The policy expects that a UsernameToken is going to be added to the request. For this it needs a username and password (via a CallbackHandler) to actually construct the UsernameToken. So you have to supply these via configuration options. Here is some spring configuration that shows how this is done for the WS-Security system tests:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/client.xml;h=19b54889c88de11070a099e6f816bf307c50a094;hb=HEAD Colm. On Tue, Feb 21, 2017 at 3:11 PM, David Wynter < [email protected]> wrote: > I have seen this error raised on stackoverflow and added the interceptors > that should solve the issue, but I still get: > > > W 14:59:54:169 : main : org.apache.cxf.phase.PhaseInterceptorChain : > Interceptor for {http://services.uk.equifax.com/schema/v2} > EWSAddressService#{http://services.uk.equifax.com/schema/v2} > listAddressByPostcode has thrown exception, unwinding now > org.apache.cxf.interceptor.Fault: No username available > at org.apache.cxf.ws.security.wss4j.policyhandlers. > TransportBindingHandler.handleBinding(TransportBindingHandler.java:171) > at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$ > PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal( > PolicyBasedWSS4JOutInterceptor.java:184) > at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$ > PolicyBasedWSS4JOutInterceptorInternal.handleMessage( > PolicyBasedWSS4JOutInterceptor.java:109) > > > Here is the relevant part of the test code > > > EWSAddressService_Service as = new EWSAddressService_Service(); > addrPort = as.getEWSAddressServiceSoap11(); > Map<String, Object> addrOutProps = new HashMap<String, Object>(); > Client client = org.apache.cxf.frontend.ClientProxy.getClient( > addrPort); > Endpoint addrCxfEndpoint = client.getEndpoint(); > addrOutProps.put(WSHandlerConstants.ACTION, > WSHandlerConstants.USERNAME_TOKEN); > addrOutProps.put(WSHandlerConstants.USER, "CSWT01@CSWTXML2"); > //addrOutProps.put(WSHandlerConstants.PASSWORD_TYPE, > WSConstants.PW_DIGEST); > addrOutProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, > AddrPasswordCallback.class.getName()); > WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor( > addrOutProps); > addrCxfEndpoint.getOutInterceptors().add(wssOut); > addrCxfEndpoint.getInInterceptors().add(new > LoggingInInterceptor()); > addrCxfEndpoint.getOutInterceptors().add(new > LoggingOutInterceptor()); > > > > Here is the relevant part of the wsdl > > <wsp1:Policy sch0:Id="EWSAddressServiceSoap11Policy"> > <wsp1:ExactlyOne> > <wsp1:All> > <sp1:TransportBinding> > <wsp1:Policy> > <sp1:TransportToken> > <wsp1:Policy> > <sp1:HttpsToken RequireClientCertificate="false"/> > </wsp1:Policy> > </sp1:TransportToken> > <sp1:Layout> > <wsp1:Policy> > <sp1:Lax/> > </wsp1:Policy> > </sp1:Layout> > <!--sp1:IncludeTimestamp/--> > </wsp1:Policy> > </sp1:TransportBinding> > <sp1:SupportingTokens> > <wsp1:Policy> > <sp1:UsernameToken sp1:IncludeToken="http://docs. > oasis-open.org/ws-sx/ws-securitypolicy/200702/ > IncludeToken/AlwaysToRecipient"> > <wsp1:Policy> > <sp1:WssUsernameToken10/> > </wsp1:Policy> > </sp1:UsernameToken> > </wsp1:Policy> > </sp1:SupportingTokens> > <sp1:Wss10/> > </wsp1:All> > </wsp1:ExactlyOne> > </wsp1:Policy> > > What am missing? > > I did try Metro for this, recommended by the supplier, but Metro has > serious problems, loads an incorrect class, raised on their mailing list in > 2014 and never answered. Long live CXF! > > > > > David > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
