Normally with WS-SecureConversation, the STS is co-located with the endpoint. So when the endpoint gets the client request with the SecurityContextToken, it can retrieve the original cached token that was issued by the STS.
In your case you said you weren't using a cache. How is the SecurityContextToken being issued? Colm. On Wed, May 24, 2017 at 4:57 PM, pat7 <[email protected]> wrote: > Hi, thx for replay. > > I did a break point there, but I can see the soap request in the variable > message - contents. Both are in the contents, the header with sct and the > body. > > Furthermore, I did some break points later and in other classes > (NegotiationUtils.class) I can see every time my security header, but I > receive for the boolean variable foundSCT always false. > > Unfortunately, I did not find my message. > > Here, are some contents of my debugged variables: > > foundSCT = false > aim - table = > "[{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy} > HttpsToken=[{http://schemas.xmlsoap.org/ws/2005/07/ > securitypolicy}HttpsToken:true], > null, null, > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy} > TransportToken=[{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy} > TransportToken:true], > null, > {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy} > TransportBinding=[{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy} > TransportBinding:true], > null, > {http://www.w3.org/2007/08/soap12-mtom-policy}MTOM=[{ > http://www.w3.org/2007/08/soap12-mtom-policy}MTOM:false, > {http://www.w3.org/2007/08/soap12-mtom-policy}MTOM:false, > {http://www.w3.org/2007/08/soap12-mtom-policy}MTOM:false, > {http://www.w3.org/2007/08/soap12-mtom-policy}MTOM:false]]"; ...all > hashmaps > > NegotiationUtils.class: > > results - first - actionResults = > "{1024=[{security-context-token=<wsc:SecurityContextToken > xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc";> > > <wsc:Identifier>test:f2a96bfc-ea8e-4246-8670-9a557140d6f7</wsc:Identifier> > </wsc:SecurityContextToken>, validated-token=false, > action=1024, id=, > secret=null, token-element=[wsc:SecurityContextToken: null]}]}" > > In the NegotiationUtils.class on line 233 cxf want to restore a token from > a > tokenstore, but I did not use a tokenstore in my project. The result from > the command on line 233 is null. I think here is my mistake, but is the > reason for that error that I did not use a tokenstore? > > Regards, > Patrick > > > > > -- > View this message in context: http://cxf.547215.n5.nabble. > com/WS-SecureConversation-MTOM-Policy-cannot-be- > satisfied-tp5780524p5780663.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
