You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Diego Pacheco <di...@gmail.com> on 2008/04/02 02:52:20 UTC
Missing wsse:Security header in request exception.
Hi everyone,
I'm running the sample04 from Rampart 1.3 samples, using Axis1.3 and Tomcat
6.0.14 but when I tried to call the service I got the following exception on
client (no change was made in the sample):
[java] Exception in thread "main" org.apache.axis2.AxisFault: Missing
wsse:
Security header in request
[java] at org.apache.rampart.handler.RampartReceiver.invoke
(RampartRece
iver.java:92)
[java] at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
[java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java
:212
)
[java] at org.apache.axis2.engine.AxisEngine.receive(
AxisEngine.java:13
2)
[java] at
org.apache.axis2.description.OutInAxisOperationClient.handleR
esponse(OutInAxisOperation.java:336)
[java] at
org.apache.axis2.description.OutInAxisOperationClient.send(Ou
tInAxisOperation.java:389)
[java] at
org.apache.axis2.description.OutInAxisOperationClient.execute
Impl(OutInAxisOperation.java:211)
[java] at org.apache.axis2.client.OperationClient.execute
(OperationClie
nt.java:163)
[java] at org.apache.axis2.client.ServiceClient.sendReceive
(ServiceClie
nt.java:528)
[java] at org.apache.axis2.client.ServiceClient.sendReceive
(ServiceClie
nt.java:508)
[java] at org.apache.rampart.samples.policy.sample04.Client.main
(Unknow
n Source)
[java] Caused by: org.apache.rampart.RampartException: Missing
wsse:Securit
y header in request
[java] at org.apache.rampart.RampartEngine.process(
RampartEngine.java:1
06)
[java] at org.apache.rampart.handler.RampartReceiver.invoke
(RampartRece
iver.java:85)
[java] ... 10 more
[java] Java Result: 1
BUILD SUCCESSFUL
Total time: 7 seconds
C:\rampart-1.3\samples\policy>
However the SOAP request message contains the wsse:Security header:
<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsa="http://www.w3.org/2005/08/addressing">
<soapenv:Header>
<wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-20910958">
<wsu:Created>2008-04-02T00:28:00.312Z</wsu:Created>
<wsu:Expires>2008-04-02T00:33:00.312Z</wsu:Expires>
</wsu:Timestamp>
<wsc:SecurityContextToken xmlns:wsc="
http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="sctId-15351007">
<wsc:Identifier>urn:uuid:B691A0608A95E9218F12070960833281</wsc:Identifier>
</wsc:SecurityContextToken>
<wsc:DerivedKeyToken xmlns:wsc="
http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="derivedKeyId-12626425">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#sctId-15351007" ValueType="
http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
</wsse:SecurityTokenReference>
<wsc:Length>16</wsc:Length>
<wsc:Nonce>gARRJ4qrsrJPwQwvLg9niw==</wsc:Nonce>
<wsc:Offset>0</wsc:Offset>
</wsc:DerivedKeyToken>
<xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:DataReference URI="#EncDataId-3885854" />
<xenc:DataReference URI="#EncDataId-14098944" />
</xenc:ReferenceList>
<wsc:DerivedKeyToken xmlns:wsc="
http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="derivedKeyId-17365216">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#sctId-15351007" ValueType="
http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
</wsse:SecurityTokenReference>
<wsc:Length>16</wsc:Length>
<wsc:Nonce>1O597Wd5okArK/ISxTmNQA==</wsc:Nonce>
<wsc:Offset>0</wsc:Offset>
</wsc:DerivedKeyToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-10656878">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<ds:Reference URI="#Timestamp-20910958">
<ds:Transforms>
<ds:Transform Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>UbUnR4E3T6vnkpYF3SYLBZ0UekI=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>NUvdwZyCAca7dP1AMuO7Ie9nU+k=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-30149247">
<wsse:SecurityTokenReference xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-12919296">
<wsse:Reference URI="#derivedKeyId-17365216" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:To>http://localhost:8080/axis2/services/sample04</wsa:To>
<wsa:MessageID>urn:uuid:0259C4A41F41ACABCF1207096080131</wsa:MessageID>
<wsa:Action>urn:echo</wsa:Action>
</soapenv:Header>
<soapenv:Body xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id-3885854">
<ns1:echo xmlns:ns1="http://sample04.policy.samples.rampart.apache.org">
<param0>Hello world1</param0>
</ns1:echo>
</soapenv:Body>
</soapenv:Envelope>
Using the SimpleHTTPServer option the exception don't occurs.
I need to do some change on the policy.xml or service.xml? I used the same
files from the sample without making any changes.
Regards,
Diego
Re: Missing wsse:Security header in request exception.
Posted by Diego Pacheco <di...@gmail.com>.
Correcting: I'm using Axis2 1.3.
2008/4/1, Diego Pacheco <di...@gmail.com>:
>
> Hi everyone,
>
> I'm running the sample04 from Rampart 1.3 samples, using Axis1.3 and
> Tomcat 6.0.14 but when I tried to call the service I got the following
> exception on client (no change was made in the sample):
>
> [java] Exception in thread "main" org.apache.axis2.AxisFault: Missing
> wsse:
> Security header in request
> [java] at org.apache.rampart.handler.RampartReceiver.invoke
> (RampartRece
> iver.java:92)
> [java] at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
> [java] at org.apache.axis2.engine.AxisEngine.invoke(
> AxisEngine.java:212
> )
> [java] at org.apache.axis2.engine.AxisEngine.receive(
> AxisEngine.java:13
> 2)
> [java] at
> org.apache.axis2.description.OutInAxisOperationClient.handleR
> esponse(OutInAxisOperation.java:336)
> [java] at
> org.apache.axis2.description.OutInAxisOperationClient.send(Ou
> tInAxisOperation.java:389)
> [java] at
> org.apache.axis2.description.OutInAxisOperationClient.execute
> Impl(OutInAxisOperation.java:211)
> [java] at org.apache.axis2.client.OperationClient.execute
> (OperationClie
> nt.java:163)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive
> (ServiceClie
> nt.java:528)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive
> (ServiceClie
> nt.java:508)
> [java] at org.apache.rampart.samples.policy.sample04.Client.main
> (Unknow
> n Source)
> [java] Caused by: org.apache.rampart.RampartException: Missing
> wsse:Securit
> y header in request
> [java] at org.apache.rampart.RampartEngine.process(
> RampartEngine.java:1
> 06)
> [java] at org.apache.rampart.handler.RampartReceiver.invoke
> (RampartRece
> iver.java:85)
> [java] ... 10 more
> [java] Java Result: 1
>
> BUILD SUCCESSFUL
> Total time: 7 seconds
> C:\rampart-1.3\samples\policy>
>
> However the SOAP request message contains the wsse:Security header:
>
> <?xml version='1.0' encoding='utf-8'?>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsa="http://www.w3.org/2005/08/addressing">
> <soapenv:Header>
> <wsse:Security xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <wsu:Timestamp xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Timestamp-20910958">
> <wsu:Created>2008-04-02T00:28:00.312Z</wsu:Created>
> <wsu:Expires>2008-04-02T00:33:00.312Z</wsu:Expires>
> </wsu:Timestamp>
> <wsc:SecurityContextToken xmlns:wsc="
> http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="sctId-15351007">
>
> <wsc:Identifier>urn:uuid:B691A0608A95E9218F12070960833281</wsc:Identifier>
> </wsc:SecurityContextToken>
> <wsc:DerivedKeyToken xmlns:wsc="
> http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="derivedKeyId-12626425">
> <wsse:SecurityTokenReference>
> <wsse:Reference URI="#sctId-15351007" ValueType="
> http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
> </wsse:SecurityTokenReference>
> <wsc:Length>16</wsc:Length>
> <wsc:Nonce>gARRJ4qrsrJPwQwvLg9niw==</wsc:Nonce>
> <wsc:Offset>0</wsc:Offset>
> </wsc:DerivedKeyToken>
> <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
> <xenc:DataReference URI="#EncDataId-3885854" />
> <xenc:DataReference URI="#EncDataId-14098944" />
> </xenc:ReferenceList>
> <wsc:DerivedKeyToken xmlns:wsc="
> http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="derivedKeyId-17365216">
> <wsse:SecurityTokenReference>
> <wsse:Reference URI="#sctId-15351007" ValueType="
> http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
> </wsse:SecurityTokenReference>
> <wsc:Length>16</wsc:Length>
> <wsc:Nonce>1O597Wd5okArK/ISxTmNQA==</wsc:Nonce>
> <wsc:Offset>0</wsc:Offset>
> </wsc:DerivedKeyToken>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> Id="Signature-10656878">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#" />
> <ds:SignatureMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
> <ds:Reference URI="#Timestamp-20910958">
> <ds:Transforms>
> <ds:Transform Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>UbUnR4E3T6vnkpYF3SYLBZ0UekI=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>NUvdwZyCAca7dP1AMuO7Ie9nU+k=</ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-30149247">
> <wsse:SecurityTokenReference xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-12919296">
> <wsse:Reference URI="#derivedKeyId-17365216" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> <wsa:To>http://localhost:8080/axis2/services/sample04</wsa:To>
>
> <wsa:MessageID>urn:uuid:0259C4A41F41ACABCF1207096080131</wsa:MessageID>
> <wsa:Action>urn:echo</wsa:Action>
> </soapenv:Header>
> <soapenv:Body xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Id-3885854">
> <ns1:echo xmlns:ns1="http://sample04.policy.samples.rampart.apache.org
> ">
> <param0>Hello world1</param0>
> </ns1:echo>
> </soapenv:Body>
> </soapenv:Envelope>
>
> Using the SimpleHTTPServer option the exception don't occurs.
>
> I need to do some change on the policy.xml or service.xml? I used the same
> files from the sample without making any changes.
>
> Regards,
>
> Diego
>
>
Re: Deprecated method
Posted by Dimuthu Leelarathne <di...@wso2.com>.
Hi,
The new way is to use WS Security Policy to configure the service. That
is why the methods are deprecated.
If you look at samples/policy and samples/basic you will see the
difference.
Thank you,
Dimuthu
On Mon, 2008-04-07 at 11:46 +0200, Fabien Couvert wrote:
> Hi all,
>
> I used Rampart 1.3 and I configure my client dynamically with this methods :
>
> OutflowConfiguration ofc = new OutflowConfiguration();
> // set the action item
> ofc.setActionItems("Encrypt");
> // set the encryption user
> ofc.setEncryptionUser("service");
> // set the property file; remember if the properties is not in classpath
> then it will not find
> // this.
> ofc.setEncryptionPropFile("client.properties");
> // return the Parameter
> return ofc.getProperty();
>
> But Eclipse said to me that every method were deprecated, anyone can
> help me to use new methods ?
>
> Thank you
>
> Fabien
Deprecated method
Posted by Fabien Couvert <fa...@bull.net>.
Hi all,
I used Rampart 1.3 and I configure my client dynamically with this methods :
OutflowConfiguration ofc = new OutflowConfiguration();
// set the action item
ofc.setActionItems("Encrypt");
// set the encryption user
ofc.setEncryptionUser("service");
// set the property file; remember if the properties is not in classpath
then it will not find
// this.
ofc.setEncryptionPropFile("client.properties");
// return the Parameter
return ofc.getProperty();
But Eclipse said to me that every method were deprecated, anyone can
help me to use new methods ?
Thank you
Fabien
Sandesha2 + Rampart Create sequence problems
Posted by Fabien Couvert <fa...@bull.net>.
Hi,
I try to use Sandesha2 1.3 with encryption by Rampart 1.3 with Axis2 1.3
on Tomcat 6.0.16.
Everything is ok when I use separatly Rampart encryption or Sandesha2 RM.
But when I try to use in same time encryption and reliability I have
this error :
org.apache.axis2.AxisFault: Sandesha2 sender thread has not received a
valid CreateSequnceResponse
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:417)
at ...
Anyone have already get this error ?
I create the sequence with :
String id = SandeshaUtil.getUUID();
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.OFFERED_SEQUENCE_ID,
id);
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.SEQUENCE_KEY,
id);
Anyone have an idea please ?
Thank you
Fabien
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Sandesha2 + Rampart Create sequence problems
Posted by Fabien Couvert <fa...@bull.net>.
Hi,
I try to use Sandesha2 1.3 with encryption by Rampart 1.3 with Axis2 1.3
on Tomcat 6.0.16.
Everything is ok when I use separatly Rampart encryption or Sandesha2 RM.
But when I try to use in same time encryption and reliability I have
this error :
org.apache.axis2.AxisFault: Sandesha2 sender thread has not received a
valid CreateSequnceResponse
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:417)
at ...
Anyone have already get this error ?
I create the sequence with :
String id = SandeshaUtil.getUUID();
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.OFFERED_SEQUENCE_ID,
id);
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.SEQUENCE_KEY,
id);
Anyone have an idea please ?
Thank you
Fabien
Sandesha2 + Rampart Create sequence problems
Posted by Fabien Couvert <fa...@bull.net>.
Hi,
I try to use Sandesha2 1.3 with encryption by Rampart 1.3 with Axis2 1.3
on Tomcat 6.0.16.
Everything is ok when I use separatly Rampart encryption or Sandesha2 RM.
But when I try to use in same time encryption and reliability I have
this error :
org.apache.axis2.AxisFault: Sandesha2 sender thread has not received a
valid CreateSequnceResponse
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:417)
at ...
Anyone have already get this error ?
I create the sequence with :
String id = SandeshaUtil.getUUID();
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.OFFERED_SEQUENCE_ID,
id);
stub._getServiceClient().getOptions().setProperty(SandeshaClientConstants.SEQUENCE_KEY,
id);
Anyone have an idea please ?
Thank you
Fabien
---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org
Re: Rampart Encryption Error
Posted by Dimuthu Leelarathne <di...@wso2.com>.
Hi Fabien,
Please check whether the addressing-1.3.mar file is in the modules
directory.
${CATALINA_HOME}/webapps/axis2/WEB-INF/modules
Then please check whether the rampart jars and mars are in the lib and
module directory of axis2, which is inside the Tomcat.
Then if you have the services.xml and client's axis2.xml file with
correctly defined phases it should work.
To me it looks like your request reaches the server successfully and the
error comes from the server.
Thank you,
Dimuthu
On Thu, 2008-04-03 at 16:09 +0200, Fabien Couvert wrote:
> Hi all,
>
> I have a problem with rampart 1.3 on axis2 1.3 on Tomcat 6.0.
>
> I have this exception when i try to launch my client :
>
> Caused by: org.apache.axis2.AxisFault: Must Understand check failed for
> header http://www.w3.org/2005/08/addressing
>
> and another now :
> org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
>
>
> Currently I have added this line in my services.xml (server side):
>
> <module ref="addressing" />
> <module ref="rampart" />
> <parameter name="InflowSecurity">
> <action>
> <items>Encrypt</items>
>
> <passwordCallbackClass>mypackage.PWCBHandler</passwordCallbackClass>
> <decryptionPropFile>service.properties</decryptionPropFile>
> </action>
> </parameter>
> <parameter name="OutflowSecurity">
> <action>
> <items>Encrypt</items>
> <encryptionUser>client</encryptionUser>
> <encryptionPropFile>service.properties</encryptionPropFile>
> </action>
> </parameter>
>
> And in client_axis2.xml :
>
> <module ref="addressing" />
> <module ref="rampart"/>
> <parameter name="OutflowSecurity">
> <action>
> <items>Encrypt</items>
> <encryptionUser>service</encryptionUser>
> <encryptionPropFile>client.properties</encryptionPropFile>
> </action>
> </parameter>
> <parameter name="InflowSecurity">
> <action>
> <items>Encrypt</items>
> <passwordCallbackClass>mypackage.PWCBHandler</passwordCallbackClass>
> <decryptionPropFile>client.properties</decryptionPropFile>
> </action>
> </parameter>
>
> In my aar jar I added service.jks and service.properties
>
>
> How can I resolved this problem please ?
>
> I had tried with a Timestamp and it's works !
>
> Thank you
>
Rampart Encryption Error
Posted by Fabien Couvert <fa...@bull.net>.
Hi all,
I have a problem with rampart 1.3 on axis2 1.3 on Tomcat 6.0.
I have this exception when i try to launch my client :
Caused by: org.apache.axis2.AxisFault: Must Understand check failed for
header http://www.w3.org/2005/08/addressing
and another now :
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
Currently I have added this line in my services.xml (server side):
<module ref="addressing" />
<module ref="rampart" />
<parameter name="InflowSecurity">
<action>
<items>Encrypt</items>
<passwordCallbackClass>mypackage.PWCBHandler</passwordCallbackClass>
<decryptionPropFile>service.properties</decryptionPropFile>
</action>
</parameter>
<parameter name="OutflowSecurity">
<action>
<items>Encrypt</items>
<encryptionUser>client</encryptionUser>
<encryptionPropFile>service.properties</encryptionPropFile>
</action>
</parameter>
And in client_axis2.xml :
<module ref="addressing" />
<module ref="rampart"/>
<parameter name="OutflowSecurity">
<action>
<items>Encrypt</items>
<encryptionUser>service</encryptionUser>
<encryptionPropFile>client.properties</encryptionPropFile>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>Encrypt</items>
<passwordCallbackClass>mypackage.PWCBHandler</passwordCallbackClass>
<decryptionPropFile>client.properties</decryptionPropFile>
</action>
</parameter>
In my aar jar I added service.jks and service.properties
How can I resolved this problem please ?
I had tried with a Timestamp and it's works !
Thank you
Re: Missing wsse:Security header in request exception.
Posted by Diego Pacheco <di...@gmail.com>.
Hi Nandana,
You are correct, the SOAP response doesn't contain the wsse:Security header.
This is the SOAP response:
<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Body>
<wst:RequestSecurityTokenResponse xmlns:wst="
http://schemas.xmlsoap.org/ws/2005/02/trust">
<wst:RequestedSecurityToken>
<wsc:SecurityContextToken xmlns:wsc="
http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="sctId-26461030">
<wsc:Identifier>urn:uuid:5A329B159327DD4C4A12071928591875</wsc:Identifier>
</wsc:SecurityContextToken>
</wst:RequestedSecurityToken>
<wst:RequestedAttachedReference>
<wsse:SecurityTokenReference xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
">
<wsse:Reference URI="#sctId-26461030" ValueType="
http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
</wsse:SecurityTokenReference>
</wst:RequestedAttachedReference>
<wst:RequestedUnattachedReference>
<wsse:SecurityTokenReference xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
">
<wsse:Reference URI="urn:uuid:5A329B159327DD4C4A12071928591875"
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
</wsse:SecurityTokenReference>
</wst:RequestedUnattachedReference>
<wst:Lifetime>
<wsu:Created xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
">2008-04-03T03:20:59.187Z</wsu:Created>
<wsu:Expires xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
">2008-04-03T03:25:59.187Z</wsu:Expires>
</wst:Lifetime>
<wst:RequestedProofToken>
<wst:BinarySecret>Mv32yE6EQtm4cWxB+KEhYt3Vb6Ufyl+Upz/IoM8o6as=</wst:BinarySecret>
</wst:RequestedProofToken>
</wst:RequestSecurityTokenResponse>
</soapenv:Body>
</soapenv:Envelope>
How can I add the security header on the SOAP response?
Thanks,
Diego
Re: Missing wsse:Security header in request exception.
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi Diego,
Looking at the stack trace, it seems that this error occurs
because the SOAP response from the server doesn't contain a security
header. Can you capture the SOAP response from the server using TCPMon
and post it ? Then we will be able to get a clue about what is
happening.
thanks,
/nandana