RE: Did not understand "MustUnderstand" header(s):

Fri, 28 Apr 2006 06:38:06 -0700

You mean to say the third party’s NCESClientHandler does include WSDoAllSender handler?

 

Vignesh.

 

From: Julie McCabe [mailto:[EMAIL PROTECTED]
Sent: Friday, April 28, 2006 8:23 AM
To: [email protected]
Subject: Did not understand "MustUnderstand" header(s):

 

Hello,

I am using WS-Security Headers through a third-party handler which uses wss4j.  I am trying to make a first attempt to call a service, I get the following error:

Did not understand "MustUnderstand" header(s):
        at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)
        at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
        at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
        at org.apache.axis.client.Call.invoke(Call.java:2710)
        at org.apache.axis.client.Call.invoke(Call.java:2386)
        at org.apache.axis.client.Call.invoke(Call.java:2309)
        at org.apache.axis.client.Call.invoke(Call.java:1766)
        at SecureOperation.Call(SecureOperation.java:182)
        at Client.main(Client.java:85)

I invoke the client with the following properties set:
 -Djava.endorsed.dirs=$CATALINA_HOME/common/endorsed  -Daxis.ClientConfigFile=$CATALINA_HOME/bin/client-config.wsdd

The client-config.wsdd is as follows:
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java=" http://xml.apache.org/axis/wsdd/providers/java ">
    <globalConfiguration>
        <parameter name="adminPassword" value="admin"/>
        <parameter name="sendXsiTypes" value="false"/>
        <parameter name="sendMultiRefs" value="false"/>
        <parameter name="sendXMLDeclaration" value="false"/>

        <parameter name="axis.sendMinimizedElements" value="true"/>
        <parameter name="defaultRequestMessageClassification" value="UNCLASSIFIED"/>

        <requestFlow>
            <handler type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
                <!-- Set the mustUnderstand attribute of the WSS Security element to true?  Default, if not present, is false. -->
                <parameter name="mustUnderstandWSSHeader" value="true"/>
                <!-- Set the mustUnderstand attribute of the WS-Addressing MessageID element to true?  Default, if not present, is false. -->
                <parameter name="mustUnderstandMessageID" value="false"/>
            </handler>
        </requestFlow>
        <responseFlow>
            <handler type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
                <parameter name="disableCertificateStatusChecking" value="true"/>
            </handler>
        </responseFlow>
    </globalConfiguration>

    <transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender"/>
    <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
    <transport name="local" pivot="java:org.apache.axis.transport.local.LocalSender"/>
</deployment>


The service has the following in its server-config.wsdd
<service name="examples/core/factory/SimpleService" provider="Handler" use="literal" style="document">
        <parameter name="className" value="uk.ac.qub.prism.factory.impl.SimpleService"/>
        <wsdlFile>share/schema/uk/ac/qub/prism/factory/schema/Simple_service.wsdl</wsdlFile>
        <parameter name="allowedMethods" value="*"/>
        <parameter name="handlerClass" value="org.globus.axis.providers.RPCProvider"/>
        <parameter name="scope" value="Application"/>
        <parameter name="loadOnStartup" value="true"/>
        <parameter name="allowedRoles" value="INTEL ANALYST"/>
        <parameter name="defaultResponseMessageClassification" value="UNCLASSIFIED"/>
        <parameter name="serviceQName" value="http://localhost:8080/wsrf/services/examples/core/factory/SimpleService#SimpleService "/>
    </service>

I searched this mailing list and could not find anything conclusive, I read from an IBM websphere mailing list that:

"interface doesn't have an actor parameter available to define

the root

actor/role to associate with the header URL parameter. As a

result a

binding isn't being made which the semantic checking code,




activated by

the mustUnderstand flag, uses to determine if the soap header is

understood by the client. If using the deployment descriptor to

register

a handler statically, this actor/role is defined by the




<soap-role>

child element of the <handler> definition block. This limitation

in the

specifications for HandlerInfo causes the inability of

mustUnderstand to"

work when using dynamic handler registration.
 






which kind of makes sense but I dont know what the implication for the
configuration are, I would really apprecipate some help on this matter as ive
been stuck on this matter for some time now.



Environment: Java 1.4.2_04-b05, tomcat 4.1.30, fc 5.





Many thanks,

Julie.

Reply via email to