cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: WS-SecureConversation & MTOM Policy cannot be satisfied
Date Mon, 29 May 2017 14:28:50 GMT
There is no bootstrap policy defined above - this is what the client uses
to talk to the STS to get the initial token. I'd encourage you to look at
the existing example test available in CXF here (SecureConversationTest):

https://github.com/apache/cxf/blob/master/systests/ws-security-examples

Colm.

On Mon, May 29, 2017 at 8:15 AM, pat7 <pat.pichler20@gmail.com> wrote:

> Ok, honestly then I do not understand where I have a mistake.
>
> I use the following policy for WS-SecureConversation:
>
> <wsp:Policy
> xmlns:wssp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>                wsu:Id="AuthSecurityPolicy">
>       <wsp:ExactlyOne>
>          <wsp:All>
>
>             <wssp:TransportBinding>
>                <wsp:Policy>
>                   <wssp:TransportToken>
>                      <wsp:Policy>
>                         <wssp:HttpsToken RequireClientCertificate="false">
>                         </wssp:HttpsToken>
>                      </wsp:Policy>
>                   </wssp:TransportToken>
>                </wsp:Policy>
>             </wssp:TransportBinding>
>
>             <wssp:SupportingTokens>
>                <wsp:Policy>
>                   <wssp:SecureConversationToken
> wssp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/
> IncludeToken/AlwaysToRecipient">
>                      <wssp:Issuer>
>
> <wsa:Address>https://localhost:8443/soap-own/
> SecurityTokenService-2.6.0.1.0</wsa:Address>
>                      </wssp:Issuer>
>                   </wssp:SecureConversationToken>
>                </wsp:Policy>
>             </wssp:SupportingTokens>
>          </wsp:All>
>       </wsp:ExactlyOne>
>    </wsp:Policy>
>
> Furthermore I send a request from a java client with the following code:
>
> JaxWsProxyFactoryBean jaxWsproxyFactory = new JaxWsProxyFactoryBean();
>                 jaxWsproxyFactory.setServiceClass(
> TransferServicePortType.class);
>
> jaxWsproxyFactory.setAddress("https://localhost:8443/soap-
> own/TransferService-2.6.0.1.0?wsdl");
>
>                 Map<String,Object> props = new HashMap<String, Object>();
>                 props.put("mtom-enabled", Boolean.TRUE);
>                 jaxWsproxyFactory.setProperties(props);
>
>                 TransferServicePortType client = (TransferServicePortType)
> jaxWsproxyFactory.create();
>
>                 Client clientNew = ClientProxy.getClient(client);
>                 clientNew.getRequestContext().
> put("ws-security.username.sct", "anna");
>                 clientNew.getRequestContext().
> put("ws-security.password.sct", "anna123");
>
>                 /*SOAPFactory sf = SOAPFactory.newInstance();
>                 SOAPElement sequenceElement = sf.createElement(new
> QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-wssecurity-secext-1.0.xsd","wsse:Security"));
>                 SOAPElement identifierElement = sf.createElement(new
> QName("http://schemas.xmlsoap.org/ws/2005/02/sc","wsc:
> SecurityContextToken"));
>                 SOAPElement messageNumberElement = sf.createElement(new
> QName("http://schemas.xmlsoap.org/ws/2005/02/sc","wsc:Identifier"));
>
>
> messageNumberElement.addTextNode("test:bdaa9e53-
> 3685-4b81-9b9c-9f7f4a0c0d99");
>                 identifierElement.addChildElement(messageNumberElement);
>                 sequenceElement.addChildElement(identifierElement);
>
>                 SoapHeader tokenHeader = new SoapHeader(new
> QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-wssecurity-secext-1.0.xsd","wsse:Security"),
> sequenceElement);
>                 List<Header> headersList = new ArrayList<Header>();
>                 headersList.add(tokenHeader);
>                 clientNew.getRequestContext().put(Header.HEADER_LIST,
> headersList);*/
>
>                 CTListShipments request = new CTListShipments();
>
>                 QName qualifiedName = new
> QName("http://www.test.net/namespace/nachrichten", "ConsumerID");
>                 JAXBElement<String> ConsumerID = new
> JAXBElement<>(qualifiedName,String.class,null,"VR-8889991");
>
>                 QName qualifiedName1 = new QName("http://www.test.net/
> namespace/transfer",
> "KategorieDerLieferung");
>                 JAXBElement<String> KategorieDerLieferung = new
> JAXBElement<>(qualifiedName1,String.class,null,"130");
>
>                 request.setConsumerID(ConsumerID);
>                 request.setKategorieDerLieferung(KategorieDerLieferung);
>
>                 client.listShipments(request);
>
> I enable WS-SecureConversation with the policy definition in the wsdl. On
> the server side I think that I do not have to do anything more. I hope, my
> implemented client is ok. The client works if I disable the
> WS-SecureConversation policy in the wsdl.
>
> Maybe I miss something else to get the policy working.
>
> Regards,
> Patrick
>
>
>
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.
> com/WS-SecureConversation-MTOM-Policy-cannot-be-
> satisfied-tp5780524p5780788.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message