:document:sap:rfc:functions">
<xsd:simpleType name="char10">
<xsd:restriction base="xsd:string">
<xsd:maxLength value="10"/>
</xsd:restriction>
</xsd:simpleType>
<xsd:complexType name="KNA1">
<xsd:sequence>
<xsd:element name="KUNNR"
type="tns:char10"/>
</xsd:sequence>
</xsd:complexType>
<xsd:element name="ZUDS_CUSTOMER1">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="I_KUNNR"
type="tns:char10"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="ZUDS_CUSTOMER1Response">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="O_KNA1"
type="tns:KNA1"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ZUDS_CUSTOMER1">
<wsdl:part name="parameters" element="tns:ZUDS_CUSTOMER1"/>
</wsdl:message>
<wsdl:message name="ZUDS_CUSTOMER1Response">
<wsdl:part name="parameter"
element="tns:ZUDS_CUSTOMER1Response"/>
</wsdl:message>
<wsdl:portType name="ZUDS_CUSTOMER1">
<wsdl:operation name="ZUDS_CUSTOMER1">
<wsdl:input message="tns:ZUDS_CUSTOMER1"/>
<wsdl:output message="tns:ZUDS_CUSTOMER1Response"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="zcustomer1" type="tns:ZUDS_CUSTOMER1">
<wsp:Policy>
<wsp:PolicyReference URI="#BN__zcustomer1"/>
</wsp:Policy>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http";
style="document"/>
<wsdl:operation name="ZUDS_CUSTOMER1">
<soap:operation
soapAction="urn:sap-com:document:sap:rfc:functions:ZUDS_CUSTOMER1:ZUDS_CUSTOMER1Request"
style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="zcustomer1">
<wsdl:port name="zcustomer1" binding="tns:zcustomer1">
<soap:address location="http://0.0.0.0/zcustomer1"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
