cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apcmto <apc...@gmail.com>
Subject CXF WS-Security: Security processing failed (actions mismatch)
Date Tue, 30 Dec 2014 17:10:23 GMT
Hello

I have deployed a Spring based CXF web service with WS-Security (WSS4J). And
it works perfectly fine when I do tests in SoapUI. Let's call it WSTest1:

	/<bean name="serverPasswordCallback"
class="com.wssecurity.services.interceptors.ServerPasswordCallback"/>

	<jaxws:endpoint id="WSTest1"
		implementor="com.wstest1.services.WsTest1PortTypeEndPointImpl"
		address="/WsTest1" wsdlLocation="/WEB-INF/wsdl/WsTest1.wsdl"
		endpointName="s:WsPortSOAP" serviceName="s:WsService"
		xmlns:s="http://ws.wstest1.com/WsTest1">
		<jaxws:properties>
			<entry key="schema-validation-enabled" value="true" />
			<entry key="ws-security.ut.validator">
        			<bean
class="com.wssecurity.services.interceptors.MyUsernameTokenValidator" />
   			 </entry>
		</jaxws:properties>

	</jaxws:endpoint>

	<cxf:bus >
		<cxf:features>
			<cxf:logging /> 
		</cxf:features>
		<cxf:inInterceptors>
				<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
				<bean class="com.wstest1.services.interceptors.LogginCallsInterceptor"
/>
				<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
					<constructor-arg>
						<map>
							<entry key="action" value="UsernameToken" />
							<entry key="passwordType" value="PasswordText" />
							<entry key="passwordCallbackRef">
								<ref bean="serverPasswordCallback"/>
							</entry>
						</map>
					</constructor-arg>
				</bean>
				<bean class="com.wstest1.services.interceptors.Interceptor" />
				<bean class="com.wstest1.services.interceptors.LoggingInterceptor" />
		</cxf:inInterceptors>
		<cxf:outInterceptors>

		</cxf:outInterceptors>
	</cxf:bus>
	
	public class ServerPasswordCallback implements CallbackHandler {

		public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
			WSPasswordCallback pc = null;
			for (Callback callback : callbacks) {
				if (callback instanceof WSPasswordCallback) {
					pc = (WSPasswordCallback)callback;
					break;
				}
			}

			try {
				String password;
				if (pc != null) {
					password = "XXX"; //BBDD query here

					pc.setPassword(password);
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
	}
	
	public class MyUsernameTokenValidator extends UsernameTokenValidator {

		@Override
		protected void verifyPlaintextPassword(UsernameToken
usernameToken,RequestData data) throws WSSecurityException {
			if (usernameToken != null && usernameToken.getPassword() != null) {
				try {
					String password =  usernameToken.getPassword(); //Some kind of
encryption
					if (!password.equals("")){
						usernameToken.setPassword(password);
					}
				} catch (Exception e) {
					e.printStackTrace();
					throw new RuntimeException();
				}
			}
			super.verifyDigestPassword(usernameToken, data);
		}
	}/

But when I want to call it from another Spring based CXF web service with
WS-Security (WSS4J), it doesn't work. I tried upgrading CXF from 2.7 to 3.0,
but I still got the same error:

/16:05:44.296 o.a.cxf.ws.security.wss4j.WSS4JInInterceptor - Security
processing failed (actions mismatch)
javax.xml.ws.soap.SOAPFaultException: An error was discovered processing the
<wsse:Security> header/

Summarizing:

WSTest1 = Spring based CXF web service with WS-Security
WSTest2 = Spring based CXF web service with WS-Security
WSTest1 works from SoapUI.
WSTest2 works from SoapUI when the call to WSTest1 it's commented.
But when WSTest2 calls WSTest1, WSTest1 works fine and return a correct
Response, but it never reach WSTest2.


I think the error is caused because the Response from WSTest2 to Wstest1
doesn't have the <wsse:Security> header.

WsTest2 code is basically the same as WsTest1:

	/<bean name="serverPasswordCallback"
class="com.wssecurity.services.interceptors.ServerPasswordCallback"/>

	<jaxws:endpoint id="WSTest2"
		implementor="com.wstest2.services.WsTest2PortTypeEndPointImpl"
		address="/WSTest2" wsdlLocation="/WEB-INF/wsdl/WSTest2.wsdl"
		endpointName="s:WsTest2PortSOAP" serviceName="s:WsTest2Service"
		xmlns:s="http://ws.wstest2.com/WSTest2">
		<jaxws:properties>
			<entry key="schema-validation-enabled" value="true" />
			<entry key="ws-security.ut.validator">
        			<bean
class="com.wssecurity.services.interceptors.MyUsernameTokenValidator" />
   			</entry>
		</jaxws:properties>
	</jaxws:endpoint>

	<cxf:bus>
		<cxf:features>
			 <cxf:logging /> 
		</cxf:features>
		<cxf:inInterceptors>
			<bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
			<bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
				<constructor-arg>
					<map>
						<entry key="action" value="UsernameToken" />
						<entry key="passwordType" value="PasswordText" />
						<entry key="passwordCallbackRef">
							<ref bean="serverPasswordCallback" />
						</entry>
					</map>
				</constructor-arg>
			</bean>
			<bean class="com.wstest2.services.interceptors.Interceptor" />
		</cxf:inInterceptors>
		<cxf:outInterceptors>

		</cxf:outInterceptors>
	</cxf:bus>/

Logs:

/[INFO ] 16:05:40.839 o.a.c.s.W.W.WSTest2PortTypeEndPoint - Inbound Message
----------------------------
ID: 1
Address: http://localhost:5050/ws-test2/webservices/WSTest2
Encoding: UTF-8
Http-Method: POST
Content-Type:
application/soap+xml;charset=UTF-8;action="http://ws.test2.com/WSTest2/services/Method2v1"
Headers: {accept-encoding=[gzip,deflate], Content-Length=[1274],
content-type=[application/soap+xml;charset=UTF-8;action="http://ws.test2.com/WSTest2/services/Method2v1"],
Host=[localhost:5050], User-Agent=[Jakarta Commons-HttpClient/3.1]}
Payload: <soap:Envelope
xmlns:cor="http://ws.wstest2.com/WSTest2/services/method2"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
   <soap:Header><wsse:Security soap:mustUnderstand="true"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken
wsu:Id="UsernameToken-11"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>USERTEST</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSTEST</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">kZZLrxSCrRvJ2kXv2W1QDg==</wsse:Nonce><wsu:Created>2014-12-30T15:05:40.659Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header>
   <soap:Body>
      xxxxx
   </soap:Body>
</soap:Envelope>
--------------------------------------
[INFO ] 16:05:42.589 e.i.b.w.s.interceptors.Interceptor - Xml Request was :
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:cor="http://ws.wstest2.com/WSTest2/services/method2"><soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soap:mustUnderstand="true"><wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-11"><wsse:Username>USERTEST</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">fIZW66-o1CxXkoY07wYzUPlEeHNBj6uYzemdB0UlZCGbBpELs6wsqLddz__Dnb21uEOJMptu4ZZrbL3aHnbIjg</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">kZZLrxSCrRvJ2kXv2W1QDg==</wsse:Nonce><wsu:Created>2014-12-30T15:05:40.659Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body>
      xxxxx
   </soap:Body>
   
   </soap:Envelope>
[DEBUG] 16:05:42.594 e.i.a.c.w.services.WsTest1AbstractService - URL
Conexión wsdl: http://localhost:8080/ws-test1/webservices/WSTest1?wsdl
[DEBUG] 16:05:42.595 e.i.a.c.w.services.WsTest1AbstractService - EndPoint
Conexión wsdl: http://localhost:8080/ws-test1/webservices/WSTest1
[INFO ] 16:05:42.813 o.a.c.w.s.factory.ReflectionServiceFactoryBean -
Creating Service {http://ws.wstest1.com/WSTest1}WsService from WSDL:
http://localhost:8080/ws-test1/webservices/WSTest1?wsdl
[INFO ] 16:05:42.965 o.a.c.s.W.WsPortSOAP.WSTest1PortTypeEndPoint - Outbound
Message
---------------------------
ID: 2
Address: http://localhost:8080/ws-test1/webservices/WSTest1
Encoding: UTF-8
Http-Method: POST
Content-Type: application/soap+xml;
action="http://ws.test1.com/WSTest1/services/Method1v1"
Headers: {Accept=[*/*]}
Payload: <soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><env:Header
xmlns:env="http://www.w3.org/2003/05/soap-envelope"><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
soap:mustUnderstand="true"><wsse:UsernameToken
wsu:Id="UsernameToken-3a53ff14-8a8c-46f7-baa0-8521d220681e"><wsse:Username>USERTEST</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSTEST</wsse:Password></wsse:UsernameToken></wsse:Security></env:Header><soap:Body><Method1Request_v1
xmlns="http://ws.wstest1.com/WSTest1/services/method1"
xmlns:ns2="http://com//Fault"
xmlns:ns3="http://com/Fault"><Usuario>PASSTEST</Usuario><Password>PASSTEST</Password><EndPoint>http://10.5.133.131:8080/ws-test2/webservices/WSTest2</EndPoint><Metodo>Method2v1</Metodo></Method1Request_v1></soap:Body></soap:Envelope>
--------------------------------------
[INFO ] 16:05:44.292 o.a.c.s.W.WsPortSOAP.WSTest1PortTypeEndPoint - Inbound
Message
----------------------------
ID: 2
Response-Code: 200
Encoding: UTF-8
Content-Type: application/soap+xml; charset=UTF-8
Headers: {content-type=[application/soap+xml; charset=UTF-8],
Server=[Jetty(8.1.16.v20140903)], transfer-encoding=[chunked]}
Payload: <soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Body><Method1Response_v1
xmlns:ns2="http://com/tipos/fault/Fault"
xmlns="http://ws.wstest1.com/WSTest1/services/method1"><Repuesta><Repuesta>true</Repuesta></Repuesta></Method1Response_v1></soap:Body></soap:Envelope>
--------------------------------------
[WARN ] 16:05:44.296 o.a.cxf.ws.security.wss4j.WSS4JInInterceptor - Security
processing failed (actions mismatch)
[WARN ] 16:05:44.303 org.apache.cxf.phase.PhaseInterceptorChain -
Interceptor for
{http://ws.wstest1.com/WSTest1}WsService#{http://ws.wstest1.com/WSTest1}Method1v1
has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: An error was discovered processing
the <wsse:Security> header
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:850)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:332)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:96)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1638)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1527)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:638)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
[cxf-core-3.0.3.jar:3.0.3]
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
[cxf-rt-frontend-simple-3.0.3.jar:3.0.3]
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
[cxf-rt-frontend-jaxws-3.0.3.jar:3.0.3]
	at $Proxy78.method1V1(Unknown Source) [na:na]
	at
com.client.wstest1.services.WsTest1ServiceImpl.method1(WsTest1ServiceImpl.java:48)
[lib-client-ws-test1-0.0.1-SNAPSHOT.jar:na]
	at
com.wstest2.services.interceptors.Interceptor.validate(Interceptor.java:121)
[classes/:na]
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:103)
[classes/:na]
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:33)
[classes/:na]
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
[javax.servlet-3.0.0.v201112011016.jar:na]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
[spring-web-4.1.0.RELEASE.jar:4.1.0.RELEASE]
	at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
[spring-web-4.1.0.RELEASE.jar:4.1.0.RELEASE]
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
[jetty-security-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.server.Server.handle(Server.java:370)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
[jetty-http-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
[jetty-http-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
[jetty-io-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
[jetty-io-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
[jetty-util-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
[jetty-util-8.1.16.v20140903.jar:8.1.16.v20140903]
	at java.lang.Thread.run(Thread.java:662) [na:1.6.0_33]
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was
discovered processing the <wsse:Security> header
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:358)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:316)
~[cxf-rt-ws-security-3.0.3.jar:3.0.3]
	... 64 common frames omitted
javax.xml.ws.soap.SOAPFaultException: An error was discovered processing the
<wsse:Security> header
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:160)
	at $Proxy78.method1V1(Unknown Source)
	at
com.client.wstest1.services.WsTest1ServiceImpl.method1(WsTest1ServiceImpl.java:48)
	at
com.wstest2.services.interceptors.Interceptor.validate(Interceptor.java:121)
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:103)
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:33)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
	at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
	at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
	at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
	at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
	at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
	at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
	at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
	at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
	at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
	at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
	at
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
	at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
	at org.eclipse.jetty.server.Server.handle(Server.java:370)
	at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
	at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
	at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
	at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
	at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
	at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
	at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was
discovered processing the <wsse:Security> header
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:358)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:316)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:96)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1638)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1527)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
	at
org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:638)
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
	... 45 more
java.lang.NullPointerException
	at
com.client.wstest1.services.WsTest1ServiceImpl.method1(WsTest1ServiceImpl.java:61)
	at
com.wstest2.services.interceptors.Interceptor.validate(Interceptor.java:121)
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:103)
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:33)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
	at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
	at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
	at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
	at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
	at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
	at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
	at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
	at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
	at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
	at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
	at
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
	at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
	at org.eclipse.jetty.server.Server.handle(Server.java:370)
	at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
	at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
	at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
	at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
	at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
	at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
	at java.lang.Thread.run(Thread.java:662)
[WARN ] 16:05:44.316 org.apache.cxf.phase.PhaseInterceptorChain -
Interceptor for
{http://ws.wstest2.com/WSTest2}WsTest2Service#{http://ws.wstest2.com/WSTest2}Method2v1
has thrown exception, unwinding now
java.lang.RuntimeException: ERROR!!!!!!
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:107)
~[classes/:na]
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:33)
~[classes/:na]
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
~[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
[cxf-core-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
[javax.servlet-3.0.0.v201112011016.jar:na]
	at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
[cxf-rt-transports-http-3.0.3.jar:3.0.3]
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
[spring-web-4.1.0.RELEASE.jar:4.1.0.RELEASE]
	at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
[spring-web-4.1.0.RELEASE.jar:4.1.0.RELEASE]
	at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)
[jetty-security-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
[jetty-servlet-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.server.Server.handle(Server.java:370)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:982)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1043)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
[jetty-http-8.1.16.v20140903.jar:8.1.16.v20140903]
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
[jetty-http-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
[jetty-server-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
[jetty-io-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
[jetty-io-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
[jetty-util-8.1.16.v20140903.jar:8.1.16.v20140903]
	at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
[jetty-util-8.1.16.v20140903.jar:8.1.16.v20140903]
	at java.lang.Thread.run(Thread.java:662) [na:1.6.0_33]
Caused by: java.lang.NullPointerException: null
	at
com.client.wstest1.services.WsTest1ServiceImpl.method1(WsTest1ServiceImpl.java:61)
~[lib-client-ws-test1-0.0.1-SNAPSHOT.jar:na]
	at
com.wstest2.services.interceptors.Interceptor.validate(Interceptor.java:121)
~[classes/:na]
	at
com.wstest2.services.interceptors.Interceptor.handleMessage(Interceptor.java:103)
~[classes/:na]
	... 41 common frames omitted
[INFO ] 16:05:44.320 o.a.c.b.s.interceptor.Soap12FaultOutInterceptor - class
org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternalapplication/soap+xml/


I've searched Google, forums, everywhere and found nothing. Can anyone help
me please?

Thanks in advice.



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-WS-Security-Security-processing-failed-actions-mismatch-tp5752754.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message