cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Understanding WSS4J actions
Date Tue, 23 Apr 2013 09:01:51 GMT
Newer versions of CXF do not require that the actions match in the exact
order, but only that they match in some order. So your best bet is to
upgrade to a newer version.

Colm.


On Mon, Apr 22, 2013 at 11:04 PM, Andrew Hart <ahart@akimeka.com> wrote:

> Ok, wrt my earlier message, I decided to just go ahead and write a
> simple java web service client rather than try to figure out why SoapUi
> wasn't working.
> Unfortunately, I'm back into "actions mismatch" hell.
>
> I understand that the actions need to match up on the client request to
> the server, i.e., from the client OutInterceptor to the server
> InInterceptor and that the inverse is true,
> From the server response OutInterceptor to the client InInterceptor.
>
> So, my client is configured like this in a cxf.xml file:
>  (note: the jaxws:client element didn't work for me and I had to replace
> it with the cxf:bus before my interceptors would load.)
> ------------------------------------------------------------------------
> -----------------
>
> <beans xmlns="http://www.springframework.org/schema/beans"
>    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>    xmlns:jaxws="http://cxf.apache.org/jaxws"
>    xmlns:cxf="http://cxf.apache.org/core"
>    xsi:schemaLocation="http://cxf.apache.org/core
>         http://cxf.apache.org/schemas/core.xsd
>         http://www.springframework.org/schema/beans
>         http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>         http://cxf.apache.org/jaxws
>         http://cxf.apache.org/schemas/jaxws.xsd">
>
> <!--
>     <jaxws:client name=" MyWebServicePort" createdFromAPI="true">
>         <jaxws:inInterceptors>
>             <ref bean="TimestampSignEncrypt_Response"/>
>             <ref bean="logInbound" />
>         </jaxws:inInterceptors>
>         <jaxws:outInterceptors>
>             <ref bean="TimestampSignEncrypt_Request"/>
>             <ref bean="logOutbound" />
>         </jaxws:outInterceptors>
>     </jaxws:client>
> -->
>
>     <cxf:bus>
>         <cxf:outInterceptors>
>             <ref bean="ClientRequest_Interceptor"/>
>             <ref bean="logOutbound" />
>         </cxf:outInterceptors>
>         <cxf:inInterceptors>
>             <ref bean="ServerResponse_Interceptor"/>
>             <ref bean="logInbound" />
>         </cxf:inInterceptors>
>     </cxf:bus>
>
>     <bean id="logInbound"
> class="org.apache.cxf.interceptor.LoggingInInterceptor"/>
>     <bean id="logOutbound"
> class="org.apache.cxf.interceptor.LoggingOutInterceptor"/>
>     <bean
>         class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"
>         id="ClientRequest_Interceptor">
>         <constructor-arg>
>               <map>
>                 <entry key="action" value="Timestamp Signature"/>
>                 <entry key="user" value="client1alias"/>
>                 <entry key="signaturePropFile"
> value="clientKeystore.properties"/>
>                         <entry key="signatureKeyIdentifier"
> value="DirectReference"/>
>                 <entry key="passwordCallbackClass"
> value="com.akimeka.ws.testclient.clientsample.ClientKeystorePasswordCall
> back"/>
>                 <entry key="signatureAlgorithm"
> value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>                 <entry key="signatureParts"
> value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;{Element
> }{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-uti
> lity-1.0.xsd}Timestamp"/>
>
>               </map>
>         </constructor-arg>
>     </bean>
>     <bean
>         class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"
>         id="ServerResponse_Interceptor">
>         <constructor-arg>
>             <map>
>                 <entry key="action" value="Timestamp Signature
> Encrypt"/>
>                 <entry key="signaturePropFile"
> value="clientKeystore.properties"/>
>                 <entry key="decryptionPropFile"
> value="clientKeystore.properties"/>
>                 <entry key="passwordCallbackClass"
> value="com.akimeka.ws.testclient.clientsample.ClientKeystorePasswordCall
> back"/>
>                 <entry key="encryptionKeyTransportAlgorithm"
> value="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
>                 <entry key="signatureAlgorithm"
> value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>             </map>
>         </constructor-arg>
>     </bean>
> </beans>
>
>
> ------------------------------------------------------------------------
> ----------
> The server has a jbossws-cxf.xml file and is configured like this:
> ------------------------------------------------------------------------
> ----------
> <beans
>   xmlns='http://www.springframework.org/schema/beans'
>   xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
>   xmlns:beans='http://www.springframework.org/schema/beans'
>   xmlns:jaxws='http://cxf.apache.org/jaxws'
>   xsi:schemaLocation='http://cxf.apache.org/core
>     http://cxf.apache.org/schemas/core.xsd
>     http://www.springframework.org/schema/beans
>     http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
>     http://cxf.apache.org/jaxws
>     http://cxf.apache.org/schemas/jaxws.xsd'>
>
>
>   <bean id="Sign_Request"
> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>     <constructor-arg>
>       <map>
>         <entry key="action" value="Timestamp Signature"/>
>         <entry key="signaturePropFile"  value="security.properties"/>
>         <entry key="decryptionPropFile" value="security.properties"/>
>         <entry key="passwordCallbackClass"
> value="com.akimeka.ws.common.KeystorePasswordCallback"/>
>       </map>
>     </constructor-arg>
>   </bean>
>
>
>   <bean id="Sign_Response"
> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>     <constructor-arg>
>       <map>
>         <entry key="action" value="Timestamp Signature Encrypt"/>
>         <entry key="user" value="server.akimeka.com"/>
>         <entry key="signaturePropFile"  value="security.properties"/>
>         <entry key="encryptionPropFile" value="security.properties"/>
>         <entry key="encryptionUser" value="useReqSigCert"/>
>         <!-- <entry key="encryptionUser" value="client1.akimeka.com" />
> -->
>         <entry key="signatureKeyIdentifier" value="DirectReference"/>
>         <!--  <entry key="encryptionKeyIdentifier"
> value="DirectReference" /> -->
>         <entry key="passwordCallbackClass"
> value="com.akimeka.ws.common.KeystorePasswordCallback"/>
>         <entry key="signatureParts"
> value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss
> -wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.o
> rg/soap/envelope/}Body"/>
>         <entry key="encryptionParts"
> value="{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
>         <entry key="encryptionKeyTransportAlgorithm"
> value="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
>         <entry key="encryptionSymAlgorithm"
> value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>         <entry key="signatureAlgorithm"
> value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>       </map>
>     </constructor-arg>
>   </bean>
>
>   <jaxws:endpoint
>     id='CipService'
>     address='http://@jboss.bind.address@:8080/ws-cip'
>     implementor='com.akimeka.cip.ws.CipService'>
>     <jaxws:invoker>
>       <bean class='org.jboss.wsf.stack.cxf.InvokerJSE'/>
>     </jaxws:invoker>
>
>     <jaxws:inInterceptors>
>         <bean
> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
>         <ref bean="Sign_Request"/>
>     </jaxws:inInterceptors>
>
>     <jaxws:outInterceptors>
>         <bean
> class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
>         <ref bean="Sign_Response"/>
>     </jaxws:outInterceptors>
>
>   </jaxws:endpoint>
> </beans>
> ------------------------------------------------------------------------
> -------------------------------
>
> And, so the server sees the incoming message here...
>
> --------------------------------------
> 16:43:36,935 INFO  [org.apache.cxf.interceptor.LoggingInInterceptor]
> Inbound Message
> ----------------------------
> ID: 16
> Address: /ws-cip/CipService
> Encoding: UTF-8
> Content-Type: text/xml; charset=UTF-8
> Headers: {cache-control=[no-cache], content-type=[text/xml;
> charset=UTF-8], connection=[keep-alive],
> host=[msat-ah-01.akimeka.com:8080], Content-Length=[3496],
> SOAPAction=[""], user-agent=[Apache CXF 2.3.1-patch-01],
> Content-Type=[text/xml; charset=UTF-8], Accept=[*/*], pragma=[no-cache]}
> Payload: <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><wss
> e:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd" soap:mustUnderstand="1"><wsse:BinarySecurityToken
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-so
> ap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-
> token-profile-1.0#X509v3"
> wsu:Id="CertId-8FE55E1C1DB8D8548C13666670167941">MIIBozCCAQygAwIBAgIEUXV
> eiTANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDEwtjbGllbnQxdXNlcjAeFw0xMzA0MjIxNjA
> wMDlaFw0xNTA0MjIxNjAwMDlaMBYxFDASBgNVBAMTC2NsaWVudDF1c2VyMIGfMA0GCSqGSIb
> 3DQEBAQUAA4GNADCBiQKBgQCd4AXM4VgvaScl6kdJVyaej50gr08XXSOntVki80znasD1tjE
> +TwUBBIjMzWUtLN+vWO211cbggaNP8mLZ2Tti3mEY0sS4ixZHLZz41/mLHU4YcQEFFZ5p61W
> p1L3C37gQ7pm37SfKerwlrM4HnxSY6y7MinJSfQ0iDYaMu+XizQIDAQABMA0GCSqGSIb3DQE
> BBQUAA4GBACiZwyRmSfjcjZDrIRe1A4PPHp+fMNHVssnvtOSaVEKjDRPeS1uXM7RLFUIvjEO
> sbiSGMWSswFj/M61dRwNQreUxK737EpX8yko0gzKG+mH9bZZnEzroX5BROxa1luUTDmK2dUg
> oPmLIwZI8gB8rJL6W3F3I6zfHwqHGbW6Xqt+J</wsse:BinarySecurityToken><ds:Sign
> ature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#id-3">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>Ki9mmuZ/IPEazLZiTmt1cqDq7pQ=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#Timestamp-1">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>dc/iT6EKpqAL9crdJORImAfavcU=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
> FmXE1n5OKy4PVtLkTeuycQf6d6gMl4fgIrucJw6Ms8OnFLs4jbN6PMbkKIkv3DogfYPzSrr6
> Incd
> Gus2miH1Qb5dFOhRDUSTDBaMeROxCyfKtzpvhTezboS1lYTF1jgFlmih5Ly1pTEwK46XmBL4
> KKeD
> Jjo5xjN6eqUAYgrcGjs=
> </ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-8FE55E1C1DB8D8548C13666670168262">
> <wsse:SecurityTokenReference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> wsu:Id="STRId-8FE55E1C1DB8D8548C13666670168263"><wsse:Reference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd" URI="#CertId-8FE55E1C1DB8D8548C13666670167941"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-
> token-profile-1.0#X509v3" /></wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature><wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> wsu:Id="Timestamp-1"><wsu:Created>2013-04-22T21:43:36.793Z</wsu:Created>
> <wsu:Expires>2013-04-22T21:48:36.793Z</wsu:Expires></wsu:Timestamp></wss
> e:Security></soap:Header><soap:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd" wsu:Id="id-3"><ns2:testWebService
> xmlns:ns2="http://akimeka.com"><arg0>Test
> String</arg0></ns2:testWebService></soap:Body></soap:Envelope>
> --------------------------------------
>
> And then blows up with this stacktrace and sends back a fault:
>
> 16:43:36,935 WARN  [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> Security processing failed (actions mismatch)
> 16:43:36,935 WARN  [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]
> : org.apache.ws.security.WSSecurityException: An error was discovered
> processing the <wsse:Security> header
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JIn
> Interceptor.java:294) [:2.3.1-patch-01]
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:234) [:2.3.1-patch-01]
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:81) [:2.3.1-patch-01]
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
> hain.java:255) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiati
> onObserver.java:113) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestin
> ation.java:97) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(Ser
> vletController.java:461) [:2.3.1-patch-01]
>         at
> org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt
> .java:172) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHand
> lerImpl.java:57) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(Servl
> etHelper.java:156) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:90)
> [:3.4.1.GA]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(Abstr
> actHTTPServlet.java:179) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTP
> Servlet.java:103) [:2.3.1-patch-01]
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
> [:1.0.0.Final]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTT
> PServlet.java:159) [:2.3.1-patch-01]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
> tionFilterChain.java:324) [:6.1.0.Final]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
> erChain.java:242) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
> e.java:275) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
> e.java:161) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
> sociationValve.java:181) [:6.1.0.Final]
>         at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authenticator
> Base.java:501) [:6.1.0.Final]
>         at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event
> (CatalinaContext.java:285) [:1.1.0.Final]
>         at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invok
> e(CatalinaContext.java:261) [:1.1.0.Final]
>         at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.j
> ava:88) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(S
> ecurityContextEstablishmentValve.java:100) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
> :159) [:6.1.0.Final]
>         at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
> :102) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConn
> ectionValve.java:158) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
> java:109) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.inv
> oke(ActiveRequestResponseCacheValve.java:53) [:6.1.0.Final]
>         at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:3
> 62) [:6.1.0.Final]
>         at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87
> 7) [:6.1.0.Final]
>         at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(
> Http11Protocol.java:654) [:6.1.0.Final]
>         at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
> [:6.1.0.Final]
>         at java.lang.Thread.run(Thread.java:662) [:1.6.0_35]
>
> 16:43:36,936 WARN  [org.apache.cxf.phase.PhaseInterceptorChain]
> Interceptor for {http://akimeka.com}TMDS_CIP_Web_Service has thrown
> exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: An
> error was discovered processing the <wsse:Security> header
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4
> JInInterceptor.java:654) [:2.3.1-patch-01]
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:275) [:2.3.1-patch-01]
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:81) [:2.3.1-patch-01]
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorC
> hain.java:255) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiati
> onObserver.java:113) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestin
> ation.java:97) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(Ser
> vletController.java:461) [:2.3.1-patch-01]
>         at
> org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt
> .java:172) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHand
> lerImpl.java:57) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(Servl
> etHelper.java:156) [:3.4.1.GA]
>         at
> org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:90)
> [:3.4.1.GA]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(Abstr
> actHTTPServlet.java:179) [:2.3.1-patch-01]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTP
> Servlet.java:103) [:2.3.1-patch-01]
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
> [:1.0.0.Final]
>         at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTT
> PServlet.java:159) [:2.3.1-patch-01]
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
> tionFilterChain.java:324) [:6.1.0.Final]
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
> erChain.java:242) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
> e.java:275) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
> e.java:161) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAs
> sociationValve.java:181) [:6.1.0.Final]
>         at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authenticator
> Base.java:501) [:6.1.0.Final]
>         at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event
> (CatalinaContext.java:285) [:1.1.0.Final]
>         at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invok
> e(CatalinaContext.java:261) [:1.1.0.Final]
>         at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.j
> ava:88) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(S
> ecurityContextEstablishmentValve.java:100) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
> :159) [:6.1.0.Final]
>         at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
> :102) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConn
> ectionValve.java:158) [:6.1.0.Final]
>         at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
> java:109) [:6.1.0.Final]
>         at
> org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.inv
> oke(ActiveRequestResponseCacheValve.java:53) [:6.1.0.Final]
>         at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:3
> 62) [:6.1.0.Final]
>         at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87
> 7) [:6.1.0.Final]
>         at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(
> Http11Protocol.java:654) [:6.1.0.Final]
>         at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
> [:6.1.0.Final]
>         at java.lang.Thread.run(Thread.java:662) [:1.6.0_35]
> Caused by: org.apache.ws.security.WSSecurityException: An error was
> discovered processing the <wsse:Security> header
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JIn
> Interceptor.java:294) [:2.3.1-patch-01]
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JI
> nInterceptor.java:234) [:2.3.1-patch-01]
>         ... 33 more
>
>
> ------------------------------------------------------------------------
> -------------------------------------------
>
> So, the client actions for the request are "Timestamp Signature"  and
> the server inInterceptor actions match that.
>
> What am I failing to understand about this?  Is there a simple
> explanation anywhere of what it means to specify a list of actions on a
> web service incoming interceptor EXACTLY what is required fo on the
> client end to match up, including details about specific parts that have
> to be signed?
>
>
>
>
>
>
>
>
>
> NOTICE: This transmission (including all attachments) is company
> confidential, is intended only for the individual or entity named above,
> and is likely to contain privileged, proprietary and confidential
> information that is exempt from disclosure requests under applicable law.
> If you are not the intended recipient, you are hereby notified that any
> disclosure, copying, distribution, use of or reliance upon any of the
> information contained in this transmission is strictly prohibited. Any
> inadvertent or unauthorized disclosure shall not compromise or waive the
> confidentiality of this transmission. If you have received this
> transmission in error, please forward this message immediately to
> postmaster@akimeka.com <mailto:postmaster@akimeka.com>  and delete or
> otherwise remove this email from your system.  Thank you
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message