Has anyone tested WSS4J on WAS6? We're running WAS6
on various platforms and this issue has cropped up on
AIX and Linux.
First the specifics -
Websphere version: 6 no fixpacks applied
WSS4J version: 1.1.0
Axis version: 1.2
I've trimmed down my test to simply place a username
token in the SOAP header using WSDoAllSender. Client
.wsdd below:
<handler
type="java:org.apache.ws.axis.security.WSDoAllSender"
>
<parameter name="action" value="UsernameToken"/>
<parameter name="passwordCallbackClass"
value="com.fnf.xes.framework.axis.security.client.PWClientCallback"/>
<parameter name="passwordType"
value="PasswordText" />
</handler>
The server has been similarly configured on the
WSDoAllReceiver side:
<requestFlow name="XESSecurity">
<handler
type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.fnf.xes.framework.axis.security.server.PWServerCallback"/>
<parameter name="action" value="UsernameToken"/>
</handler>
When I run a test I get the following error back from
Axis:
WSDoAllReceiver: Request does not contain required
Security header
at
org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:221)
at
org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:128)
at
org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1712)
at
org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at
org.apache.crimson.parser.Parser2.content(Parser2.java:1963)
at
org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691)
at
org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:667)
at
org.apache.crimson.parser.Parser2.parse(Parser2.java:337)
at
org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448)
at
javax.xml.parsers.SAXParser.parse(SAXParser.java:345)
at
org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at
org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at
org.apache.axis.Message.getSOAPEnvelope(Message.java:424)
at
org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at
org.apache.axis.client.Call.invokeEngine(Call.java:2765)
at
org.apache.axis.client.Call.invoke(Call.java:2748)
at
org.apache.axis.client.Call.invoke(Call.java:1784)
at
samples.message.TestIFXMsg.doit(TestIFXMsg.java:162)
at
samples.message.TestIFXMsg.main(TestIFXMsg.java:184)
I know the username token is being placed in the
message as I am running the request through the tpMon
tool. Here is the request trace (w/out soap body):
POST /axis2/services/IFXService2 HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml, application/dime,
multipart/related, text/*
User-Agent: Axis/1.2
Host: 10.132.226.12:80
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: ""
Content-Length: 2197
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
soapenv:mustUnderstand="1">
<wsse:UsernameToken><wsse:Username>jefadmin</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>trusted</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header>
Anybody have an idea of what is going wrong here? I
can run the same message through Axis & WSS4J on WAS
5.1.1 w/out any problems whatsover.
Thanks,
Shawn McKinney
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
