axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dini Omar" <zigg...@gmail.com>
Subject Re: org.apache.axis2.AxisFault: Did not understand "MustUnderstand" header(s):
Date Wed, 23 Jul 2008 12:00:30 GMT
Hi,

Rampart is engaged on the client side. it looks like if i include the
addresssing-1.3.mar module and engage it it seems to work and doesnt
generate the "Did not understand mustUnderstand" error.  Why do i need this
addressing module?

I still cant set the mustUnderstand value to 0. Is there a way to set it to
0?



On Wed, Jul 23, 2008 at 10:43 AM, Sanka Samaranayake <ssanka@gmail.com>
wrote:

> Usually this can happen when,
>
> a) Rampart is not engaged to your service
>
> b) A security policy is not attached to the service.
> -- Check whether the WSDL of the service is showing the any security policy
> expressions attached to the service.
> -- Make sure that you are sending the request the service URL which is
> shown by the WSDL of the service.
>
> Sanka
>
>
> On Wed, Jul 23, 2008 at 2:22 PM, Dini Omar <ziggy25@gmail.com> wrote:
>
>> Hi,
>>
>> Here are the Request and Response messages generated. I am using Axis2 1.3
>> and Rampart 1.3 to sign the message.
>>
>> Request
>>
>> <?xml version='1.0' encoding='UTF-8'?>
>>    <soapenv:Envelope xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/">
>>       <soapenv:Header>
>>          <wsse:Security xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> soapenv:mustUnderstand="1">
>>             <wsse:BinarySecurityToken xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> EncodingType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>> ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> wsu:Id="CertId-14049044">MIIEIzCCAwugAwIBAgIQKBcRuMVQHCyOQFpgJ/AVTDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJJRTEeMBwGA1UEChMVUmV2ZW51ZSBDb21taXNzaW9uZXJzMSAwHgYDVQQLExdSZXZlbnVlIE9uLUxpbmUgU2VydmljZTEXMBUGA1UEAxMOUk9TIFRlc3QgU3ViQ0EwHhcNMDcwNTE0MTA1NDI0WhcNMDkwNTEzMTA1NDI0WjBcMRYwFAYDVQQDEw1BRE1JTklTVFJBVE9SMRMwEQYDVQQLEwoxMTI0MzY0NTgwMSAwHgYDVQQKExdNQUMgQ09STUFDIFBST0RVQ1RTIExURDELMAkGA1UEBhMCSUUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMnP9snCBWYnJddSIbvoV1flYUg2EoEDJvisJWVrTrnRoWmViGmQnCpUYN0sRI9JOmB496FpbS/eQnyYrYb1HECag9Cub1MxptjtTKU1fgEk7L94qxkKcaFXWPqCFrZxSJ0tjRvioxEK7Dl12ohWqhnzky/FnCN50Ph1yzFNUYf5AgMBAAGjggFXMIIBUzAfBgNVHSMEGDAWgBR+mBL7lCDBGWGvXOU+g+5GKQuVOzCCAQ8GA1UdIASCAQYwggECMIH/BgsqgnS76CMBAQEBATCB7zAaBggrBgEFBQcCARYOd3d3LnJldmVudWUuaWUwgdAGCCsGAQUFBwICMIHDGoHAQ2VydGlmaWNhdGVzIGlzc3VlZCB1bmRlciB0aGlzIENQIGFyZSBxdWFsaWZpZWQgY2VydGlmaWNhdGVzIHVuZGVyIHRoZSBFbGVjdHJvbmljIENvbW1lcmNlIEFjdCAyMDAwIGZvciB1c2UgYnkgQXBwcm92ZWQgb3IgQXV0aG9yaXNlZCBwZXJzb25zIG9ubHkgdG8gY29tbXVuaWNhdGUgd2l0aCB0aGUgUmV2ZW51ZSBDb21taXNzaW9uZXJzMB0GA1UdDgQWBBQOVM9oyrEPJYNJYX4c7do0xGBSrzANBgkqhkiG9w0BAQUFAAOCAQEACwlt8PIPllCV6HQta/AIKp7HuUIpykjPK3f5ND0B9NQc/3IBZ1Uoyd/j7t1B8adw69niZ71ODxFB7smxsx3W0b+oBEt0q8rL+/3D6rw8PszUvPuqV7XC0btCzUTtDvCw6kufsIimC4XsKluugIN+fuNfMlUQ1tGu3nlJLjXHjmlh9fXu+9SDm6YUwBFo/cJxjSvaksZd19n2NzUcIB5QszBgpsgEVOTr6fYl0ne+btdO9sNWYvjbyVeN11b5MrzqSj2imvrvl9vD9BPcFAcnAuVauM1B/oIvZPANF2LNItfWupTt62wD5YdMaEbi9oXPnc+rLtk3fkgAPJ9EDCM77g==</wsse:BinarySecurityToken>
>>             <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>> Id="Signature-6961504">
>>                <ds:SignedInfo>
>>                   <ds:CanonicalizationMethod Algorithm="
>> http://www.w3.org/2001/10/xml-exc-c14n#" />
>>                   <ds:SignatureMethod Algorithm="
>> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>>                   <ds:Reference URI="#Id-32816375">
>>                      <ds:Transforms>
>>                         <ds:Transform Algorithm="
>> http://www.w3.org/2001/10/xml-exc-c14n#" />
>>                      </ds:Transforms>
>>                      <ds:DigestMethod Algorithm="
>> http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>3viBbKKdsUxEZiuXaXOminAbf/s=</ds:DigestValue>
>>                   </ds:Reference>
>>                </ds:SignedInfo>
>>
>> <ds:SignatureValue>T+Mnk2IKaktcj3pHumnlUsFEJHG/SlWa6bWfsImi0+JuoyGR1qPkIEFxemrjx6g7KbkqvGSMwq0IQIo8L4nB4xva19WCGGm54XB5FE5Vhej3WXFS3JE4IreC8wMVZAKppfOGECB063QcksrMVMFioHDCuUOFiTfbLM1f/eReoxg=</ds:SignatureValue>
>>                <ds:KeyInfo Id="KeyId-31248093">
>>                   <wsse:SecurityTokenReference xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> wsu:Id="STRId-26285376">
>>                      <wsse:Reference URI="#CertId-14049044" ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> />
>>                   </wsse:SecurityTokenReference>
>>                </ds:KeyInfo>
>>             </ds:Signature>
>>          </wsse:Security>
>>       </soapenv:Header>
>>       <soapenv:Body xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> wsu:Id="Id-32816375">
>>          <s4:EdiCustomsDeclaration xmlns:s4="
>> http://www.ros.ie/schemas/customs/edisad/v1
>> ">&lt;![CDATA[adsfdsfdasfadsdasfdfdasffdasfdsfdasf&#xd;]]&gt;</s4:EdiCustomsDeclaration>
>>       </soapenv:Body>
>>    </soapenv:Envelope>
>>
>> Response
>>
>> <?xml version='1.0' encoding='UTF-8'?>
>>    <soapenv:Envelope xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/">
>>       <soapenv:Body>
>>          <soapenv:Fault>
>>             <faultcode>soapenv:MustUnderstand</faultcode>
>>             <faultstring>Must Understand check failed for header
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:
Security</faultstring>
>>             <detail />
>>          </soapenv:Fault>
>>       </soapenv:Body>
>>    </soapenv:Envelope>
>>
>>
>>
>>
>>
>> On Wed, Jul 23, 2008 at 4:49 AM, Sanka Samaranayake <ssanka@gmail.com>
>> wrote:
>>
>>> Can you post the request / response SOAP messages ?
>>>
>>> Sanka
>>>
>>>
>>>
>>> On Tue, Jul 22, 2008 at 6:52 PM, Dini Omar <ziggy25@gmail.com> wrote:
>>>
>>>> Does anyone konw how i can resolve this error?
>>>>
>>>> Thanks in advance..
>>>>
>>>> org.apache.axis2.AxisFault: Did not understand "MustUnderstand"
>>>> header(s):
>>>>      at
>>>> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)
>>>>      at
>>>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)
>>>>      at
>>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)
>>>>      at
>>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
>>>>      at
>>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>>>>      at
>>>> ie.ros.www.schemas.customs.service.sadfile.client.SadFileStub.SadEdifactFile(SadFileStub.java:169)
>>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.readFiles(ToDHLCli.java:411)
>>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.run(ToDHLCli.java:197)
>>>>
>>>> Here is my configuration
>>>>
>>>> <wsp:Policy wsu:Id="SigOnly"
>>>> xmlns:wsu="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>>
>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>>>     <wsp:ExactlyOne>
>>>>         <wsp:All>
>>>>             <sp:AsymmetricBinding xmlns:sp="
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>                 <wsp:Policy>
>>>>                     <sp:InitiatorToken>
>>>>                         <wsp:Policy>
>>>>                             <sp:X509Token sp:IncludeToken="
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
>>>> ">
>>>>                                 <wsp:Policy>
>>>>                                     <sp:WssX509V3Token10/>
>>>>                                 </wsp:Policy>
>>>>                             </sp:X509Token>
>>>>                         </wsp:Policy>
>>>>                     </sp:InitiatorToken>
>>>>                     <sp:RecipientToken>
>>>>                         <wsp:Policy>
>>>>                             <sp:X509Token sp:IncludeToken="
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never
>>>> ">
>>>>                                 <wsp:Policy>
>>>>                                     <sp:WssX509V3Token10/>
>>>>                                 </wsp:Policy>
>>>>                             </sp:X509Token>
>>>>                         </wsp:Policy>webservices.soap.aep.signed.stub
>>>>                     </sp:RecipientToken>
>>>>                     <sp:AlgorithmSuite>
>>>>                         <wsp:Policy>
>>>>                             <sp:TripleDesRsa15/>
>>>>                         </wsp:Policy>
>>>>                     </sp:AlgorithmSuite>
>>>>                     <sp:Layout>
>>>>                         <wsp:Policy>
>>>>                             <sp:Strict/>
>>>>                         </wsp:Policy>
>>>>                     </sp:Layout>
>>>>                     <sp:OnlySignEntireHeadersAndBody/>
>>>>                 </wsp:Policy>
>>>>             </sp:AsymmetricBinding>
>>>>             <sp:Wss10 xmlns:sp="
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>                 <wsp:Policy>
>>>>                     <sp:MustSupportRefKeyIdentifier/>
>>>>                     <sp:MustSupportRefIssuerSerial/>
>>>>                 </wsp:Policy>
>>>>             </sp:Wss10>
>>>>             <sp:SignedParts xmlns:sp="
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>                 <sp:Body/>
>>>>             </sp:SignedParts>
>>>>
>>>>             <ramp:RampartConfig xmlns:ramp="
>>>> http://ws.apache.org/rampart/policy">
>>>>                 <ramp:user>257804</ramp:user>
>>>>                 <ramp:encryptionUser>service</ramp:encryptionUser>
>>>>
>>>> <ramp:passwordCallbackClass>ie.ros.www.schemas.customs.service.sadfile.client.PWCBHandler</ramp:passwordCallbackClass>
>>>>                 <ramp:signatureCrypto>
>>>>                     <ramp:crypto
>>>> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>                         <ramp:property
>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
>>>>                         <ramp:property
>>>> name="org.apache.ws.security.crypto.merlin.file">C:\Documents and
>>>> Settings\702723344\My
>>>> Documents\alp.workspace\eclipse.workspace\alp.ccs21.webservice.soapgw\keystore\newstore.jks</ramp:property>
>>>>                         <ramp:property
>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">newpass</ramp:property>
>>>>                     </ramp:crypto>
>>>>                 </ramp:signatureCrypto>
>>>>             </ramp:RampartConfig>
>>>>         </wsp:All>
>>>>     </wsp:ExactlyOne>
>>>> </wsp:Policy>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Sanka Samaranayake
>>> WSO2 Inc.
>>>
>>> http://sankas.blogspot.com/
>>> http://www.wso2.org/
>>>
>>
>>
>
>
> --
> Sanka Samaranayake
> WSO2 Inc.
>
> http://sankas.blogspot.com/
> http://www.wso2.org/
>

Mime
View raw message