You can either set the WSS4JOutInceteptor's property mustUnderstand to "false" or set this property to the message. In the latter case, you can use constant WSHandlerConstants.MUST_UNDERSTAND as the key.
http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#MUST_UNDERSTAND I think this value is not read from the request context properties. 2012/2/28 clickonchris <[email protected]>: > Hi folks, > > I'm using CXF to implement a ws client. The wsdl I'm implementing against > has a UsernameToken security policy like this: > -------------- > > --------------------- > > In this case the default behavior for cxf seems to be to use the > UsernameTokenInterceptor. > > I'm trying to minimize my xml configuration so I've attached the username > and password to the request like this: > > Map<String, Object> ctx = > ((BindingProvider)partnerProfileSvc).getRequestContext(); > ctx.put("ws-security.username", "scott"); > ctx.put("ws-security.password", "tiger"); > > My problem is that this ALWAYS sends a "mustUnderstand='1'" attribute in the > security header for my request, and the remote server chokes on it. > > > Furthermore, if I'm understanding this right, this seems to be HARD CODED > into the UsernameTokenInterceptor. Check it out: > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf/cxf-rt-ws-security/2.5.1/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java/#301 > http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf/cxf-rt-ws-security/2.5.1/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java/#301 > > I tried using the WSS4JInterceptor, but it seems like once the > UsernameTokenInterceptor sets mustUnderstand, the WSS4JInterceptor cannot > unset it. > > So my only solution in this case is to modify the wsdl to remove the > security policy, and just the WS4JInterceptor to manually insert the > UsernameToken security headers. > > What I'm getting at, is that I think it is a big problem that > UsernameTokenInterceptor hard codes "mustUnderstand" to true. I feel like > opening a bug for it but I want to make sure that I'm using the framework > properly first, so please point out anywhere that I'm wrong in my logic. > Thanks! > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/sending-mustUnderstand-0-with-UsernameTokenInterceptor-tp5523486p5523486.html > Sent from the cxf-user mailing list archive at Nabble.com.
