Actually I just realised what the problem is. Your original namespace for sp was wrong. Just change it to
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy And it will all work. Sorry for the confusion, I am no expert, but did have the same problems so was worth the trial and error. On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote: > In fact just replacing the SP namespace should do it. The xmlns:wsp=" > http://schemas.xmlsoap.org/ws/2004/09/policy"; seems to not be the problem. > > So just change the sp to: > > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; > > > On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote: > >> Changing the namespaces to the following will allow it to work with CXF: >> >> xmlns:wsp="http://www.w3.org/ns/ws-policy"; >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> xmlns:sp=" >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"; >> >> >> >> >> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan >> <jenni...@indivica.com>wrote: >> >>> Hi, >>> >>> Thanks for your message. The WSDL file clearly contains a number of >>> errors and so I'm happy to change it. The owners of the service will have >>> to adjust it anyway. What should I change the namespaces to? >>> >>> Thanks again >>> Jen >>> >>> >>> >>> >>> On 2013/07/26 23:16, Jason Pell wrote: >>> >>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/** >>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java> >>>> >>>> This test case reproduces your issue I think. Changing the namespaces >>>> of >>>> the policy file will actually fix this, but probably not an option for >>>> you. >>>> >>>> public void testOldWspSpClient() throws Exception { >>>> ClassPathXmlApplicationContext clientContext = >>>> TestUtils.getContext( >>>> "/META-INF/**oldWspSpClientContext.xml"); >>>> >>>> OldSpWspSimpleService simpleService = clientContext.getBean( >>>> "OldSpWspSimpleServiceClient", >>>> OldSpWspSimpleService.class); >>>> >>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor( >>>> simpleService); >>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password"); >>>> >>>> try { >>>> simpleService.ping(); >>>> } catch (SOAPFaultException e) { >>>> assertTrue(e.getMessage().**contains("MustUnderstand")); >>>> } >>>> } >>>> >>>> >>>> >>>> >>>> >>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> >>>> wrote: >>>> >>>> Hi, >>>>> >>>>> I changed over my java first samples to use your namespaces, and I also >>>>> got the Must understand error. >>>>> >>>>> Since I can reproduce it, i will have a bit of a hunt around to see >>>>> what >>>>> the problem is. >>>>> >>>>> >>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan < >>>>> jenni...@indivica.com>wrote: >>>>> >>>>> Hi, >>>>>> >>>>>> Thanks for your help. >>>>>> >>>>>> The project path did not export the appropriate jars to the >>>>>> WEB-INF/lib >>>>>> directory when being built, so I added them to the deployment >>>>>> assembly step >>>>>> in eclipse. I added all the dependencies as well. >>>>>> >>>>>> Unfortunately, I was still getting the same "mustunderstand headers >>>>>> are >>>>>> not understood" error message. But there's more. I'm also getting a >>>>>> strange >>>>>> message when Tomcat is deploying the application, from CXF: >>>>>> Jul 26, 2013 1:23:24 PM >>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>> handleNoRegisteredBuilder >>>>>> WARNING: No assertion builder for type { >>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered> >>>>>> . >>>>>> Jul 26, 2013 1:23:24 PM >>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>> handleNoRegisteredBuilder >>>>>> WARNING: No assertion builder for type { >>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered> >>>>>> . >>>>>> >>>>>> Jul 26, 2013 1:23:24 PM >>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>> handleNoRegisteredBuilder >>>>>> WARNING: No assertion builder for type { >>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered> >>>>>> . >>>>>> >>>>>> >>>>>> I thought that was weird because in all the examples I've seen the sp >>>>>> namespace is >>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>. >>>>>> So I >>>>>> made the change in the WSDL and I got the following message upon >>>>>> restarting >>>>>> the server: >>>>>> Jul 26, 2013 1:25:16 PM >>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.** >>>>>> Wsdl11AttachmentPolicyProvider >>>>>> getElementPolicy >>>>>> WARNING: Failed to build the policy 'request-policy':{ >>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}** >>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is >>>>>> not a <wsp:Policy> element. >>>>>> >>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/** >>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>, >>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty >>>>>> close, >>>>>> I'm lost at this point. Do you happen to have any further suggestions? >>>>>> >>>>>> Thanks >>>>>> Jen >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <ashaki...@talend.com> >>>>>> wrote: >>>>>> >>>>>> Hi, >>>>>>> >>>>>>> "mustunderstand header is not understood" error is thrown by CXF >>>>>>> >>>>>> MustUnderstandInterceptor. >>>>>> >>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP >>>>>>> >>>>>> message can be processed by at least one CXF interceptor in chain. >>>>>> >>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to >>>>>>> say >>>>>>> >>>>>> which headers they are able to proceed. >>>>>> >>>>>>> Security headers can be processed either by AbstractTokenInterceptor >>>>>>> >>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java, >>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java >>>>>> >>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java, >>>>>>> >>>>>> WSS4JInInterceptor.java). >>>>>> >>>>>>> In your case no any from these interceptors is in chain on the >>>>>>> service >>>>>>> >>>>>> side. >>>>>> >>>>>>> That could happens because: >>>>>>> a) service uses other ws-policy (or nor policy) that doesn't activate >>>>>>> >>>>>> that interceptors >>>>>> >>>>>>> b) service uses no ws-policy way and not configured with security >>>>>>> >>>>>> interceptor >>>>>> >>>>>>> c) appropriate CXF jars are not available: >>>>>>> >>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar. >>>>>> >>>>>>> Can you please check how your service is configured? >>>>>>> >>>>>>> Regards, >>>>>>> Andrei. >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>>> From: Jennifer Ruttan [mailto:jenni...@indivica.com] >>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43 >>>>>>>> To: users@cxf.apache.org >>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy >>>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> Thanks for the reply. That's what I was thinking. There may be an >>>>>>>> >>>>>>> issue with >>>>>> >>>>>>> the WSDL file itself. >>>>>>>> >>>>>>>> My request matches the example provided by the author of the WSDL >>>>>>>> file, >>>>>>>> but neither of them work. They both cause the same "mustunderstand >>>>>>>> header is not understood" error. >>>>>>>> Disabling the security policy allows the request to complete >>>>>>>> properly. >>>>>>>> >>>>>>>> CXF is configured to read the security policy from the WSDL file, >>>>>>>> and >>>>>>>> >>>>>>> I know >>>>>> >>>>>>> that part is working because if I miss a required part (the >>>>>>>> timestamp, >>>>>>>> >>>>>>> for >>>>>> >>>>>>> example) in the header, CXF complains that not all of the required >>>>>>>> >>>>>>> parts have >>>>>> >>>>>>> been submitted. I guess this could be because of a signing issue, >>>>>>>> >>>>>>> although I'm >>>>>> >>>>>>> not sure. >>>>>>>> >>>>>>>> My reasons for building the service are because while there is a >>>>>>>> WSDL >>>>>>>> definition for the service, there's no way to access the service >>>>>>>> >>>>>>> itself. I know >>>>>> >>>>>>> exactly how the service is supposed to react to various inputs so I'm >>>>>>>> >>>>>>> trying to >>>>>> >>>>>>> build the same web service. It's for a health insurance card >>>>>>>> >>>>>>> validation service >>>>>> >>>>>>> in Ontario, Canada, and the service is provided by the government. >>>>>>>> >>>>>>>> Thanks. >>>>>>>> Jen >>>>>>>> >>>>>>>> --------------------- >>>>>>>> HCValidationService.wsdl >>>>>>>> >>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions >>>>>>>> name="HCValidationService" >>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>> " >>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/> >>>>>>>> " >>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-** >>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512> >>>>>>>> " >>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>> " >>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/> >>>>>>>> **" >>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy> >>>>>>>> " >>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-> >>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> " >>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema> >>>>>>>> "> >>>>>>>> >>>>>>>> <types> >>>>>>>> <xsd:schema> >>>>>>>> <xsd:import >>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> schemaLocation="EBSFault_**schema.xsd"/> >>>>>>>> <xsd:import >>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> " >>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/> >>>>>>>> <xsd:import >>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> schemaLocation="EBS_schema.**xsd"/> >>>>>>>> <xsd:import >>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> schemaLocation="MSA_schema.**xsd"/> >>>>>>>> <xsd:import >>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> schemaLocation="IDP_schema.**xsd"/> >>>>>>>> </xsd:schema> >>>>>>>> </types> >>>>>>>> >>>>>>>> <wsp:Policy wsu:Id="request-policy"> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <wsp:All> >>>>>>>> <sp:SignedSupportingTokens> >>>>>>>> <sp:UsernameToken> >>>>>>>> <wsp:Policy> >>>>>>>> <wsp:All> >>>>>>>> >>>>>>>> <sp:NoPassword/> >>>>>>>> >>>>>>>> <sp:WssUsernameToken10/> >>>>>>>> </wsp:All> >>>>>>>> </wsp:Policy> >>>>>>>> </sp:UsernameToken> >>>>>>>> </sp:SignedSupportingTokens> >>>>>>>> </wsp:All> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header Name="EBS" >>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header Name="MSA" >>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="SoftwareConformanceKey" Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="AuditId" >>>>>>>> Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="ServiceUserMUID" Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="UserID" >>>>>>>> Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <sp:SignedParts> >>>>>>>> <sp:Header Name="EBS" >>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> <sp:Header Name="MSA" >>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> <sp:Header >>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "/> >>>>>>>> <sp:Header >>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>> "/> >>>>>>>> <sp:Body/> >>>>>>>> </sp:SignedParts> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> </wsp:All> >>>>>>>> <wsp:All> >>>>>>>> <wsp:All> >>>>>>>> <sp:SignedSupportingTokens> >>>>>>>> <sp:UsernameToken> >>>>>>>> <wsp:Policy> >>>>>>>> <wsp:All> >>>>>>>> >>>>>>>> <sp:WssUsernameToken10/> >>>>>>>> </wsp:All> >>>>>>>> </wsp:Policy> >>>>>>>> </sp:UsernameToken> >>>>>>>> </sp:SignedSupportingTokens> >>>>>>>> </wsp:All> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <sp:SignedParts> >>>>>>>> <sp:Header Name="EBS" >>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> <sp:Header Name="IDP" >>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> <sp:Header Name="Timestamp" >>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-> >>>>>>>> wssecurity-utility-1.0.xsd"/> >>>>>>>> <sp:Header >>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>> "/> >>>>>>>> <sp:Body/> >>>>>>>> </sp:SignedParts> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header Name="EBS" >>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header Name="IDP" >>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="SoftwareConformanceKey" Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="AuditId" >>>>>>>> Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="ServiceUserMUID" Namespace=""/> >>>>>>>> </sp:RequiredParts> >>>>>>>> <sp:RequiredParts> >>>>>>>> <sp:Header >>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "/> >>>>>>>> </sp:RequiredParts> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> </wsp:Policy> >>>>>>>> >>>>>>>> <wsdl:message name="EBSHeader"> >>>>>>>> <wsdl:part element="ebs:EBS" >>>>>>>> name="ebsrequest_header"/> >>>>>>>> </wsdl:message> >>>>>>>> <wsdl:message name="MSAHeader"> >>>>>>>> <wsdl:part element="msa:MSA" >>>>>>>> name="msarequest_header"/> >>>>>>>> </wsdl:message> >>>>>>>> <wsdl:message name="IDPHeader"> >>>>>>>> <wsdl:part element="idp:IDP" >>>>>>>> name="idprequest_header"/> >>>>>>>> </wsdl:message> >>>>>>>> >>>>>>>> <message name="validate"> >>>>>>>> <wsdl:part element="hcv:validate" name="parameters"/> >>>>>>>> </message> >>>>>>>> >>>>>>>> <message name="validateResponse"> >>>>>>>> <part element="hcv:validateResponse" >>>>>>>> name="parameters"/> >>>>>>>> </message> >>>>>>>> >>>>>>>> <message name="faultexception"> >>>>>>>> <part element="ebs:EBSFault" name="Fault"/> >>>>>>>> </message> >>>>>>>> >>>>>>>> <portType name="HCValidation"> >>>>>>>> <operation name="validate"> >>>>>>>> <input message="hcv:validate"/> >>>>>>>> <output message="hcv:validateResponse"**/> >>>>>>>> <fault message="hcv:faultexception" >>>>>>>> name="FaultException"/> >>>>>>>> </operation> >>>>>>>> </portType> >>>>>>>> >>>>>>>> <binding name="HCValidationPortBinding" >>>>>>>> type="hcv:HCValidation"> >>>>>>>> <soap:binding style="document" >>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http> >>>>>>>> "/> >>>>>>>> >>>>>>>> <operation name="validate"> >>>>>>>> <soap:operation soapAction=""/> >>>>>>>> <input> >>>>>>>> <wsp:PolicyReference URI="#request-policy"/> >>>>>>>> <wsdlsoap:header >>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/> >>>>>>>> <wsdlsoap:header >>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/> >>>>>>>> <wsdlsoap:header >>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/> >>>>>>>> <wsdlsoap:body parts="parameters" >>>>>>>> use="literal"/> >>>>>>>> </input> >>>>>>>> <output> >>>>>>>> <soap:body use="literal"/> >>>>>>>> </output> >>>>>>>> <fault name="FaultException"> >>>>>>>> <soap:fault name="FaultException" >>>>>>>> use="literal"/> >>>>>>>> </fault> >>>>>>>> </operation> >>>>>>>> </binding> >>>>>>>> >>>>>>>> <service name="HCValidationService"> >>>>>>>> <port binding="hcv:**HCValidationPortBinding" >>>>>>>> name="HCValidationPort"> >>>>>>>> <soap:address >>>>>>>> location=" >>>>>>>> >>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe> >>>>>> >>>>>>> rvice"/> >>>>>>>> </port> >>>>>>>> </service> >>>>>>>> </definitions> >>>>>>>> >>>>>>>> --------------------- >>>>>>>> Sample Request (provided by author of WSDL) >>>>>>>> >>>>>>>> <soapenv:Envelope xmlns:soap- >>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12> >>>>>>>> " >>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>> wss-wssecurity-secext-1.0.xsd" >>>>>>>> >>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance> >>>>>>>> " >>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>> " >>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>> wss-wssecurity-utility-1.0.**xsd" >>>>>>>> >>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03> >>>>>>>> " >>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy> >>>>>>>> " >>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>> "> >>>>>>>> <soapenv:Header> >>>>>>>> <ns2:EBS wsu:Id="id-1" >>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> "> >>>>>>>> <SoftwareConformanceKey>**444561ee-277f-77b2- >>>>>>>> c664-7a9923jfgh1b >>>>>>>> </SoftwareConformanceKey> >>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0- >>>>>>>> 21b707ca8a53</AuditId> >>>>>>>> </ns2:EBS> >>>>>>>> <ns2:IDP wsu:Id="id-2" >>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> "> >>>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID> >>>>>>>> </ns2:IDP> >>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1"> >>>>>>>> <wsu:Timestamp wsu:Id="id-3"> >>>>>>>> <wsu:Created>2012-06- >>>>>>>> 20T17:58:42.580Z</wsu:Created> >>>>>>>> <wsu:Expires>2012-06- >>>>>>>> 20T17:59:12.580Z</wsu:Expires> >>>>>>>> </wsu:Timestamp> >>>>>>>> <wsse:UsernameToken wsu:Id="id-4"> >>>>>>>> >>>>>>>> >>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <john...@yahoo.ca> >>>>>>>> </wsse:Username> >>>>>>>> <wsse:Password >>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password> >>>>>>>> </wsse:UsernameToken> >>>>>>>> <wsse:BinarySecurityToken >>>>>>>> >>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis-> >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security-> >>>>>>>> 1.0#Base64Binary" >>>>>>>> ValueType="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-** >>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3> >>>>>>>> " >>>>>>>> wsu:Id="X509- >>>>>>>> 02F859690D5C74E209134021512282**11"> >>>>>>>> >>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw >>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ >>>>>>>> >>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw >>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA >>>>>>>> wNTJaM >>>>>>>> >>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY >>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM >>>>>>>> TDj >>>>>>>> >>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi >>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4 >>>>>>>> >>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC** >>>>>>>> o >>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe >>>>>>>> >>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ >>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL >>>>>>>> >>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F >>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB >>>>>>>> </wsse:BinarySecurityToken> >>>>>>>> <ds:Signature Id="SIG-6" >>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#> >>>>>>>> "> >>>>>>>> <ds:SignedInfo> >>>>>>>> <ds:CanonicalizationMethod >>>>>>>> >>>>>>>> >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP- >>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> </ds:CanonicalizationMethod> >>>>>>>> <ds:SignatureMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>" >>>>>>>> /> >>>>>>>> <ds:Reference URI="#id-1"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse >>>>>>>> wsu xs xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**hAp3ByFuG9c >>>>>>>> Hs= >>>>>>>> </ds:DigestValue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-2"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse >>>>>>>> wsu xs xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE >>>>>>>> Oz3E= >>>>>>>> </ds:DigestValue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-3"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp >>>>>>>> wsse xs >>>>>>>> xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM >>>>>>>> GGE= >>>>>>>> </ds:DigestValue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-4"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu >>>>>>>> xs >>>>>>>> xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc >>>>>>>> Gjo= >>>>>>>> </ds:DigestValue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-5"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> >>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs >>>>>>>> xsi" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**tD4eaCObTCdGNXDF/PY9LjDUPl >>>>>>>> 9Y= >>>>>>>> </ds:DigestValue> >>>>>>>> </ds:Reference> >>>>>>>> </ds:SignedInfo> >>>>>>>> <ds:SignatureValue> >>>>>>>> >>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg >>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W >>>>>>>> >>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y >>>>>>>> LaD+S/j3QKc= >>>>>>>> </ds:SignatureValue> >>>>>>>> <ds:KeyInfo Id="KI- >>>>>>>> 02F859690D5C74E209134021512283**12"> >>>>>>>> <wsse:SecurityTokenReference >>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13"> >>>>>>>> <wsse:Reference >>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11" >>>>>>>> >>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>> wss-x509-token-profile-1.0#**X509v3" /> >>>>>>>> </wsse:SecurityTokenReference> >>>>>>>> </ds:KeyInfo> >>>>>>>> </ds:Signature> >>>>>>>> </wsse:Security> >>>>>>>> </soapenv:Header> >>>>>>>> <soapenv:Body wsu:Id="id-5"> >>>>>>>> <ns5:validate xmlns:ns4=" >>>>>>>> >>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/> >>>>>> " >>>>>> >>>>>>> >>>>>>> xmlns:ns3="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> "> >>>>>>>> <requests> >>>>>>>> <hcvRequest> >>>>>>>> >>>>>>>> <healthNumber>2222211122</**healthNumber> >>>>>>>> <versionCode>WW</versionCode> >>>>>>>> </hcvRequest> >>>>>>>> </requests> >>>>>>>> <locale>en</locale> >>>>>>>> </ns5:validate> >>>>>>>> </soapenv:Body> >>>>>>>> </soapenv:Envelope> >>>>>>>> >>>>>>>> ------------------- >>>>>>>> Sample Request (Built via SoapUI) >>>>>>>> >>>>>>>> <soapenv:Envelope >>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> >>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>> " >>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>> "> >>>>>>>> <soapenv:Header> >>>>>>>> <wsse:Security soapenv:mustUnderstand="1" >>>>>>>> xmlns:wsse="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>> " >>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "> >>>>>>>> <wsse:BinarySecurityToken >>>>>>>> >>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis-> >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security-> >>>>>>>> 1.0#Base64Binary" >>>>>>>> ValueType="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-** >>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3> >>>>>>>> " >>>>>>>> wsu:Id="X509- >>>>>>>> 9346053A98F2390F1A137460706920**025"> >>>>>>>> >>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ >>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G >>>>>>>> >>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN >>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J >>>>>>>> >>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk >>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0 >>>>>>>> >>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ >>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y >>>>>>>> >>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb >>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF >>>>>>>> >>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA >>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB >>>>>>>> >>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK >>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph >>>>>>>> >>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx >>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ >>>>>>>> >>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT >>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE >>>>>>>> >>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA >>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU >>>>>>>> >>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf >>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6 >>>>>>>> >>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt >>>>>>>> OM0XL3xwzblWi++B >>>>>>>> </wsse:BinarySecurityToken> >>>>>>>> <ds:Signature Id="SIG-30" >>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#> >>>>>>>> "> >>>>>>>> <ds:SignedInfo> >>>>>>>> <ds:CanonicalizationMethod >>>>>>>> >>>>>>>> >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces >>>>>>>> PrefixList="ebs hcv idp msa soapenv" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> </ds:CanonicalizationMethod> >>>>>>>> <ds:SignatureMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>" >>>>>>>> /> >>>>>>>> <ds:Reference URI="#id-7"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:** >>>>>>>> DigestVal >>>>>>>> ue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-8"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:** >>>>>>>> DigestVal >>>>>>>> ue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#TS-29"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa >>>>>>>> soapenv" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</** >>>>>>>> ds:DigestVal >>>>>>>> ue> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference >>>>>>>> URI="#UsernameToken-28"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</** >>>>>>>> ds:DigestValu >>>>>>>> e> >>>>>>>> </ds:Reference> >>>>>>>> <ds:Reference URI="#id-12"> >>>>>>>> <ds:Transforms> >>>>>>>> <ds:Transform >>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>> "> >>>>>>>> >>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa" >>>>>>>> >>>>>>>> >>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>> /> >>>>>>>> >>>>>>>> </ds:Transform> >>>>>>>> </ds:Transforms> >>>>>>>> <ds:DigestMethod >>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>> /> >>>>>>>> >>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</** >>>>>>>> ds:DigestValue >>>>>>>> </ds:Reference> >>>>>>>> </ds:SignedInfo> >>>>>>>> >>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur** >>>>>>>> UZ51zrXi3 >>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd >>>>>>>> >>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh >>>>>>>> G8BmqFGHXcPiuuO+FIXr >>>>>>>> >>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla >>>>>>>> UftqeybM6t0i2cTuNxf8nbCS >>>>>>>> >>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp >>>>>>>> 09lp8XaI+NzwENvdBskb >>>>>>>> >>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w== >>>>>>>> </ds:SignatureValue> >>>>>>>> <ds:KeyInfo Id="KI- >>>>>>>> 9346053A98F2390F1A137460706920**026"> >>>>>>>> <wsse:SecurityTokenReference >>>>>>>> wsu:Id="STR- >>>>>>>> 9346053A98F2390F1A137460706920**027"> >>>>>>>> <wsse:Reference >>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025" >>>>>>>> >>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>> wss-x509-token-profile-1.0#**X509v3" /> >>>>>>>> </wsse:SecurityTokenReference> >>>>>>>> </ds:KeyInfo> >>>>>>>> </ds:Signature> >>>>>>>> <wsu:Timestamp wsu:Id="TS-29"> >>>>>>>> <wsu:Created>2013-07- >>>>>>>> 23T19:17:49.196Z</wsu:Created> >>>>>>>> <wsu:Expires>2013-07- >>>>>>>> 30T17:57:49.196Z</wsu:Expires> >>>>>>>> </wsu:Timestamp> >>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken- >>>>>>>> 28"> >>>>>>>> <wsse:Username>abc</wsse:**Username> >>>>>>>> <wsse:Password >>>>>>>> Type="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile-> >>>>>>>> 1.0#PasswordText">defg</wsse:**Password> >>>>>>>> </wsse:UsernameToken> >>>>>>>> </wsse:Security> >>>>>>>> <idp:IDP wsu:Id="id-8" >>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "> >>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID> >>>>>>>> </idp:IDP> >>>>>>>> <ebs:EBS wsu:Id="id-7" >>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>> "> >>>>>>>> >>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey> >>>>>>>> <AuditId>12345</AuditId> >>>>>>>> </ebs:EBS> >>>>>>>> </soapenv:Header> >>>>>>>> <soapenv:Body wsu:Id="id-12" >>>>>>>> xmlns:wsu="http://docs.oasis-** >>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis-> >>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd"> >>>>>>>> <hcv:validate> >>>>>>>> <requests> >>>>>>>> <hcvRequest> >>>>>>>> >>>>>>>> <healthNumber>9876543217</**healthNumber> >>>>>>>> <versionCode>AB</versionCode> >>>>>>>> </hcvRequest> >>>>>>>> </requests> >>>>>>>> </hcv:validate> >>>>>>>> </soapenv:Body> >>>>>>>> </soapenv:Envelope> >>>>>>>> >>>>>>>> >>>>>>>> ----------------------- >>>>>>>> Response (In either case): >>>>>>>> >>>>>>>> <soap:Envelope >>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>> "> >>>>>>>> <soap:Body> >>>>>>>> <soap:Fault> >>>>>>>> <faultcode>soap:**MustUnderstand</faultcode> >>>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis- >>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-> >>>>>>>> 1.0.xsd}Security] are not understood.</faultstring> >>>>>>>> </soap:Fault> >>>>>>>> </soap:Body> >>>>>>>> </soap:Envelope> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <ashaki...@talend.com> >>>>>>>> >>>>>>> wrote: >>>>>> >>>>>>> Hi, >>>>>>>>> >>>>>>>>> It seems that your service doesn't use the same WS-Policy as >>>>>>>>> client, >>>>>>>>> >>>>>>>> therefore appropriate interceptors are not activated on the service >>>>>>>> >>>>>>> side. >>>>>> >>>>>>> Could you double check that? >>>>>>>>> >>>>>>>>> Exact request and response will be also useful for further analyse. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> Andrei. >>>>>>>>> >>>>>>>>> -----Original Message----- >>>>>>>>>> From: Jennifer Ruttan [mailto:jenni...@indivica.com] >>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35 >>>>>>>>>> To: users@cxf.apache.org >>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy >>>>>>>>>> >>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a >>>>>>>>>> WSDL-first service via Eclipse. >>>>>>>>>> >>>>>>>>>> I created a project from a WSDL file (I didn't create it) with the >>>>>>>>>> intention of implementing the service that it describes. The WSDL >>>>>>>>>> file describes a WS- SecurityPolicy that includes a UsernameToken, >>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run >>>>>>>>>> a >>>>>>>>>> sample request that includes all of those components in the >>>>>>>>>> WS-Security header I get a "must understand header is not >>>>>>>>>> understood" >>>>>>>>>> message, regarding the WS-Security header. >>>>>>>>>> >>>>>>>>>> I've read on the documentation of CXF that additional dependencies >>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy work, >>>>>>>>>> but >>>>>>>>>> I've used Eclipse's deployment method and given it the entire CXF >>>>>>>>>> ZIP >>>>>>>>>> file as downloaded from the project website as the CXF Runtime. Is >>>>>>>>>> there anything that I'm missing? Or is there a better way for me >>>>>>>>>> to >>>>>>>>>> be working with CXF than to use Eclipse's automated tools? >>>>>>>>>> >>>>>>>>>> Thanks for any help. >>>>>>>>>> Jen >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>> >>> >> >
