You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Julie McCabe <ju...@gmail.com> on 2006/04/28 15:23:12 UTC
Did not understand "MustUnderstand" header(s):
Hello,
I am using WS-Security Headers through a third-party handler which uses
wss4j. I am trying to make a first attempt to call a service, I get the
following error:
Did not understand "MustUnderstand" header(s):
at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(
MustUnderstandChecker.java:96)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
at org.apache.axis.client.Call.invoke(Call.java:2710)
at org.apache.axis.client.Call.invoke(Call.java:2386)
at org.apache.axis.client.Call.invoke(Call.java:2309)
at org.apache.axis.client.Call.invoke(Call.java:1766)
at SecureOperation.Call(SecureOperation.java:182)
at Client.main(Client.java:85)
I invoke the client with the following properties set:
-Djava.endorsed.dirs=$CATALINA_HOME/common/endorsed -
Daxis.ClientConfigFile=$CATALINA_HOME/bin/client-config.wsdd
The client-config.wsdd is as follows:
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java
">
<globalConfiguration>
<parameter name="adminPassword" value="admin"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
<parameter name="sendXMLDeclaration" value="false"/>
<parameter name="axis.sendMinimizedElements" value="true"/>
<parameter name="defaultRequestMessageClassification"
value="UNCLASSIFIED"/>
<requestFlow>
<handler type="java:
mil.dia.nces.security.axis.handler.NCESClientHandler">
<!-- Set the mustUnderstand attribute of the WSS Security
element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandWSSHeader" value="true"/>
<!-- Set the mustUnderstand attribute of the WS-Addressing
MessageID element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandMessageID" value="false"/>
</handler>
</requestFlow>
<responseFlow>
<handler type="java:
mil.dia.nces.security.axis.handler.NCESClientHandler">
<parameter name="disableCertificateStatusChecking"
value="true"/>
</handler>
</responseFlow>
</globalConfiguration>
<transport name="java" pivot="java:
org.apache.axis.transport.java.JavaSender"/>
<transport name="http" pivot="java:
org.apache.axis.transport.http.HTTPSender"/>
<transport name="local" pivot="java:
org.apache.axis.transport.local.LocalSender"/>
</deployment>
The service has the following in its server-config.wsdd
<service name="examples/core/factory/SimpleService" provider="Handler"
use="literal" style="document">
<parameter name="className" value="
uk.ac.qub.prism.factory.impl.SimpleService"/>
<wsdlFile>share/schema/uk/ac/qub/prism/factory/schema/Simple_service.wsdl</wsdlFile>
<parameter name="allowedMethods" value="*"/>
<parameter name="handlerClass" value="
org.globus.axis.providers.RPCProvider"/>
<parameter name="scope" value="Application"/>
<parameter name="loadOnStartup" value="true"/>
<parameter name="allowedRoles" value="INTEL ANALYST"/>
<parameter name="defaultResponseMessageClassification"
value="UNCLASSIFIED"/>
<parameter name="serviceQName" value="
http://localhost:8080/wsrf/services/examples/core/factory/SimpleService#SimpleService
"/>
</service>
I searched this mailing list and could not find anything conclusive, I read
from an IBM websphere mailing list that:
"interface doesn't have an actor parameter available to define
the root
actor/role to associate with the header URL parameter. As a
result a
binding isn't being made which the semantic checking code,
activated by
the mustUnderstand flag, uses to determine if the soap header is
understood by the client. If using the deployment descriptor to
register
a handler statically, this actor/role is defined by the
<soap-role>
child element of the <handler> definition block. This limitation
in the
specifications for HandlerInfo causes the inability of
mustUnderstand to"
work when using dynamic handler registration.
which kind of makes sense but I dont know what the implication for the
configuration are, I would really apprecipate some help on this matter as
ive been stuck on this matter for some time now.
Environment: Java 1.4.2_04-b05, tomcat 4.1.30, fc 5.
Many thanks,
Julie.
RE: Did not understand "MustUnderstand" header(s):
Posted by "Vignesh M.P.N." <ma...@iit.edu>.
You mean to say the third party's NCESClientHandler does include
WSDoAllSender handler?
Vignesh.
_____
From: Julie McCabe [mailto:julie.mccabe@gmail.com]
Sent: Friday, April 28, 2006 8:23 AM
To: wss4j-dev@ws.apache.org
Subject: Did not understand "MustUnderstand" header(s):
Hello,
I am using WS-Security Headers through a third-party handler which uses
wss4j. I am trying to make a first attempt to call a service, I get the
following error:
Did not understand "MustUnderstand" header(s):
at
org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChe
cker.java:96)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
at org.apache.axis.client.Call.invoke(Call.java:2710)
at org.apache.axis.client.Call.invoke(Call.java:2386)
at org.apache.axis.client.Call.invoke(Call.java:2309)
at org.apache.axis.client.Call.invoke(Call.java:1766)
at SecureOperation.Call(SecureOperation.java:182)
at Client.main(Client.java:85)
I invoke the client with the following properties set:
-Djava.endorsed.dirs=$CATALINA_HOME/common/endorsed
-Daxis.ClientConfigFile=$CATALINA_HOME/bin/client-config.wsdd
The client-config.wsdd is as follows:
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="
<http://xml.apache.org/axis/wsdd/providers/java>
http://xml.apache.org/axis/wsdd/providers/java ">
<globalConfiguration>
<parameter name="adminPassword" value="admin"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
<parameter name="sendXMLDeclaration" value="false"/>
<parameter name="axis.sendMinimizedElements" value="true"/>
<parameter name="defaultRequestMessageClassification"
value="UNCLASSIFIED"/>
<requestFlow>
<handler
type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
<!-- Set the mustUnderstand attribute of the WSS Security
element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandWSSHeader" value="true"/>
<!-- Set the mustUnderstand attribute of the WS-Addressing
MessageID element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandMessageID" value="false"/>
</handler>
</requestFlow>
<responseFlow>
<handler
type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
<parameter name="disableCertificateStatusChecking"
value="true"/>
</handler>
</responseFlow>
</globalConfiguration>
<transport name="java"
pivot="java:org.apache.axis.transport.java.JavaSender"/>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<transport name="local"
pivot="java:org.apache.axis.transport.local.LocalSender"/>
</deployment>
The service has the following in its server-config.wsdd
<service name="examples/core/factory/SimpleService" provider="Handler"
use="literal" style="document">
<parameter name="className"
value="uk.ac.qub.prism.factory.impl.SimpleService"/>
<wsdlFile>share/schema/uk/ac/qub/prism/factory/schema/Simple_service.wsdl</w
sdlFile>
<parameter name="allowedMethods" value="*"/>
<parameter name="handlerClass"
value="org.globus.axis.providers.RPCProvider"/>
<parameter name="scope" value="Application"/>
<parameter name="loadOnStartup" value="true"/>
<parameter name="allowedRoles" value="INTEL ANALYST"/>
<parameter name="defaultResponseMessageClassification"
value="UNCLASSIFIED"/>
<parameter name="serviceQName"
value="http://localhost:8080/wsrf/services/examples/core/factory/SimpleServi
ce#SimpleService "/>
</service>
I searched this mailing list and could not find anything conclusive, I read
from an IBM websphere mailing list that:
"interface doesn't have an actor parameter available to define
the root
actor/role to associate with the header URL parameter. As a
result a
binding isn't being made which the semantic checking code,
activated by
the mustUnderstand flag, uses to determine if the soap header is
understood by the client. If using the deployment descriptor to
register
a handler statically, this actor/role is defined by the
<soap-role>
child element of the <handler> definition block. This limitation
in the
specifications for HandlerInfo causes the inability of
mustUnderstand to"
work when using dynamic handler registration.
which kind of makes sense but I dont know what the implication for the
configuration are, I would really apprecipate some help on this matter as
ive been stuck on this matter for some time now.
Environment: Java 1.4.2_04-b05, tomcat 4.1.30, fc 5.
Many thanks,
Julie.
RE: Did not understand "MustUnderstand" header(s):
Posted by "Vignesh M.P.N." <ma...@iit.edu>.
You mean to say the third party's NCESClientHandler does include
WSDoAllSender handler?
Vignesh.
_____
From: Julie McCabe [mailto:julie.mccabe@gmail.com]
Sent: Friday, April 28, 2006 8:23 AM
To: wss4j-dev@ws.apache.org
Subject: Did not understand "MustUnderstand" header(s):
Hello,
I am using WS-Security Headers through a third-party handler which uses
wss4j. I am trying to make a first attempt to call a service, I get the
following error:
Did not understand "MustUnderstand" header(s):
at
org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChe
cker.java:96)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2727)
at org.apache.axis.client.Call.invoke(Call.java:2710)
at org.apache.axis.client.Call.invoke(Call.java:2386)
at org.apache.axis.client.Call.invoke(Call.java:2309)
at org.apache.axis.client.Call.invoke(Call.java:1766)
at SecureOperation.Call(SecureOperation.java:182)
at Client.main(Client.java:85)
I invoke the client with the following properties set:
-Djava.endorsed.dirs=$CATALINA_HOME/common/endorsed
-Daxis.ClientConfigFile=$CATALINA_HOME/bin/client-config.wsdd
The client-config.wsdd is as follows:
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="
<http://xml.apache.org/axis/wsdd/providers/java>
http://xml.apache.org/axis/wsdd/providers/java ">
<globalConfiguration>
<parameter name="adminPassword" value="admin"/>
<parameter name="sendXsiTypes" value="false"/>
<parameter name="sendMultiRefs" value="false"/>
<parameter name="sendXMLDeclaration" value="false"/>
<parameter name="axis.sendMinimizedElements" value="true"/>
<parameter name="defaultRequestMessageClassification"
value="UNCLASSIFIED"/>
<requestFlow>
<handler
type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
<!-- Set the mustUnderstand attribute of the WSS Security
element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandWSSHeader" value="true"/>
<!-- Set the mustUnderstand attribute of the WS-Addressing
MessageID element to true? Default, if not present, is false. -->
<parameter name="mustUnderstandMessageID" value="false"/>
</handler>
</requestFlow>
<responseFlow>
<handler
type="java:mil.dia.nces.security.axis.handler.NCESClientHandler">
<parameter name="disableCertificateStatusChecking"
value="true"/>
</handler>
</responseFlow>
</globalConfiguration>
<transport name="java"
pivot="java:org.apache.axis.transport.java.JavaSender"/>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<transport name="local"
pivot="java:org.apache.axis.transport.local.LocalSender"/>
</deployment>
The service has the following in its server-config.wsdd
<service name="examples/core/factory/SimpleService" provider="Handler"
use="literal" style="document">
<parameter name="className"
value="uk.ac.qub.prism.factory.impl.SimpleService"/>
<wsdlFile>share/schema/uk/ac/qub/prism/factory/schema/Simple_service.wsdl</w
sdlFile>
<parameter name="allowedMethods" value="*"/>
<parameter name="handlerClass"
value="org.globus.axis.providers.RPCProvider"/>
<parameter name="scope" value="Application"/>
<parameter name="loadOnStartup" value="true"/>
<parameter name="allowedRoles" value="INTEL ANALYST"/>
<parameter name="defaultResponseMessageClassification"
value="UNCLASSIFIED"/>
<parameter name="serviceQName"
value="http://localhost:8080/wsrf/services/examples/core/factory/SimpleServi
ce#SimpleService "/>
</service>
I searched this mailing list and could not find anything conclusive, I read
from an IBM websphere mailing list that:
"interface doesn't have an actor parameter available to define
the root
actor/role to associate with the header URL parameter. As a
result a
binding isn't being made which the semantic checking code,
activated by
the mustUnderstand flag, uses to determine if the soap header is
understood by the client. If using the deployment descriptor to
register
a handler statically, this actor/role is defined by the
<soap-role>
child element of the <handler> definition block. This limitation
in the
specifications for HandlerInfo causes the inability of
mustUnderstand to"
work when using dynamic handler registration.
which kind of makes sense but I dont know what the implication for the
configuration are, I would really apprecipate some help on this matter as
ive been stuck on this matter for some time now.
Environment: Java 1.4.2_04-b05, tomcat 4.1.30, fc 5.
Many thanks,
Julie.