You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Andris <er...@ella.hu> on 2010/03/01 19:28:19 UTC
"MustUnderstand headers:"
Hello everybody,
I am new in CXF but I have a rather good practice in Axis2 (and in Metro
over Tomcat).
I developed a Sping-based CXF secure web service using wsdl-first mode. The
ws-policy applied is symmetric binding and only signature is declared. The
wsdl and the cxf-servlet.xml are attached.
Testing my service the client program is failed with a very tricky message:
"Could not find Reference #_5004 under Signature with ID_1". Using the tcp
monitor trace I stated the "#_5004" identifies the response-body to be
signed. The trace shows an almost complete response; the timestamp and the
body are referenced for signing, the signature is generated, etc.
But the body of the response contains a fault message:
<faultcode>soap:MustUnderstand</faultcode>
<faultstring>MustUnderstand headers:
[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood.</faultstring>
The server (before generating the soap-fault) gives a warning:
WARNING: Interceptor for
{http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
exception, unwinding now
What is wrong in my code or what should I modify in my program?
Any help is highly appreciated!
A.
http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
View this message in context: http://old.nabble.com/%22MustUnderstand-headers%3A%22-tp27747263p27747263.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: "MustUnderstand headers:"
Posted by Coder One <co...@yahoo.com>.
Correction..it does not work with HTTP. What's the best way to ignore headers?
----- Original Message ----
From: Coder One <co...@yahoo.com>
To: users@cxf.apache.org
Sent: Thu, March 4, 2010 3:05:18 PM
Subject: Re: "MustUnderstand headers:"
I don't mean to hijack the thread, but I ran into the same problem with CXF 2.2.5.
The below SOAP extracts worked fine with regular HTTP transport, but not with our custom transport.
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/
addressing/none" />
We get the
MustUnderstand headers: [{http://schemas.microsoft.com/ws/2005/05/addressing/none}To, {http://schemas.microsoft.com/ws/2005/05/addressing/none}Action] are not understood.
does the default http transport configure some interceptor (MustUnderstandInterceptor?) that we also must configure? Can we look up an example somewhere?
Thanks...
----- Original Message ----
From: Daniel Kulp <dk...@apache.org>
To: users@cxf.apache.org
Cc: Andris <er...@ella.hu>
Sent: Mon, March 1, 2010 6:54:44 PM
Subject: Re: "MustUnderstand headers:"
This SOUNDS like the server side is missing the WS-Security and/or the WS-
Policy stuff. Check the war to see what jars are there.
Also, you don't mention what version of CXF you are using. I assume 2.2.6?
Dan
On Mon March 1 2010 1:28:19 pm Andris wrote:
> Hello everybody,
>
> I am new in CXF but I have a rather good practice in Axis2 (and in Metro
> over Tomcat).
> I developed a Sping-based CXF secure web service using wsdl-first mode. The
> ws-policy applied is symmetric binding and only signature is declared. The
> wsdl and the cxf-servlet.xml are attached.
>
> Testing my service the client program is failed with a very tricky message:
> "Could not find Reference #_5004 under Signature with ID_1". Using the tcp
> monitor trace I stated the "#_5004" identifies the response-body to be
> signed. The trace shows an almost complete response; the timestamp and the
> body are referenced for signing, the signature is generated, etc.
> But the body of the response contains a fault message:
> <faultcode>soap:MustUnderstand</faultcode>
> <faultstring>MustUnderstand headers:
> [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext
> -1.0.xsd}Security] are not understood.</faultstring>
>
> The server (before generating the soap-fault) gives a warning:
> WARNING: Interceptor for
> {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
> exception, unwinding now
>
> What is wrong in my code or what should I modify in my program?
>
> Any help is highly appreciated!
>
> A.
> http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
> http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: "MustUnderstand headers:"
Posted by Coder One <co...@yahoo.com>.
Found in the archive that work...works a-ok..
http://www.mail-archive.com/users@cxf.apache.org/msg11195.html
----- Original Message ----
From: Daniel Kulp <dk...@apache.org>
To: users@cxf.apache.org
Cc: Coder One <co...@yahoo.com>
Sent: Fri, March 5, 2010 11:22:11 AM
Subject: Re: "MustUnderstand headers:"
If there is a mustUnderstand=1 attribute, you need to have an interceptor
(subclass of our SoapInterceptor) or a JAX-WS handler that is registered to
say it handles that header via the getUnderstoodHeaders() call.
Alternatively, with 2.2.x, in you impl, you can get the headers from the
WebServiceContext and remove them from the list. The runtime will then
assume your impl handled them. This will be changing in 2.3 though.
Dan
On Thursday 04 March 2010 6:05:18 pm Coder One wrote:
> I don't mean to hijack the thread, but I ran into the same problem with CXF
> 2.2.5.
>
> The below SOAP extracts worked fine with regular HTTP transport, but not
> with our custom transport.
>
>
>
> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
> <s:Header>
> <Action s:mustUnderstand="1"
> xmlns="http://schemas.microsoft.com/ws/2005/05/ addressing/none" />
>
> We get the
>
> MustUnderstand headers:
> [{http://schemas.microsoft.com/ws/2005/05/addressing/none}To,
> {http://schemas.microsoft.com/ws/2005/05/addressing/none}Action] are not
> understood.
>
> does the default http transport configure some interceptor
> (MustUnderstandInterceptor?) that we also must configure? Can we look up
> an example somewhere?
>
> Thanks...
>
>
>
> ----- Original Message ----
> From: Daniel Kulp <dk...@apache.org>
> To: users@cxf.apache.org
> Cc: Andris <er...@ella.hu>
> Sent: Mon, March 1, 2010 6:54:44 PM
> Subject: Re: "MustUnderstand headers:"
>
>
>
> This SOUNDS like the server side is missing the WS-Security and/or the WS-
> Policy stuff. Check the war to see what jars are there.
>
> Also, you don't mention what version of CXF you are using. I assume 2.2.6?
>
> Dan
>
> On Mon March 1 2010 1:28:19 pm Andris wrote:
> > Hello everybody,
> >
> > I am new in CXF but I have a rather good practice in Axis2 (and in Metro
> > over Tomcat).
> > I developed a Sping-based CXF secure web service using wsdl-first mode.
> > The ws-policy applied is symmetric binding and only signature is
> > declared. The wsdl and the cxf-servlet.xml are attached.
> >
> > Testing my service the client program is failed with a very tricky
> > message: "Could not find Reference #_5004 under Signature with ID_1".
> > Using the tcp monitor trace I stated the "#_5004" identifies the
> > response-body to be signed. The trace shows an almost complete response;
> > the timestamp and the body are referenced for signing, the signature is
> > generated, etc.
> >
> > But the body of the response contains a fault message:
> > <faultcode>soap:MustUnderstand</faultcode>
> >
> > <faultstring>MustUnderstand headers:
> > [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-sece
> > xt -1.0.xsd}Security] are not understood.</faultstring>
> >
> > The server (before generating the soap-fault) gives a warning:
> > WARNING: Interceptor for
> > {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
> > exception, unwinding now
> >
> > What is wrong in my code or what should I modify in my program?
> >
> > Any help is highly appreciated!
> >
> > A.
> > http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
> >
> > http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: "MustUnderstand headers:"
Posted by Daniel Kulp <dk...@apache.org>.
If there is a mustUnderstand=1 attribute, you need to have an interceptor
(subclass of our SoapInterceptor) or a JAX-WS handler that is registered to
say it handles that header via the getUnderstoodHeaders() call.
Alternatively, with 2.2.x, in you impl, you can get the headers from the
WebServiceContext and remove them from the list. The runtime will then
assume your impl handled them. This will be changing in 2.3 though.
Dan
On Thursday 04 March 2010 6:05:18 pm Coder One wrote:
> I don't mean to hijack the thread, but I ran into the same problem with CXF
> 2.2.5.
>
> The below SOAP extracts worked fine with regular HTTP transport, but not
> with our custom transport.
>
>
>
> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
> <s:Header>
> <Action s:mustUnderstand="1"
> xmlns="http://schemas.microsoft.com/ws/2005/05/ addressing/none" />
>
> We get the
>
> MustUnderstand headers:
> [{http://schemas.microsoft.com/ws/2005/05/addressing/none}To,
> {http://schemas.microsoft.com/ws/2005/05/addressing/none}Action] are not
> understood.
>
> does the default http transport configure some interceptor
> (MustUnderstandInterceptor?) that we also must configure? Can we look up
> an example somewhere?
>
> Thanks...
>
>
>
> ----- Original Message ----
> From: Daniel Kulp <dk...@apache.org>
> To: users@cxf.apache.org
> Cc: Andris <er...@ella.hu>
> Sent: Mon, March 1, 2010 6:54:44 PM
> Subject: Re: "MustUnderstand headers:"
>
>
>
> This SOUNDS like the server side is missing the WS-Security and/or the WS-
> Policy stuff. Check the war to see what jars are there.
>
> Also, you don't mention what version of CXF you are using. I assume 2.2.6?
>
> Dan
>
> On Mon March 1 2010 1:28:19 pm Andris wrote:
> > Hello everybody,
> >
> > I am new in CXF but I have a rather good practice in Axis2 (and in Metro
> > over Tomcat).
> > I developed a Sping-based CXF secure web service using wsdl-first mode.
> > The ws-policy applied is symmetric binding and only signature is
> > declared. The wsdl and the cxf-servlet.xml are attached.
> >
> > Testing my service the client program is failed with a very tricky
> > message: "Could not find Reference #_5004 under Signature with ID_1".
> > Using the tcp monitor trace I stated the "#_5004" identifies the
> > response-body to be signed. The trace shows an almost complete response;
> > the timestamp and the body are referenced for signing, the signature is
> > generated, etc.
> >
> > But the body of the response contains a fault message:
> > <faultcode>soap:MustUnderstand</faultcode>
> >
> > <faultstring>MustUnderstand headers:
> > [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-sece
> > xt -1.0.xsd}Security] are not understood.</faultstring>
> >
> > The server (before generating the soap-fault) gives a warning:
> > WARNING: Interceptor for
> > {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
> > exception, unwinding now
> >
> > What is wrong in my code or what should I modify in my program?
> >
> > Any help is highly appreciated!
> >
> > A.
> > http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
> >
> > http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog
Re: "MustUnderstand headers:"
Posted by Coder One <co...@yahoo.com>.
I don't mean to hijack the thread, but I ran into the same problem with CXF 2.2.5.
The below SOAP extracts worked fine with regular HTTP transport, but not with our custom transport.
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/
addressing/none" />
We get the
MustUnderstand headers: [{http://schemas.microsoft.com/ws/2005/05/addressing/none}To, {http://schemas.microsoft.com/ws/2005/05/addressing/none}Action] are not understood.
does the default http transport configure some interceptor (MustUnderstandInterceptor?) that we also must configure? Can we look up an example somewhere?
Thanks...
----- Original Message ----
From: Daniel Kulp <dk...@apache.org>
To: users@cxf.apache.org
Cc: Andris <er...@ella.hu>
Sent: Mon, March 1, 2010 6:54:44 PM
Subject: Re: "MustUnderstand headers:"
This SOUNDS like the server side is missing the WS-Security and/or the WS-
Policy stuff. Check the war to see what jars are there.
Also, you don't mention what version of CXF you are using. I assume 2.2.6?
Dan
On Mon March 1 2010 1:28:19 pm Andris wrote:
> Hello everybody,
>
> I am new in CXF but I have a rather good practice in Axis2 (and in Metro
> over Tomcat).
> I developed a Sping-based CXF secure web service using wsdl-first mode. The
> ws-policy applied is symmetric binding and only signature is declared. The
> wsdl and the cxf-servlet.xml are attached.
>
> Testing my service the client program is failed with a very tricky message:
> "Could not find Reference #_5004 under Signature with ID_1". Using the tcp
> monitor trace I stated the "#_5004" identifies the response-body to be
> signed. The trace shows an almost complete response; the timestamp and the
> body are referenced for signing, the signature is generated, etc.
> But the body of the response contains a fault message:
> <faultcode>soap:MustUnderstand</faultcode>
> <faultstring>MustUnderstand headers:
> [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext
> -1.0.xsd}Security] are not understood.</faultstring>
>
> The server (before generating the soap-fault) gives a warning:
> WARNING: Interceptor for
> {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
> exception, unwinding now
>
> What is wrong in my code or what should I modify in my program?
>
> Any help is highly appreciated!
>
> A.
> http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
> http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog
Re: "MustUnderstand headers:"
Posted by Andris <er...@ella.hu>.
The CXF version is 2.2.6.
Here is the list of the jars used:
aopalliance-1.0.jar
asm-2.2.3.jar
bcprov-jdk15-1.43.jar
commons-collections-3.2.1.jar
commons-lang-2.4.jar
commons-logging-1.1.1.jar
cxf-2.2.6.jar
FastInfoset.jar
geronimo-activation_1.1_spec-1.0.2.jar
geronimo-annotation_1.0_spec-1.1.1.jar
geronimo-javamail_1.4_spec-1.6.jar
geronimo-jaxws_2.1_spec-1.0.jar
geronimo-stax-api_1.0_spec-1.0.1.jar
geronimo-ws-metadata_2.0_spec-1.1.2.jar
jaxb-api-2.1.jar
jaxb-impl-2.1.12.jar
jaxb-xjc-2.1.12.jar
neethi-2.0.4.jar
saaj-api-1.3.jar
saaj-impl-1.3.2.jar
serializer-2.7.1.jar
spring-beans-2.5.6.jar
spring-context-2.5.6.jar
spring-context-support-2.5.6.jar
spring-core-2.5.6.jar
spring-web-2.5.6.jar
velocity-1.6.2.jar
wsdl4j-1.6.2.jar
wss4j-1.5.8.jar
wstx-asl-3.2.9.jar
xalan-2.7.1.jar
xml-resolver-1.2.jar
XmlSchema-1.4.5.jar
xmlsec-1.4.3.jar
A.
dkulp wrote:
>
>
>
> This SOUNDS like the server side is missing the WS-Security and/or the WS-
> Policy stuff. Check the war to see what jars are there.
>
> Also, you don't mention what version of CXF you are using. I assume
> 2.2.6?
>
> Dan
>
>
>
> On Mon March 1 2010 1:28:19 pm Andris wrote:
>> Hello everybody,
>>
>> I am new in CXF but I have a rather good practice in Axis2 (and in Metro
>> over Tomcat).
>> I developed a Sping-based CXF secure web service using wsdl-first mode.
>> The
>> ws-policy applied is symmetric binding and only signature is declared.
>> The
>> wsdl and the cxf-servlet.xml are attached.
>>
>> Testing my service the client program is failed with a very tricky
>> message:
>> "Could not find Reference #_5004 under Signature with ID_1". Using the
>> tcp
>> monitor trace I stated the "#_5004" identifies the response-body to be
>> signed. The trace shows an almost complete response; the timestamp and
>> the
>> body are referenced for signing, the signature is generated, etc.
>> But the body of the response contains a fault message:
>> <faultcode>soap:MustUnderstand</faultcode>
>> <faultstring>MustUnderstand headers:
>> [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext
>> -1.0.xsd}Security] are not understood.</faultstring>
>>
>> The server (before generating the soap-fault) gives a warning:
>> WARNING: Interceptor for
>> {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
>> exception, unwinding now
>>
>> What is wrong in my code or what should I modify in my program?
>>
>> Any help is highly appreciated!
>>
>> A.
>> http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
>> http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
>
>
--
View this message in context: http://old.nabble.com/%22MustUnderstand-headers%3A%22-tp27747263p27753712.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: "MustUnderstand headers:"
Posted by Daniel Kulp <dk...@apache.org>.
This SOUNDS like the server side is missing the WS-Security and/or the WS-
Policy stuff. Check the war to see what jars are there.
Also, you don't mention what version of CXF you are using. I assume 2.2.6?
Dan
On Mon March 1 2010 1:28:19 pm Andris wrote:
> Hello everybody,
>
> I am new in CXF but I have a rather good practice in Axis2 (and in Metro
> over Tomcat).
> I developed a Sping-based CXF secure web service using wsdl-first mode. The
> ws-policy applied is symmetric binding and only signature is declared. The
> wsdl and the cxf-servlet.xml are attached.
>
> Testing my service the client program is failed with a very tricky message:
> "Could not find Reference #_5004 under Signature with ID_1". Using the tcp
> monitor trace I stated the "#_5004" identifies the response-body to be
> signed. The trace shows an almost complete response; the timestamp and the
> body are referenced for signing, the signature is generated, etc.
> But the body of the response contains a fault message:
> <faultcode>soap:MustUnderstand</faultcode>
> <faultstring>MustUnderstand headers:
> [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext
> -1.0.xsd}Security] are not understood.</faultstring>
>
> The server (before generating the soap-fault) gives a warning:
> WARNING: Interceptor for
> {http://test.sztaki.hu}Echo#{http://test.sztaki.hu}echo has thrown
> exception, unwinding now
>
> What is wrong in my code or what should I modify in my program?
>
> Any help is highly appreciated!
>
> A.
> http://old.nabble.com/file/p27747263/Echo.wsdl Echo.wsdl
> http://old.nabble.com/file/p27747263/cxf-servlet.xml cxf-servlet.xml
--
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog