Return-Path: <users-return-49766-archive-asf-public=cust-asf.ponee.io@cxf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id CAEFA200B13
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 15 Jun 2016 19:06:19 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id C96F6160A4D; Wed, 15 Jun 2016 17:06:19 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id EA671160A19
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 15 Jun 2016 19:06:18 +0200 (CEST)
Received: (qmail 27559 invoked by uid 500); 15 Jun 2016 17:06:17 -0000
Mailing-List: contact users-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cxf.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cxf.apache.org>
List-Post: <mailto:users@cxf.apache.org>
List-Id: <users.cxf.apache.org>
Reply-To: users@cxf.apache.org
Delivered-To: mailing list users@cxf.apache.org
Received: (qmail 27514 invoked by uid 99); 15 Jun 2016 17:06:17 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Jun 2016 17:06:17 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 344EDC32E7
	for <users@cxf.apache.org>; Wed, 15 Jun 2016 17:06:17 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 3.575
X-Spam-Level: ***
X-Spam-Status: No, score=3.575 tagged_above=-999 required=6.31
	tests=[HTML_MESSAGE=2, KAM_BADIPHTTP=2, KAM_LAZY_DOMAIN_SECURITY=1,
	NORMAL_HTTP_TO_IP=0.001, RP_MATCHES_RCVD=-1.426] autolearn=disabled
Received: from mx2-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id LS3yJAo1jiDI for <users@cxf.apache.org>;
	Wed, 15 Jun 2016 17:06:15 +0000 (UTC)
Received: from host.soundevelopment.com (host.soundevelopment.com [206.222.5.218])
	by mx2-lw-eu.apache.org (ASF Mail Server at mx2-lw-eu.apache.org) with ESMTPS id E51A05F1F7
	for <users@cxf.apache.org>; Wed, 15 Jun 2016 17:06:13 +0000 (UTC)
Received: from elnso598.applevac.com (unknown [63.127.20.4])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	by host.soundevelopment.com (Postfix) with ESMTP id 730DAA8276
	for <users@cxf.apache.org>; Wed, 15 Jun 2016 13:05:30 -0400 (EDT)
From: Michael Beardsley <mbeards@soundevelopment.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A134B42E-2B2B-4839-8CFE-A3F8F1B157D7"
Subject: Struggling with WS-Policy HTTP Basic Authentication
Message-Id: <0E681F29-1F3E-4728-A872-415AF1A4B600@soundevelopment.com>
Date: Wed, 15 Jun 2016 10:06:09 -0700
To: users@cxf.apache.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
archived-at: Wed, 15 Jun 2016 17:06:20 -0000

--Apple-Mail=_A134B42E-2B2B-4839-8CFE-A3F8F1B157D7
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=windows-1252

I am trying to get a simple SOAP client working based off a WSDL that =
has various policies defined.

- I do not own the service and have no way to modify it.
- Spring is not involved in anyway and will not be.
- Using jaxws-maven-plugin to generate the proxy code. Version 2.4.1
- Using version 3.1.6 of CXF
- Including the following dependencies: cxf-rt-rs-client, =
cxf-rt-security, cxf-rt-ws-policy, cxf-rt-ws-security, =
cxf-rt-frontend-jaxws, cxf-rt-features-logging

(The JAX-RS client dependency is included because this app will call a =
REST service after getting a response from the SOAP service. The JAX-RS =
stuff is working fine).

The SOAP message generated by CXF appears to be properly formed. I can =
successfully send the exact same message to the service endpoint using =
cURL and get the expected response. I can see in the logging that CXF is =
receiving the same response as cURL, but then blowing up on:

org.apache.cxf.ws.policy.PolicyVerificationInInterceptor handle SEVERE: =
Inbound policy verification failed: These policy alternatives can not be =
satisfied:
org.apache.cxf.ws.policy.PolicyException: These policy alternatives can =
not be satisfied: =
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpBasicAuthen=
tication

The response from the SOAP service does not include the Authorization =
header. Is that why this is happening? Why does CXF care about =
authentication on the inbound message? My client doesn=92t have or =
require authentication=85 the service does.

Stepping through in the debugger shows that the AssertionInfoMap has =
ServiceModelPolicyProvider and Wsdl11AttachmentPolicyProvider instances =
available, but nothing referring to HTTP Basic Auth. Am I missing a =
dependency?

Here is my client code

public static void main(String[] args) {
	// Get a proxy for the SOAP endpoint. This is generated from =
their WSDL file as part of the Maven build.
	Zcustomer1 soap =3D new Zcustomer1();
	ZUDSCUSTOMER1 port =3D soap.getZcustomer1();
=09
	LoggingInInterceptor logInbound =3D new LoggingInInterceptor();
	logInbound.setPrettyLogging(true);
	LoggingOutInterceptor logOutbound =3D new =
LoggingOutInterceptor();
	logOutbound.setPrettyLogging(true);
=09
	Client cxf =3D ClientProxy.getClient(port);
	cxf.getInInterceptors().add(logInbound);
	cxf.getOutInterceptors().add(logOutbound);
=09
	// The SOAP service uses HTTP Basic Authentication
	Map<String, Object> requestContext =3D ((BindingProvider) =
port).getRequestContext();
	requestContext.put(BindingProvider.USERNAME_PROPERTY, =
"username");
	requestContext.put(BindingProvider.PASSWORD_PROPERTY, =
"password");
=09
	// Invoke the SOAP service
	String iKUNNR =3D "foo";
	KNA1 response =3D port.zudsCUSTOMER1(iKUNNR);
}


Here is the WSDL

<?xml version=3D"1.0" encoding=3D"utf-8"?>
<wsdl:definitions =
targetNamespace=3D"urn:sap-com:document:sap:rfc:functions"=20
				  =
xmlns:wsdl=3D"http://schemas.xmlsoap.org/wsdl/"=20
				  =
xmlns:xsd=3D"http://www.w3.org/2001/XMLSchema"=20
				  =
xmlns:soap=3D"http://schemas.xmlsoap.org/wsdl/soap/"=20
				  =
xmlns:wsoap12=3D"http://schemas.xmlsoap.org/wsdl/soap12/"=20
				  =
xmlns:http=3D"http://schemas.xmlsoap.org/wsdl/http/"=20
				  =
xmlns:mime=3D"http://schemas.xmlsoap.org/wsdl/mime/"=20
				  =
xmlns:tns=3D"urn:sap-com:document:sap:rfc:functions"=20
				  =
xmlns:wsp=3D"http://schemas.xmlsoap.org/ws/2004/09/policy"=20
				  =
xmlns:wsu=3D"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec=
urity-utility-1.0.xsd">

	<wsp:UsingPolicy wsdl:required=3D"true"/>
	<wsp:Policy wsu:Id=3D"BN__zcustomer1">
		<wsp:ExactlyOne>
			<wsp:All>
				<wsp:All =
xmlns:wsp=3D"http://schemas.xmlsoap.org/ws/2004/09/policy">
					<sp:TransportBinding =
xmlns:sp=3D"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
						<wsp:Policy>
							=
<sp:TransportToken>
								=
<wsp:Policy>
									=
<wsp:Policy>
										=
<sp:HttpBasicAuthentication/>
									=
</wsp:Policy>
								=
</wsp:Policy>
							=
</sp:TransportToken>
							=
<sp:AlgorithmSuite>
								=
<wsp:Policy>
									=
<sp:Basic128Rsa15/>
								=
</wsp:Policy>
							=
</sp:AlgorithmSuite>
							<sp:Layout>
								=
<wsp:Policy>
									=
<sp:Strict/>
								=
</wsp:Policy>
							</sp:Layout>
						</wsp:Policy>
					</sp:TransportBinding>
				</wsp:All>
			</wsp:All>
		</wsp:ExactlyOne>
	</wsp:Policy>
	<wsdl:types>
		<xsd:schema attributeFormDefault=3D"qualified" =
targetNamespace=3D"urn:sap-com:document:sap:rfc:functions">
			<xsd:simpleType name=3D"char10">
				<xsd:restriction base=3D"xsd:string">
					<xsd:maxLength value=3D"10"/>
				</xsd:restriction>
			</xsd:simpleType>
			<xsd:complexType name=3D"KNA1">
				<xsd:sequence>
					<xsd:element name=3D"KUNNR" =
type=3D"tns:char10"/>
				</xsd:sequence>
			</xsd:complexType>
			<xsd:element name=3D"ZUDS_CUSTOMER1">
				<xsd:complexType>
					<xsd:sequence>
						<xsd:element =
name=3D"I_KUNNR" type=3D"tns:char10"/>
					</xsd:sequence>
				</xsd:complexType>
			</xsd:element>
			<xsd:element name=3D"ZUDS_CUSTOMER1Response">
				<xsd:complexType>
					<xsd:sequence>
						<xsd:element =
name=3D"O_KNA1" type=3D"tns:KNA1"/>
					</xsd:sequence>
				</xsd:complexType>
			</xsd:element>
		</xsd:schema>
	</wsdl:types>
	<wsdl:message name=3D"ZUDS_CUSTOMER1">
		<wsdl:part name=3D"parameters" =
element=3D"tns:ZUDS_CUSTOMER1"/>
	</wsdl:message>
	<wsdl:message name=3D"ZUDS_CUSTOMER1Response">
		<wsdl:part name=3D"parameter" =
element=3D"tns:ZUDS_CUSTOMER1Response"/>
	</wsdl:message>
	<wsdl:portType name=3D"ZUDS_CUSTOMER1">
		<wsdl:operation name=3D"ZUDS_CUSTOMER1">
			<wsdl:input message=3D"tns:ZUDS_CUSTOMER1"/>
			<wsdl:output =
message=3D"tns:ZUDS_CUSTOMER1Response"/>
		</wsdl:operation>
	</wsdl:portType>
	<wsdl:binding name=3D"zcustomer1" type=3D"tns:ZUDS_CUSTOMER1">
		<wsp:Policy>
			<wsp:PolicyReference URI=3D"#BN__zcustomer1"/>
		</wsp:Policy>
		<soap:binding =
transport=3D"http://schemas.xmlsoap.org/soap/http" style=3D"document"/>
		<wsdl:operation name=3D"ZUDS_CUSTOMER1">
			<soap:operation =
soapAction=3D"urn:sap-com:document:sap:rfc:functions:ZUDS_CUSTOMER1:ZUDS_C=
USTOMER1Request" style=3D"document"/>
			<wsdl:input>
				<soap:body use=3D"literal"/>
			</wsdl:input>
			<wsdl:output>
				<soap:body use=3D"literal"/>
			</wsdl:output>
		</wsdl:operation>
	</wsdl:binding>
	<wsdl:service name=3D"zcustomer1">
		<wsdl:port name=3D"zcustomer1" binding=3D"tns:zcustomer1">=

			<soap:address =
location=3D"http://0.0.0.0/zcustomer1"/>
		</wsdl:port>
	</wsdl:service>
</wsdl:definitions>




--Apple-Mail=_A134B42E-2B2B-4839-8CFE-A3F8F1B157D7--