You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by "Mulpuri, Krishna Sai" <Kr...@in.pega.com> on 2014/03/18 11:01:29 UTC

Unable to add Nonce and Created Timestamp in WS-security Headers

Hi Andrei,

I am having below code to set nonce and created timestamp in the ws-security headers.
..........
outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_NONCE, WSConstants.NONCE_LN);
outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_CREATED, WSConstants.CREATED_LN);
...........
client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));

getting an exception saying invalid key "addUsernameTokenNonce" when I try to run the code
Mar 18, 2014 3:26:11 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for #{http://cxf.apache.org/jaxws/dispatch}Invoke has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
       at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265)
       at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134)
       at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
       at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:502)
       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:411)
       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314)
       at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:267)
       at org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:302)
       at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:401)
       at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243)

Caused by: org.apache.wss4j.common.ext.WSSecurityException: WSHandler: illegal addUsernameTokenNonce parameter
       at org.apache.wss4j.dom.handler.WSHandler.decodeBooleanConfigValue(WSHandler.java:877)
       at org.apache.wss4j.dom.handler.WSHandler.decodeUTParameter(WSHandler.java:499)
       at org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:125)
       at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$100(WSS4JOutInterceptor.java:52)
       at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:258)
       ... 66 more

I am not sure whether this is a configuration issue or a bug.
Is there any other way to configure this ?


Thanks
Sai

Re: Unable to add Nonce and Created Timestamp in WS-security Headers

Posted by Colm O hEigeartaigh <co...@apache.org>.

Both WSHandlerConstants.ADD_USERNAMETOKEN_NONCE and
WSHandlerConstants.ADD_USERNAMETOKEN_CREATED take "boolean" values. So it
should be:

outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_NONCE, "true");
outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_CREATED, "true");

Colm.



On Tue, Mar 18, 2014 at 10:01 AM, Mulpuri, Krishna Sai <
KrishnaSai.Mulpuri@in.pega.com> wrote:

> Hi Andrei,
>
> I am having below code to set nonce and created timestamp in the
> ws-security headers.
> ..........
> outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_NONCE,
> WSConstants.NONCE_LN);
> outProps.put(WSHandlerConstants.ADD_USERNAMETOKEN_CREATED,
> WSConstants.CREATED_LN);
> ...........
> client.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
>
> getting an exception saying invalid key "addUsernameTokenNonce" when I try
> to run the code
> Mar 18, 2014 3:26:11 PM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for #{http://cxf.apache.org/jaxws/dispatch}Invokehas thrown exception, unwinding now
> org.apache.cxf.binding.soap.SoapFault: Security processing failed.
>        at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265)
>        at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134)
>        at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
>        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:502)
>        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:411)
>        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314)
>        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:267)
>        at
> org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:302)
>        at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:401)
>        at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:243)
>
> Caused by: org.apache.wss4j.common.ext.WSSecurityException: WSHandler:
> illegal addUsernameTokenNonce parameter
>        at
> org.apache.wss4j.dom.handler.WSHandler.decodeBooleanConfigValue(WSHandler.java:877)
>        at
> org.apache.wss4j.dom.handler.WSHandler.decodeUTParameter(WSHandler.java:499)
>        at
> org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:125)
>        at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$100(WSS4JOutInterceptor.java:52)
>        at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:258)
>        ... 66 more
>
> I am not sure whether this is a configuration issue or a bug.
> Is there any other way to configure this ?
>
>
> Thanks
> Sai
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com