You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Mahesh Narke (JIRA)" <ji...@apache.org> on 2013/12/17 12:15:07 UTC
[jira] [Created] (CXF-5464) An error was discovered processing the
header
Mahesh Narke created CXF-5464:
---------------------------------
Summary: An error was discovered processing the <wsse:Security> header
Key: CXF-5464
URL: https://issues.apache.org/jira/browse/CXF-5464
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.7.9
Environment: 1.Apache CXF 2.7.8
2.Jboss EAP 6
3.SoapUI for testing client Side
4. Windows 7
Reporter: Mahesh Narke
Fix For: 2.7.9
I tried to implement for simple authentication i.e with password simple text type, it is working but when i tried to implement for password digest type ,then giving me exception:
An error was discovered processing the <wsse:Security> header (An error happened processing a Username Token "A replay attack has been detected")
WSS4JInInterceptor Bean class defination:
<jaxws:inInterceptors>
<bean
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<!-- <map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordText"/>
<entry key="passwordCallbackRef" value-ref="myPasswordCallback"/>
</map> -->
<map>
<entry key="action" value="UsernameToken"/>
<entry key="passwordType" value="PasswordDigest"/>
<entry key="passwordCallbackRef" value-ref="myPasswordCallback"/>
</map>
</constructor-arg>
</bean>
</jaxws:inInterceptors>
Client xml request Code:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="true">
<wsse:UsernameToken>
<wsu:Created>2013-12-17T13:47:15Z</wsu:Created>
<wsse:Username>joe</wsse:Username>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rePSkfHXTM6NWODD1Cdsbw==</wsse:Nonce>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">PE7F51/oyWFVMsiZURuUwjoZVPY=</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Exception:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode>
<faultstring>An error was discovered processing the <wsse:Security> header (An error happened processing a Username Token "A replay attack has been detected")</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
What am i missing?
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)