Strange exception using STSClient

Massimiliano Masi Thu, 27 Dec 2007 12:46:54 -0800

Hello,

I would like to have a RST without the username token in the soap header,
using the wst:Base instead, in the RST.


If I engage rampart, I've to put something in the security header, right?

BTW, this is the policy for the service:
<wsp:Policy Id="urn:uuid:1CD756D0A145FF8A6B1198787786622">
&#8722;
        <wsp:ExactlyOne>
<wsp:All/>
</wsp:ExactlyOne>
</wsp:Policy>

That contains nothing.

If I add an empty Security header by hand, I got a strange exception, looking
for a jsp page.

If I try to put this header:
<soapenv:Header>

<wsse:Securityxmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>

      <wsse:UsernameToken>
        <wsse:Username>max</wsse:Username>
        <wsse:Password>max</wsse:Password>
      </wsse:UsernameToken>
    </wsse:Security>

<wsa:To>https://localhost/SpiritXUAServer/services/IdentityProviderIBMLike</wsa:To>

    <wsa:MessageID>urn:uuid:ED1644D814BBAE48231198788276862</wsa:MessageID>

<wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action>

  </soapenv:Header>

I get this: (really strange, since no policy and nomustUnderstand=true in the header)

21:44:39,835 ERROR [STDERR] org.apache.axis2.AxisFault: MustUnderstand check failed for headerhttp://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd :Security21:44:39,837 ERROR [STDERR] atorg.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:86)21:44:39,839 ERROR [STDERR] atorg.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:135)21:44:39,839 ERROR [STDERR] atorg.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:336)21:44:39,841 ERROR [STDERR] atorg.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)21:44:39,842 ERROR [STDERR] atorg.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)21:44:39,842 ERROR [STDERR] atorg.apache.axis2.client.OperationClient.execute(OperationClient.java:163)21:44:39,843 ERROR [STDERR] atorg.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)21:44:39,843 ERROR [STDERR] atcom.spirit.XUA.utils.MySTSClient.requestSecurityTokenWithSSL(MySTSClient.java:219)21:44:39,844 ERROR [STDERR] atcom.spirit.XUA.utils.XUAAssertions.getAuthenticatedViaWSTrustAsPlain(XUAAssertions.java:553)21:44:39,844 ERROR [STDERR] atcom.tmed.report.xds.io.XUAHandler.askNewAssertion(XUAHandler.java:90)

21:44:39,845 ERROR [STDERR]     at com.tmed.report.Login.doGet(Login.java:83)
21:44:39,845 ERROR [STDERR]     at com.tmed.report.Login.doPost(Login.java:128)

21:44:39,845 ERROR [STDERR] atjavax.servlet.http.HttpServlet.service(HttpServlet.java:710)21:44:39,846 ERROR [STDERR] atjavax.servlet.http.HttpServlet.service(HttpServlet.java:803)21:44:39,846 ERROR [STDERR] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)21:44:39,847 ERROR [STDERR] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)21:44:39,847 ERROR [STDERR] atorg.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)21:44:39,848 ERROR [STDERR] atorg.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)21:44:39,850 ERROR [STDERR] atorg.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)21:44:39,850 ERROR [STDERR] atorg.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)21:44:39,851 ERROR [STDERR] atorg.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)21:44:39,852 ERROR [STDERR] atorg.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)21:44:39,852 ERROR [STDERR] atorg.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)21:44:39,853 ERROR [STDERR] atorg.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)21:44:39,853 ERROR [STDERR] atorg.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)21:44:39,854 ERROR [STDERR] atorg.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)21:44:39,855 ERROR [STDERR] atorg.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)21:44:39,855 ERROR [STDERR] atorg.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)21:44:39,855 ERROR [STDERR] atorg.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)21:44:39,856 ERROR [STDERR] atorg.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)21:44:39,857 ERROR [STDERR] atorg.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)

21:44:39,857 ERROR [STDERR]     at java.lang.Thread.run(Thread.java:613)


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Strange exception using STSClient

Reply via email to