Do you have the cxf-rt-ws-security jar on the classpath? Colm.
On Thu, Mar 2, 2017 at 3:08 PM, pat7 <pat.pichle...@gmail.com> wrote: > Hi forum, > > I want to implement a BIPRO Basic authentication. (only a Usernametoken) > I use Spring Boot, CXF 3.1.7 with a java based config. > > If i send via SOAPUI a request with a Usernametoken to my endpoint, I get > several policy errors... > > *Errormsg* > org.apache.cxf.ws.policy.PolicyException: These policy alternatives can > not > be satisfied: > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}TransportBinding > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}TransportToken > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}SupportingTokens > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken > at > org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy( > AssertionInfoMap.java:179) > ~[cxf-rt-ws-policy-3.1.7.jar:3.1.7] > at > org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle( > PolicyVerificationInInterceptor.java:102) > ~[cxf-rt-ws-policy-3.1.7.jar:3.1.7] > at > org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage( > AbstractPolicyInterceptor.java:44) > ~[cxf-rt-ws-policy-3.1.7.jar:3.1.7] > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept( > PhaseInterceptorChain.java:308) > ~[cxf-core-3.1.7.jar:3.1.7] > ... > *EndErrortext* > > My policy definition in the wsdl: > <wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- > 200401-wss-wssecurity-utility-1.0.xsd" > wsu:Id="BiPROAuthSecurityPolicy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:TransportBinding> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken RequireClientCertificate="false"/> > </wsp:Policy> > </sp:TransportToken> > </wsp:Policy> > </sp:TransportBinding> > <sp:SupportingTokens> > <wsp:Policy> > <wsp:ExactlyOne> > <wsp:All> > <sp:UsernameToken wsu:Id="BiPROBasicToken"/> > </wsp:All> > > </wsp:ExactlyOne> > </wsp:Policy> > </sp:SupportingTokens> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > Furthermore my Callback Handler is very simple and just verify one user: > *JavaClass* > public class STSCallbackHandler implements CallbackHandler { > public void handle(Callback[] callbacks) throws IOException, > UnsupportedCallbackException { > WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; > if ("anna".equals(pc.getIdentifier())) { > pc.setPassword("anna123"); > //break; > } > > } > } > My Service endpoint looks also very simple: > *JavaClass* > @WebService > ( > portName = "UserPasswordLogin", > serviceName = "SecurityTokenService_2.6.0.1.0", > wsdlLocation = > "src/main/resources/wsdl/SecurityTokenService-2.6.0.1.0.wsdl", > endpointInterface = "net.bipro.namespace.SecurityTokenServicePortType" > ) > @EndpointProperties({ > @EndpointProperty(key = "ws-security.callback-handler", > value="com.muki.endpoint.STSCallbackHandler"), > //@EndpointProperty(key = > "ws-security.return.security.error",value="false"), > > }) > public class SecurityTokenEndpoint implements SecurityTokenServicePortType > { > > @Override > public void requestSecurityToken(RequestSecurityTokenType > parameters, > Holder<RequestSecurityTokenResponseType> parameters0) { > > RequestSecurityTokenResponseType requestSecurityTokenResponse = new > RequestSecurityTokenResponseType(); > > // "TokenType" > Element tokenType = createElement("TokenType"); > tokenType.setTextContent("urn:oasis:names:tc:SAML:1.0: > assertion"); > requestSecurityTokenResponse.getAny().add(tokenType); > > parameters0.value = requestSecurityTokenResponse; > } > > private Element createElement(String tagName) { > > Element element = null; > try { > DocumentBuilderFactory dbf = > DocumentBuilderFactory.newInstance(); > DocumentBuilder db = dbf.newDocumentBuilder(); > Document doc = db.newDocument(); > element = > doc.createElementNS("http://schemas.xmlsoap.org/ws/2005/02/trust", > tagName); > } catch(Exception e){ > e.printStackTrace(); > } > return element; > } > > > } > > > Do anybody know why I am getting this errors and help me to find a > solution? > I'm new with CXF and Spring Boot. > > Kind regards, > > patrick > > > > > -- > View this message in context: http://cxf.547215.n5.nabble. > com/Bipro-Security-token-service-simple-Usernametoken-tp5777721.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com