Dennis, Glen, I would rate my experience level as "uninitiated". Thanks for taking the time to help me get some legs.
On Thu, Dec 23, 2010 at 6:00 PM, Dennis Sosnoski <[email protected]> wrote: > John, you might try downloading the sample code from the > SymmetricBinding article referenced by Glen > (http://www.ibm.com/developerworks/java/library/j-jws17/index.html) as a > basis for trying your policy. First build and test the supplied sample > using your CXF installation, then substitute your policy for the one in > the sample code WSDL. Hopefully that could help you find the cause of > the problems. > > I ran the SecureConversation example because that matches the policy my target service setting. Tomcat 5.5.31, jdk 1.6.0_22, linux ubuntu 10.10, cxf 2.3.1, dennis' war: cxf-seismic-scencr.war, client run command: ant run-scencr I got this exception (server side log): Dec 23, 2010 9:32:28 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging WARNING: Interceptor for { http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}RequestSecurityTokenhas thrown exception, unwinding now org.apache.cxf.binding.soap.SoapFault: Action http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT not supported at org.apache.cxf.ws.addressing.MAPAggregator.mediate(MAPAggregator.java:572) at org.apache.cxf.ws.addressing.MAPAggregator.handleMessage(MAPAggregator.java:227) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188) at org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:148) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) at javax.servlet.http.HttpServlet.service(HttpServlet.java:647) I took up Glen's hint and put cxf-rt-ws-security*.jar and cxf-rt-ws-policy*.jar from ${cxf-home}/modules into the war. And got the same exception. How shall I interpret this exception? Do I need another module? The comment from the article that "CXF was the only stack that worked > with the policy as written." only applied to the WS-SecureConversation > policy shown in Listing 2. WS-SC configurations tend to be more > failure-prone than regular WS-Security configurations, in my experience, > since there are more "moving parts" involved in the operation. All three > of the stacks I tried were able to handle the basic SymmetricBinding > configuration. > > - Dennis > > Dennis M. Sosnoski > Java SOA and Web Services Consulting <http://www.sosnoski.com/consult.html > > > Axis2/CXF/Metro SOA and Web Services Training > <http://www.sosnoski.com/training.html> > Web Services Jump-Start <http://www.sosnoski.com/jumpstart.html> > > > On 12/24/2010 10:26 AM, Glen Mazza wrote: > > If *could* be your service provider is not detecting the > > SymmetricBinding tag because two additional libraries need to be > > declared in your web.xml: > > http://www.jroller.com/gmazza/entry/cxf_x509_profile_secpol (see the > > section on |contextConfigLocation|, it will point you to a username > > token article.) > > > > HTH, > > Glen > > > > > > > > > > On 23.12.2010 16:20, John Franey wrote: > >> Thanks. > >> > >> On Thu, Dec 23, 2010 at 4:01 PM, Glen Mazza<[email protected]> > >> wrote: > >> > >>> On http://www.sosnoski.com/articles.html, I think you'll want the 2nd > >>> article:WS-Security without client certificates< > >>> http://www.ibm.com/developerworks/java/library/j-jws17/index.html> > >>> > >>> This statement from that article is why I am wanting to use CXF: > >>> "CXF was > >> the only stack that worked with the policy as written." > >> > >> The policy I am consuming looks much like the ones in his article. > >> So, I'm > >> expecting success. I believe symmetric binding is supported. > >> > >> Should I conclude that the 'right wsdl' is enough to activate symmetric > >> binding? or is there some other configuration needed? > >> > >> The message "SymmetricBinding not supported" implies the latter, I > >> think. > >> > >> > >> HTH, > >>> Glen > >>> > >>> > >>> > >>> On 23.12.2010 15:32, John Franey wrote: > >>> > >>>> I believe symmetric binding policy is supported in cxf 2.3.1, but > >>>> this log > >>>> message says no: > >>>> > >>>> [PolicyEngineImpl] Alternative { > >>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}SymmetricBinding > <http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DSymmetricBinding > >is > >>>> not > >>>> supported > >>>> > >>>> I've been working over the cxf documentation for over a day. I am > >>>> stumped. > >>>> > >>>> What do I have to do to turn on support for symmetric binding? > >>>> > >>>> I'm writing a client that will run in jbossws-cxf 3.4.0. > >>>> > >>>> Thanks, > >>>> John > >>>> > >>>> > >>> -- > >>> > >>> Glen Mazza > >>> gmazza at apache dot org > >>> http://www.jroller.com/gmazza > >>> > > > > >
