Looks like something changed post 2.2.8 - I get the same error you reported when I try using my sample code with 2.3.1, and also with 2.2.10, though it works with 2.2.8. The best thing to do is to enter a Jira and attach the CXF sample code from the article, and try using 2.2.8 (available from the archive, look for the link on the download page) for now.
- Dennis On 12/24/2010 04:13 PM, John Franey wrote: > Dennis, Glen, > > I would rate my experience level as "uninitiated". Thanks for taking the > time to help me get some legs. > > > On Thu, Dec 23, 2010 at 6:00 PM, Dennis Sosnoski <[email protected]> wrote: > > >> John, you might try downloading the sample code from the >> SymmetricBinding article referenced by Glen >> (http://www.ibm.com/developerworks/java/library/j-jws17/index.html) as a >> basis for trying your policy. First build and test the supplied sample >> using your CXF installation, then substitute your policy for the one in >> the sample code WSDL. Hopefully that could help you find the cause of >> the problems. >> >> >> > I ran the SecureConversation example because that matches the policy my > target service setting. > > Tomcat 5.5.31, jdk 1.6.0_22, linux ubuntu 10.10, cxf 2.3.1, > dennis' war: cxf-seismic-scencr.war, > > client run command: ant run-scencr > > I got this exception (server side log): > > Dec 23, 2010 9:32:28 PM org.apache.cxf.phase.PhaseInterceptorChain > doDefaultLogging > WARNING: Interceptor for { > http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}RequestSecurityTokenhas > thrown exception, unwinding now > org.apache.cxf.binding.soap.SoapFault: Action > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT not supported > at > org.apache.cxf.ws.addressing.MAPAggregator.mediate(MAPAggregator.java:572) > at > org.apache.cxf.ws.addressing.MAPAggregator.handleMessage(MAPAggregator.java:227) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) > at > org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) > at > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) > at > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188) > at > org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:148) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:647) > > I took up Glen's hint and put cxf-rt-ws-security*.jar and > cxf-rt-ws-policy*.jar from ${cxf-home}/modules into the war. And got the > same exception. > > How shall I interpret this exception? Do I need another module? > > The comment from the article that "CXF was the only stack that worked > >> with the policy as written." only applied to the WS-SecureConversation >> policy shown in Listing 2. WS-SC configurations tend to be more >> failure-prone than regular WS-Security configurations, in my experience, >> since there are more "moving parts" involved in the operation. All three >> of the stacks I tried were able to handle the basic SymmetricBinding >> configuration. >> >> - Dennis >> >> Dennis M. Sosnoski >> Java SOA and Web Services Consulting <http://www.sosnoski.com/consult.html >> >>> >> Axis2/CXF/Metro SOA and Web Services Training >> <http://www.sosnoski.com/training.html> >> Web Services Jump-Start <http://www.sosnoski.com/jumpstart.html> >> >> >> On 12/24/2010 10:26 AM, Glen Mazza wrote: >> >>> If *could* be your service provider is not detecting the >>> SymmetricBinding tag because two additional libraries need to be >>> declared in your web.xml: >>> http://www.jroller.com/gmazza/entry/cxf_x509_profile_secpol (see the >>> section on |contextConfigLocation|, it will point you to a username >>> token article.) >>> >>> HTH, >>> Glen >>> >>> >>> >>> >>> On 23.12.2010 16:20, John Franey wrote: >>> >>>> Thanks. >>>> >>>> On Thu, Dec 23, 2010 at 4:01 PM, Glen Mazza<[email protected]> >>>> wrote: >>>> >>>> >>>>> On http://www.sosnoski.com/articles.html, I think you'll want the 2nd >>>>> article:WS-Security without client certificates< >>>>> http://www.ibm.com/developerworks/java/library/j-jws17/index.html> >>>>> >>>>> This statement from that article is why I am wanting to use CXF: >>>>> "CXF was >>>>> >>>> the only stack that worked with the policy as written." >>>> >>>> The policy I am consuming looks much like the ones in his article. >>>> So, I'm >>>> expecting success. I believe symmetric binding is supported. >>>> >>>> Should I conclude that the 'right wsdl' is enough to activate symmetric >>>> binding? or is there some other configuration needed? >>>> >>>> The message "SymmetricBinding not supported" implies the latter, I >>>> think. >>>> >>>> >>>> HTH, >>>> >>>>> Glen >>>>> >>>>> >>>>> >>>>> On 23.12.2010 15:32, John Franey wrote: >>>>> >>>>> >>>>>> I believe symmetric binding policy is supported in cxf 2.3.1, but >>>>>> this log >>>>>> message says no: >>>>>> >>>>>> [PolicyEngineImpl] Alternative { >>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}SymmetricBinding >>>>>> >> <http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DSymmetricBinding >> >>> is >>> >>>>>> not >>>>>> supported >>>>>> >>>>>> I've been working over the cxf documentation for over a day. I am >>>>>> stumped. >>>>>> >>>>>> What do I have to do to turn on support for symmetric binding? >>>>>> >>>>>> I'm writing a client that will run in jbossws-cxf 3.4.0. >>>>>> >>>>>> Thanks, >>>>>> John >>>>>> >>>>>> >>>>>> >>>>> -- >>>>> >>>>> Glen Mazza >>>>> gmazza at apache dot org >>>>> http://www.jroller.com/gmazza >>>>> >>>>> >>> >>> >> >
