Hello All,
I'm still very new to CXF and I can't get past a problem that I've been
struggling with. I am probably making a basic mistake.
I've created a service using the Java first approach. The service implements
WS-Security, following the example in wssec_sign_enc. The problem is that my
test client code is failing to create the security header. I get the exception:
org.apache.ws.security.WSSecurityException: An error was discovered processing
the <wsse:Security> header
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInInterceptor.java:331)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:287)
at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:85)
I see in the logs that my input message to the server has no security header.
My test client code is:
SpringBusFactory bf = new SpringBusFactory();
URL busFile =
ClientStandAlone.class.getResource("cxf-client-bus.xml");
Bus bus = bf.createBus(busFile.toString());
bf.setDefaultBus(bus);
// I believe that getInProps() and getOutProps() return the
correct properties. I can reply with code if desired.
bus.getInInterceptors().add(new WSS4JInInterceptor(getInProps()));
bus.getOutInterceptors().add(new WSS4JOutInterceptor(getOutProps()));
ClassPathXmlApplicationContext springContext =
new ClassPathXmlApplicationContext(new String[]
{"com/dst/ao/securedocument/client/client-beans.xml"});
DocumentService docServiceClient = (DocumentService)
springContext.getBean("documentServiceClient");
Boolean result =
docServiceClient.processDocuments(getDocumentOrder());
On the server side, if I comment out the code that adds the security
interceptors, the client code successfully completes.
I could sure use some help with this. A big thanks in advance!
Please consider the environment before printing this email and any attachments.
This e-mail and any attachments are intended only for the individual or company
to which it is addressed and may contain information which is privileged,
confidential and prohibited from disclosure or unauthorized use under
applicable law. If you are not the intended recipient of this e-mail, you are
hereby notified that any use, dissemination, or copying of this e-mail or the
information contained in this e-mail is strictly prohibited by the sender. If
you have received this transmission in error, please return the material
received to the sender and delete all copies from your system.
