You mean this: 2017-11-03 08:17:41.351 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@477ce666 was created. Current flow: receive [LoggingInInterceptor, PolicyInInterceptor, AttachmentInInterceptor] pre-stream [CertConstraintsInterceptor] post-stream [StaxInInterceptor] read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor, JavascriptGetInterceptor] pre-protocol [MEXInInterceptor, MustUnderstandInterceptor] post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack] unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] pre-logical [OneWayProcessorInterceptor] post-logical [WrapperClassInInterceptor] pre-invoke [SwAInInterceptor, HolderInInterceptor] invoke [ServiceInvokerInterceptor] post-invoke [OutgoingChainInterceptor]
2017-11-03 08:17:41.351 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.LoggingInInterceptor@74843c6e 2017-11-03 08:17:41.378 INFO [org.apache.cxf.interceptor.AbstractLoggingInterceptor] Inbound Message ---------------------------- ID: 1 Address: https://localhost:8443/mock-vls-ws/services/mockAuthenticationService Encoding: UTF-8 Http-Method: POST Content-Type: application/soap+xml; action="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT";; charset=UTF-8 Headers: {Accept=[*/*], cache-control=[no-cache], connection=[keep-alive], content-type=[application/soap+xml; action="http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT";; charset=UTF-8], host=[localhost:8443], pragma=[no-cache], transfer-encoding=[chunked], user-agent=[Apache-CXF/3.1.10]} Payload: <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope";><soap:Header><Action xmlns="http://www.w3.org/2005/08/addressing";>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</Action><MessageID xmlns="http://www.w3.org/2005/08/addressing";>urn:uuid:26fe3f6b-6e58-4149-84d6-91c7a5bcc37e</MessageID><To xmlns="http://www.w3.org/2005/08/addressing"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="_5f89bdcd-a9c5-4dfe-bd29-35e2a61ba27e">https://localhost:8443/mock-vls-ws/services/mockAuthenticationService</To><ReplyTo xmlns="http://www.w3.org/2005/08/addressing";><Address>http://www.w3.org/2005/08/addressing/anonymous</Address></ReplyTo><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; soap:mustUnderstand="true"><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; wsu:Id="X509-a8890f7e-f564-4286-90ed-c92afe79af0c">MIIHPzCCBSegAwIBAgITRAAAc2IaBbGCTk7sGwAAAABzYjANBgkqhkiG9w0BAQsFADBBMRMwEQYKCZImiZPyLGQBGRYDRFBTMRMwEQYKCZImiZPyLGQBGRYDVExFMRUwEwYDVQQDEwxEUFNJc3N1ZUNBMDEwHhcNMTcxMTAxMTczMTUzWhcNMjAxMDMxMTczMTUzWjCBjTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMQ8wDQYDVQQHEwZBdXN0aW4xKjAoBgNVBAoTIVRleGFzIERlcGFydG1lbnQgb2YgUHVibGljIFNhZmV0eTELMAkGA1UECxMCSVQxJDAiBgNVBAMMG2Rwcy5kZXZlbG9wZXJAZHBzLnRleGFzLmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIPrRFbLW92EYqeCr/jrEkFaHLP4Zm8lMnpNV1aJtEPuZno3GdBtRNadTHpg+x6dKQemTgrpZJIzBCsm6iCWliB2PWqdFbQKt3DQoG4o8fT8DxPNZLod9Y/Rfi8Lb7NO33WdFu6JG8KRypTs1mQUItQ03TbKapACMmyoXhctZEgnSkwQUBYF6jUHMoOpcxj6pPr/oaV9YMfh4P2eyKxNTdJGJXGe9kUPpLRydgoBq9NHluUfjsxKQ4STwG45+8TMZnXZOF3qQpW2Ny1shn5V2wSECZBHiTaTtshcIz6Kxew47nW9DQ2ITpbbalYTXdnaBOalKpKkS0r4/96QD2HrYQECAwEAAaOCAuEwggLdMB0GA1UdDgQWBBRHFQmUcuBtf6vI5ikCLF1uudlSezAfBgNVHSMEGDAWgBSqB1gVMhLVRX/DsU7Cy9JdkhJExjCCAQQGA1UdHwSB/DCB+TCB9qCB86CB8IaBt2xkYXA6Ly8vQ049RFBTSXNzdWVDQTAxLENOPUhEUVBSRElUU0lDQTAwMSxDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1UTEUsREM9RFBTP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIY0aHR0cDovL2NybC5kcHMudGV4YXMuZ292L2NlcnRlbnJvbGwvRFBTSXNzdWVDQTAxLmNybDCB5QYIKwYBBQUHAQEEgdgwgdUwgacGCCsGAQUFBzAChoGabGRhcDovLy9DTj1EUFNJc3N1ZUNBMDEsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9VExFLERDPURQUz9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdGlvbkF1dGhvcml0eTApBggrBgEFBQcwAYYdaHR0cDovL2NybC5kcHMudGV4YXMuZ292L29jc3AwCwYDVR0PBAQDAgWgMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCKu3YYWw7zKHhZsih5egL4PJzHwhhI+/NoO2ljQCAWQCAQUwKQYDVR0lBCIwIAYIKwYBBQUHAwQGCisGAQQBgjcKAwQGCCsGAQUFBwMCMDUGCSsGAQQBgjcVCgQoMCYwCgYIKwYBBQUHAwQwDAYKKwYBBAGCNwoDBDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEApbhMNf/KZge1ZtpY9xpokh3Zuo3VbNnIi0A6V5PWE/UN8AXIvq6IsbjES+XLxecIkNmSBvZllSvEzZzSnDy/XFlqVGCYRWS8LDrm/1NAjyr4YXfRZyOTxE7W4RyyBsRpLRk2VsgCZ8wpO9kmG8vogp+6Bd0DQQayuTrJbAtlw0SBBgCd6pIWfG9LoCsvKKmNd6xi65clijxxWm82w14KqlUEcR/mgFoCJLJ1qpshHmqK5nc283nDmlnKB1jdOBHOZ3S6j5YpLlxxWHZhntwd01w/wKntwAZDHSagRCSvWz+gct47//chfjcCIzaUqTTY9Pw0VjDy+KDgOaVp2lAlHEWs5Ts3nT0AfTJDSDtDmOikyfAJlUIM08jfKUIIMOh1w/DC4SEFESl8vnmOimnqN2bFO5KmyulMD4XwWQBxuwmub1eR80Z3//hynXp6aCcUEaTswDmlws24Ecv9ILuSVohQC+WtJAB5bbRQTbbuYu+taabxGNl9Hyh9zTyNrbM3nG5GkaxtSYy2fNiVqzS88sXOShye3GEfgb0a/OFpC736wbMPV+I7HNbqGa9Zi+KdsJLA32cbnJO1g2yThdpT05uoikNNQrHuse0RtOZJdpLEnRejW96WQYHmxm/tlL64ZPskl5dnlUrbzTqQ9oyJqueDe1eP9jaId6NjAuKzLkQ=</wsse:BinarySecurityToken><wsu:Timestamp wsu:Id="TS-965db706-62a9-4503-8ce5-1e03059d5233"><wsu:Created>2017-11-03T13:17:36.886Z</wsu:Created><wsu:Expires>2017-11-03T13:22:36.886Z</wsu:Expires></wsu:Timestamp><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id="SIG-8cc68916-e2f8-42d6-b1fd-7591d7d66284"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="soap"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#TS-965db706-62a9-4503-8ce5-1e03059d5233"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="wsse soap"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>jCyyTSTT/fhP+KFW4k3zv1WTOHw=</ds:DigestValue></ds:Reference><ds:Reference URI="#_5f89bdcd-a9c5-4dfe-bd29-35e2a61ba27e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>J/jV6WUu2QgeJV6bMcDDJCyUGO8=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>e61E/Z1qCLUlGXWcTll3jBQYEmnkX61PDteYgltKXO88tU664sOOVYvWLqHe0UBj2JmvR3/GExPmpLn1LW5V6A6GtGZ2C6esawE+HuO27CGJ/f7+cbeD+rgT0a5yTLnP7rtBh8LZ23SIs2cKDG4mA0ERPQRsLt5uk44TKF+7NsvDYGgFGkC+BlSI8x2yd79680dBaQ9EKNCWjshptY/Bmuej1JhLFwLkcCd5po9OLyUgVUZ+0Qy+Gb2jV/i8oTnrRzRF2/EUL9iyUcQdlrnV9E9WR8w6OZ1IdEv18Y1c1LtfyyxA2rKO1uMyG/eY7+4lqPNREZ4dAHn6wvzX23Hvuw==</ds:SignatureValue><ds:KeyInfo Id="KI-83a121bd-fc04-4382-bd51-799bdd0cab16"><wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="STR-1f9d82cf-2829-4700-9ab2-8411a9ab44e1"><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1";>y5plsGZ1ujCONeUMI+FuNgfF8LU=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soap:Header><soap:Body><wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust";><wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType><wsp:AppliesTo xmlns:wsp="http://www.w3.org/ns/ws-policy";><wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing";><wsa:Address>https://localhost:8443/mock-vls-ws/services/mockAuthenticationService</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><wst:Lifetime xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsu:Created>2017-11-03T13:17:35.389Z</wsu:Created><wsu:Expires>2017-11-03T13:22:35.389Z</wsu:Expires></wst:Lifetime><wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</wst:TokenType><wst:KeySize>256</wst:KeySize><wst:Entropy><wst:BinarySecret Type="http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce";>B/qWqscRUHLbwaB1QKpHEqpMNj3YVN8wwg00dx7GGFw=</wst:BinarySecret></wst:Entropy><wst:ComputedKeyAlgorithm>http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1</wst:ComputedKeyAlgorithm><wst:Renewing/></wst:RequestSecurityToken></soap:Body></soap:Envelope> -------------------------------------- 2017-11-03 08:17:41.379 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@55b10b9d 2017-11-03 08:17:41.426 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl. 2017-11-03 08:17:41.433 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.ws.policy.PolicyBuilderImpl. 2017-11-03 08:17:41.439 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.ws.policy.attachment.ServiceModelPolicyProvider. 2017-11-03 08:17:41.452 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider. 2017-11-03 08:17:41.459 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.ws.policy.PolicyInterceptorProviderRegistryImpl. 2017-11-03 08:17:41.461 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@5ad76477 2017-11-03 08:17:41.484 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@6ce6895d 2017-11-03 08:17:41.485 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.StaxInInterceptor@1f5700bc 2017-11-03 08:17:41.635 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.StaxInEndingInterceptor@73e1dac1 to phase pre-invoke 2017-11-03 08:17:41.636 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@477ce666 was modified. Current flow: receive [LoggingInInterceptor, PolicyInInterceptor, AttachmentInInterceptor] pre-stream [CertConstraintsInterceptor] post-stream [StaxInInterceptor] read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor, JavascriptGetInterceptor] pre-protocol [MEXInInterceptor, MustUnderstandInterceptor] post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack] unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] pre-logical [OneWayProcessorInterceptor] post-logical [WrapperClassInInterceptor] pre-invoke [StaxInEndingInterceptor, SwAInInterceptor, HolderInInterceptor] invoke [ServiceInvokerInterceptor] post-invoke [OutgoingChainInterceptor] 2017-11-03 08:17:41.636 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@6a36782f 2017-11-03 08:17:41.636 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@623e41c7 2017-11-03 08:17:41.687 DEBUG [org.apache.cxf.common.logging.LogUtils] Could not determine bean name for instance of class org.apache.cxf.bus.managers.HeaderManagerImpl. 2017-11-03 08:17:41.700 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@4679e479 2017-11-03 08:17:41.703 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor$SoapActionInAttemptTwoInterceptor@378dc13f to phase pre-logical 2017-11-03 08:17:41.704 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@477ce666 was modified. Current flow: receive [LoggingInInterceptor, PolicyInInterceptor, AttachmentInInterceptor] pre-stream [CertConstraintsInterceptor] post-stream [StaxInInterceptor] read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor, JavascriptGetInterceptor] pre-protocol [MEXInInterceptor, MustUnderstandInterceptor] post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack] unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] pre-logical [OneWayProcessorInterceptor, SoapActionInAttemptTwoInterceptor] post-logical [WrapperClassInInterceptor] pre-invoke [StaxInEndingInterceptor, SwAInInterceptor, HolderInInterceptor] invoke [ServiceInvokerInterceptor] post-invoke [OutgoingChainInterceptor] 2017-11-03 08:17:41.705 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@6bed3bd5 2017-11-03 08:17:41.705 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.javascript.JavascriptGetInterceptor@337134db 2017-11-03 08:17:41.706 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.ws.mex.MEXInInterceptor@5fb7ae4a 2017-11-03 08:17:41.706 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@23d1791f 2017-11-03 08:17:41.712 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$UltimateReceiverMustUnderstandInterceptor@59039a16 to phase invoke 2017-11-03 08:17:41.712 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@477ce666 was modified. Current flow: receive [LoggingInInterceptor, PolicyInInterceptor, AttachmentInInterceptor] pre-stream [CertConstraintsInterceptor] post-stream [StaxInInterceptor] read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor, JavascriptGetInterceptor] pre-protocol [MEXInInterceptor, MustUnderstandInterceptor] post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack] unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] pre-logical [OneWayProcessorInterceptor, SoapActionInAttemptTwoInterceptor] post-logical [WrapperClassInInterceptor] pre-invoke [StaxInEndingInterceptor, SwAInInterceptor, HolderInInterceptor] invoke [ServiceInvokerInterceptor, UltimateReceiverMustUnderstandInterceptor] post-invoke [OutgoingChainInterceptor] 2017-11-03 08:17:41.713 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor$MustUnderstandEndingInterceptor@57c5b6a6 to phase pre-logical 2017-11-03 08:17:41.713 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@477ce666 was modified. Current flow: receive [LoggingInInterceptor, PolicyInInterceptor, AttachmentInInterceptor] pre-stream [CertConstraintsInterceptor] post-stream [StaxInInterceptor] read [WSDLGetInterceptor, ReadHeadersInterceptor, SoapActionInInterceptor, StartBodyInterceptor, JavascriptGetInterceptor] pre-protocol [MEXInInterceptor, MustUnderstandInterceptor] post-protocol [CheckFaultInterceptor, JAXBAttachmentSchemaValidationHack] unmarshal [DocLiteralInInterceptor, SoapHeaderInterceptor] pre-logical [OneWayProcessorInterceptor, SoapActionInAttemptTwoInterceptor, MustUnderstandEndingInterceptor] post-logical [WrapperClassInInterceptor] pre-invoke [StaxInEndingInterceptor, SwAInInterceptor, HolderInInterceptor] invoke [ServiceInvokerInterceptor, UltimateReceiverMustUnderstandInterceptor] post-invoke [OutgoingChainInterceptor] 2017-11-03 08:17:41.714 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@3959876d 2017-11-03 08:17:41.714 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@31c082f3 2017-11-03 08:17:41.714 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.wsdl.interceptors.DocLiteralInInterceptor@24ded702 2017-11-03 08:17:41.730 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.wsdl.interceptors.DocLiteralInInterceptor@24ded702 2017-11-03 08:17:41.731 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.jaxb.attachment.JAXBAttachmentSchemaValidationHack@31c082f3 2017-11-03 08:17:41.731 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor@3959876d 2017-11-03 08:17:41.731 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@23d1791f 2017-11-03 08:17:41.732 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.ws.mex.MEXInInterceptor@5fb7ae4a 2017-11-03 08:17:41.732 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.javascript.JavascriptGetInterceptor@337134db 2017-11-03 08:17:41.733 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@6bed3bd5 2017-11-03 08:17:41.733 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@4679e479 2017-11-03 08:17:41.733 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@623e41c7 2017-11-03 08:17:41.733 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@6a36782f 2017-11-03 08:17:41.734 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.interceptor.StaxInInterceptor@1f5700bc 2017-11-03 08:17:41.734 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@6ce6895d 2017-11-03 08:17:41.734 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@5ad76477 2017-11-03 08:17:41.734 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@55b10b9d 2017-11-03 08:17:41.735 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleFault on interceptor org.apache.cxf.interceptor.LoggingInInterceptor@74843c6e 2017-11-03 08:17:41.739 WARN [org.apache.cxf.common.logging.LogUtils] Interceptor for {http://aamva.org/authentication/3.1.0}AuthenticationService has thrown exception, unwinding now org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood. at org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor.handleFault(MustUnderstandInterceptor.java:107) ~[cxf-rt-bindings-soap-3.1.12.jar:3.1.12] at org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor.handleFault(MustUnderstandInterceptor.java:49) ~[cxf-rt-bindings-soap-3.1.12.jar:3.1.12] at org.apache.cxf.phase.PhaseInterceptorChain.unwind(PhaseInterceptorChain.java:491) [cxf-core-3.1.12.jar:3.1.12] at org.apache.cxf.phase.PhaseInterceptorChain.wrapExceptionAsFault(PhaseInterceptorChain.java:342) [cxf-core-3.1.12.jar:3.1.12] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:324) [cxf-core-3.1.12.jar:3.1.12] at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-core-3.1.12.jar:3.1.12] at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:263) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:189) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:218) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at javax.servlet.http.HttpServlet.service(HttpServlet.java:644) [servlet-api.jar:?] at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274) [cxf-rt-transports-http-3.1.12.jar:3.1.12] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) [catalina.jar:8.0.18] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18] at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) [tomcat-websocket.jar:8.0.18] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18] at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) [log4j-web-2.8.jar:2.8] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) [catalina.jar:8.0.18] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) [catalina.jar:8.0.18] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) [catalina.jar:8.0.18] at org.apache.catalina.core.StandardContextValve.__invoke(StandardContextValve.java:106) [catalina.jar:8.0.18] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java) [catalina.jar:8.0.18] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) [catalina.jar:8.0.18] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142) [catalina.jar:8.0.18] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [catalina.jar:8.0.18] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:610) [catalina.jar:8.0.18] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) [catalina.jar:8.0.18] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:516) [catalina.jar:8.0.18] at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1086) [tomcat-coyote.jar:8.0.18] at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:659) [tomcat-coyote.jar:8.0.18] at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:223) [tomcat-coyote.jar:8.0.18] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1558) [tomcat-coyote.jar:8.0.18] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1515) [tomcat-coyote.jar:8.0.18] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_40] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_40] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:8.0.18] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_40] 2017-11-03 08:17:41.762 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.LoggingOutInterceptor@230a5d8a to phase pre-stream 2017-11-03 08:17:41.763 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.ws.policy.ServerPolicyOutFaultInterceptor@4009adf5 to phase setup 2017-11-03 08:17:41.763 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.LoggingOutInterceptor@1b864145 to phase pre-stream 2017-11-03 08:17:41.764 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.jaxws.interceptors.WebFaultOutInterceptor@5f1819c0 to phase pre-protocol 2017-11-03 08:17:41.764 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@2e8ff9a4 to phase prepare-send 2017-11-03 08:17:41.765 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.StaxOutInterceptor@23e49f85 to phase pre-stream 2017-11-03 08:17:41.765 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@ac17ed5 to phase write 2017-11-03 08:17:41.765 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor@1588a054 to phase pre-stream 2017-11-03 08:17:41.766 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@449b3998 to phase write 2017-11-03 08:17:41.766 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInterceptor@43849e39 to phase pre-logical 2017-11-03 08:17:41.767 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor@4232774a to phase prepare-send 2017-11-03 08:17:41.767 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was created. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] 2017-11-03 08:17:41.768 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.ws.policy.ServerPolicyOutFaultInterceptor@4009adf5 2017-11-03 08:17:41.769 DEBUG [org.apache.cxf.ws.policy.ServerPolicyOutFaultInterceptor] No binding operation info. 2017-11-03 08:17:41.770 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInterceptor@43849e39 2017-11-03 08:17:41.770 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@2e8ff9a4 2017-11-03 08:17:41.784 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor@5891e97c to phase prepare-send-ending 2017-11-03 08:17:41.784 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was modified. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] prepare-send-ending [MessageSenderEndingInterceptor] 2017-11-03 08:17:41.785 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor@4232774a 2017-11-03 08:17:41.789 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternal@e286796 to phase marshal 2017-11-03 08:17:41.790 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was modified. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] marshal [Soap12FaultOutInterceptorInternal] prepare-send-ending [MessageSenderEndingInterceptor] 2017-11-03 08:17:41.790 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.LoggingOutInterceptor@230a5d8a 2017-11-03 08:17:41.798 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor@1588a054 2017-11-03 08:17:41.806 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor$AttachmentOutEndingInterceptor@131f6cbf to phase pre-stream-ending 2017-11-03 08:17:41.807 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was modified. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] marshal [Soap12FaultOutInterceptorInternal] pre-stream-ending [AttachmentOutEndingInterceptor] prepare-send-ending [MessageSenderEndingInterceptor] 2017-11-03 08:17:41.808 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.StaxOutInterceptor@23e49f85 2017-11-03 08:17:41.849 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.interceptor.StaxOutEndingInterceptor@49353d7b to phase pre-stream-ending 2017-11-03 08:17:41.849 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was modified. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] marshal [Soap12FaultOutInterceptorInternal] pre-stream-ending [AttachmentOutEndingInterceptor, StaxOutEndingInterceptor] prepare-send-ending [MessageSenderEndingInterceptor] 2017-11-03 08:17:41.849 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.jaxws.interceptors.WebFaultOutInterceptor@5f1819c0 2017-11-03 08:17:41.850 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor@ac17ed5 2017-11-03 08:17:41.855 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Adding interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEndingInterceptor@6be61ce3 to phase write-ending 2017-11-03 08:17:41.858 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Chain org.apache.cxf.phase.PhaseInterceptorChain@12e8e558 was modified. Current flow: setup [ServerPolicyOutFaultInterceptor] pre-logical [SoapHeaderOutFilterInterceptor] prepare-send [MessageSenderInterceptor, Soap12FaultOutInterceptor] pre-stream [LoggingOutInterceptor, AttachmentOutInterceptor, StaxOutInterceptor] pre-protocol [WebFaultOutInterceptor] write [SoapOutInterceptor] marshal [Soap12FaultOutInterceptorInternal] write-ending [SoapOutEndingInterceptor] pre-stream-ending [AttachmentOutEndingInterceptor, StaxOutEndingInterceptor] prepare-send-ending [MessageSenderEndingInterceptor] 2017-11-03 08:17:41.859 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternal@e286796 2017-11-03 08:17:41.859 INFO [org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternal] class org.apache.cxf.binding.soap.interceptor.Soap12FaultOutInterceptor$Soap12FaultOutInterceptorInternalmultipart/related; type="application/xop+xml"; boundary="uuid:961564f5-6667-4912-908f-52a80252797f"; start="<root.mess...@cxf.apache.org>"; start-info="application/soap+xml" 2017-11-03 08:17:41.860 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEndingInterceptor@6be61ce3 2017-11-03 08:17:41.860 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.AttachmentOutInterceptor$AttachmentOutEndingInterceptor@131f6cbf 2017-11-03 08:17:41.861 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.StaxOutEndingInterceptor@49353d7b 2017-11-03 08:17:41.861 DEBUG [org.apache.cxf.phase.PhaseInterceptorChain] Invoking handleMessage on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor@5891e97c 2017-11-03 08:17:41.861 INFO [org.apache.cxf.interceptor.AbstractLoggingInterceptor] Outbound Message --------------------------- ID: 1 Response-Code: 500 Encoding: UTF-8 Content-Type: multipart/related; type="application/xop+xml"; boundary="uuid:961564f5-6667-4912-908f-52a80252797f"; start="<root.mess...@cxf.apache.org>"; start-info="application/soap+xml" Headers: {} Payload: --uuid:961564f5-6667-4912-908f-52a80252797f Content-Type: application/xop+xml; charset=UTF-8; type="application/soap+xml" Content-Transfer-Encoding: binary Content-ID: <root.mess...@cxf.apache.org> <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope";><soap:Body><soap:Fault><soap:Code><soap:Value>soap:MustUnderstand</soap:Value></soap:Code><soap:Reason><soap:Text xml:lang="en">MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.</soap:Text></soap:Reason></soap:Fault></soap:Body></soap:Envelope> --uuid:961564f5-6667-4912-908f-52a80252797f-- -------------------------------------- 2017-11-03 08:17:41.870 DEBUG [org.apache.cxf.transport.http.AbstractHTTPDestination] Finished servicing http request on thread: Thread[http-nio-8443-exec-7,5,main] 2017-11-03 08:17:41.870 DEBUG [org.apache.cxf.transport.servlet.ServletController] Finished servicing http request on thread: Thread[http-nio-8443-exec-7,5,main] From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Friday, November 03, 2017 8:30 AM To: Morein, Arnie Cc: users@cxf.apache.org Subject: Re: Help with configuring web service to match security from WSDL CAUTION: This email was received from an EXTERNAL source, use caution when clicking links or opening attachments If you believe this to be a malicious and/or phishing email, please send this email as an attachment to s...@dps.texas.gov<mailto:s...@dps.texas.gov>. All I can suggest is add the CXF logging interceptors and enable debug logging. Then see what the "inbound" message is (and whether it is on the client or service side) that is causing the problem. Colm. On Fri, Nov 3, 2017 at 1:26 PM, Morein, Arnie <arnold.mor...@dps.texas.gov<mailto:arnold.mor...@dps.texas.gov>> wrote: What about a SOAP handler? Or is something else missing or mis-configured? -----Original Message----- From: Morein, Arnie Sent: Friday, November 03, 2017 8:13 AM To: users@cxf.apache.org<mailto:users@cxf.apache.org>; 'cohei...@apache.org<mailto:cohei...@apache.org>' Subject: RE: Help with configuring web service to match security from WSDL No. -----Original Message----- From: Colm O hEigeartaigh [mailto:cohei...@apache.org<mailto:cohei...@apache.org>] Sent: Friday, November 03, 2017 8:12 AM To: Morein, Arnie Cc: users@cxf.apache.org<mailto:users@cxf.apache.org> Subject: Re: Help with configuring web service to match security from WSDL Do you have a test-case I can take a look at? Colm. On Fri, Nov 3, 2017 at 1:07 PM, Morein, Arnie <arnold.mor...@dps.texas.gov<mailto:arnold.mor...@dps.texas.gov>> wrote: > Yes, In fact most of the CXF package is imported via Maven. > > -----Original Message----- > From: Colm O hEigeartaigh > [mailto:cohei...@apache.org<mailto:cohei...@apache.org>] > Sent: Friday, November 03, 2017 8:03 AM > To: Morein, Arnie > Cc: users@cxf.apache.org<mailto:users@cxf.apache.org> > Subject: Re: Help with configuring web service to match security from > WSDL > > Have you got the cxf-rt-ws-policy on the classpath? > > Colm. > > On Fri, Nov 3, 2017 at 12:53 PM, Morein, Arnie < > arnold.mor...@dps.texas.gov<mailto:arnold.mor...@dps.texas.gov>> > wrote: > > > That's what I was afraid of. I removed the registration of the > > intercepters and now am getting: > > > > org.apache.cxf.binding.soap.SoapFault: MustUnderstand headers: [{ > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > > wssecurity-secext-1.0.xsd}Security] are not understood. > > > > Both without and with the following properties added to the end point: > > > > <jaxws:properties> > > <entry key="security.callback-handler.sct" > > value="gov.uscis.uscis.xsd.esb.authentication. > > AuthenticationServicePasswordCallback" /> > > <entry key="security.signature.properties.sct" > > value="cxf/crypto.properties" /> > > <entry key="security.encryption.username.sct" > > value="dls-vls-mock-service-client-key" /> > > </jaxws:properties> > > > > I must say, the documentation is very vague in places. I'm assuming > > that "username" is the JKS alias of the key used to sign/etc. the > messages. > > > > So what I have I left out now? > > > > What's more confusing is that the WAR containing the mock service is > > running in the same VM on my machine as the client. I deploy the > > service first (no errors) and then the client, then it attempts to > > connect. The logging doesn't clearly indicate if the exception is > > coming from the client or the server. Could that be the case? > > > > > > -----Original Message----- > > From: Colm O hEigeartaigh > > [mailto:cohei...@apache.org<mailto:cohei...@apache.org>] > > Sent: Friday, November 03, 2017 3:17 AM > > To: users@cxf.apache.org<mailto:users@cxf.apache.org> > > Subject: Re: Help with configuring web service to match security > > from WSDL > > > > Hi, > > > > You are mixing up the two different ways of configuring WS-Security > > in > CXF. > > When there is a security policy available, then you don't manually > > configure the WSS4JInInterceptor or WSS4JOutInterceptors. They are > > used when there is no security policy and you have to manually tell > > CXF what WS-Security actions to perform. Instead the configuration > > is a lot simpler for the policy case. > > > > I'd suggest you look at the example test-case for > > WS-SecureConversation in the CXF source: > > > > https://github.com/apache/cxf/blob/master/systests/ws- > > security-examples/src/test/java/org/apache/cxf/systest/ > > wssec/examples/secconv/SecureConversationTest.java > > > > In particular, the service configuration is here: > > > > https://github.com/apache/cxf/blob/master/systests/ws- > > security-examples/src/test/resources/org/apache/cxf/ > > systest/wssec/examples/secconv/server.xml > > > > Colm. > > > > On Fri, Nov 3, 2017 at 2:43 AM, Morein, Arnie > > <arnold.mor...@dps.texas.gov<mailto:arnold.mor...@dps.texas.gov> > > > > > wrote: > > > > > I have created a mock service based on a WSDL from a vendor that > > > is already in use. > > > > > > One of the calls requires that the message be > > > timestamped/signed/encrypted before transmission. > > > > > > The real service provider issued an X.509 certificate for our use. > > > I have had our internal folks issue one like it with the same extensions. > > > > > > Everything is in place, but when the client app hits my mock > > > service, it gets an error that is neither clear or helpful: > > > > > > > > > org.apache.cxf.binding.soap.SoapFault: A security error was > > > encountered when verifying the message ... > > > Caused by: org.apache.wss4j.common.ext.WSSecurityException: An > > > error was discovered processing the <wsse:Security> header > > > > > > Digging into the CXF trace log, I barely managed to find these: > > > > > > 2017-11-02 19:49:52.018 DEBUG > > > [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] > > > WSS4JInInterceptor: enter handleMessage() > > > 2017-11-02 19:49:54.037 WARN [org.apache.cxf.ws.security. > > wss4j.WSS4JInInterceptor] > > > Security processing failed (actions mismatch) > > > > > > The messages are being generated by CXF (wsdl2java situation). > > > > > > The WSDL policy section is thus: > > > > > > <wsp:Policy wsu:Id="wsHttpEndPoint_policy"> > > > <wsp:ExactlyOne> > > > <wsp:All> > > > <sp:TransportBinding > > > > > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/ > > > securitypolicy" > > > > > > > <wsp:Policy> > > > <sp:TransportToken> > > > <wsp:Policy> > > > <sp:HttpsToken > > > RequireClientCertificate="false" > /> > > > </wsp:Policy> > > > </sp:TransportToken> > > > <sp:AlgorithmSuite> > > > <wsp:Policy> > > > <sp:Basic256 /> > > > </wsp:Policy> > > > </sp:AlgorithmSuite> > > > <sp:Layout> > > > <wsp:Policy> > > > <sp:Strict /> > > > </wsp:Policy> > > > </sp:Layout> > > > <sp:IncludeTimestamp /> > > > </wsp:Policy> > > > </sp:TransportBinding> > > > <sp:EndorsingSupportingTokens > > > > > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/ > > > securitypolicy" > > > > > > > <wsp:Policy> > > > <sp:SecureConversationToken > > > sp:IncludeToken="http:// > > > schemas.xmlsoap.org/ws/2005/07/securitypolicy/<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/> > > > IncludeToken/AlwaysToRecipient" > > > > > > > <wsp:Policy> > > > <sp:BootstrapPolicy> > > > <wsp:Policy> > > > <sp:SignedParts> > > > <sp:Body /> > > > <sp:Header > > > Name="To" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="From" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="FaultTo" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="ReplyTo" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="MessageID" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="RelatesTo" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > <sp:Header > > > Name="Action" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > </sp:SignedParts> > > > <sp:EncryptedParts> > > > <sp:Body /> > > > </sp:EncryptedParts> > > > <sp:TransportBinding> > > > <wsp:Policy> > > > <sp:TransportToken> > > > <wsp:Policy> > > > > > > <sp:HttpsToken > > > > > > RequireClientCertificate="false" /> > > > </wsp:Policy> > > > </sp:TransportToken> > > > <sp:AlgorithmSuite> > > > <wsp:Policy> > > > <sp:Basic256 /> > > > </wsp:Policy> > > > </sp:AlgorithmSuite> > > > <sp:Layout> > > > <wsp:Policy> > > > <sp:Strict /> > > > </wsp:Policy> > > > </sp:Layout> > > > <sp:IncludeTimestamp /> > > > </wsp:Policy> > > > </sp:TransportBinding> > > > <sp:EndorsingSupportingTokens> > > > <wsp:Policy> > > > <sp:X509Token > > > sp:IncludeToken=" > > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ > > > IncludeToken/AlwaysToRecipient" > > > > > > > <wsp:Policy> > > > > > > <sp:RequireThumbprintReference /> > > > > > > <sp:WssX509V3Token10 /> > > > </wsp:Policy> > > > </sp:X509Token> > > > <sp:SignedParts> > > > <sp:Header > > > Name="To" > > > Namespace=" > > > http://www.w3.org/2005/08/addressing"; /> > > > </sp:SignedParts> > > > </wsp:Policy> > > > </sp: > EndorsingSupportingTokens> > > > <sp:Wss11> > > > <wsp:Policy> > > > > > > <sp:MustSupportRefThumbprint /> > > > </wsp:Policy> > > > </sp:Wss11> > > > <sp:Trust10> > > > <wsp:Policy> > > > > > > <sp:MustSupportIssuedTokens /> > > > > > > <sp:RequireClientEntropy > > /> > > > > > > <sp:RequireServerEntropy > > /> > > > </wsp:Policy> > > > </sp:Trust10> > > > </wsp:Policy> > > > </sp:BootstrapPolicy> > > > </wsp:Policy> > > > </sp:SecureConversationToken> > > > </wsp:Policy> > > > </sp:EndorsingSupportingTokens> > > > <sp:Wss11 > > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/ > > > securitypolicy"> > > > <wsp:Policy /> > > > </sp:Wss11> > > > <sp:Trust10 > > > > > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/ > > > securitypolicy" > > > > > > > <wsp:Policy> > > > <sp:MustSupportIssuedTokens /> > > > <sp:RequireClientEntropy /> > > > <sp:RequireServerEntropy /> > > > </wsp:Policy> > > > </sp:Trust10> > > > <wsaw:UsingAddressing /> > > > </wsp:All> > > > </wsp:ExactlyOne> > > > </wsp:Policy> > > > > > > and a message being sent to my mock service looks like: > > > > > > ID: 1 > > > Address: https://localhost:8443/mock-vls-ws/services/ > > > mockAuthenticationService > > > Encoding: UTF-8 > > > Http-Method: POST > > > Content-Type: application/soap+xml; action="http://schemas. > > > xmlsoap.org/ws/2005/02/trust/RST/SCT<http://xmlsoap.org/ws/2005/02/trust/RST/SCT>"; > > > charset=UTF-8 > > > Headers: {Accept=[*/*], cache-control=[no-cache], > > > connection=[keep-alive], content-type=[application/soap+xml; action=" > > http://schemas. > > > xmlsoap.org/ws/2005/02/trust/RST/SCT<http://xmlsoap.org/ws/2005/02/trust/RST/SCT>"; > > > charset=UTF-8], > > > host=[localhost:8443], pragma=[no-cache], > > > transfer-encoding=[chunked], user-agent=[Apache-CXF/3.1.10]} > > > Payload: > > > <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope";> > > > <soap:Header> > > > <Action xmlns="http://www.w3.org/2005/08/addressing";> > > > http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</Action> > > > <MessageID xmlns="http://www.w3.org/2005/08/addressing > > ">urn:uuid: > > > d4a37685-340a-41e3-9ad5-33d21601b2b2</MessageID> > > > <To xmlns="http://www.w3.org/2005/08/addressing"; > > > > > > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- > > > 200401-wss-wssecurity-utility-1.0.xsd" > > > wsu:Id="_7f09a81a-706a-4d03-932e-c402c7af8d16" > > > >https://localhost:8443/mock-vls-ws/services/ > > > mockAuthenticationService</To> > > > <ReplyTo xmlns="http://www.w3.org/2005/08/addressing";> > > > > > > <Address>http://www.w3.org/2005/08/addressing/anonymous</ > > > Address> > > > </ReplyTo> > > > <wsse:Security > > > > > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- > > > 200401-wss-wssecurity-secext-1.0.xsd" > > > > > > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- > > > 200401-wss-wssecurity-utility-1.0.xsd" > > > soap:mustUnderstand="true" > > > > > > > <wsse:BinarySecurityToken > > > > > > EncodingType="http://docs.oasis-open.org/wss/2004/01/ > > > oasis-200401-wss-soap-message-security-1.0#Base64Binary" > > > > > > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis- > > > 200401-wss-x509-token-profile-1.0#X509v3" > > > wsu:Id="X509-fbd22553-2805-4f67-af0c-cd552b6c4ea1" > > > > > > >MIIHPzCCBSegAwIBAgITRAAAc2IaBbGCTk7sGwAAAABzYjANBgkqhkiG9w0B > > > AQsFADBBMRMwEQYKCZImiZPyLGQBGRYDRFBTMRMwEQYKCZImiZPyLGQBGRYD > > > VExFMRUwEwYDVQQDEwxEUFNJc3N1ZUNBMDEwHhcNMTcxMTAxMTczMTUzWhcN > > > MjAxMDMxMTczMTUzWjCBjTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFz > > > MQ8wDQYDVQQHEwZBdXN0aW4xKjAoBgNVBAoTIVRleGFzIERlcGFydG1lbnQg > > > b2YgUHVibGljIFNhZmV0eTELMAkGA1UECxMCSVQxJDAiBgNVBAMMG2Rwcy5k > > > ZXZlbG9wZXJAZHBzLnRleGFzLmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEP > > > ADCCAQoCggEBAIPrRFbLW92EYqeCr/jrEkFaHLP4Zm8lMnpNV1aJtEPuZno3GdBtRN > > > ad > > > TH > > > pg+ x6dKQemTgrpZJIzBCsm6iCWliB2PWqdFbQKt3DQoG4o8fT8DxPNZLod9Y/ > > > Rfi8Lb7NO33WdFu6JG8KRypTs1mQUItQ03TbKapACMmyoXhctZEgnSkwQUBY > > > F6jUHMoOpcxj6pPr/oaV9YMfh4P2eyKxNTdJGJXGe9kUPpLRydgoBq9NHluUfjsxKQ > > > 4S > > > Tw > > > G45+ 8TMZnXZOF3qQpW2Ny1shn5V2wSECZBHiTaTtshcIz6Kxew47nW9DQ2ITpbba > > > lYTXdnaBOalKpKkS0r4/96QD2HrYQECAwEAAaOCAuEwggLdMB0 > > > GA1UdDgQWBBRHFQmUcuBtf6vI5ikCLF1uudlSezAfBgNVHSMEGDAWgBSqB1gVMhLVR > > > X/ > > > DsU7Cy9JdkhJExjCCAQQGA1UdHwSB/DCB+TCB9qCB86CB8IaBt2xkYXA6Ly8vQ04 > > > 9RFBTSXNzdWVDQTAxLENOPUhEUVBSRElUU0lDQTAwMSxDTj1DRFAsQ049UHV > > > ibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJ > > > hdGlvbixEQz1UTEUsREM9RFBTP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/ > > > YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIY0aHR0cDov > > > L2NybC5kcHMudGV4YXMuZ292L2NlcnRlbnJvbGwvRFBTSXNzdWVDQTAxLmNy > > > bDCB5QYIKwYBBQUHAQEEgdgwgdUwgacGCCsGAQUFBzAChoGabGRhcDovLy9D > > > Tj1EUFNJc3N1ZUNBMDEsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZp > > > Y2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9VExFLERDPURQ > > > Uz9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlmaWNhdG > > > lvbkF1dGhvcml0eTApBggrBgEFBQcwAYYdaHR0cDovL2NybC5kcHMudGV4YX > > > MuZ292L29jc3AwCwYDVR0PBAQDAgWgMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQ > > > QBgjcVCKu3YYWw7zKHhZsih5egL4PJzHwhhI+/NoO2ljQCAWQCAQUwKQYDVR0lBCIw > > > QBgjcVCKu3YYWw7zKHhZsih5egL4PJzHwhhI+IA > > > YIKwYBBQUHAwQGCisGAQQBgjcKAwQGCCsGAQUFBwMCMDUGCSsGAQQBgjcVCg > > > QoMCYwCgYIKwYBBQUHAwQwDAYKKwYBBAGCNwoDBDAKBggrBgEFBQcDAjANBg > > > kqhkiG9w0BAQsFAAOCAgEApbhMNf/KZge1ZtpY9xpokh3Zuo3VbNnIi0A6V > > > 5PWE/UN8AXIvq6IsbjES+XLxecIkNmSBvZllSvEzZzSnDy/XFlqVGCYRWS8LDrm/ > > > 1NAjyr4YXfRZyOTxE7W4RyyBsRpLRk2VsgCZ8wpO9kmG8vogp+ > > > 6Bd0DQQayuTrJbAtlw0SBBgCd6pIWfG9LoCsvKKmNd6xi65clijxxWm82w14KqlUEc > > > R/ mgFoCJLJ1qpshHmqK5nc283nDmlnKB1jdOBHOZ3S6j5YpLlxxWHZhntwd01w > > > /wKntwAZDHSagRCSvWz+gct47//chfjcCIzaUqTTY9Pw0VjDy+ > > > KDgOaVp2lAlHEWs5Ts3nT0AfTJDSDtDmOikyfAJlUIM08jfKUIIMOh1w/ > > > DC4SEFESl8vnmOimnqN2bFO5KmyulMD4XwWQBxuwmub1eR80Z3// > > > hynXp6aCcUEaTswDmlws24Ecv9ILuSVohQC+WtJAB5bbRQTbbuYu+ > > > taabxGNl9Hyh9zTyNrbM3nG5GkaxtSYy2fNiVqzS88sXOShye3GEfgb0a/ > > > OFpC736wbMPV+I7HNbqGa9Zi+KdsJLA32cbnJO1g2yThdpT05uoikNN > > > QrHuse0RtOZJdpLEnRejW96WQYHmxm/tlL64ZPskl5dnlUrbzTqQ9oyJqueDe > > > 1eP9jaId6NjAuKzLkQ=</wsse:BinarySecurityToken> > > > <wsu:Timestamp wsu:Id="TS-c1511394-ae6f-4a4c- > > > b8c4-a97df1bbd782"> > > > <wsu:Created>2017-11-02T22:02:30.558Z</wsu:Created> > > > <wsu:Expires>2017-11-02T22:07:30.558Z</wsu:Expires> > > > </wsu:Timestamp> > > > <ds:Signature > > > xmlns:ds="http://www.w3.org/2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig> > " > > > Id="SIG-d17430ac-1be2-410d-b4ed-389fa2c71d9c" > > > > > > > <ds:SignedInfo> > > > <ds:CanonicalizationMethod > > > > > > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n> > > > " > > > > > > > <ec:InclusiveNamespaces > > > xmlns:ec="http://www.w3.org/ > > > 2001/10/xml-exc-c14n#" > > > PrefixList="soap" /> > > > </ds:CanonicalizationMethod> > > > <ds:SignatureMethod > > > Algorithm="http://www.w3.org/ > > > 2000/09/xmldsig#rsa-sha1" /> > > > <ds:Reference URI="#TS-c1511394-ae6f-4a4c- > > > b8c4-a97df1bbd782"> > > > <ds:Transforms> > > > <ds:Transform > > > Algorithm="http://www.w3.org/ > > > 2001/10/xml-exc-c14n#" > > > > > > > <ec:InclusiveNamespaces > > > xmlns:ec="http://www.w3.org/ > > > 2001/10/xml-exc-c14n#" > > > PrefixList="wsse soap" /> > > > </ds:Transform> > > > </ds:Transforms> > > > <ds:DigestMethod > > > Algorithm="http://www.w3.org/ > > > 2000/09/xmldsig#sha1" /> > > > > > > <ds:DigestValue>oUUE187y3bNvLUk0KvKAMQi5oS0=</ > > > ds:DigestValue> > > > </ds:Reference> > > > <ds:Reference URI="#_7f09a81a-706a-4d03- > > > 932e-c402c7af8d16"> > > > <ds:Transforms> > > > <ds:Transform > > > Algorithm="http://www.w3.org/ > > > 2001/10/xml-exc-c14n#" > > > > > > > <ec:InclusiveNamespaces > > > xmlns:ec="http://www.w3.org/ > > > 2001/10/xml-exc-c14n#" > > > PrefixList="soap" /> > > > </ds:Transform> > > > </ds:Transforms> > > > <ds:DigestMethod > > > Algorithm="http://www.w3.org/ > > > 2000/09/xmldsig#sha1" /> > > > > > > <ds:DigestValue>J3b0s0Tc7Z9nwyg6ryeyXi5V7Wk=</ > > > ds:DigestValue> > > > </ds:Reference> > > > </ds:SignedInfo> > > > <ds:SignatureValue>UED8ewbdSQUhh6k7Py+P+ > > > 5wveYhhM8xwpaBhn5IYKqqPSFzQSkFCG3q7oN/tOL3Oe33N2Xm+ > > > zPD26Qr7t7LGSEIXUU3ALxtnf8MtS3FRo9C6pxPPC6QuN0dYupPFZnQpYtNB > > > L9i9HIRB9dqh9I7NAdz3OGBCjdB8j0scP9V830YSf5fy5Sq5uC2uNV4Ee9tE > > > mPbY1yStH8htwPHeQEAFlQ0eNRCGrKL30af9waXGPXetMfuoQPMIbNssImie > > > 5cz2O56DGs88bBLZZaLG8LdoouAti9v2DGmlL9A42iJjXs19jQy+HP+4zy/ > > > vteV/aRhk4t8Q+tJcbn3piy7+pFnuhQ==</ds:SignatureValue> > > > <ds:KeyInfo Id="KI-2b2d8678-1047-4bbb- > > a9f6-33de176b569e"> > > > <wsse:SecurityTokenReference > > > xmlns:wsse="http://docs.oasis- > > > open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>" > > > xmlns:wsu="http://docs.oasis- > > > open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>" > > > wsu:Id="STR-2e70c6dd-87f9- > > 449e-9659-e0853efef74f" > > > > > > > <wsse:KeyIdentifier > > > EncodingType="http://docs. > > > oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-<http://oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-> > > > security-1.0#Base64Binary" > > > ValueType="http://docs.oasis- > > > open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1<http://open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1>" > > > >y5plsGZ1ujCONeUMI+FuNgfF8LU=< > > /wsse:KeyIdentifier> > > > </wsse:SecurityTokenReference> > > > </ds:KeyInfo> > > > </ds:Signature> > > > </wsse:Security> > > > </soap:Header> > > > <soap:Body> > > > <wst:RequestSecurityToken xmlns:wst="http://schemas. > > > xmlsoap.org/ws/2005/02/trust<http://xmlsoap.org/ws/2005/02/trust>"> > > > <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/ > > > 02/trust/Issue</wst:RequestType> > > > <wsp:AppliesTo xmlns:wsp="http://www.w3.org/ns/ws-policy";> > > > <wsa:EndpointReference > > > xmlns:wsa="http://www.w3.org/ 2005/08/addressing"> > > > > > > <wsa:Address>https://localhost:8443/mock-vls-ws/ > > > services/mockAuthenticationService</wsa:Address> > > > </wsa:EndpointReference> > > > </wsp:AppliesTo> > > > <wst:Lifetime > > > > > > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- > > > 200401-wss-wssecurity-utility-1.0.xsd" > > > > > > > <wsu:Created>2017-11-02T22:02:29.214Z</wsu:Created> > > > <wsu:Expires>2017-11-02T22:07:29.214Z</wsu:Expires> > > > </wst:Lifetime> > > > > > > <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct< > > > /wst:TokenType> > > > <wst:KeySize>256</wst:KeySize> > > > <wst:Entropy> > > > <wst:BinarySecret > > > Type="http://schemas.xmlsoap. > > > org/ws/2005/02/trust/Nonce" > > > >0UEx1yrKYAbPt0/m6tuSeyjFvVV4bE1bvN97D9lT0bw=< > > > /wst:BinarySecret> > > > </wst:Entropy> > > > > > > <wst:ComputedKeyAlgorithm>http://schemas.xmlsoap.org/ws/ > > > 2005/02/trust/CK/PSHA1</wst:ComputedKeyAlgorithm> > > > <wst:Renewing /> > > > </wst:RequestSecurityToken> > > > </soap:Body> > > > </soap:Envelope> > > > > > > > > > Here is my Spring Endpoint config: > > > > > > > > > <bean id="Aamva_Authentication_Request" > > > class="org.apache.cxf.ws<http://org.apache.cxf.ws>. > > > security.wss4j.WSS4JInInterceptor"> > > > <constructor-arg> > > > <map> > > > <entry key="action" value="Timestamp Signature" /> > > > <entry key="user" value="dls-vls-mock-service- > > client-key" > > > /> > > > <entry key="passwordType" value="PasswordText" /> > > > <entry key="passwordCallbackClass" > > > value="gov.uscis.uscis.xsd.esb.authentication. > > > AuthenticationServicePasswordCallback" /> > > > <entry key="decryptionPropFile" value="cxf/cxf-crypto. > > properties" > > > /> > > > <entry key="signaturePropFile" value="cxf/cxf-crypto. > > properties" > > > /> > > > <entry key="signatureUser" > > > value="dls-vls-mock-service- > > client-key" > > > /> > > > <entry key="signatureKeyIdentifier" > > > value="X509KeyIdentifier " /> > > > <entry key="signatureParts" > > > value="{Element}{http://docs. > > > oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0<http://oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0>. > > > xs d} BinarySecurityToken;{Element}{http://docs.oasis-open.org/ > > > wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd} > > > Timestamp;{}{http://www.w3.org/2000/09/xmldsig}Signature<http://www.w3.org/2000/09/xmldsig%7dSignature>; > > > {Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://schemas.xmlsoap.org/soap/envelope/%7dBody>;" > > > /> > > > > > > <!-- > > > <entry key="encryptionPropFile" value="cxf/cxf-crypto. > > properties" > > > /> > > > <entry key="encryptionParts" > > > > > > value="{Content}{http://schemas.xmlsoap.org/ws/2005/ > > > 07/securitypolicy}Body;" /> > > > --> > > > </map> > > > </constructor-arg> > > > </bean> > > > > > > <bean id="Aamva_Authentication_Response" > > > class="org.apache.cxf.ws<http://org.apache.cxf.ws>. > > > security.wss4j.WSS4JOutInterceptor"> > > > <constructor-arg> > > > <map> > > > <entry key="action" value="Timestamp Signature" /> > > > <entry key="user" value="dls-vls-mock-service- > > client-key" > > > /> > > > <entry key="passwordType" value="PasswordText" /> > > > <entry key="passwordCallbackClass" > > > value="gov.uscis.uscis.xsd.esb.authentication. > > > AuthenticationServicePasswordCallback" /> > > > <entry key="signaturePropFile" value="cxf/cxf-crypto. > > properties" > > > /> > > > <entry key="signatureKeyIdentifier" > > > value="X509KeyIdentifier " /> > > > <entry key="signatureParts" > > > value="{Element}{http://docs. > > > oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0<http://oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0>. > > > xs d} BinarySecurityToken;{Element}{http://docs.oasis-open.org/ > > > wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd} > > > Timestamp;{}{http://www.w3.org/2000/09/xmldsig}Signature<http://www.w3.org/2000/09/xmldsig%7dSignature>; > > > {Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://schemas.xmlsoap.org/soap/envelope/%7dBody>;" > > > /> > > > <!-- > > > <entry key="encryptionPropFile" value="cxf/cxf-crypto. > > properties" > > > /> > > > <entry key="encryptionParts" > > > > > > value="{Content}{http://schemas.xmlsoap.org/ws/2005/ > > > 07/securitypolicy}Body;" /> > > > --> > > > </map> > > > </constructor-arg> > > > </bean> > > > > > > <jaxws:endpoint id="mockAuthenticationServiceEndpoint" bus="cxf" > > > address="/mockAuthenticationService" > > > implementor="gov.uscis.uscis.xsd.esb.authentication. > > > AuthenticationServiceImpl" > > > > > > > <jaxws:binding> > > > <soap:soapBinding mtomEnabled="true" version="1.2" /> > > > </jaxws:binding> > > > > > > <jaxws:inInterceptors> > > > <ref bean="Aamva_Authentication_Request" /> > > > <bean class="org.apache.cxf.binding. > > soap.saaj.SAAJInInterceptor" > > > /> > > > </jaxws:inInterceptors> > > > > > > <jaxws:outInterceptors> > > > <ref bean="Aamva_Authentication_Response" /> > > > <bean class="org.apache.cxf.binding. > > soap.saaj.SAAJOutInterceptor" > > > /> > > > </jaxws:outInterceptors> > > > > > > </jaxws:endpoint> > > > > > > Since adding the signatureParts entries, now I am getting: > > > > > > 2017-11-02 21:40:11.369 WARN [org.apache.cxf.common. > logging.LogUtils] > > > Interceptor for {http://aamva.org/authentication/3.1.0} > > > AuthenticationService has thrown exception, unwinding now > > > org.apache.cxf.interceptor.Fault: Message part { > > > http://schemas.xmlsoap.org/ws/2005/02/trust}RequestSecurityToken<http://schemas.xmlsoap.org/ws/2005/02/trust%7dRequestSecurityToken> > > > was not recognized. (Does it exist in service WSDL?) > > > > > > > > > I am out of my depth here. Can anyone suggest how to get the > > > JAX:WS markup to match up with the WSDL policy? > > > > > > Thanks. > > > > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
