You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Gene Yan <ji...@gmail.com> on 2007/03/20 21:17:17 UTC

[AXIS1.4] WSS4J is not working on server side

I used WSS4J 1.5.1 on both client and service side to do simple plain text
user name token.  I can send client to server but I always got the following
exception:

WSDoAllReceiver: cannot get SOAP header after security processing; nested
exception is:
 org.xml.sax.SAXParseException: &lt;Line 2, Column 1151&gt;: XML-20100:
(Fatal Error) Expected 'EOF'.

Anyone has idea what went wong?

Here is my soap client WSDD


<deployment xmlns="http://xml.apache.org/axis/wsdd/"

xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender
"/>

<globalConfiguration>

<requestFlow>

<handler type="java:org.apache.ws.axis.security.WSDoAllSender">

<parameter name="action" value="Timestamp UsernameToken"/>

<parameter name="passwordType" value="PasswordText" />

<parameter name="user" value="xxx"/>

<parameter name="passwordCallbackClass" value="test.PWCallback"/>

<parameter name="mustUnderstand" value="true" />

</handler>

</requestFlow>

</globalConfiguration>

</deployment>



This is SOAP request:

<?xml version="1.0" encoding="UTF-8"?>

<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xsd
="http://www.w3.org/2001/XMLSchema" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance">

<soapenv:Header>

<wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
" soapenv:mustUnderstand="1">

<wsse:UsernameToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" wsu:Id="UsernameToken-28142411">

<wsse:Username>ppsuser</wsse:Username>

<wsse:Password Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">ppspass</wsse:Password>

</wsse:UsernameToken>

<wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" wsu:Id="Timestamp-20357537">

<wsu:Created>2007-03-20T20:07:27.389Z</wsu:Created>

<wsu:Expires>2007-03-20T20:12:27.389Z</wsu:Expires>

</wsu:Timestamp>

</wsse:Security>

</soapenv:Header>

This is Server-Config.wsdd:



<requestFlow>

<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">

<parameter name="action"value="Timestamp UsernameToken" />

<parameter name="passwordCallbackClass" value="test.ServerPWCallback" />

</handler>

</requestFlow>