axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dini Omar" <zigg...@gmail.com>
Subject Re: org.apache.axis2.AxisFault: Did not understand "MustUnderstand" header(s):
Date Wed, 23 Jul 2008 14:40:30 GMT
Hi,

Thanks for you help.
Here is how i am dispatching the request to the service. Do you think i am
doing anything wrong here that is causing Rampart not to be engaged
correctly?

ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(System.getProperty("configuration.context"),
null);
SadFileStub stub =  new SadFileStub(ctx,
System.getProperty("endpoint.url"));
stub._getServiceClient().getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(System.getProperty("policy.file")));

stub._getServiceClient().engageModule("addressing");
stub._getServiceClient().engageModule("rampart");

SadFileStub.EdiCustomsDeclaration ediCustomsDeclaration=
(SadFileStub.EdiCustomsDeclaration)(org.apache.axis2.databinding.ADBBean)
SadFileStub.EdiCustomsDeclaration.class.newInstance();
theString.setIEEdifactString(START_TAG.concat(strContent.toString()).concat(END_TAG));
ediCustomsDeclaration.setEdiCustomsDeclaration(theString);
SadFileStub.MessageAcknowledgement result =
stub.SadEdifactFile(ediCustomsDeclaration);


Here are the values on the properties referenced in the code above.

System.getProperty("endpoint.url") = http://www.sadservice.com/sadws
System.getProperty("policy.file") = /tmpw/GwSoap/conf/policy.xml
System.getProperty("configuration.context") =
/tmpw/GwSoap/repository/modules (This is where i have rampart-1.3.mar file)

Regards
Dini









On Wed, Jul 23, 2008 at 3:02 PM, Nandana Mihindukulasooriya <
nandana.cse@gmail.com> wrote:

>
>  Rampart is engaged on the client side. it looks like if i include the
>> addresssing-1.3.mar module and engage it it seems to work and doesnt
>> generate the "Did not understand mustUnderstand" error.  Why do i need this
>> addressing module?
>>
>
> I think the issue is your request should be correctly dispatched to the
> service for Rampart to work correctly. That is because policy is attached to
> the service and Rampart needs the policy to do the validation. Looking at
> the request, I am not sure whether Addressing is mandatory for your request
> to be correctly dispatched to the service before it comes to Rampart for
> security validation.
>
>
>> I still cant set the mustUnderstand value to 0. Is there a way to set it
>> to 0?
>>
>
> For security header, you can't set the mustUnderstand value to 0. Security
> header is created by Rampart module and mustUnderstand value is always set
> to 1 to comply with Web Service Security specification.
>
> thanks,
> nandana
>
>
>> On Wed, Jul 23, 2008 at 10:43 AM, Sanka Samaranayake <ssanka@gmail.com>
>> wrote:
>>
>>> Usually this can happen when,
>>>
>>> a) Rampart is not engaged to your service
>>>
>>> b) A security policy is not attached to the service.
>>> -- Check whether the WSDL of the service is showing the any security
>>> policy expressions attached to the service.
>>> -- Make sure that you are sending the request the service URL which is
>>> shown by the WSDL of the service.
>>>
>>> Sanka
>>>
>>>
>>> On Wed, Jul 23, 2008 at 2:22 PM, Dini Omar <ziggy25@gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> Here are the Request and Response messages generated. I am using Axis2
>>>> 1.3 and Rampart 1.3 to sign the message.
>>>>
>>>> Request
>>>>
>>>> <?xml version='1.0' encoding='UTF-8'?>
>>>>    <soapenv:Envelope xmlns:soapenv="
>>>> http://schemas.xmlsoap.org/soap/envelope/">
>>>>       <soapenv:Header>
>>>>          <wsse:Security xmlns:wsse="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>>> soapenv:mustUnderstand="1">
>>>>             <wsse:BinarySecurityToken xmlns:wsu="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>> EncodingType="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>>> ValueType="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>>> wsu:Id="CertId-14049044">MIIEIzCCAwugAwIBAgIQKBcRuMVQHCyOQFpgJ/AVTDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJJRTEeMBwGA1UEChMVUmV2ZW51ZSBDb21taXNzaW9uZXJzMSAwHgYDVQQLExdSZXZlbnVlIE9uLUxpbmUgU2VydmljZTEXMBUGA1UEAxMOUk9TIFRlc3QgU3ViQ0EwHhcNMDcwNTE0MTA1NDI0WhcNMDkwNTEzMTA1NDI0WjBcMRYwFAYDVQQDEw1BRE1JTklTVFJBVE9SMRMwEQYDVQQLEwoxMTI0MzY0NTgwMSAwHgYDVQQKExdNQUMgQ09STUFDIFBST0RVQ1RTIExURDELMAkGA1UEBhMCSUUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMnP9snCBWYnJddSIbvoV1flYUg2EoEDJvisJWVrTrnRoWmViGmQnCpUYN0sRI9JOmB496FpbS/eQnyYrYb1HECag9Cub1MxptjtTKU1fgEk7L94qxkKcaFXWPqCFrZxSJ0tjRvioxEK7Dl12ohWqhnzky/FnCN50Ph1yzFNUYf5AgMBAAGjggFXMIIBUzAfBgNVHSMEGDAWgBR+mBL7lCDBGWGvXOU+g+5GKQuVOzCCAQ8GA1UdIASCAQYwggECMIH/BgsqgnS76CMBAQEBATCB7zAaBggrBgEFBQcCARYOd3d3LnJldmVudWUuaWUwgdAGCCsGAQUFBwICMIHDGoHAQ2VydGlmaWNhdGVzIGlzc3VlZCB1bmRlciB0aGlzIENQIGFyZSBxdWFsaWZpZWQgY2VydGlmaWNhdGVzIHVuZGVyIHRoZSBFbGVjdHJvbmljIENvbW1lcmNlIEFjdCAyMDAwIGZvciB1c2UgYnkgQXBwcm92ZWQgb3IgQXV0aG9yaXNlZCBwZXJzb25zIG9ubHkgdG8gY29tbXVuaWNhdGUgd2l0aCB0aGUgUmV2ZW51ZSBDb21taXNzaW9uZXJzMB0GA1UdDgQWBBQOVM9oyrEPJYNJYX4c7do0xGBSrzANBgkqhkiG9w0BAQUFAAOCAQEACwlt8PIPllCV6HQta/AIKp7HuUIpykjPK3f5ND0B9NQc/3IBZ1Uoyd/j7t1B8adw69niZ71ODxFB7smxsx3W0b+oBEt0q8rL+/3D6rw8PszUvPuqV7XC0btCzUTtDvCw6kufsIimC4XsKluugIN+fuNfMlUQ1tGu3nlJLjXHjmlh9fXu+9SDm6YUwBFo/cJxjSvaksZd19n2NzUcIB5QszBgpsgEVOTr6fYl0ne+btdO9sNWYvjbyVeN11b5MrzqSj2imvrvl9vD9BPcFAcnAuVauM1B/oIvZPANF2LNItfWupTt62wD5YdMaEbi9oXPnc+rLtk3fkgAPJ9EDCM77g==</wsse:BinarySecurityToken>
>>>>             <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>>>> Id="Signature-6961504">
>>>>                <ds:SignedInfo>
>>>>                   <ds:CanonicalizationMethod Algorithm="
>>>> http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>                   <ds:SignatureMethod Algorithm="
>>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>>>>                   <ds:Reference URI="#Id-32816375">
>>>>                      <ds:Transforms>
>>>>                         <ds:Transform Algorithm="
>>>> http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>                      </ds:Transforms>
>>>>                      <ds:DigestMethod Algorithm="
>>>> http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>
>>>> <ds:DigestValue>3viBbKKdsUxEZiuXaXOminAbf/s=</ds:DigestValue>
>>>>                   </ds:Reference>
>>>>                </ds:SignedInfo>
>>>>
>>>> <ds:SignatureValue>T+Mnk2IKaktcj3pHumnlUsFEJHG/SlWa6bWfsImi0+JuoyGR1qPkIEFxemrjx6g7KbkqvGSMwq0IQIo8L4nB4xva19WCGGm54XB5FE5Vhej3WXFS3JE4IreC8wMVZAKppfOGECB063QcksrMVMFioHDCuUOFiTfbLM1f/eReoxg=</ds:SignatureValue>
>>>>                <ds:KeyInfo Id="KeyId-31248093">
>>>>                   <wsse:SecurityTokenReference xmlns:wsu="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>> wsu:Id="STRId-26285376">
>>>>                      <wsse:Reference URI="#CertId-14049044" ValueType="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>>> />
>>>>                   </wsse:SecurityTokenReference>
>>>>                </ds:KeyInfo>
>>>>             </ds:Signature>
>>>>          </wsse:Security>
>>>>       </soapenv:Header>
>>>>       <soapenv:Body xmlns:wsu="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>> wsu:Id="Id-32816375">
>>>>          <s4:EdiCustomsDeclaration xmlns:s4="
>>>> http://www.ros.ie/schemas/customs/edisad/v1
>>>> ">&lt;![CDATA[adsfdsfdasfadsdasfdfdasffdasfdsfdasf&#xd;]]&gt;</s4:EdiCustomsDeclaration>
>>>>       </soapenv:Body>
>>>>    </soapenv:Envelope>
>>>>
>>>> Response
>>>>
>>>> <?xml version='1.0' encoding='UTF-8'?>
>>>>    <soapenv:Envelope xmlns:soapenv="
>>>> http://schemas.xmlsoap.org/soap/envelope/">
>>>>       <soapenv:Body>
>>>>          <soapenv:Fault>
>>>>             <faultcode>soapenv:MustUnderstand</faultcode>
>>>>             <faultstring>Must Understand check failed for header
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:
Security</faultstring>
>>>>             <detail />
>>>>          </soapenv:Fault>
>>>>       </soapenv:Body>
>>>>    </soapenv:Envelope>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Wed, Jul 23, 2008 at 4:49 AM, Sanka Samaranayake <ssanka@gmail.com>
>>>> wrote:
>>>>
>>>>> Can you post the request / response SOAP messages ?
>>>>>
>>>>> Sanka
>>>>>
>>>>>
>>>>>
>>>>> On Tue, Jul 22, 2008 at 6:52 PM, Dini Omar <ziggy25@gmail.com>
wrote:
>>>>>
>>>>>> Does anyone konw how i can resolve this error?
>>>>>>
>>>>>> Thanks in advance..
>>>>>>
>>>>>> org.apache.axis2.AxisFault: Did not understand "MustUnderstand"
>>>>>> header(s):
>>>>>>      at
>>>>>> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)
>>>>>>      at
>>>>>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)
>>>>>>      at
>>>>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)
>>>>>>      at
>>>>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
>>>>>>      at
>>>>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>>>>>>      at
>>>>>> ie.ros.www.schemas.customs.service.sadfile.client.SadFileStub.SadEdifactFile(SadFileStub.java:169)
>>>>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.readFiles(ToDHLCli.java:411)
>>>>>>      at com.alp.ccs21.soapgw.gw.ToDHLCli.run(ToDHLCli.java:197)
>>>>>>
>>>>>> Here is my configuration
>>>>>>
>>>>>> <wsp:Policy wsu:Id="SigOnly"
>>>>>> xmlns:wsu="
>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>>>>
>>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
>>>>>>     <wsp:ExactlyOne>
>>>>>>         <wsp:All>
>>>>>>             <sp:AsymmetricBinding xmlns:sp="
>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>>>                 <wsp:Policy>
>>>>>>                     <sp:InitiatorToken>
>>>>>>                         <wsp:Policy>
>>>>>>                             <sp:X509Token sp:IncludeToken="
>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
>>>>>> ">
>>>>>>                                 <wsp:Policy>
>>>>>>                                     <sp:WssX509V3Token10/>
>>>>>>                                 </wsp:Policy>
>>>>>>                             </sp:X509Token>
>>>>>>                         </wsp:Policy>
>>>>>>                     </sp:InitiatorToken>
>>>>>>                     <sp:RecipientToken>
>>>>>>                         <wsp:Policy>
>>>>>>                             <sp:X509Token sp:IncludeToken="
>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never
>>>>>> ">
>>>>>>                                 <wsp:Policy>
>>>>>>                                     <sp:WssX509V3Token10/>
>>>>>>                                 </wsp:Policy>
>>>>>>                             </sp:X509Token>
>>>>>>                         </wsp:Policy>webservices.soap.aep.signed.stub
>>>>>>                     </sp:RecipientToken>
>>>>>>                     <sp:AlgorithmSuite>
>>>>>>                         <wsp:Policy>
>>>>>>                             <sp:TripleDesRsa15/>
>>>>>>                         </wsp:Policy>
>>>>>>                     </sp:AlgorithmSuite>
>>>>>>                     <sp:Layout>
>>>>>>                         <wsp:Policy>
>>>>>>                             <sp:Strict/>
>>>>>>                         </wsp:Policy>
>>>>>>                     </sp:Layout>
>>>>>>                     <sp:OnlySignEntireHeadersAndBody/>
>>>>>>                 </wsp:Policy>
>>>>>>             </sp:AsymmetricBinding>
>>>>>>             <sp:Wss10 xmlns:sp="
>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>>>                 <wsp:Policy>
>>>>>>                     <sp:MustSupportRefKeyIdentifier/>
>>>>>>                     <sp:MustSupportRefIssuerSerial/>
>>>>>>                 </wsp:Policy>
>>>>>>             </sp:Wss10>
>>>>>>             <sp:SignedParts xmlns:sp="
>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>>>                 <sp:Body/>
>>>>>>             </sp:SignedParts>
>>>>>>
>>>>>>             <ramp:RampartConfig xmlns:ramp="
>>>>>> http://ws.apache.org/rampart/policy">
>>>>>>                 <ramp:user>257804</ramp:user>
>>>>>>                 <ramp:encryptionUser>service</ramp:encryptionUser>
>>>>>>
>>>>>> <ramp:passwordCallbackClass>ie.ros.www.schemas.customs.service.sadfile.client.PWCBHandler</ramp:passwordCallbackClass>
>>>>>>                 <ramp:signatureCrypto>
>>>>>>                     <ramp:crypto
>>>>>> provider="org.apache.ws.security.components.crypto.Merlin">
>>>>>>                         <ramp:property
>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
>>>>>>                         <ramp:property
>>>>>> name="org.apache.ws.security.crypto.merlin.file">C:\Documents
and
>>>>>> Settings\702723344\My
>>>>>> Documents\alp.workspace\eclipse.workspace\alp.ccs21.webservice.soapgw\keystore\newstore.jks</ramp:property>
>>>>>>                         <ramp:property
>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">newpass</ramp:property>
>>>>>>                     </ramp:crypto>
>>>>>>                 </ramp:signatureCrypto>
>>>>>>             </ramp:RampartConfig>
>>>>>>         </wsp:All>
>>>>>>     </wsp:ExactlyOne>
>>>>>> </wsp:Policy>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Sanka Samaranayake
>>>>> WSO2 Inc.
>>>>>
>>>>> http://sankas.blogspot.com/
>>>>> http://www.wso2.org/
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Sanka Samaranayake
>>> WSO2 Inc.
>>>
>>> http://sankas.blogspot.com/
>>> http://www.wso2.org/
>>>
>>
>>
>
>
> --
> Nandana Mihindukulasooriya
> WSO2 inc.
>
> http://nandana83.blogspot.com/
>

Mime
View raw message