Hi, Small correction to my answer: UsernameToken is defined as complex type with sequence containing first element Username (in oasis-200401-wss-wssecurity-secext-1.0.xsd). Therefore order of Username and Password elements is important. Correct sample will be:
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1"> <wsse:UsernameToken wsu:Id="UsernameToken-2"> <wsse:Username>alice</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">clarinet</wsse:Password> </wsse:UsernameToken> </wsse:Security> Regards, Andrei. > -----Original Message----- > From: Andrei Shakirin [mailto:ashaki...@talend.com] > Sent: Dienstag, 30. April 2013 13:11 > To: users@cxf.apache.org > Cc: jobs.ni...@gmail.com > Subject: RE: Problem with UsernameToken > > Hi, > > As far as I can see password type is missing in your request > (Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > username-token-profile-1.0#PasswordText") > The correct variant will look like: > > <wsse:Security xmlns:SOAP- > ENV="http://schemas.xmlsoap.org/soap/envelope/" > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401- > wss-wssecurity-secext-1.0.xsd" > SOAP-ENV:mustUnderstand="1"> > <wsse:UsernameToken> > <wsse:Password > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- > 200401-wss-wssecurity-secext-1.0.xsd" Type="http://docs.oasis- > open.org/wss/2004/01/oasis-200401-wss-username-token-profile- > 1.0#PasswordText">TestPassword</wsse:Password> > <wsse:Username > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- > 200401-wss-wssecurity-secext-1.0.xsd" >TestUser</wsse:Username> > </wsse:UsernameToken> > </wsse:Security> > > I would anyway recommend you to use WSS4JOutInterceptor or WS-Policy > on the client side to create Security Token instead doing it manually in > SOAPMessage. > > Regards, > Andrei. > > > -----Original Message----- > > From: Nidhi Sharma [mailto:jobs.ni...@gmail.com] > > Sent: Montag, 29. April 2013 19:54 > > To: users@cxf.apache.org > > Subject: Re: Problem with UsernameToken > > > > Hi Daniel, > > > > Sorry for late reply.... > > > > POST /eskm/services/eventNotification HTTP/1.1 > > Content-Type: text/xml; charset=UTF-8 > > Accept: */* > > SOAPAction: "" > > User-Agent: Apache CXF 2.6.5 > > Cache-Control: no-cache > > Pragma: no-cache > > Host: localhost:8081 > > Connection: keep-alive > > Content-Length: 1544 > > > > I looged this request while creating service throught java client. > > > > <soap:Envelope > > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header> > > <wsse:Security > > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > > wssecurity-secext-1.0.xsd" > > SOAP- > ENV:mustUnderstand="1"><wsse:UsernameToken><wsse:Password > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > > wssecurity-secext- > > 1.0.xsd">TestPassword</wsse:Password><wsse:Username > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > > wssecurity-secext- > > > 1.0.xsd">TestUser</wsse:Username></wsse:UsernameToken></wsse:Secu > > rity></soap:Header><soap:Body><ns1:sendNotification > > xmlns:ns1="http://webservice.oasys.ets.org"><EventNotificationInfo_1 > > > xmlns:ns2="http://webservice.oasys.ets.org/types"><sourceName>IBIS</s > > ourceName><sourceType>ITEM > > > BANK</sourceType><eventType>ADMIN_FINALIZED</eventType><xmlDat > > a><questestinterop><qticomment>Event > > Notification XML</qticomment> <context> <generic_identifier> > > <type_label>TestProgramCode</type_label> > > <identifier_string>GRI</identifier_string> </generic_identifier> > > <generic_identifier> <type_label>TestSubjectCode</type_label> > > <identifier_string>GEN</identifier_string> > > </generic_identifier><generic_identifier> > > <type_label>TestAdminCode</type_label> > > <identifier_string>20100917A</identifier_string> > > </generic_identifier></context></questestinterop></xmlData></ > > Ev > > > entNotificationInfo_1></ns1:sendNotification></soap:Body></soap:Envelo > > p > > e> > > > > This is the request created by java client while calling the webservice. > > > > And below is the response M getting from server.. > > HTTP/1.1 500 Internal Server Error > > Server: Apache-Coyote/1.1 > > X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1 > > Content-Type: text/xml;charset=UTF-8 > > Content-Length: 361 > > Date: Mon, 29 Apr 2013 17:44:30 GMT > > Connection: close > > > > <soap:Envelope > > > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><s > > oap:Fault><faultcode > > xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > > wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode><faultstring > > >An error was discovered processing the <wsse:Security> > > header</faultstring></soap:Fault></soap:Body></soap:Envelope> > > > > > > Will appreciate your help...on server side in its not able to find > > UsernameToken. > > > > Nidhi > > > > > > > > > > > > > > -- > > View this message in context: http://cxf.547215.n5.nabble.com/Problem- > > with-UsernameToken-tp5726788p5726913.html > > Sent from the cxf-user mailing list archive at Nabble.com.