cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: cxf client for wcf service using ws-trust
Date Tue, 13 Jan 2015 15:45:22 GMT
Hi,

That security policy should be supported. What does you configuration look
like? Turn logging on to FINE + see what it says...

Colm.

On Mon, Jan 12, 2015 at 4:31 PM, Bilgehan MaraƟ <bilgehanm@gmail.com> wrote:

> Hi,
>
> I am trying to write a sts client for a wcf web service. The service is
> secured using ws-security 1.1, ws-securitypolicy 1.2 and ws-trust 1.3. Sts
> service is secured via usernametoken and running on https. It also requires
> soap 1.2
>
> I tried to create a client using available documentations and sample
> projects but no luck. I am getting
>
>  Creating Service from WSDL:
> Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: None of
> the policy alternatives can be satisfied.
>         at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:160
> error
>
>
> Does that mean cxf has no support for such a configuration?
>
> Thanks for any help
>
> The wsp policy section of the service wsdl is like this:
>
> <wsp:Policy wsu:Id="CustomBinding_SomeService_policy">
>     <wsp:ExactlyOne>
>         <wsp:All>
>             <sp:TransportBinding xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                 <wsp:Policy>
>                     <sp:TransportToken>
>                         <wsp:Policy>
>                             <sp:HttpsToken/>
>                         </wsp:Policy>
>                     </sp:TransportToken>
>                     <sp:AlgorithmSuite>
>                         <wsp:Policy>
>                             <sp:Basic256/>
>                         </wsp:Policy>
>                     </sp:AlgorithmSuite>
>                     <sp:Layout>
>                         <wsp:Policy>
>                             <sp:Strict/>
>                         </wsp:Policy>
>                     </sp:Layout>
>                     <sp:IncludeTimestamp/>
>                 </wsp:Policy>
>             </sp:TransportBinding>
>             <sp:EndorsingSupportingTokens xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                 <wsp:Policy>
>                     <sp:IssuedToken sp:IncludeToken="
>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
> ">
>                         <Issuer xmlns="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                             <Address xmlns="
> http://www.w3.org/2005/08/addressing">
> https://somedomain/Services/Issuer.svc/IWSTrust13  </Address>
>                             <Metadata xmlns="
> http://www.w3.org/2005/08/addressing">
>                                 <Metadata xmlns="
> http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance">
>                                     <wsx:MetadataSection xmlns=""
> xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
>                                         <wsx:MetadataReference>
>                                             <Address xmlns="
> http://www.w3.org/2005/08/addressing">
> https://somedomain/Services/Issuer.svc/mex     </Address>
>                                         </wsx:MetadataReference>
>                                     </wsx:MetadataSection>
>                                 </Metadata>
>                             </Metadata>
>                         </Issuer>
>                         <sp:RequestSecurityTokenTemplate>
>                             <trust:KeyType xmlns:trust="
> http://docs.oasis-open.org/ws-sx/ws-trust/200512">
> http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey
> </trust:KeyType>
>                         </sp:RequestSecurityTokenTemplate>
>                         <wsp:Policy>
>                             <sp:RequireInternalReference/>
>                         </wsp:Policy>
>                     </sp:IssuedToken>
>                 </wsp:Policy>
>             </sp:EndorsingSupportingTokens>
>             <sp:Wss11 xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                 <wsp:Policy/>
>             </sp:Wss11>
>             <sp:Trust13 xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                 <wsp:Policy>
>                     <sp:MustSupportIssuedTokens/>
>                     <sp:RequireClientEntropy/>
>                     <sp:RequireServerEntropy/>
>                 </wsp:Policy>
>             </sp:Trust13>
>             <wsaw:UsingAddressing/>
>         </wsp:All>
>     </wsp:ExactlyOne>
> </wsp:Policy>
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message