On Tuesday 25 May 2010 1:29:07 pm Augusto Lima Filho wrote: > Hello everyone, > I've been trying to access a Web Service written on WebLogic server > and using Standard WS-Policy assertions but for some reason CXF > complains the Policy does not have alternatives: > "javax.xml.ws.soap.SOAPFaultException: None of the policy alternatives > can be satisfied."
That's caused by not understanding one of the Elements in the policy. My gut feeling MAY be: <wsp:UsingPolicy wssutil:Required="true" /> as I haven't seen that in a WSDL yet and a grep through the code doesn't reveal anything. Any chance you can try removing those and seeing if that fixes it? If so, definitely file a bug. If not, I'd probably need a full wsdl to really debug the problem. If possible, take one of our hello world type things and just copy the policies into it and do a quick double check. Dan > > The WS-policies I'm using are default Weblogic ones and were not > customised, here are them (extracted from the WSDL): > > <wsp:UsingPolicy wssutil:Required="true" /> > > <wsp:Policy wssutil:Id="Wssp1.2-Wss1.0-X509-Basic256.xml"> > <ns0:AsymmetricBinding> > <wsp:Policy> > <ns0:InitiatorToken> > <wsp:Policy> > <ns0:X509Token > > ns0:IncludeToken="http://docs.oasis-open.org/ws- sx/ws-securitypolicy/ > 200512/IncludeToken/AlwaysToRecipient"> <wsp:Policy> > <ns0:WssX509V3Token10 /> > </wsp:Policy> > </ns0:X509Token> > </wsp:Policy> > </ns0:InitiatorToken> > > <ns0:RecipientToken> > <wsp:Policy> > <ns0:X509Token > > ns0:IncludeToken="http://docs.oasis-open.org/ws- sx/ws-securitypolicy/ > 200512/IncludeToken/Never"> <wsp:Policy> > <ns0:WssX509V3Token10 /> > </wsp:Policy> > </ns0:X509Token> > </wsp:Policy> > </ns0:RecipientToken> > > <ns0:AlgorithmSuite> > <wsp:Policy> > <ns0:Basic256 /> > </wsp:Policy> > </ns0:AlgorithmSuite> > > <ns0:Layout> > <wsp:Policy> > <ns0:Lax /> > </wsp:Policy> > </ns0:Layout> > <ns0:IncludeTimestamp /> > <ns0:ProtectTokens /> > <ns0:OnlySignEntireHeadersAndBody /> > </wsp:Policy> > </ns0:AsymmetricBinding> > > <ns1:Wss10> > <wsp:Policy> > <ns1:MustSupportRefKeyIdentifier /> > <ns1:MustSupportRefIssuerSerial /> > </wsp:Policy> > </ns1:Wss10> > </wsp:Policy> > > <wsp:Policy wssutil:Id="Wssp1.2-2007-EncryptBody.xml"> > <ns2:EncryptedParts> > <ns2:Body /> > </ns2:EncryptedParts> > </wsp:Policy> > > <wsp:Policy wssutil:Id="Wssp1.2-SignBody.xml"> > <ns3:SignedParts> > <ns3:Body /> > </ns3:SignedParts> > </wsp:Policy> > <wsp:UsingPolicy wssutil:Required="true" /> > > <wsp:Policy wssutil:Id="Wssp1.2-Wss1.0-X509-Basic256.xml"> > > <ns1:AsymmetricBinding> > <wsp:Policy> > <ns1:InitiatorToken> > <wsp:Policy> > <ns1:X509Token > > ns1:IncludeToken="http://docs.oasis-open.org/ws- sx/ws-securitypolicy/ > 200512/IncludeToken/AlwaysToRecipient"> <wsp:Policy> > <ns1:WssX509V3Token10 /> > </wsp:Policy> > </ns1:X509Token> > </wsp:Policy> > </ns1:InitiatorToken> > > <ns1:RecipientToken> > <wsp:Policy> > <ns1:X509Token > > ns1:IncludeToken="http://docs.oasis-open.org/ws- sx/ws-securitypolicy/ > 200512/IncludeToken/Never"> <wsp:Policy> > <ns1:WssX509V3Token10 /> > </wsp:Policy> > </ns1:X509Token> > </wsp:Policy> > </ns1:RecipientToken> > > <ns1:AlgorithmSuite> > <wsp:Policy> > <ns1:Basic256 /> > </wsp:Policy> > </ns1:AlgorithmSuite> > > <ns1:Layout> > <wsp:Policy> > <ns1:Lax /> > </wsp:Policy> > </ns1:Layout> > <ns1:IncludeTimestamp /> > <ns1:ProtectTokens /> > <ns1:OnlySignEntireHeadersAndBody /> > </wsp:Policy> > </ns1:AsymmetricBinding> > > <ns2:Wss10> > <wsp:Policy> > <ns2:MustSupportRefKeyIdentifier /> > <ns2:MustSupportRefIssuerSerial /> > </wsp:Policy> > </ns2:Wss10> > </wsp:Policy> > > <wsp:Policy wssutil:Id="Wssp1.2-2007-EncryptBody.xml"> > <ns3:EncryptedParts> > <ns3:Body /> > </ns3:EncryptedParts> > </wsp:Policy> > > <wsp:Policy wssutil:Id="Wssp1.2-SignBody.xml"> > <ns4:SignedParts> > <ns4:Body /> > </ns4:SignedParts> > </wsp:Policy> > > > By inspecting the Policy in the WSDL I noticed it does not contain a > <wsp:All> and <wsp:ExactlyOne> tags, I don't know if this is required > by the specification. Using the client generated by the Weblogic > server the call works normally. > > The assignment is done as following: > > <binding name="CatalogoDadosPortBinding" type="tns:CatalogoDadosImpl"> > <wsp:PolicyReference URI="#Wssp1.2-Wss1.0-X509-Basic256.xml"/> > <wsp:PolicyReference URI="#Wssp1.2-SignBody.xml"/> > <wsp:PolicyReference URI="#Wssp1.2-2007-EncryptBody.xml"/> > <wsp:PolicyReference URI="#Wssp1.2-Wss1.0-X509-Basic256.xml"/> > <wsp:PolicyReference URI="#Wssp1.2-SignBody.xml"/> > <wsp:PolicyReference URI="#Wssp1.2-2007-EncryptBody.xml"/> > <soap:binding transport="http://schemas.xmlsoap.org/soap/http"; > style="document"/> > <operation name="init"> ... > > It's strange that it's generating the policy references twice for each > one but I don't think that's the problem since, like I said, the > client using the weblogic server libraries works normally. Any help > will be appretiated! > Thank you -- Daniel Kulp [email protected] http://dankulp.com/blog
