You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by nsaran5 <ns...@hotmail.com> on 2015/02/03 21:20:01 UTC
Security Issues from WSDL to java
Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: These policy alternatives can not be
satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
TLS is not enabled
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens:
The received token does not match the signed supporting token requirement
at
org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:47)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at
org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
at org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
TLS is not enabled
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens:
The received token does not match the signed supporting token requirement
at
org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:166)
at
org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
at
org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:45)
... 7 more
Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
has thrown exception, unwinding now
java.lang.NullPointerException
at
org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:323)
at
org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
at org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
at
org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
My Beans.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:person="http://www.mycompany.com/ws-sec-proto"
xmlns:wsa="http://cxf.apache.org/ws/addressing"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:cxf="http://cxf.apache.org/core"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd
http://servicemix.apache.org/cxfbc/1.0
http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://cxf.apache.oarg/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
<import resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-policy.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" />
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<jaxws:endpoint xmlns:tns="http://hyatt.com/hyatt/reserve/2011/05"
id="reserveservicecontract"
implementor="com.hyatt.hyatt.reserve.ReserveServiceContractImpl"
wsdlLocation="ReserveService.svc.wsdl"
endpointName="tns:Soap12Addr10Endpoint"
serviceName="tns:ReserveService" address="/Soap12Addr10Endpoint">
<jaxws:inInterceptors>
<ref bean="InSoapInterceptor"/>
</jaxws:inInterceptors>
<jaxws:properties>
<entry key="ws-security.callback-handler"
value-ref="myPasswordCallback"/>
</jaxws:properties>
</jaxws:endpoint>
<bean id="myPasswordCallback"
class="com.hyatt.hyatt.reserve.ServerPasswordCallback"/>
<bean id="InSoapInterceptor"
class="com.hyatt.hyatt.cxf.interceptors.InLogInterceptor"/>
<cxf:bus>
<cxf:features>
<cxf:logging/>
<wsa:addressing />
</cxf:features>
</cxf:bus>
</beans>
I tried all the options but still getting the error. Please help
--
View this message in context: http://cxf.547215.n5.nabble.com/Security-Issues-from-WSDL-to-java-tp5753886.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Security Issues from WSDL to java
Posted by nsaran5 <ns...@hotmail.com>.
Hello,
Thanks for your reply.
For some reason i am getting the same error.
I need to disable all the header in the configuration through the code.
my Beans.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
xmlns:person="http://www.mycompany.com/ws-sec-proto"
xmlns:wsa="http://cxf.apache.org/ws/addressing"
xmlns:jaxws="http://cxf.apache.org/jaxws"
xmlns:cxf="http://cxf.apache.org/core"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd
http://servicemix.apache.org/cxfbc/1.0
http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
http://cxf.apache.oarg/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd
http://cxf.apache.org/jaxws
http://cxf.apache.org/schemas/jaxws.xsd
http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd">
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
<import resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-policy.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" />
<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
<jaxws:endpoint xmlns:tns="http://hyatt.com/hyatt/reserve/2011/05"
id="reserveservicecontract"
implementor="com.hyatt.hyatt.reserve.ReserveServiceContractImpl"
wsdlLocation="ReserveServicesvc.wsdl"
endpointName="tns:Soap11Addr10Endpoint"
serviceName="tns:ReserveService" address="/Soap11Addr10Endpoint">
<jaxws:features>
<bean class="org.apache.cxf.feature.LoggingFeature" />
</jaxws:features>
<jaxws:inInterceptors>
<ref bean="InSoapInterceptor"/>
</jaxws:inInterceptors>
<jaxws:properties>
<entry key="ws-security.callback-handler"
value-ref="myPasswordCallback"/>
</jaxws:properties>
</jaxws:endpoint>
<bean id="myPasswordCallback"
class="com.hyatt.hyatt.reserve.ServerPasswordCallback"/>
<bean id="InSoapInterceptor"
class="com.hyatt.hyatt.cxf.interceptors.InLogInterceptor"/>
<bean id="mapAggregator" class="org.apache.cxf.ws.addressing.MAPAggregator">
<property name="allowDuplicates" value="false"/>
</bean>
<bean id="mapCodec" class="org.apache.cxf.ws.addressing.soap.MAPCodec"/>
<cxf:bus>
<cxf:inInterceptors>
<ref bean="mapAggregator"/>
<ref bean="mapCodec"/>
</cxf:inInterceptors>
<cxf:inFaultInterceptors>
<ref bean="mapAggregator"/>
<ref bean="mapCodec"/>
</cxf:inFaultInterceptors>
<cxf:outInterceptors>
<ref bean="mapAggregator"/>
<ref bean="mapCodec"/>
</cxf:outInterceptors>
<cxf:outFaultInterceptors>
<ref bean="mapAggregator"/>
<ref bean="mapCodec"/>
</cxf:outFaultInterceptors>
</cxf:bus>
</beans>
i need to get the response for my request . Please help.
Request
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns="http://hyatt.com/hyatt/reserve/2011/05">
<soapenv:Header/>
<soapenv:Body>
<ns:PromoAwardBrowseRequest>
<ns:MemberNumber>test</ns:MemberNumber>
</ns:PromoAwardBrowseRequest>
</soapenv:Body>
</soapenv:Envelope>
Thanks for your help. I am using Apache CXF 2.5.3.
Please let me know how to do the same.
Error Message in Soap UI
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<Action
xmlns="http://www.w3.org/2005/08/addressing">http://hyatt.com/hyatt/reserve/2011/05/ReserveServiceContract/PromoAwardBrowse/Fault/SoapFault</Action>
<MessageID
xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:54488d76-264f-42db-90f8-5e63d3e45a29</MessageID>
<RelatesTo
xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/unspecified</RelatesTo>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode
xmlns:ns1="http://www.w3.org/2005/08/addressing">ns1:MessageAddressingHeaderRequired</faultcode>
<faultstring>A required header representing a Message Addressing
Property is not present</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
--
View this message in context: http://cxf.547215.n5.nabble.com/Security-Issues-from-WSDL-to-java-tp5753886p5753939.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: Security Issues from WSDL to java
Posted by Aki Yoshida <el...@gmail.com>.
@Colm
Do I see NPE raised as the secondary exception after this
PolicyException is raised?
It looks like this is a oneway scenario or a decoupled scenario and
hitting this policy violation error. And somehow there is something
unexpected (NPE) happens when handling this error. I think this needs
to be clarified, no?
2015-02-04 11:11 GMT+01:00 Colm O hEigeartaigh <co...@apache.org>:
> The WSDL has a policy that mandates the TLS must be used:
>
>> Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
>> alternatives can not be satisfied:
>> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
>> TLS is not enabled
>
> However it appears that your endpoint is using a plain HTTP address.
>
> Colm.
>
>
> On Tue, Feb 3, 2015 at 8:20 PM, nsaran5 <ns...@hotmail.com> wrote:
>
>> Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
>> doDefaultLogging
>> WARNING: Interceptor for
>> {
>> http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
>> has thrown exception, unwinding now
>> org.apache.cxf.interceptor.Fault: These policy alternatives can not be
>> satisfied:
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding
>> :
>> TLS is not enabled
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
>> :
>> The received token does not match the signed supporting token requirement
>> at
>>
>> org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:47)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
>> at
>> org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
>> at
>>
>> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
>> Source)
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
>> Source)
>> at java.lang.Thread.run(Unknown Source)
>> Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
>> alternatives can not be satisfied:
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding
>> :
>> TLS is not enabled
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
>> :
>> The received token does not match the signed supporting token requirement
>> at
>>
>> org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:166)
>> at
>>
>> org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
>> at
>>
>> org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:45)
>> ... 7 more
>>
>> Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
>> doDefaultLogging
>> WARNING: Interceptor for
>> {
>> http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
>> has thrown exception, unwinding now
>> java.lang.NullPointerException
>> at
>>
>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
>> at
>>
>> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:323)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
>> at
>> org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
>> at
>>
>> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
>> Source)
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
>> Source)
>> at java.lang.Thread.run(Unknown Source)
>>
>> My Beans.xml
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <beans xmlns="http://www.springframework.org/schema/beans"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"
>> xmlns:util="http://www.springframework.org/schema/util"
>> xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
>> xmlns:http="http://cxf.apache.org/transports/http/configuration"
>> xmlns:sec="http://cxf.apache.org/configuration/security"
>> xmlns:person="http://www.mycompany.com/ws-sec-proto"
>> xmlns:wsa="http://cxf.apache.org/ws/addressing"
>>
>> xmlns:jaxws="http://cxf.apache.org/jaxws"
>> xmlns:cxf="http://cxf.apache.org/core"
>> xsi:schemaLocation="
>> http://www.springframework.org/schema/beans
>> http://www.springframework.org/schema/beans/spring-beans.xsd
>> http://www.springframework.org/schema/util
>> http://www.springframework.org/schema/util/spring-util.xsd
>> http://servicemix.apache.org/cxfbc/1.0
>>
>>
>> http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
>> http://cxf.apache.org/transports/http-jetty/configuration
>> http://cxf.apache.org/schemas/configuration/http-jetty.xsd
>> http://cxf.apache.oarg/transports/http/configuration
>> http://cxf.apache.org/schemas/configuration/http-conf.xsd
>> http://cxf.apache.org/jaxws
>> http://cxf.apache.org/schemas/jaxws.xsd
>> http://cxf.apache.org/core
>> http://cxf.apache.org/schemas/core.xsd">
>>
>>
>> <import resource="classpath:META-INF/cxf/cxf.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
>> <import
>> resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-extension-policy.xml"
>> />
>> <import
>> resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" />
>> <import resource="classpath:META-INF/cxf/cxf.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
>> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
>> <jaxws:endpoint xmlns:tns="http://hyatt.com/hyatt/reserve/2011/05"
>> id="reserveservicecontract"
>> implementor="com.hyatt.hyatt.reserve.ReserveServiceContractImpl"
>> wsdlLocation="ReserveService.svc.wsdl"
>> endpointName="tns:Soap12Addr10Endpoint"
>> serviceName="tns:ReserveService"
>> address="/Soap12Addr10Endpoint">
>> <jaxws:inInterceptors>
>> <ref bean="InSoapInterceptor"/>
>>
>> </jaxws:inInterceptors>
>>
>>
>> <jaxws:properties>
>> <entry key="ws-security.callback-handler"
>> value-ref="myPasswordCallback"/>
>>
>>
>> </jaxws:properties>
>>
>> </jaxws:endpoint>
>>
>> <bean id="myPasswordCallback"
>> class="com.hyatt.hyatt.reserve.ServerPasswordCallback"/>
>>
>> <bean id="InSoapInterceptor"
>> class="com.hyatt.hyatt.cxf.interceptors.InLogInterceptor"/>
>>
>>
>> <cxf:bus>
>> <cxf:features>
>> <cxf:logging/>
>> <wsa:addressing />
>> </cxf:features>
>> </cxf:bus>
>>
>> </beans>
>>
>> I tried all the options but still getting the error. Please help
>>
>>
>>
>>
>>
>> --
>> View this message in context:
>> http://cxf.547215.n5.nabble.com/Security-Issues-from-WSDL-to-java-tp5753886.html
>> Sent from the cxf-user mailing list archive at Nabble.com.
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
Re: Security Issues from WSDL to java
Posted by Colm O hEigeartaigh <co...@apache.org>.
The WSDL has a policy that mandates the TLS must be used:
> Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
> alternatives can not be satisfied:
> {
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding:
> TLS is not enabled
However it appears that your endpoint is using a plain HTTP address.
Colm.
On Tue, Feb 3, 2015 at 8:20 PM, nsaran5 <ns...@hotmail.com> wrote:
> Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for
> {
> http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
> has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: These policy alternatives can not be
> satisfied:
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding
> :
> TLS is not enabled
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
> :
> The received token does not match the signed supporting token requirement
> at
>
> org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:47)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
> at
> org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
> at
>
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
> Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
> Source)
> at java.lang.Thread.run(Unknown Source)
> Caused by: org.apache.cxf.ws.policy.PolicyException: These policy
> alternatives can not be satisfied:
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportBinding
> :
> TLS is not enabled
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TransportToken
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
> :
> The received token does not match the signed supporting token requirement
> at
>
> org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:166)
> at
>
> org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:101)
> at
>
> org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:45)
> ... 7 more
>
> Feb 03, 2015 1:58:08 PM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for
> {
> http://hyatt.com/hyatt/reserve/2011/05}ReserveService#{http://hyatt.com/hyatt/reserve/2011/05}PromoAwardBrowse
> has thrown exception, unwinding now
> java.lang.NullPointerException
> at
>
> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
> at
>
> org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:323)
> at
>
> org.apache.cxf.phase.PhaseInterceptorChain.resume(PhaseInterceptorChain.java:232)
> at
> org.apache.cxf.ws.addressing.ContextUtils$1.run(ContextUtils.java:481)
> at
>
> org.apache.cxf.workqueue.AutomaticWorkQueueImpl$3.run(AutomaticWorkQueueImpl.java:395)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
> Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
> Source)
> at java.lang.Thread.run(Unknown Source)
>
> My Beans.xml
>
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:cxfbc="http://servicemix.apache.org/cxfbc/1.0"
> xmlns:util="http://www.springframework.org/schema/util"
> xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
> xmlns:http="http://cxf.apache.org/transports/http/configuration"
> xmlns:sec="http://cxf.apache.org/configuration/security"
> xmlns:person="http://www.mycompany.com/ws-sec-proto"
> xmlns:wsa="http://cxf.apache.org/ws/addressing"
>
> xmlns:jaxws="http://cxf.apache.org/jaxws"
> xmlns:cxf="http://cxf.apache.org/core"
> xsi:schemaLocation="
> http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://www.springframework.org/schema/util
> http://www.springframework.org/schema/util/spring-util.xsd
> http://servicemix.apache.org/cxfbc/1.0
>
>
> http://repo2.maven.org/maven2/org/apache/servicemix/servicemix-cxf-bc/2010.01/servicemix-cxf-bc-2010.01.xsd
> http://cxf.apache.org/transports/http-jetty/configuration
> http://cxf.apache.org/schemas/configuration/http-jetty.xsd
> http://cxf.apache.oarg/transports/http/configuration
> http://cxf.apache.org/schemas/configuration/http-conf.xsd
> http://cxf.apache.org/jaxws
> http://cxf.apache.org/schemas/jaxws.xsd
> http://cxf.apache.org/core
> http://cxf.apache.org/schemas/core.xsd">
>
>
> <import resource="classpath:META-INF/cxf/cxf.xml" />
> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
> <import resource="classpath:META-INF/cxf/cxf-extension-http.xml" />
> <import
> resource="classpath:META-INF/cxf/osgi/cxf-extension-osgi.xml" />
> <import resource="classpath:META-INF/cxf/cxf-extension-policy.xml"
> />
> <import
> resource="classpath:META-INF/cxf/cxf-extension-ws-security.xml" />
> <import resource="classpath:META-INF/cxf/cxf.xml" />
> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
> <jaxws:endpoint xmlns:tns="http://hyatt.com/hyatt/reserve/2011/05"
> id="reserveservicecontract"
> implementor="com.hyatt.hyatt.reserve.ReserveServiceContractImpl"
> wsdlLocation="ReserveService.svc.wsdl"
> endpointName="tns:Soap12Addr10Endpoint"
> serviceName="tns:ReserveService"
> address="/Soap12Addr10Endpoint">
> <jaxws:inInterceptors>
> <ref bean="InSoapInterceptor"/>
>
> </jaxws:inInterceptors>
>
>
> <jaxws:properties>
> <entry key="ws-security.callback-handler"
> value-ref="myPasswordCallback"/>
>
>
> </jaxws:properties>
>
> </jaxws:endpoint>
>
> <bean id="myPasswordCallback"
> class="com.hyatt.hyatt.reserve.ServerPasswordCallback"/>
>
> <bean id="InSoapInterceptor"
> class="com.hyatt.hyatt.cxf.interceptors.InLogInterceptor"/>
>
>
> <cxf:bus>
> <cxf:features>
> <cxf:logging/>
> <wsa:addressing />
> </cxf:features>
> </cxf:bus>
>
> </beans>
>
> I tried all the options but still getting the error. Please help
>
>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Security-Issues-from-WSDL-to-java-tp5753886.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com