I realised you had already got that far yourself, apologies for wasting everyone's time. I misread the email thread. So you already changed your sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
However when I change my policy file to use SignedSupportingToken rather than SupportingToken I also get: {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is not a <wsp:Policy> element. So I will have a play around with that now. On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote: > Actually I just realised what the problem is. Your original namespace for > sp was wrong. Just change it to > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy > > And it will all work. Sorry for the confusion, I am no expert, but did > have the same problems so was worth the trial and error. > > > > > On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote: > >> In fact just replacing the SP namespace should do it. The xmlns:wsp=" >> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the >> problem. >> >> So just change the sp to: >> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" >> >> >> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote: >> >>> Changing the namespaces to the following will allow it to work with CXF: >>> >>> xmlns:wsp="http://www.w3.org/ns/ws-policy" >>> xmlns:wsu=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>> " >>> xmlns:sp=" >>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" >>> >>> >>> >>> >>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan >>> <jenni...@indivica.com>wrote: >>> >>>> Hi, >>>> >>>> Thanks for your message. The WSDL file clearly contains a number of >>>> errors and so I'm happy to change it. The owners of the service will have >>>> to adjust it anyway. What should I change the namespaces to? >>>> >>>> Thanks again >>>> Jen >>>> >>>> >>>> >>>> >>>> On 2013/07/26 23:16, Jason Pell wrote: >>>> >>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/** >>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java> >>>>> >>>>> This test case reproduces your issue I think. Changing the namespaces >>>>> of >>>>> the policy file will actually fix this, but probably not an option for >>>>> you. >>>>> >>>>> public void testOldWspSpClient() throws Exception { >>>>> ClassPathXmlApplicationContext clientContext = >>>>> TestUtils.getContext( >>>>> "/META-INF/**oldWspSpClientContext.xml"); >>>>> >>>>> OldSpWspSimpleService simpleService = clientContext.getBean( >>>>> "OldSpWspSimpleServiceClient", >>>>> OldSpWspSimpleService.class); >>>>> >>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor( >>>>> simpleService); >>>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password"); >>>>> >>>>> try { >>>>> simpleService.ping(); >>>>> } catch (SOAPFaultException e) { >>>>> assertTrue(e.getMessage().**contains("MustUnderstand")); >>>>> } >>>>> } >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> >>>>> wrote: >>>>> >>>>> Hi, >>>>>> >>>>>> I changed over my java first samples to use your namespaces, and I >>>>>> also >>>>>> got the Must understand error. >>>>>> >>>>>> Since I can reproduce it, i will have a bit of a hunt around to see >>>>>> what >>>>>> the problem is. >>>>>> >>>>>> >>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan < >>>>>> jenni...@indivica.com>wrote: >>>>>> >>>>>> Hi, >>>>>>> >>>>>>> Thanks for your help. >>>>>>> >>>>>>> The project path did not export the appropriate jars to the >>>>>>> WEB-INF/lib >>>>>>> directory when being built, so I added them to the deployment >>>>>>> assembly step >>>>>>> in eclipse. I added all the dependencies as well. >>>>>>> >>>>>>> Unfortunately, I was still getting the same "mustunderstand headers >>>>>>> are >>>>>>> not understood" error message. But there's more. I'm also getting a >>>>>>> strange >>>>>>> message when Tomcat is deploying the application, from CXF: >>>>>>> Jul 26, 2013 1:23:24 PM >>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>>> handleNoRegisteredBuilder >>>>>>> WARNING: No assertion builder for type { >>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered> >>>>>>> . >>>>>>> Jul 26, 2013 1:23:24 PM >>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>>> handleNoRegisteredBuilder >>>>>>> WARNING: No assertion builder for type { >>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered> >>>>>>> . >>>>>>> >>>>>>> Jul 26, 2013 1:23:24 PM >>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl >>>>>>> handleNoRegisteredBuilder >>>>>>> WARNING: No assertion builder for type { >>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}** >>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered> >>>>>>> . >>>>>>> >>>>>>> >>>>>>> I thought that was weird because in all the examples I've seen the sp >>>>>>> namespace is >>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>. >>>>>>> So I >>>>>>> made the change in the WSDL and I got the following message upon >>>>>>> restarting >>>>>>> the server: >>>>>>> Jul 26, 2013 1:25:16 PM >>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.** >>>>>>> Wsdl11AttachmentPolicyProvider >>>>>>> getElementPolicy >>>>>>> WARNING: Failed to build the policy 'request-policy':{ >>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}** >>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is >>>>>>> not a <wsp:Policy> element. >>>>>>> >>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/** >>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>, >>>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty >>>>>>> close, >>>>>>> I'm lost at this point. Do you happen to have any further >>>>>>> suggestions? >>>>>>> >>>>>>> Thanks >>>>>>> Jen >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <ashaki...@talend.com> >>>>>>> wrote: >>>>>>> >>>>>>> Hi, >>>>>>>> >>>>>>>> "mustunderstand header is not understood" error is thrown by CXF >>>>>>>> >>>>>>> MustUnderstandInterceptor. >>>>>>> >>>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP >>>>>>>> >>>>>>> message can be processed by at least one CXF interceptor in chain. >>>>>>> >>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to >>>>>>>> say >>>>>>>> >>>>>>> which headers they are able to proceed. >>>>>>> >>>>>>>> Security headers can be processed either by AbstractTokenInterceptor >>>>>>>> >>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java, >>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java >>>>>>> >>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java, >>>>>>>> >>>>>>> WSS4JInInterceptor.java). >>>>>>> >>>>>>>> In your case no any from these interceptors is in chain on the >>>>>>>> service >>>>>>>> >>>>>>> side. >>>>>>> >>>>>>>> That could happens because: >>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't >>>>>>>> activate >>>>>>>> >>>>>>> that interceptors >>>>>>> >>>>>>>> b) service uses no ws-policy way and not configured with security >>>>>>>> >>>>>>> interceptor >>>>>>> >>>>>>>> c) appropriate CXF jars are not available: >>>>>>>> >>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar. >>>>>>> >>>>>>>> Can you please check how your service is configured? >>>>>>>> >>>>>>>> Regards, >>>>>>>> Andrei. >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>>> From: Jennifer Ruttan [mailto:jenni...@indivica.com] >>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43 >>>>>>>>> To: users@cxf.apache.org >>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy >>>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an >>>>>>>>> >>>>>>>> issue with >>>>>>> >>>>>>>> the WSDL file itself. >>>>>>>>> >>>>>>>>> My request matches the example provided by the author of the WSDL >>>>>>>>> file, >>>>>>>>> but neither of them work. They both cause the same "mustunderstand >>>>>>>>> header is not understood" error. >>>>>>>>> Disabling the security policy allows the request to complete >>>>>>>>> properly. >>>>>>>>> >>>>>>>>> CXF is configured to read the security policy from the WSDL file, >>>>>>>>> and >>>>>>>>> >>>>>>>> I know >>>>>>> >>>>>>>> that part is working because if I miss a required part (the >>>>>>>>> timestamp, >>>>>>>>> >>>>>>>> for >>>>>>> >>>>>>>> example) in the header, CXF complains that not all of the required >>>>>>>>> >>>>>>>> parts have >>>>>>> >>>>>>>> been submitted. I guess this could be because of a signing issue, >>>>>>>>> >>>>>>>> although I'm >>>>>>> >>>>>>>> not sure. >>>>>>>>> >>>>>>>>> My reasons for building the service are because while there is a >>>>>>>>> WSDL >>>>>>>>> definition for the service, there's no way to access the service >>>>>>>>> >>>>>>>> itself. I know >>>>>>> >>>>>>>> exactly how the service is supposed to react to various inputs so >>>>>>>>> I'm >>>>>>>>> >>>>>>>> trying to >>>>>>> >>>>>>>> build the same web service. It's for a health insurance card >>>>>>>>> >>>>>>>> validation service >>>>>>> >>>>>>>> in Ontario, Canada, and the service is provided by the government. >>>>>>>>> >>>>>>>>> Thanks. >>>>>>>>> Jen >>>>>>>>> >>>>>>>>> --------------------- >>>>>>>>> HCValidationService.wsdl >>>>>>>>> >>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions >>>>>>>>> name="HCValidationService" >>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>>> " >>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/> >>>>>>>>> " >>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-** >>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512> >>>>>>>>> " >>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>>> " >>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/> >>>>>>>>> **" >>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy> >>>>>>>>> " >>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-> >>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> " >>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <types> >>>>>>>>> <xsd:schema> >>>>>>>>> <xsd:import >>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/> >>>>>>>>> <xsd:import >>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/> >>>>>>>>> <xsd:import >>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> schemaLocation="EBS_schema.**xsd"/> >>>>>>>>> <xsd:import >>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> schemaLocation="MSA_schema.**xsd"/> >>>>>>>>> <xsd:import >>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> schemaLocation="IDP_schema.**xsd"/> >>>>>>>>> </xsd:schema> >>>>>>>>> </types> >>>>>>>>> >>>>>>>>> <wsp:Policy wsu:Id="request-policy"> >>>>>>>>> <wsp:ExactlyOne> >>>>>>>>> <wsp:All> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:SignedSupportingTokens> >>>>>>>>> <sp:UsernameToken> >>>>>>>>> <wsp:Policy> >>>>>>>>> <wsp:All> >>>>>>>>> >>>>>>>>> <sp:NoPassword/> >>>>>>>>> >>>>>>>>> <sp:WssUsernameToken10/> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:Policy> >>>>>>>>> </sp:UsernameToken> >>>>>>>>> </sp:SignedSupportingTokens> >>>>>>>>> </wsp:All> >>>>>>>>> <wsp:ExactlyOne> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header Name="EBS" >>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header Name="MSA" >>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="AuditId" >>>>>>>>> Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="ServiceUserMUID" Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="UserID" >>>>>>>>> Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:ExactlyOne> >>>>>>>>> <wsp:ExactlyOne> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:SignedParts> >>>>>>>>> <sp:Header Name="EBS" >>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> <sp:Header Name="MSA" >>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> <sp:Header >>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "/> >>>>>>>>> <sp:Header >>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>>> "/> >>>>>>>>> <sp:Body/> >>>>>>>>> </sp:SignedParts> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:ExactlyOne> >>>>>>>>> </wsp:All> >>>>>>>>> <wsp:All> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:SignedSupportingTokens> >>>>>>>>> <sp:UsernameToken> >>>>>>>>> <wsp:Policy> >>>>>>>>> <wsp:All> >>>>>>>>> >>>>>>>>> <sp:WssUsernameToken10/> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:Policy> >>>>>>>>> </sp:UsernameToken> >>>>>>>>> </sp:SignedSupportingTokens> >>>>>>>>> </wsp:All> >>>>>>>>> <wsp:ExactlyOne> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:SignedParts> >>>>>>>>> <sp:Header Name="EBS" >>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> <sp:Header Name="IDP" >>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> <sp:Header Name="Timestamp" >>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-> >>>>>>>>> wssecurity-utility-1.0.xsd"/> >>>>>>>>> <sp:Header >>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>>> "/> >>>>>>>>> <sp:Body/> >>>>>>>>> </sp:SignedParts> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:ExactlyOne> >>>>>>>>> >>>>>>>>> <wsp:ExactlyOne> >>>>>>>>> <wsp:All> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header Name="EBS" >>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header Name="IDP" >>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="AuditId" >>>>>>>>> Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="ServiceUserMUID" Namespace=""/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> <sp:RequiredParts> >>>>>>>>> <sp:Header >>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "/> >>>>>>>>> </sp:RequiredParts> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:ExactlyOne> >>>>>>>>> </wsp:All> >>>>>>>>> </wsp:ExactlyOne> >>>>>>>>> </wsp:Policy> >>>>>>>>> >>>>>>>>> <wsdl:message name="EBSHeader"> >>>>>>>>> <wsdl:part element="ebs:EBS" >>>>>>>>> name="ebsrequest_header"/> >>>>>>>>> </wsdl:message> >>>>>>>>> <wsdl:message name="MSAHeader"> >>>>>>>>> <wsdl:part element="msa:MSA" >>>>>>>>> name="msarequest_header"/> >>>>>>>>> </wsdl:message> >>>>>>>>> <wsdl:message name="IDPHeader"> >>>>>>>>> <wsdl:part element="idp:IDP" >>>>>>>>> name="idprequest_header"/> >>>>>>>>> </wsdl:message> >>>>>>>>> >>>>>>>>> <message name="validate"> >>>>>>>>> <wsdl:part element="hcv:validate" name="parameters"/> >>>>>>>>> </message> >>>>>>>>> >>>>>>>>> <message name="validateResponse"> >>>>>>>>> <part element="hcv:validateResponse" >>>>>>>>> name="parameters"/> >>>>>>>>> </message> >>>>>>>>> >>>>>>>>> <message name="faultexception"> >>>>>>>>> <part element="ebs:EBSFault" name="Fault"/> >>>>>>>>> </message> >>>>>>>>> >>>>>>>>> <portType name="HCValidation"> >>>>>>>>> <operation name="validate"> >>>>>>>>> <input message="hcv:validate"/> >>>>>>>>> <output message="hcv:validateResponse"**/> >>>>>>>>> <fault message="hcv:faultexception" >>>>>>>>> name="FaultException"/> >>>>>>>>> </operation> >>>>>>>>> </portType> >>>>>>>>> >>>>>>>>> <binding name="HCValidationPortBinding" >>>>>>>>> type="hcv:HCValidation"> >>>>>>>>> <soap:binding style="document" >>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http> >>>>>>>>> "/> >>>>>>>>> >>>>>>>>> <operation name="validate"> >>>>>>>>> <soap:operation soapAction=""/> >>>>>>>>> <input> >>>>>>>>> <wsp:PolicyReference URI="#request-policy"/> >>>>>>>>> <wsdlsoap:header >>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/> >>>>>>>>> <wsdlsoap:header >>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/> >>>>>>>>> <wsdlsoap:header >>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/> >>>>>>>>> <wsdlsoap:body parts="parameters" >>>>>>>>> use="literal"/> >>>>>>>>> </input> >>>>>>>>> <output> >>>>>>>>> <soap:body use="literal"/> >>>>>>>>> </output> >>>>>>>>> <fault name="FaultException"> >>>>>>>>> <soap:fault name="FaultException" >>>>>>>>> use="literal"/> >>>>>>>>> </fault> >>>>>>>>> </operation> >>>>>>>>> </binding> >>>>>>>>> >>>>>>>>> <service name="HCValidationService"> >>>>>>>>> <port binding="hcv:**HCValidationPortBinding" >>>>>>>>> name="HCValidationPort"> >>>>>>>>> <soap:address >>>>>>>>> location=" >>>>>>>>> >>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe> >>>>>>> >>>>>>>> rvice"/> >>>>>>>>> </port> >>>>>>>>> </service> >>>>>>>>> </definitions> >>>>>>>>> >>>>>>>>> --------------------- >>>>>>>>> Sample Request (provided by author of WSDL) >>>>>>>>> >>>>>>>>> <soapenv:Envelope xmlns:soap- >>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12> >>>>>>>>> " >>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-* >>>>>>>>> *200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>>> wss-wssecurity-secext-1.0.xsd" >>>>>>>>> >>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance> >>>>>>>>> " >>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy> >>>>>>>>> " >>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/** >>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>" >>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema> >>>>>>>>> " >>>>>>>>> >>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>>> wss-wssecurity-utility-1.0.**xsd" >>>>>>>>> >>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03> >>>>>>>>> " >>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/> >>>>>>>>> " >>>>>>>>> >>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy> >>>>>>>>> " >>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>>> "> >>>>>>>>> <soapenv:Header> >>>>>>>>> <ns2:EBS wsu:Id="id-1" >>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> "> >>>>>>>>> <SoftwareConformanceKey>** >>>>>>>>> 444561ee-277f-77b2- >>>>>>>>> c664-7a9923jfgh1b >>>>>>>>> </SoftwareConformanceKey> >>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0- >>>>>>>>> 21b707ca8a53</AuditId> >>>>>>>>> </ns2:EBS> >>>>>>>>> <ns2:IDP wsu:Id="id-2" >>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> "> >>>>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID> >>>>>>>>> </ns2:IDP> >>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1"> >>>>>>>>> <wsu:Timestamp wsu:Id="id-3"> >>>>>>>>> <wsu:Created>2012-06- >>>>>>>>> 20T17:58:42.580Z</wsu:Created> >>>>>>>>> <wsu:Expires>2012-06- >>>>>>>>> 20T17:59:12.580Z</wsu:Expires> >>>>>>>>> </wsu:Timestamp> >>>>>>>>> <wsse:UsernameToken wsu:Id="id-4"> >>>>>>>>> >>>>>>>>> >>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <john...@yahoo.ca> >>>>>>>>> </wsse:Username> >>>>>>>>> <wsse:Password >>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password> >>>>>>>>> </wsse:UsernameToken> >>>>>>>>> <wsse:BinarySecurityToken >>>>>>>>> >>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis-> >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security-> >>>>>>>>> 1.0#Base64Binary" >>>>>>>>> ValueType="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-** >>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3> >>>>>>>>> " >>>>>>>>> wsu:Id="X509- >>>>>>>>> 02F859690D5C74E209134021512282**11"> >>>>>>>>> >>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw >>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ >>>>>>>>> >>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw >>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA >>>>>>>>> wNTJaM >>>>>>>>> >>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY >>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM >>>>>>>>> TDj >>>>>>>>> >>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi >>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4 >>>>>>>>> >>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC* >>>>>>>>> *o >>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe >>>>>>>>> >>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ >>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL >>>>>>>>> >>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F >>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB >>>>>>>>> </wsse:BinarySecurityToken> >>>>>>>>> <ds:Signature Id="SIG-6" >>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#> >>>>>>>>> "> >>>>>>>>> <ds:SignedInfo> >>>>>>>>> <ds:CanonicalizationMethod >>>>>>>>> >>>>>>>>> >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP- >>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> </ds:CanonicalizationMethod> >>>>>>>>> <ds:SignatureMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>" >>>>>>>>> /> >>>>>>>>> <ds:Reference URI="#id-1"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp >>>>>>>>> wsse >>>>>>>>> wsu xs xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr** >>>>>>>>> hAp3ByFuG9c >>>>>>>>> Hs= >>>>>>>>> </ds:DigestValue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-2"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp >>>>>>>>> wsse >>>>>>>>> wsu xs xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE >>>>>>>>> Oz3E= >>>>>>>>> </ds:DigestValue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-3"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp >>>>>>>>> wsse xs >>>>>>>>> xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM >>>>>>>>> GGE= >>>>>>>>> </ds:DigestValue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-4"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp >>>>>>>>> wsu xs >>>>>>>>> xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc >>>>>>>>> Gjo= >>>>>>>>> </ds:DigestValue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-5"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> >>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu >>>>>>>>> xs xsi" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+** >>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl >>>>>>>>> 9Y= >>>>>>>>> </ds:DigestValue> >>>>>>>>> </ds:Reference> >>>>>>>>> </ds:SignedInfo> >>>>>>>>> <ds:SignatureValue> >>>>>>>>> >>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg >>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W >>>>>>>>> >>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y >>>>>>>>> LaD+S/j3QKc= >>>>>>>>> </ds:SignatureValue> >>>>>>>>> <ds:KeyInfo Id="KI- >>>>>>>>> 02F859690D5C74E209134021512283**12"> >>>>>>>>> <wsse:SecurityTokenReference >>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13"> >>>>>>>>> <wsse:Reference >>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11" >>>>>>>>> >>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>>> wss-x509-token-profile-1.0#**X509v3" /> >>>>>>>>> >>>>>>>>> </wsse:SecurityTokenReference> >>>>>>>>> </ds:KeyInfo> >>>>>>>>> </ds:Signature> >>>>>>>>> </wsse:Security> >>>>>>>>> </soapenv:Header> >>>>>>>>> <soapenv:Body wsu:Id="id-5"> >>>>>>>>> <ns5:validate xmlns:ns4=" >>>>>>>>> >>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/> >>>>>>> " >>>>>>> >>>>>>>> xmlns:ns3="http://idp.ebs.** >>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>" >>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> >>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> "> >>>>>>>>> <requests> >>>>>>>>> <hcvRequest> >>>>>>>>> >>>>>>>>> <healthNumber>2222211122</**healthNumber> >>>>>>>>> <versionCode>WW</versionCode> >>>>>>>>> </hcvRequest> >>>>>>>>> </requests> >>>>>>>>> <locale>en</locale> >>>>>>>>> </ns5:validate> >>>>>>>>> </soapenv:Body> >>>>>>>>> </soapenv:Envelope> >>>>>>>>> >>>>>>>>> ------------------- >>>>>>>>> Sample Request (Built via SoapUI) >>>>>>>>> >>>>>>>>> <soapenv:Envelope >>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> >>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> >>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/> >>>>>>>>> " >>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>>> "> >>>>>>>>> <soapenv:Header> >>>>>>>>> <wsse:Security soapenv:mustUnderstand="1" >>>>>>>>> xmlns:wsse="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> >>>>>>>>> " >>>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "> >>>>>>>>> <wsse:BinarySecurityToken >>>>>>>>> >>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis-> >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security-> >>>>>>>>> 1.0#Base64Binary" >>>>>>>>> ValueType="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-** >>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3> >>>>>>>>> " >>>>>>>>> wsu:Id="X509- >>>>>>>>> 9346053A98F2390F1A137460706920**025"> >>>>>>>>> >>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ >>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G >>>>>>>>> >>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN >>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J >>>>>>>>> >>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk >>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0 >>>>>>>>> >>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ >>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y >>>>>>>>> >>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb >>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF >>>>>>>>> >>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA >>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB >>>>>>>>> >>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK >>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph >>>>>>>>> >>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx >>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ >>>>>>>>> >>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT >>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE >>>>>>>>> >>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA >>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU >>>>>>>>> >>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf >>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6 >>>>>>>>> >>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt >>>>>>>>> OM0XL3xwzblWi++B >>>>>>>>> </wsse:BinarySecurityToken> >>>>>>>>> <ds:Signature Id="SIG-30" >>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#> >>>>>>>>> "> >>>>>>>>> <ds:SignedInfo> >>>>>>>>> <ds:CanonicalizationMethod >>>>>>>>> >>>>>>>>> >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces >>>>>>>>> PrefixList="ebs hcv idp msa soapenv" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> </ds:CanonicalizationMethod> >>>>>>>>> <ds:SignatureMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>" >>>>>>>>> /> >>>>>>>>> <ds:Reference URI="#id-7"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:** >>>>>>>>> DigestVal >>>>>>>>> ue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-8"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:** >>>>>>>>> DigestVal >>>>>>>>> ue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#TS-29"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa >>>>>>>>> soapenv" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</** >>>>>>>>> ds:DigestVal >>>>>>>>> ue> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference >>>>>>>>> URI="#UsernameToken-28"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</** >>>>>>>>> ds:DigestValu >>>>>>>>> e> >>>>>>>>> </ds:Reference> >>>>>>>>> <ds:Reference URI="#id-12"> >>>>>>>>> <ds:Transforms> >>>>>>>>> <ds:Transform >>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa" >>>>>>>>> >>>>>>>>> >>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> </ds:Transform> >>>>>>>>> </ds:Transforms> >>>>>>>>> <ds:DigestMethod >>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>" >>>>>>>>> /> >>>>>>>>> >>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</** >>>>>>>>> ds:DigestValue >>>>>>>>> </ds:Reference> >>>>>>>>> </ds:SignedInfo> >>>>>>>>> >>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur** >>>>>>>>> UZ51zrXi3 >>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd >>>>>>>>> >>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh >>>>>>>>> G8BmqFGHXcPiuuO+FIXr >>>>>>>>> >>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla >>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS >>>>>>>>> >>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp >>>>>>>>> 09lp8XaI+NzwENvdBskb >>>>>>>>> >>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w== >>>>>>>>> </ds:SignatureValue> >>>>>>>>> <ds:KeyInfo Id="KI- >>>>>>>>> 9346053A98F2390F1A137460706920**026"> >>>>>>>>> <wsse:SecurityTokenReference >>>>>>>>> wsu:Id="STR- >>>>>>>>> 9346053A98F2390F1A137460706920**027"> >>>>>>>>> <wsse:Reference >>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025" >>>>>>>>> >>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-** >>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-> >>>>>>>>> wss-x509-token-profile-1.0#**X509v3" /> >>>>>>>>> >>>>>>>>> </wsse:SecurityTokenReference> >>>>>>>>> </ds:KeyInfo> >>>>>>>>> </ds:Signature> >>>>>>>>> <wsu:Timestamp wsu:Id="TS-29"> >>>>>>>>> <wsu:Created>2013-07- >>>>>>>>> 23T19:17:49.196Z</wsu:Created> >>>>>>>>> <wsu:Expires>2013-07- >>>>>>>>> 30T17:57:49.196Z</wsu:Expires> >>>>>>>>> </wsu:Timestamp> >>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken- >>>>>>>>> 28"> >>>>>>>>> <wsse:Username>abc</wsse:**Username> >>>>>>>>> <wsse:Password >>>>>>>>> Type="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile-> >>>>>>>>> 1.0#PasswordText">defg</wsse:**Password> >>>>>>>>> </wsse:UsernameToken> >>>>>>>>> </wsse:Security> >>>>>>>>> <idp:IDP wsu:Id="id-8" >>>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "> >>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID> >>>>>>>>> </idp:IDP> >>>>>>>>> <ebs:EBS wsu:Id="id-7" >>>>>>>>> xmlns:wsu="http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-** >>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd> >>>>>>>>> "> >>>>>>>>> >>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey> >>>>>>>>> <AuditId>12345</AuditId> >>>>>>>>> </ebs:EBS> >>>>>>>>> </soapenv:Header> >>>>>>>>> <soapenv:Body wsu:Id="id-12" >>>>>>>>> xmlns:wsu="http://docs.oasis-** >>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis-> >>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd"> >>>>>>>>> <hcv:validate> >>>>>>>>> <requests> >>>>>>>>> <hcvRequest> >>>>>>>>> >>>>>>>>> <healthNumber>9876543217</**healthNumber> >>>>>>>>> <versionCode>AB</versionCode> >>>>>>>>> </hcvRequest> >>>>>>>>> </requests> >>>>>>>>> </hcv:validate> >>>>>>>>> </soapenv:Body> >>>>>>>>> </soapenv:Envelope> >>>>>>>>> >>>>>>>>> >>>>>>>>> ----------------------- >>>>>>>>> Response (In either case): >>>>>>>>> >>>>>>>>> <soap:Envelope >>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/> >>>>>>>>> "> >>>>>>>>> <soap:Body> >>>>>>>>> <soap:Fault> >>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode> >>>>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis- >>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-> >>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring> >>>>>>>>> </soap:Fault> >>>>>>>>> </soap:Body> >>>>>>>>> </soap:Envelope> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <ashaki...@talend.com> >>>>>>>>> >>>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> It seems that your service doesn't use the same WS-Policy as >>>>>>>>>> client, >>>>>>>>>> >>>>>>>>> therefore appropriate interceptors are not activated on the service >>>>>>>>> >>>>>>>> side. >>>>>>> >>>>>>>> Could you double check that? >>>>>>>>>> >>>>>>>>>> Exact request and response will be also useful for further >>>>>>>>>> analyse. >>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> Andrei. >>>>>>>>>> >>>>>>>>>> -----Original Message----- >>>>>>>>>>> From: Jennifer Ruttan [mailto:jenni...@indivica.com] >>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35 >>>>>>>>>>> To: users@cxf.apache.org >>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy >>>>>>>>>>> >>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a >>>>>>>>>>> WSDL-first service via Eclipse. >>>>>>>>>>> >>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with >>>>>>>>>>> the >>>>>>>>>>> intention of implementing the service that it describes. The WSDL >>>>>>>>>>> file describes a WS- SecurityPolicy that includes a >>>>>>>>>>> UsernameToken, >>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I >>>>>>>>>>> run a >>>>>>>>>>> sample request that includes all of those components in the >>>>>>>>>>> WS-Security header I get a "must understand header is not >>>>>>>>>>> understood" >>>>>>>>>>> message, regarding the WS-Security header. >>>>>>>>>>> >>>>>>>>>>> I've read on the documentation of CXF that additional >>>>>>>>>>> dependencies >>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy >>>>>>>>>>> work, but >>>>>>>>>>> I've used Eclipse's deployment method and given it the entire >>>>>>>>>>> CXF ZIP >>>>>>>>>>> file as downloaded from the project website as the CXF Runtime. >>>>>>>>>>> Is >>>>>>>>>>> there anything that I'm missing? Or is there a better way for me >>>>>>>>>>> to >>>>>>>>>>> be working with CXF than to use Eclipse's automated tools? >>>>>>>>>>> >>>>>>>>>>> Thanks for any help. >>>>>>>>>>> Jen >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>> >>>> >>> >> >