chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lester, Paul" <paul.les...@bankofamerica.com>
Subject Issue with WebLogic Client mustUnderstand=1
Date Fri, 05 Jul 2013 16:57:18 GMT
My apologies if this is going to the wrong list. I couldn't find a users list.

I am new to OpenCMIS. I have run a number of tests inside of JUnit and all have contacted
the server, returned a proper response in the form of meta data or a document; however, when
I move this same code, unchanged, into WebLogic 10.3, I get an exception:

javax.xml.ws.soap.SOAPFaultException: MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood

The failure happens during the call to the SessionFactory createSession method.

I've read quite a bit about this on various forums, but have yet to find a solution. It appears,
if I understand things correctly, that the server is replying with a mustUnderstand="1", as
referenced by the response, but that my client is unable to process the header and, per security
rules, must fail.

What do I need to do to make this work properly inside of WebLogic? Am I missing a configuration
file somewhere?

Thank you!

Paul


SOAP request
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
            <S:Header>
                        <Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                                    <Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                                                <Created>2013-07-03T13:55:29Z</Created>
                                                <Expires>2013-07-04T13:55:29Z</Expires>
                                    </Timestamp>
                                    <UsernameToken>
                                                <Username>some_user</Username>
                                                <Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">somepassword</Password>
                                                <Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2013-07-03T13:55:29Z</Created>
                                    </UsernameToken>
                        </Security>
            </S:Header>
            <S:Body>
                        <ns2:getRepositoryInfo xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/"
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/">
                                    <ns2:repositoryId>ECMSFITDEV</ns2:repositoryId>
                        </ns2:getRepositoryInfo>
            </S:Body>
</S:Envelope>

SOAP response

<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
            <S:Header>
                        <wsse:Security S:mustUnderstand="1">
                                    <wsu:Timestamp xmlns:ns15="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"
xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ns13="http://www.w3.org/2003/05/soap-envelope"
wsu:Id="XWSSGID-1372296452640-685270172">
                                                <wsu:Created>2013-07-03T13:55:29Z</wsu:Created>
                                                <wsu:Expires>2013-07-03T14:00:29Z</wsu:Expires>
                                    </wsu:Timestamp>
                        </wsse:Security>
            </S:Header>
            <S:Body>
                        <ns2:getRepositoryInfoResponse xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/"
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/">
                                    <ns2:repositoryInfo>
                                                <repositoryId>ECMSFITDEV</repositoryId>
                                                <repositoryName>ECMSFITDEV</repositoryName>
                                                <repositoryDescription>ECMSFITDEV</repositoryDescription>
                                                <vendorName>EMC</vendorName>
                                                <productName>Documentum</productName>
                                                <productVersion>6.7.1000.0038</productVersion>
                                                <rootFolderId>root</rootFolderId>
                                                <capabilities>
                                                            <capabilityACL>manage</capabilityACL>
                                                            <capabilityAllVersionsSearchable>true</capabilityAllVersionsSearchable>
                                                            <capabilityChanges>none</capabilityChanges>
                                                            <capabilityContentStreamUpdatability>anytime</capabilityContentStreamUpdatability>
                                                            <capabilityGetDescendants>true</capabilityGetDescendants>
                                                            <capabilityGetFolderTree>true</capabilityGetFolderTree>
                                                            <capabilityMultifiling>true</capabilityMultifiling>
                                                            <capabilityPWCSearchable>false</capabilityPWCSearchable>
                                                            <capabilityPWCUpdatable>false</capabilityPWCUpdatable>
                                                            <capabilityQuery>bothcombined</capabilityQuery>
                                                            <capabilityRenditions>read</capabilityRenditions>
                                                            <capabilityUnfiling>false</capabilityUnfiling>
                                                            <capabilityVersionSpecificFiling>false</capabilityVersionSpecificFiling>
                                                            <capabilityJoin>inneronly</capabilityJoin>
                                                </capabilities>
                                                <aclCapability>
                                                            <supportedPermissions>both</supportedPermissions>
                                                            <propagation>repositorydetermined</propagation>
                                                            <permissions>
                                                                        <permission>none</permission>
                                                                        <description>No
access is permitted.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>browse</permission>
                                                                        <description>The
user can look at property values but not at associated content.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>cmis:read</permission>
                                                                        <description>The
user can read content but not update. It includes browse permission.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>relate</permission>
                                                                        <description>The
user can attach an annotation to the object. It includes browse and read permissions.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>version</permission>
                                                                        <description>The
user can version the object. It includes browse, read and relate permissions.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>cmis:write</permission>
                                                                        <description>The
user can write and update the object. It includes browse, read, relate and version permissions.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>delete</permission>
                                                                        <description>The
user can delete the object. It includes browse, read, relate, version and write permissions.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>change_location</permission>
                                                                        <description>In
conjunction with the appropriate base permission level, allows the user to move an object
from one folder to another.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>change_owner</permission>
                                                                        <description>The
user can change the owner of the object.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>change_permit</permission>
                                                                        <description>The
user can change the basic permissions of the object.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>change_state</permission>
                                                                        <description>The
user can change the document lifecycle state of the object.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>change_folder_links</permission>
                                                                        <description>Allows
a user to link an object to a folder or unlink an object from a folder.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>delete_object</permission>
                                                                        <description>The
user can delete the object. The delete object extended permission is not equivalent to the
base delete permission. Delete Object extended permission does not grant browse, read, relate,
version, or write permission.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>execute_proc</permission>
                                                                        <description>The
user can run the external procedure associated with the object.</description>
                                                            </permissions>
                                                            <permissions>
                                                                        <permission>cmis:all</permission>
                                                                        <description>The
user has all basic and extended permissions.</description>
                                                            </permissions>
                                                            <mapping>
                                                                        <key>canGetDescendents.Folder</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetChildren.Folder</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetParents.Folder</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetFolderParent.Object</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCreateDocument.Folder</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCreateFolder.Folder</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCreateRelationship.Source</key>
                                                                        <permission>relate</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCreateRelationship.Target</key>
                                                                        <permission>relate</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetProperties.Object</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canViewContent.Object</key>
                                                                        <permission>cmis:read</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canUpdateProperties.Object</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canMove.Object</key>
                                                                        <permission>cmis:write</permission>
                                                                        <permission>change_location</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canMove.Target</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canMove.Source</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canDelete.Object</key>
                                                                        <permission>delete</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canDeleteTree.Folder</key>
                                                                        <permission>delete</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canSetContent.Document</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canDeleteContent.Document</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canAddToFolder.Object</key>
                                                                        <permission>cmis:write</permission>
                                                                        <permission>change_location</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canAddToFolder.Folder</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canRemoveFromFolder.Object</key>
                                                                        <permission>cmis:write</permission>
                                                                        <permission>change_location</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canRemoveFromFolder.Folder</key>
                                                                        <permission>cmis:write</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCheckout.Document</key>
                                                                        <permission>version</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCancelCheckout.Document</key>
                                                                        <permission>version</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canCheckin.Document</key>
                                                                        <permission>version</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetAllVersions.VersionSeries</key>
                                                                        <permission>cmis:read</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetObjectRelationships.Object</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canGetACL.Object</key>
                                                                        <permission>browse</permission>
                                                            </mapping>
                                                            <mapping>
                                                                        <key>canApplyACL.Object</key>
                                                                        <permission>change_permit</permission>
                                                            </mapping>
                                                </aclCapability>
                                                <cmisVersionSupported>1.0</cmisVersionSupported>
                                    </ns2:repositoryInfo>
                        </ns2:getRepositoryInfoResponse>
            </S:Body>
</S:Envelope>

----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may contain information
that is privileged, confidential and/or proprietary and subject to important terms and conditions
available at http://www.bankofamerica.com/emaildisclaimer.   If you are not the intended recipient,
please delete this message.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message