axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanka Samaranayake" <ssa...@gmail.com>
Subject Re: org.apache.axis2.AxisFault: Did not understand "MustUnderstand" header(s):
Date Wed, 23 Jul 2008 09:43:45 GMT
Usually this can happen when,

a) Rampart is not engaged to your service

b) A security policy is not attached to the service.
-- Check whether the WSDL of the service is showing the any security policy
expressions attached to the service.
-- Make sure that you are sending the request the service URL which is shown
by the WSDL of the service.

Sanka

On Wed, Jul 23, 2008 at 2:22 PM, Dini Omar <ziggy25@gmail.com> wrote:

> Hi,
>
> Here are the Request and Response messages generated. I am using Axis2 1.3
> and Rampart 1.3 to sign the message.
>
> Request
>
> <?xml version='1.0' encoding='UTF-8'?>
>    <soapenv:Envelope xmlns:soapenv="
> http://schemas.xmlsoap.org/soap/envelope/">
>       <soapenv:Header>
>          <wsse:Security xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
>             <wsse:BinarySecurityToken xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> wsu:Id="CertId-14049044">MIIEIzCCAwugAwIBAgIQKBcRuMVQHCyOQFpgJ/AVTDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJJRTEeMBwGA1UEChMVUmV2ZW51ZSBDb21taXNzaW9uZXJzMSAwHgYDVQQLExdSZXZlbnVlIE9uLUxpbmUgU2VydmljZTEXMBUGA1UEAxMOUk9TIFRlc3QgU3ViQ0EwHhcNMDcwNTE0MTA1NDI0WhcNMDkwNTEzMTA1NDI0WjBcMRYwFAYDVQQDEw1BRE1JTklTVFJBVE9SMRMwEQYDVQQLEwoxMTI0MzY0NTgwMSAwHgYDVQQKExdNQUMgQ09STUFDIFBST0RVQ1RTIExURDELMAkGA1UEBhMCSUUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMnP9snCBWYnJddSIbvoV1flYUg2EoEDJvisJWVrTrnRoWmViGmQnCpUYN0sRI9JOmB496FpbS/eQnyYrYb1HECag9Cub1MxptjtTKU1fgEk7L94qxkKcaFXWPqCFrZxSJ0tjRvioxEK7Dl12ohWqhnzky/FnCN50Ph1yzFNUYf5AgMBAAGjggFXMIIBUzAfBgNVHSMEGDAWgBR+mBL7lCDBGWGvXOU+g+5GKQuVOzCCAQ8GA1UdIASCAQYwggECMIH/BgsqgnS76CMBAQEBATCB7zAaBggrBgEFBQcCARYOd3d3LnJldmVudWUuaWUwgdAGCCsGAQUFBwICMIHDGoHAQ2VydGlmaWNhdGVzIGlzc3VlZCB1bmRlciB0aGlzIENQIGFyZSBxdWFsaWZpZWQgY2VydGlmaWNhdGVzIHVuZGVyIHRoZSBFbGVjdHJvbmljIENvbW1lcmNlIEFjdCAyMDAwIGZvciB1c2UgYnkgQXBwcm92ZWQgb3IgQXV0aG9yaXNlZCBwZXJzb25zIG9ubHkgdG8gY29tbXVuaWNhdGUgd2l0aCB0aGUgUmV2ZW51ZSBDb21taXNzaW9uZXJzMB0GA1UdDgQWBBQOVM9oyrEPJYNJYX4c7do0xGBSrzANBgkqhkiG9w0BAQUFAAOCAQEACwlt8PIPllCV6HQta/AIKp7HuUIpykjPK3f5ND0B9NQc/3IBZ1Uoyd/j7t1B8adw69niZ71ODxFB7smxsx3W0b+oBEt0q8rL+/3D6rw8PszUvPuqV7XC0btCzUTtDvCw6kufsIimC4XsKluugIN+fuNfMlUQ1tGu3nlJLjXHjmlh9fXu+9SDm6YUwBFo/cJxjSvaksZd19n2NzUcIB5QszBgpsgEVOTr6fYl0ne+btdO9sNWYvjbyVeN11b5MrzqSj2imvrvl9vD9BPcFAcnAuVauM1B/oIvZPANF2LNItfWupTt62wD5YdMaEbi9oXPnc+rLtk3fkgAPJ9EDCM77g==</wsse:BinarySecurityToken>
>             <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> Id="Signature-6961504">
>                <ds:SignedInfo>
>                   <ds:CanonicalizationMethod Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#" />
>                   <ds:SignatureMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>                   <ds:Reference URI="#Id-32816375">
>                      <ds:Transforms>
>                         <ds:Transform Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#" />
>                      </ds:Transforms>
>                      <ds:DigestMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>3viBbKKdsUxEZiuXaXOminAbf/s=</ds:DigestValue>
>                   </ds:Reference>
>                </ds:SignedInfo>
>
> <ds:SignatureValue>T+Mnk2IKaktcj3pHumnlUsFEJHG/SlWa6bWfsImi0+JuoyGR1qPkIEFxemrjx6g7KbkqvGSMwq0IQIo8L4nB4xva19WCGGm54XB5FE5Vhej3WXFS3JE4IreC8wMVZAKppfOGECB063QcksrMVMFioHDCuUOFiTfbLM1f/eReoxg=</ds:SignatureValue>
>                <ds:KeyInfo Id="KeyId-31248093">
>                   <wsse:SecurityTokenReference xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-26285376">
>                      <wsse:Reference URI="#CertId-14049044" ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> />
>                   </wsse:SecurityTokenReference>
>                </ds:KeyInfo>
>             </ds:Signature>
>          </wsse:Security>
>       </soapenv:Header>
>       <soapenv:Body xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Id-32816375">
>          <s4:EdiCustomsDeclaration xmlns:s4="
> http://www.ros.ie/schemas/customs/edisad/v1
> ">&lt;![CDATA[adsfdsfdasfadsdasfdfdasffdasfdsfdasf&#xd;]]&gt;</s4:EdiCustomsDeclaration>
>       </soapenv:Body>
>    </soapenv:Envelope>
>
> Response
>
> <?xml version='1.0' encoding='UTF-8'?>
>    <soapenv:Envelope xmlns:soapenv="
> http://schemas.xmlsoap.org/soap/envelope/">
>       <soapenv:Body>
>          <soapenv:Fault>
>             <faultcode>soapenv:MustUnderstand</faultcode>
>             <faultstring>Must Understand check failed for header
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd: Security</faultstring>
>             <detail />
>          </soapenv:Fault>
>       </soapenv:Body>
>    </soapenv:Envelope>
>
>
>
>
>
> On Wed, Jul 23, 2008 at 4:49 AM, Sanka Samaranayake <ssanka@gmail.com>
> wrote:
>
>> Can you post the request / response SOAP messages ?
>>
>> Sanka
>>
>>
>>
>> On Tue, Jul 22, 2008 at 6:52 PM, Dini Omar <ziggy25@gmail.com> wrote:
>>
>>> Does anyone konw how i can resolve this error?
>>>
>>> Thanks in advance..
>>>
>>> org.apache.axis2.AxisFault: Did not understand "MustUnderstand"
>>> header(s):
>>>      at
>>> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)
>>>      at
>>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)
>>>      at
>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)
>>>      at
>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
>>>      at
>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>>>      at
>>> ie.ros.www.schemas.customs.service.sadfile.client.SadFileStub.SadEdifactFile(SadFileStub.java:169)
>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.readFiles(ToDHLCli.java:411)
>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.run(ToDHLCli.java:197)
>>>
>>> Here is my configuration
>>>
>>> <wsp:Policy wsu:Id="SigOnly"
>>> xmlns:wsu="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>
>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>>     <wsp:ExactlyOne>
>>>         <wsp:All>
>>>             <sp:AsymmetricBinding xmlns:sp="
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>                 <wsp:Policy>
>>>                     <sp:InitiatorToken>
>>>                         <wsp:Policy>
>>>                             <sp:X509Token sp:IncludeToken="
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
>>> ">
>>>                                 <wsp:Policy>
>>>                                     <sp:WssX509V3Token10/>
>>>                                 </wsp:Policy>
>>>                             </sp:X509Token>
>>>                         </wsp:Policy>
>>>                     </sp:InitiatorToken>
>>>                     <sp:RecipientToken>
>>>                         <wsp:Policy>
>>>                             <sp:X509Token sp:IncludeToken="
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never
>>> ">
>>>                                 <wsp:Policy>
>>>                                     <sp:WssX509V3Token10/>
>>>                                 </wsp:Policy>
>>>                             </sp:X509Token>
>>>                         </wsp:Policy>webservices.soap.aep.signed.stub
>>>                     </sp:RecipientToken>
>>>                     <sp:AlgorithmSuite>
>>>                         <wsp:Policy>
>>>                             <sp:TripleDesRsa15/>
>>>                         </wsp:Policy>
>>>                     </sp:AlgorithmSuite>
>>>                     <sp:Layout>
>>>                         <wsp:Policy>
>>>                             <sp:Strict/>
>>>                         </wsp:Policy>
>>>                     </sp:Layout>
>>>                     <sp:OnlySignEntireHeadersAndBody/>
>>>                 </wsp:Policy>
>>>             </sp:AsymmetricBinding>
>>>             <sp:Wss10 xmlns:sp="
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>                 <wsp:Policy>
>>>                     <sp:MustSupportRefKeyIdentifier/>
>>>                     <sp:MustSupportRefIssuerSerial/>
>>>                 </wsp:Policy>
>>>             </sp:Wss10>
>>>             <sp:SignedParts xmlns:sp="
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>                 <sp:Body/>
>>>             </sp:SignedParts>
>>>
>>>             <ramp:RampartConfig xmlns:ramp="
>>> http://ws.apache.org/rampart/policy">
>>>                 <ramp:user>257804</ramp:user>
>>>                 <ramp:encryptionUser>service</ramp:encryptionUser>
>>>
>>> <ramp:passwordCallbackClass>ie.ros.www.schemas.customs.service.sadfile.client.PWCBHandler</ramp:passwordCallbackClass>
>>>                 <ramp:signatureCrypto>
>>>                     <ramp:crypto
>>> provider="org.apache.ws.security.components.crypto.Merlin">
>>>                         <ramp:property
>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
>>>                         <ramp:property
>>> name="org.apache.ws.security.crypto.merlin.file">C:\Documents and
>>> Settings\702723344\My
>>> Documents\alp.workspace\eclipse.workspace\alp.ccs21.webservice.soapgw\keystore\newstore.jks</ramp:property>
>>>                         <ramp:property
>>> name="org.apache.ws.security.crypto.merlin.keystore.password">newpass</ramp:property>
>>>                     </ramp:crypto>
>>>                 </ramp:signatureCrypto>
>>>             </ramp:RampartConfig>
>>>         </wsp:All>
>>>     </wsp:ExactlyOne>
>>> </wsp:Policy>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Sanka Samaranayake
>> WSO2 Inc.
>>
>> http://sankas.blogspot.com/
>> http://www.wso2.org/
>>
>
>


-- 
Sanka Samaranayake
WSO2 Inc.

http://sankas.blogspot.com/
http://www.wso2.org/

Mime
View raw message