cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From huidong <huidong_zh...@yahoo.com>
Subject An invalid security token was provided (Bad UsernameToken Values)
Date Tue, 02 Feb 2010 23:22:08 GMT

i am running a .Net WCF client to call a service on linux host with CXF
framework. 

the inbound message looks like:

Payload: <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

<s:Header><a:Action
s:mustUnderstand="1"/><a:MessageID>urn:uuid:7f809251-17cb-4319-9fd8-04889601e956</a:MessageID>

<a:ReplyTo><a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address></a:ReplyTo>

<a:To
s:mustUnderstand="1">https://sas/ws/saw/services/SawSelfServices</a:To>

<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<u:Timestamp
u:Id="_0"><u:Created>2010-02-02T22:10:48.955Z</u:Created><u:Expires>2010-02-02T22:15:48.955Z</u:Expires></u:Timestamp>

<o:UsernameToken u:Id="uuid-17aef8db-845a-4b9c-bceb-f8cde31933b6-1
<o:Username>wstest</o:Username>
<o:Password
o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*****</o:Password>
</o:UsernameToken>

</o:Security>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">****</s:Body>
</s:Envelope>

I received a error message:

[14:10:53.081] {http--81-5$573121065}
org.apache.ws.security.WSSecurityException: An invalid security token was
provided (Bad UsernameToken Values)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.ws.security.message.token.UsernameToken.<init>(UsernameToken.java:179)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:91)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:56)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:199)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:78)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:109)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:98)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:406)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:178)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:142)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103)
[14:10:53.081] {http--81-5$573121065}   at
javax.servlet.http.HttpServlet.service(HttpServlet.java:153)
[14:10:53.081] {http--81-5$573121065}   at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:103)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.security.SecurityFilterChain.doFilter(SecurityFilterChain.java:134)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:187)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:265)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:273)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.server.port.TcpConnection.run(TcpConnection.java:682)
[14:10:53.081] {http--81-5$573121065}   at
com.caucho.util.ThreadPool$Item.runTasks(ThreadPool.java:743)


what was wrong?? i cannot see anything invalid. and a java client just runs
fine. any help will be greatly appreciated!

-- 
View this message in context: http://old.nabble.com/An-invalid-security-token-was-provided-%28Bad-UsernameToken-Values%29-tp27429163p27429163.html
Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message