You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Colm O hEigeartaigh <co...@apache.org> on 2014/10/29 11:44:16 UTC
Re: cxf ws-policy handling
What is the error stacktrace? What does the complete WSDL look like?
Colm.
On Tue, Oct 28, 2014 at 7:46 PM, Atkins <at...@gmail.com> wrote:
> Hi All,
>
> I have some problem in soap wsse. There is some binding ws security in my
> wsdl. And It seems it is all standard policy by oasis. I also set up the
> correct password callback and keystore. But I will got some the Assertion
> Builder error message by cxf-rt-ws-policy. How can I solve this problem?
> Sorry for this newbie question.
>
> PS. This is a standalone test app, not AP server container or on spring
> framework.
> Thanks in advance.
>
> Atkins
>
> wsdl policy part:
>
>
> <wsp:UsingPolicy wssutil:Required="true”/>
> <wsp:Policy wssutil:Id=“ID1">
> <ns1:SignedParts xmlns:ns1="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
> <ns1:Body/>
> </ns1:SignedParts>
> </wsp:Policy>
> <wsp:Policy wssutil:Id=“ID2">
> <ns2:AsymmetricBinding xmlns:ns2="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
> <wsp:Policy>
> <ns2:InitiatorToken>
> <wsp:Policy>
> <ns2:X509Token ns2:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient
> ">
> <wsp:Policy>
> <ns2:WssX509V3Token11/>
> </wsp:Policy>
> </ns2:X509Token>
> </wsp:Policy>
> </ns2:InitiatorToken>
> <ns2:RecipientToken>
> <wsp:Policy>
> <ns2:X509Token ns2:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToInitiator
> ">
> <wsp:Policy>
> <ns2:WssX509V3Token11/>
> </wsp:Policy>
> </ns2:X509Token>
> </wsp:Policy>
> </ns2:RecipientToken>
> <ns2:AlgorithmSuite>
> <wsp:Policy>
> <ns2:Basic256/>
> </wsp:Policy>
> </ns2:AlgorithmSuite>
> <ns2:Layout>
> <wsp:Policy>
> <ns2:Lax/>
> </wsp:Policy>
> </ns2:Layout>
> <ns2:IncludeTimestamp/>
> <ns2:ProtectTokens/>
> <ns2:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </ns2:AsymmetricBinding>
> <ns3:Wss11 xmlns:ns3="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512">
> <wsp:Policy>
> <ns3:MustSupportRefKeyIdentifier/>
> <ns3:MustSupportRefIssuerSerial/>
> <ns3:MustSupportRefThumbprint/>
> <ns3:MustSupportRefEncryptedKey/>
> <ns3:RequireSignatureConfirmation/>
> </wsp:Policy>
> </ns3:Wss11>
> </wsp:Policy>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com