Dear all, Actually I posted this question under different thread, but I think it's better to start as a new thread.
I have to say that I am new to web service and CXF stuff. I currently trying to add simple username token of ws-security on an already developed code which is using CXFNonSpringServlet. In the override loadBus method, the endpoint is published in this way: javax.xml.ws.Endpoint.publish("/query", service); Then I followed the ws-security example as written in following website, without configuring the Spring: https://cwiki.apache.org/CXF20DOC/ws-security.html#WS-Security-addinterceptors ws-security configuration at server side was also done in the loadBus method. At the server side however, I didn't follow exactly the same think as shown in the example because in the example Endpoint refers to org.apache.cxf.endpoint.Endpoint, but in the code it refers to javax.xml.ws.Endpoint. So, here is the slightly modified code: EndpointImpl jaxwsEndpoint = (EndpointImpl)Endpoint.publish("/query", service); Endpoint cxfEndpoint = (Endpoint) jaxwsEndpoint.getServer().getEndpoint(); /** Adding Incoming Interceptors */ Map<String,Object> inProps= new HashMap<String,Object>(); WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps); ((EndpointImpl) cxfEndpoint).getInInterceptors().add(wssIn); I got the following error when client tries to execute the method in web service: Caused by: org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood. at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:99) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:700) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2261) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2134) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1988) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:639) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:487) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) ... 30 more Can somebody give some clue on how to solve this issue please? Perhaps this is very basic or stupid question, but any help will be appreciated. Regards, Bayu -- View this message in context: http://cxf.547215.n5.nabble.com/newbie-question-CXFNonSpringServlet-and-ws-security-tp3248140p3248140.html Sent from the cxf-user mailing list archive at Nabble.com.