cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Zhang <>
Subject Symmetric Binding
Date Mon, 21 Mar 2011 15:25:06 GMT



i am new to using apache cxf. I want to secure a web service with symmetric binding, but i
always run into an error.

Maybe i did a mistake when configuring the service. Can anybody help me?


I have a self-signed certificate for the server and i have the public key on the client side.


I generated the client with CXF wsdl2java tool. And it seems to work fine. The client sends
a request to the server. I can watch the request on a tcp/ip monitor.

There is the ws security header with a binary security token and the soap body is obviously


On the server side the message even gets decrypted. I know this, because the service implementation
is called with correct parameters.


The problem occurs when the response should be sent. I get a null pointer when a key should
be copied into the response:


Caused by: java.lang.NullPointerException
at com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl.importNode(
... 36 more


With a debugger i observed that in this method a variable sigTok is not null, but sigTok.getTok
returns null.


Can somebody help me with this problem, please?


Here is my security policy:


<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="" xmlns:sp="">
<sp:X509Token IncludeToken="">


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message