Hi Guys, I am upgrading/testing with an Axis2-1.3/Rampart-1.3 client connecting to a .NET web service. I am using a policy file to define the security requirements. When I attempt to call some of the .NET web services I get the error shown below. Can anyone: 1. Direct me towards this error may mean? 2. Let me know if I can disable this "Must Understand" check through the policy.xml? 3. Let me know what diagnoistics I should gather to further fault-find the issue
Note that some (secured) web service calls work. Thanks and regards, Tim Munro ERROR BELOW: ============ Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1. 0.xsd : Security at com.mydials.wshelper.MyDialsWSHelper.submitData(MyDialsWSHelper.java:250) at com.mydials.test.TestMain.main(TestMain.java:40) Caused by: org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1. 0.xsd : Security at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:86) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:135) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAx isOperation.java:336) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperatio n.java:389) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisO peration.java:211) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) at com.mydials.DataSubmissionApiStub.SubmitData(DataSubmissionApiStub.java:298) at com.mydials.wshelper.MyDialsWSHelper.submitData(MyDialsWSHelper.java:245) POLICY.XML BELOW ================ <?xml version="1.0" encoding="UTF-8"?> <wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit y-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> </wsp:Policy> </sp:TransportBinding> <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/Includ eToken/AlwaysToRecipient"> <wsp:Policy> <sp:WssX509V3Token10/> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:EndorsingSupportingTokens> <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:MustSupportRefKeyIdentifier/> <sp:MustSupportRefIssuerSerial/> </wsp:Policy> </sp:Wss10> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:timestampTTL>300</ramp:timestampTTL> <ramp:timestampMaxSkew>300</ramp:timestampMaxSkew> <ramp:user>cc40b01503ff1f5ededf6d07c3a3c56c_81ea973b-e847-4bba-abc9-e6e69109 3f9d</ramp:user> <ramp:signatureCrypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">pkcs12</ramp:prope rty> <ramp:property name="org.apache.ws.security.crypto.merlin.file">MyDialsCert.pfx</ramp:prope rty> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"></ramp:propert y> </ramp:crypto> </ramp:signatureCrypto> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>
