cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Kulp <dk...@apache.org>
Subject Re: mustunderstand header not understood
Date Mon, 08 Aug 2011 17:05:08 GMT

This SOUNDS like the server doesn't have all the security and policy things 
enabled.    My suggestion is to move to 2.4.1 if possible and make sure the 
cxf-rt-ws-policy, cxf-rt-ws-addr, and cfx-rt-ws-security jars are found.

With 2.3.1, in addition to making sure they are found, you likely need to make 
sure your spring config also imports the appropriate 
META-INF/cxf/cxf-extension-*.xml
files.   That would likely include:

cxf-extension-ws-security.xml
cxf-extension-policy.xml
cxf-extension-addr.xml


Dan


On Sunday, August 07, 2011 3:55:16 PM ovi wrote:
> The problem is:
> I use jboss 6.0.0.Final with cxf 2.3.1
> I have a wsdl with  a policy:
>     <wsp:Policy wsu:Id="BasicSecurityPolicy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                                 <sp:TransportBinding>
>                                         <wsp:Policy>
>                                                 <sp:TransportToken>
>                                                         <wsp:Policy>
> 
> <sp:HttpsToken RequireClientCertificate="false" />
>                                                         </wsp:Policy>
>                                                 </sp:TransportToken>
>                                                 <sp:Layout>
>                                                         <wsp:Policy>
>                                                                 <sp:Lax />
>                                                         </wsp:Policy>
>                                                 </sp:Layout>
>                                                 <sp:IncludeTimestamp />
>                                                 <sp:AlgorithmSuite>
>                                                         <wsp:Policy>
>                                                                 <sp:Basic128
> />
>                                                         </wsp:Policy>
>                                                 </sp:AlgorithmSuite>
>                                         </wsp:Policy>
>                                 </sp:TransportBinding>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
> The <sp:IncludeTimestamp /> generates a security header like
>                 <wsse:Security
> 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
> ty-secext-1.0.xsd" soap:mustUnderstand="1">
> The problem is that the cxf server thows an exception in
> 
> org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateRe
> ceiverMustUnderstandInterceptor The exception is:
>         has thrown exception, unwinding now:
> org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers:
> [{http://docs.oasis-open.org/wss/2004/01/oasis-2
>         00401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.
> To correct this problem I read
> http://cxf.apache.org/docs/23-migration-guide.html and I put this in my
> endpoint
>           <jaxws:properties>
>                         <entry key="endpoint-processes-headers"
> 
> value="{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-s
> ecext-1.0.xsd}Security"/> </jaxws:properties>
> That tells the cxf that this header should be understood.
> With this property put in place the
>         org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor is
> fine but the
> 
> org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateRe
> ceiverMustUnderstandInterceptor still throws the exception.
> Possible solutions that I think of:
> put an actor in the wsse:Security header but I don't know how to do this.
> 
> But if you have any ideas how to deal with must understand headers let me
> know because its urgent.
> 
> thanks in advance for the advice
> 
> 
> 
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/mustunderstand-header-not-understood-tp4675
> 945p4675945.html Sent from the cxf-dev mailing list archive at Nabble.com.
-- 
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Talend - http://www.talend.com

Mime
View raw message