You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Jennifer Ruttan <je...@indivica.com> on 2013/07/23 21:35:16 UTC
Eclipse, CXF and WS-SecurityPolicy
I have a question regarding WS-SecurityPolicy and deploying a WSDL-first service via Eclipse.
I created a project from a WSDL file (I didn't create it) with the intention of implementing the service that it describes. The WSDL file describes a WS-SecurityPolicy that includes a UsernameToken, Timestamp, BinarySecurityToken, and a Signature. Every time I run a sample request that includes all of those components in the WS-Security header I get a "must understand header is not understood" message, regarding the WS-Security header.
I've read on the documentation of CXF that additional dependencies must be included in the classpath to have WS-SecurityPolicy work, but I've used Eclipse's deployment method and given it the entire CXF ZIP file as downloaded from the project website as the CXF Runtime. Is there anything that I'm missing? Or is there a better way for me to be working with CXF than to use Eclipse's automated tools?
Thanks for any help.
Jen
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
You're right!! That's amazing!! It looks like it's working!
I'm now getting a different error, but it means that the policy was understood by CXF and was loaded successfully!!
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>The security token could not be authenticated or authorized</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
On 2013-07-27, at 1:21 AM, Jason Pell <ja...@pellcorp.com> wrote:
> Changing all the Namespace="" to Namespace="http://msa.ebs.health.ontario.ca/"
> allows the policy to be loaded.
>
>
> On Sat, Jul 27, 2013 at 3:17 PM, Jason Pell <ja...@pellcorp.com> wrote:
> Yea the namespace cannot be Namespace="" either.
>
>
> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com> wrote:
> That got rid of the problem with Eclipse complaining about the invalid element. I still get this error though:
>
> Jul 27, 2013 1:12:05 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
> WARNING: Failed to build the policy 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>
> Which I find weird, because all the <sp:Header> elements in <sp:RequiredParts> tag have a Namespace attribute and the attribute has a value.
>
>
>
> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > that's with the new sp namespace I mean...
>
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Changing all the Namespace="" to Namespace="
http://msa.ebs.health.ontario.ca/"
allows the policy to be loaded.
On Sat, Jul 27, 2013 at 3:17 PM, Jason Pell <ja...@pellcorp.com> wrote:
> Yea the namespace cannot be Namespace="" either.
>
>
> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> That got rid of the problem with Eclipse complaining about the invalid
>> element. I still get this error though:
>>
>> Jul 27, 2013 1:12:05 AM
>> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
>> getElementPolicy
>> WARNING: Failed to build the policy
>> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>>
>> Which I find weird, because all the <sp:Header> elements in
>> <sp:RequiredParts> tag have a Namespace attribute and the attribute has a
>> value.
>>
>>
>>
>> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>> > that's with the new sp namespace I mean...
>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Oh wait a second, that's not true. There are other elements that I've missed that are missing a value in that field. I'm going to add them and try again.
On 2013-07-27, at 1:14 AM, Jennifer Ruttan <je...@indivica.com> wrote:
> That got rid of the problem with Eclipse complaining about the invalid element. I still get this error though:
>
> Jul 27, 2013 1:12:05 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
> WARNING: Failed to build the policy 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>
> Which I find weird, because all the <sp:Header> elements in <sp:RequiredParts> tag have a Namespace attribute and the attribute has a value.
>
>
>
> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> that's with the new sp namespace I mean...
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Colm O hEigeartaigh <co...@apache.org>.
If you have access to the service, I would start with the individual
policies (i.e. remove all of the alternatives) and see which ones work, and
which don't with CXF. You should be able to narrow down the problem that
way - it's quite hard to figure out what the problem is when you have a
bunch of policy alternatives.
Colm.
On Tue, Jul 30, 2013 at 4:09 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> Hi,
>
> Yeah, I'm expecting the WSDL policy to be strange... although I didn't
> write it and ultimately I don't have control over the service itself. I'm
> only trying to replicate the real service because I have no access to test
> against it. In regards to the header policy, how could I change it to make
> it valid?
>
> Thanks
> Jen
>
>
>
> On 2013-07-30, at 6:02 AM, Colm O hEigeartaigh <co...@apache.org>
> wrote:
>
> > Your WSDL policies look a little strange. Is it really necessary to have
> > such a complex set of policy alternatives? Furthermore, several of the
> > "Header" policies are not valid as they refer to children of the security
> > header rather than SOAP headers, e.g.:
> >
> > <sp:Header Name="UsernameToken" Namespace="http://docs.oasis-
> > open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> >
> > Colm.
> >
> >
> > On Mon, Jul 29, 2013 at 6:12 PM, Jennifer Ruttan <jennifer@indivica.com
> >wrote:
> >
> >> Hi,
> >>
> >> One further issue with this WSDL file. I believe this might be the final
> >> one.
> >>
> >> I am now receiving the following response from CXF:
> >> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> >> <soap:Body>
> >> <soap:Fault>
> >> <faultcode>soap:Server</faultcode>
> >> <faultstring>These policy alternatives can not be satisfied:
> >> {
> >>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
> >> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredParts
> >> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts
> >> </faultstring>
> >> </soap:Fault>
> >> </soap:Body>
> >> </soap:Envelope>
> >>
> >> Am I missing a dependency?
> >>
> >>
> >> I changed the dependencies to be loaded via maven. My pom.xml
> dependencies
> >> are:
> >> <dependencies>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-frontend-jaxws</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-transports-http-jetty</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-transports-http</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-ws-policy</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-ws-security</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-core</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-frontend-simple</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-databinding-aegis</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-transports-local</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-transports-jms</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.apache.cxf</groupId>
> >> <artifactId>cxf-rt-management</artifactId>
> >> <version>${cxf.version}</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.springframework</groupId>
> >> <artifactId>spring-web</artifactId>
> >> <version>3.2.3.RELEASE</version>
> >> </dependency>
> >> <dependency>
> >> <groupId>org.springframework</groupId>
> >> <artifactId>spring-context</artifactId>
> >> <version>3.2.3.RELEASE</version>
> >> </dependency>
> >> </dependencies>
> >>
> >>
> >> My request looks like:
> >> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
> >> xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="
> >> http://idp.ebs.health.ontario.ca/"
> >> xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="
> >> http://schemas.xmlsoap.org/soap/envelope/">
> >> <soapenv:Header>
> >> <wsse:Security soapenv:mustUnderstand="1"
> >> xmlns:wsse="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >> "
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> ">
> >> <wsse:BinarySecurityToken
> >> EncodingType="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> >> "
> >> ValueType="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> >> "
> >>
> >>
> wsu:Id="X509-8F87C8BB7153C9F44A137511765007837">MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEB
> >>
> >>
> BQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4GA1UEBwwHVG9yb250bzERMA8GA1U
> >>
> >>
> ECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9JbmRpdmljYSBFQlMgQ0ExJTAjBgkq
> >>
> >>
> hkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0NDI1WhcNMTQwNzE5MTc0NDI1WjB4M
> >>
> >>
> QswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzERMA8GA1UEChMISW5ka
> >>
> >>
> XZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBFQlMgQ2xpZW50MIIBIjANBgkqhkiG
> >>
> >>
> 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrBGA0lrxZkqH/PnfdbtRhRypxkc6+r3O17AT
> >>
> >>
> i0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMphXryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2Ymsw
> >>
> >>
> ZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJtUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WB
> >>
> >>
> iDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQAB
> >>
> >>
> MA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQUppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
> >>
> >>
> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb64zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM
> >> 0XL3xwzblWi++B
> >> </wsse:BinarySecurityToken>
> >> <ds:Signature Id="SIG-36" xmlns:ds="
> >> http://www.w3.org/2000/09/xmldsig#">
> >> <ds:SignedInfo>
> >> <ds:CanonicalizationMethod
> >> Algorithm="
> >> http://www.w3.org/2001/10/xml-exc-c14n#">
> >> <ec:InclusiveNamespaces
> >> PrefixList="ebs hcv idp msa soapenv"
> >> xmlns:ec="
> >> http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:CanonicalizationMethod>
> >> <ds:SignatureMethod Algorithm="
> >> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> >> <ds:Reference URI="#id-12">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>L8p2S05GWybjnnTm1cv2xouWj/w=</ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-7">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>DshPBCDvkhmoIGUjaYpq8y1DldA=</ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-8">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#TS-35">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>OPmJN60ggUWBc3EoJ+m8p7jbG50=</ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference
> >> URI="#UsernameToken-34">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>/N9BmZT8YqTsrcdvX7AVYbnkofQ=</ds:DigestValue>
> >> </ds:Reference>
> >> </ds:SignedInfo>
> >>
> >>
> <ds:SignatureValue>OfwAzd25uNxfjPMzRHgZbXAoW0HQ20nkdNL/QS0KyyXH80es9RqzoB8F0QtXkJC4kcGr3xjHqftM
> >>
> >>
> jQUWxioFqk4G/jG01080kuJHkJULGVKkTf5zpJzu3F9cdfG9pkuhFjuPCKiFfIaxc5dDu20OT5KD
> >>
> >>
> EPjXFW7NqlIcBOFaVSM5feR224cRkvRqzqYOc3bCDSUpqT6+o5Gce5LyV4OKhPpWfsFy1g3FbSsF
> >>
> >>
> vElsygbjSxo3mDREBY3pEPBJruN5Gd8T/kCL/nNNos++L4MwwMIFyQbzsaxINiFKA3YoUSUb9mfB
> >>
> >> ZeMu6z6zd3CSebMHnZVi2iOgSApomLGsUhsmEg==
> >> </ds:SignatureValue>
> >> <ds:KeyInfo
> >> Id="KI-8F87C8BB7153C9F44A137511765007838">
> >> <wsse:SecurityTokenReference
> >>
> >> wsu:Id="STR-8F87C8BB7153C9F44A137511765007839">
> >> <wsse:Reference
> >> URI="#X509-8F87C8BB7153C9F44A137511765007837"
> >> ValueType="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> >> />
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> </ds:Signature>
> >> <wsu:Timestamp wsu:Id="TS-35">
> >>
> >> <wsu:Created>2013-07-29T17:07:30.076Z</wsu:Created>
> >>
> >> <wsu:Expires>2013-08-05T15:47:30.076Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <wsse:UsernameToken wsu:Id="UsernameToken-34">
> >> <wsse:Username>abc</wsse:Username>
> >> <wsse:Password
> >> Type="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> >> ">abcd</wsse:Password>
> >> </wsse:UsernameToken>
> >> </wsse:Security>
> >> <idp:IDP wsu:Id="id-8"
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> ">
> >> <ServiceUserMUID>?</ServiceUserMUID>
> >> </idp:IDP>
> >> <ebs:EBS wsu:Id="id-7"
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> ">
> >>
> >> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
> >> <AuditId>12345</AuditId>
> >> </ebs:EBS>
> >> </soapenv:Header>
> >> <soapenv:Body wsu:Id="id-12"
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> ">
> >> <hcv:validate>
> >> <requests>
> >> <hcvRequest>
> >>
> >> <healthNumber>9876543217</healthNumber>
> >> <versionCode>AB</versionCode>
> >> </hcvRequest>
> >> </requests>
> >> </hcv:validate>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >>
> >>
> >>
> >>
> >> On 2013-07-27, at 1:17 AM, Jason Pell <ja...@pellcorp.com> wrote:
> >>
> >>> Yea the namespace cannot be Namespace="" either.
> >>>
> >>>
> >>> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <
> jennifer@indivica.com>
> >> wrote:
> >>> That got rid of the problem with Eclipse complaining about the invalid
> >> element. I still get this error though:
> >>>
> >>> Jul 27, 2013 1:12:05 AM
> >>
> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
> >> getElementPolicy
> >>> WARNING: Failed to build the policy
> >> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
> >>>
> >>> Which I find weird, because all the <sp:Header> elements in
> >> <sp:RequiredParts> tag have a Namespace attribute and the attribute has
> a
> >> value.
> >>>
> >>>
> >>>
> >>> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
> >>>
> >>>> that's with the new sp namespace I mean...
> >>>
> >>>
> >>
> >>
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Hi,
Yeah, I'm expecting the WSDL policy to be strange... although I didn't write it and ultimately I don't have control over the service itself. I'm only trying to replicate the real service because I have no access to test against it. In regards to the header policy, how could I change it to make it valid?
Thanks
Jen
On 2013-07-30, at 6:02 AM, Colm O hEigeartaigh <co...@apache.org> wrote:
> Your WSDL policies look a little strange. Is it really necessary to have
> such a complex set of policy alternatives? Furthermore, several of the
> "Header" policies are not valid as they refer to children of the security
> header rather than SOAP headers, e.g.:
>
> <sp:Header Name="UsernameToken" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>
> Colm.
>
>
> On Mon, Jul 29, 2013 at 6:12 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Hi,
>>
>> One further issue with this WSDL file. I believe this might be the final
>> one.
>>
>> I am now receiving the following response from CXF:
>> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>> <soap:Body>
>> <soap:Fault>
>> <faultcode>soap:Server</faultcode>
>> <faultstring>These policy alternatives can not be satisfied:
>> {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredParts
>> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts
>> </faultstring>
>> </soap:Fault>
>> </soap:Body>
>> </soap:Envelope>
>>
>> Am I missing a dependency?
>>
>>
>> I changed the dependencies to be loaded via maven. My pom.xml dependencies
>> are:
>> <dependencies>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-frontend-jaxws</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-transports-http-jetty</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-transports-http</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-ws-policy</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-ws-security</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-core</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-frontend-simple</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-databinding-aegis</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-transports-local</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-transports-jms</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.apache.cxf</groupId>
>> <artifactId>cxf-rt-management</artifactId>
>> <version>${cxf.version}</version>
>> </dependency>
>> <dependency>
>> <groupId>org.springframework</groupId>
>> <artifactId>spring-web</artifactId>
>> <version>3.2.3.RELEASE</version>
>> </dependency>
>> <dependency>
>> <groupId>org.springframework</groupId>
>> <artifactId>spring-context</artifactId>
>> <version>3.2.3.RELEASE</version>
>> </dependency>
>> </dependencies>
>>
>>
>> My request looks like:
>> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
>> xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="
>> http://idp.ebs.health.ontario.ca/"
>> xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header>
>> <wsse:Security soapenv:mustUnderstand="1"
>> xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> "
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>> <wsse:BinarySecurityToken
>> EncodingType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
>> "
>> ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> "
>>
>> wsu:Id="X509-8F87C8BB7153C9F44A137511765007837">MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEB
>>
>> BQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4GA1UEBwwHVG9yb250bzERMA8GA1U
>>
>> ECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9JbmRpdmljYSBFQlMgQ0ExJTAjBgkq
>>
>> hkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0NDI1WhcNMTQwNzE5MTc0NDI1WjB4M
>>
>> QswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzERMA8GA1UEChMISW5ka
>>
>> XZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBFQlMgQ2xpZW50MIIBIjANBgkqhkiG
>>
>> 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrBGA0lrxZkqH/PnfdbtRhRypxkc6+r3O17AT
>>
>> i0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMphXryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2Ymsw
>>
>> ZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJtUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WB
>>
>> iDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQAB
>>
>> MA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQUppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>>
>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb64zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM
>> 0XL3xwzblWi++B
>> </wsse:BinarySecurityToken>
>> <ds:Signature Id="SIG-36" xmlns:ds="
>> http://www.w3.org/2000/09/xmldsig#">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="
>> http://www.w3.org/2001/10/xml-exc-c14n#">
>> <ec:InclusiveNamespaces
>> PrefixList="ebs hcv idp msa soapenv"
>> xmlns:ec="
>> http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:CanonicalizationMethod>
>> <ds:SignatureMethod Algorithm="
>> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> <ds:Reference URI="#id-12">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>L8p2S05GWybjnnTm1cv2xouWj/w=</ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-7">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>DshPBCDvkhmoIGUjaYpq8y1DldA=</ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-8">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#TS-35">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>OPmJN60ggUWBc3EoJ+m8p7jbG50=</ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference
>> URI="#UsernameToken-34">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>/N9BmZT8YqTsrcdvX7AVYbnkofQ=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>OfwAzd25uNxfjPMzRHgZbXAoW0HQ20nkdNL/QS0KyyXH80es9RqzoB8F0QtXkJC4kcGr3xjHqftM
>>
>> jQUWxioFqk4G/jG01080kuJHkJULGVKkTf5zpJzu3F9cdfG9pkuhFjuPCKiFfIaxc5dDu20OT5KD
>>
>> EPjXFW7NqlIcBOFaVSM5feR224cRkvRqzqYOc3bCDSUpqT6+o5Gce5LyV4OKhPpWfsFy1g3FbSsF
>>
>> vElsygbjSxo3mDREBY3pEPBJruN5Gd8T/kCL/nNNos++L4MwwMIFyQbzsaxINiFKA3YoUSUb9mfB
>>
>> ZeMu6z6zd3CSebMHnZVi2iOgSApomLGsUhsmEg==
>> </ds:SignatureValue>
>> <ds:KeyInfo
>> Id="KI-8F87C8BB7153C9F44A137511765007838">
>> <wsse:SecurityTokenReference
>>
>> wsu:Id="STR-8F87C8BB7153C9F44A137511765007839">
>> <wsse:Reference
>> URI="#X509-8F87C8BB7153C9F44A137511765007837"
>> ValueType="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> />
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> <wsu:Timestamp wsu:Id="TS-35">
>>
>> <wsu:Created>2013-07-29T17:07:30.076Z</wsu:Created>
>>
>> <wsu:Expires>2013-08-05T15:47:30.076Z</wsu:Expires>
>> </wsu:Timestamp>
>> <wsse:UsernameToken wsu:Id="UsernameToken-34">
>> <wsse:Username>abc</wsse:Username>
>> <wsse:Password
>> Type="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> ">abcd</wsse:Password>
>> </wsse:UsernameToken>
>> </wsse:Security>
>> <idp:IDP wsu:Id="id-8"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>> <ServiceUserMUID>?</ServiceUserMUID>
>> </idp:IDP>
>> <ebs:EBS wsu:Id="id-7"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>>
>> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
>> <AuditId>12345</AuditId>
>> </ebs:EBS>
>> </soapenv:Header>
>> <soapenv:Body wsu:Id="id-12"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>> <hcv:validate>
>> <requests>
>> <hcvRequest>
>>
>> <healthNumber>9876543217</healthNumber>
>> <versionCode>AB</versionCode>
>> </hcvRequest>
>> </requests>
>> </hcv:validate>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>>
>>
>> On 2013-07-27, at 1:17 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> Yea the namespace cannot be Namespace="" either.
>>>
>>>
>>> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com>
>> wrote:
>>> That got rid of the problem with Eclipse complaining about the invalid
>> element. I still get this error though:
>>>
>>> Jul 27, 2013 1:12:05 AM
>> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
>> getElementPolicy
>>> WARNING: Failed to build the policy
>> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>>>
>>> Which I find weird, because all the <sp:Header> elements in
>> <sp:RequiredParts> tag have a Namespace attribute and the attribute has a
>> value.
>>>
>>>
>>>
>>> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> that's with the new sp namespace I mean...
>>>
>>>
>>
>>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Colm O hEigeartaigh <co...@apache.org>.
Your WSDL policies look a little strange. Is it really necessary to have
such a complex set of policy alternatives? Furthermore, several of the
"Header" policies are not valid as they refer to children of the security
header rather than SOAP headers, e.g.:
<sp:Header Name="UsernameToken" Namespace="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
Colm.
On Mon, Jul 29, 2013 at 6:12 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> Hi,
>
> One further issue with this WSDL file. I believe this might be the final
> one.
>
> I am now receiving the following response from CXF:
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> <soap:Body>
> <soap:Fault>
> <faultcode>soap:Server</faultcode>
> <faultstring>These policy alternatives can not be satisfied:
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredParts
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts
> </faultstring>
> </soap:Fault>
> </soap:Body>
> </soap:Envelope>
>
> Am I missing a dependency?
>
>
> I changed the dependencies to be loaded via maven. My pom.xml dependencies
> are:
> <dependencies>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-frontend-jaxws</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-http-jetty</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-http</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-policy</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-security</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-core</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-frontend-simple</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-databinding-aegis</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-local</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-jms</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-management</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.springframework</groupId>
> <artifactId>spring-web</artifactId>
> <version>3.2.3.RELEASE</version>
> </dependency>
> <dependency>
> <groupId>org.springframework</groupId>
> <artifactId>spring-context</artifactId>
> <version>3.2.3.RELEASE</version>
> </dependency>
> </dependencies>
>
>
> My request looks like:
> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
> xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="
> http://idp.ebs.health.ontario.ca/"
> xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="
> http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <wsse:BinarySecurityToken
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> "
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
>
> wsu:Id="X509-8F87C8BB7153C9F44A137511765007837">MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEB
>
> BQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4GA1UEBwwHVG9yb250bzERMA8GA1U
>
> ECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9JbmRpdmljYSBFQlMgQ0ExJTAjBgkq
>
> hkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0NDI1WhcNMTQwNzE5MTc0NDI1WjB4M
>
> QswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzERMA8GA1UEChMISW5ka
>
> XZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBFQlMgQ2xpZW50MIIBIjANBgkqhkiG
>
> 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrBGA0lrxZkqH/PnfdbtRhRypxkc6+r3O17AT
>
> i0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMphXryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2Ymsw
>
> ZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJtUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WB
>
> iDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQAB
>
> MA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQUppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>
> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb64zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM
> 0XL3xwzblWi++B
> </wsse:BinarySecurityToken>
> <ds:Signature Id="SIG-36" xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces
> PrefixList="ebs hcv idp msa soapenv"
> xmlns:ec="
> http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:CanonicalizationMethod>
> <ds:SignatureMethod Algorithm="
> http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#id-12">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>L8p2S05GWybjnnTm1cv2xouWj/w=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-7">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>DshPBCDvkhmoIGUjaYpq8y1DldA=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-8">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#TS-35">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>OPmJN60ggUWBc3EoJ+m8p7jbG50=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference
> URI="#UsernameToken-34">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>/N9BmZT8YqTsrcdvX7AVYbnkofQ=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>OfwAzd25uNxfjPMzRHgZbXAoW0HQ20nkdNL/QS0KyyXH80es9RqzoB8F0QtXkJC4kcGr3xjHqftM
>
> jQUWxioFqk4G/jG01080kuJHkJULGVKkTf5zpJzu3F9cdfG9pkuhFjuPCKiFfIaxc5dDu20OT5KD
>
> EPjXFW7NqlIcBOFaVSM5feR224cRkvRqzqYOc3bCDSUpqT6+o5Gce5LyV4OKhPpWfsFy1g3FbSsF
>
> vElsygbjSxo3mDREBY3pEPBJruN5Gd8T/kCL/nNNos++L4MwwMIFyQbzsaxINiFKA3YoUSUb9mfB
>
> ZeMu6z6zd3CSebMHnZVi2iOgSApomLGsUhsmEg==
> </ds:SignatureValue>
> <ds:KeyInfo
> Id="KI-8F87C8BB7153C9F44A137511765007838">
> <wsse:SecurityTokenReference
>
> wsu:Id="STR-8F87C8BB7153C9F44A137511765007839">
> <wsse:Reference
> URI="#X509-8F87C8BB7153C9F44A137511765007837"
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> <wsu:Timestamp wsu:Id="TS-35">
>
> <wsu:Created>2013-07-29T17:07:30.076Z</wsu:Created>
>
> <wsu:Expires>2013-08-05T15:47:30.076Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken wsu:Id="UsernameToken-34">
> <wsse:Username>abc</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">abcd</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> <idp:IDP wsu:Id="id-8"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <ServiceUserMUID>?</ServiceUserMUID>
> </idp:IDP>
> <ebs:EBS wsu:Id="id-7"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
>
> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
> <AuditId>12345</AuditId>
> </ebs:EBS>
> </soapenv:Header>
> <soapenv:Body wsu:Id="id-12"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <hcv:validate>
> <requests>
> <hcvRequest>
>
> <healthNumber>9876543217</healthNumber>
> <versionCode>AB</versionCode>
> </hcvRequest>
> </requests>
> </hcv:validate>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
>
>
>
> On 2013-07-27, at 1:17 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > Yea the namespace cannot be Namespace="" either.
> >
> >
> > On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com>
> wrote:
> > That got rid of the problem with Eclipse complaining about the invalid
> element. I still get this error though:
> >
> > Jul 27, 2013 1:12:05 AM
> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
> getElementPolicy
> > WARNING: Failed to build the policy
> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
> >
> > Which I find weird, because all the <sp:Header> elements in
> <sp:RequiredParts> tag have a Namespace attribute and the attribute has a
> value.
> >
> >
> >
> > On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
> >
> > > that's with the new sp namespace I mean...
> >
> >
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
This is an area I am not familiar with. But I would check to make sure the
namespaces of the various parts are matching. Remember you are using a new
namespace to actually load the wsdl so are you using the new namespaces in
your request data and if you are will the service support them.
Sorry I cant be of more help.
On 30/07/2013 3:12 AM, "Jennifer Ruttan" <je...@indivica.com> wrote:
> Hi,
>
> One further issue with this WSDL file. I believe this might be the final
> one.
>
> I am now receiving the following response from CXF:
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> <soap:Body>
> <soap:Fault>
> <faultcode>soap:Server</faultcode>
> <faultstring>These policy alternatives can not be satisfied:
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> }SignedSupportingTokens
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredParts
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> }SignedParts</faultstring>
> </soap:Fault>
> </soap:Body>
> </soap:Envelope>
>
> Am I missing a dependency?
>
>
> I changed the dependencies to be loaded via maven. My pom.xml dependencies
> are:
> <dependencies>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-frontend-jaxws</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-http-jetty</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-http</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-policy</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-ws-security</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-core</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-frontend-simple</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-databinding-aegis</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-local</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-transports-jms</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.apache.cxf</groupId>
> <artifactId>cxf-rt-management</artifactId>
> <version>${cxf.version}</version>
> </dependency>
> <dependency>
> <groupId>org.springframework</groupId>
> <artifactId>spring-web</artifactId>
> <version>3.2.3.RELEASE</version>
> </dependency>
> <dependency>
> <groupId>org.springframework</groupId>
> <artifactId>spring-context</artifactId>
> <version>3.2.3.RELEASE</version>
> </dependency>
> </dependencies>
>
>
> My request looks like:
> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
> xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="
> http://idp.ebs.health.ontario.ca/"
> xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="
> http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <wsse:BinarySecurityToken
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> "
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
>
> wsu:Id="X509-8F87C8BB7153C9F44A137511765007837">MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEB
>
> BQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4GA1UEBwwHVG9yb250bzERMA8GA1U
>
> ECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9JbmRpdmljYSBFQlMgQ0ExJTAjBgkq
>
> hkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0NDI1WhcNMTQwNzE5MTc0NDI1WjB4M
>
> QswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzERMA8GA1UEChMISW5ka
>
> XZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBFQlMgQ2xpZW50MIIBIjANBgkqhkiG
>
> 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrBGA0lrxZkqH/PnfdbtRhRypxkc6+r3O17AT
>
> i0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMphXryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2Ymsw
>
> ZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJtUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WB
>
> iDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQAB
>
> MA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQUppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>
> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb64zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM
> 0XL3xwzblWi++B
> </wsse:BinarySecurityToken>
> <ds:Signature Id="SIG-36" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:CanonicalizationMethod>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
> " />
> <ds:Reference URI="#id-12">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>L8p2S05GWybjnnTm1cv2xouWj/w=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-7">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>DshPBCDvkhmoIGUjaYpq8y1DldA=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-8">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#TS-35">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>OPmJN60ggUWBc3EoJ+m8p7jbG50=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#UsernameToken-34">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> <ds:DigestValue>/N9BmZT8YqTsrcdvX7AVYbnkofQ=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>OfwAzd25uNxfjPMzRHgZbXAoW0HQ20nkdNL/QS0KyyXH80es9RqzoB8F0QtXkJC4kcGr3xjHqftM
>
> jQUWxioFqk4G/jG01080kuJHkJULGVKkTf5zpJzu3F9cdfG9pkuhFjuPCKiFfIaxc5dDu20OT5KD
>
> EPjXFW7NqlIcBOFaVSM5feR224cRkvRqzqYOc3bCDSUpqT6+o5Gce5LyV4OKhPpWfsFy1g3FbSsF
>
> vElsygbjSxo3mDREBY3pEPBJruN5Gd8T/kCL/nNNos++L4MwwMIFyQbzsaxINiFKA3YoUSUb9mfB
> ZeMu6z6zd3CSebMHnZVi2iOgSApomLGsUhsmEg==
> </ds:SignatureValue>
> <ds:KeyInfo Id="KI-8F87C8BB7153C9F44A137511765007838">
> <wsse:SecurityTokenReference
> wsu:Id="STR-8F87C8BB7153C9F44A137511765007839">
> <wsse:Reference URI="#X509-8F87C8BB7153C9F44A137511765007837"
> ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> " />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> <wsu:Timestamp wsu:Id="TS-35">
> <wsu:Created>2013-07-29T17:07:30.076Z</wsu:Created>
> <wsu:Expires>2013-08-05T15:47:30.076Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken wsu:Id="UsernameToken-34">
> <wsse:Username>abc</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
> 1.0#PasswordText">abcd</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> <idp:IDP wsu:Id="id-8"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <ServiceUserMUID>?</ServiceUserMUID>
> </idp:IDP>
> <ebs:EBS wsu:Id="id-7"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
> <AuditId>12345</AuditId>
> </ebs:EBS>
> </soapenv:Header>
> <soapenv:Body wsu:Id="id-12"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <hcv:validate>
> <requests>
> <hcvRequest>
> <healthNumber>9876543217</healthNumber>
> <versionCode>AB</versionCode>
> </hcvRequest>
> </requests>
> </hcv:validate>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
>
>
>
> On 2013-07-27, at 1:17 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> Yea the namespace cannot be Namespace="" either.
>
>
> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> That got rid of the problem with Eclipse complaining about the invalid
>> element. I still get this error though:
>>
>> Jul 27, 2013 1:12:05 AM
>> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
>> getElementPolicy
>> WARNING: Failed to build the policy
>> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>>
>> Which I find weird, because all the <sp:Header> elements in
>> <sp:RequiredParts> tag have a Namespace attribute and the attribute has a
>> value.
>>
>>
>>
>> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>> > that's with the new sp namespace I mean...
>>
>>
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Hi,
One further issue with this WSDL file. I believe this might be the final one.
I am now receiving the following response from CXF:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedSupportingTokens
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequiredParts
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Am I missing a dependency?
I changed the dependencies to be loaded via maven. My pom.xml dependencies are:
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http-jetty</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-policy</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-core</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-simple</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-databinding-aegis</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-local</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-jms</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-management</artifactId>
<version>${cxf.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>3.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>3.2.3.RELEASE</version>
</dependency>
</dependencies>
My request looks like:
<soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="http://idp.ebs.health.ontario.ca/"
xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="X509-8F87C8BB7153C9F44A137511765007837">MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEB
BQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4GA1UEBwwHVG9yb250bzERMA8GA1U
ECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9JbmRpdmljYSBFQlMgQ0ExJTAjBgkq
hkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0NDI1WhcNMTQwNzE5MTc0NDI1WjB4M
QswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9yb250bzERMA8GA1UEChMISW5ka
XZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBFQlMgQ2xpZW50MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrBGA0lrxZkqH/PnfdbtRhRypxkc6+r3O17AT
i0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMphXryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2Ymsw
ZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJtUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WB
iDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQAB
MA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQUppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb64zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM
0XL3xwzblWi++B
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-36" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#id-12">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>L8p2S05GWybjnnTm1cv2xouWj/w=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-7">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>DshPBCDvkhmoIGUjaYpq8y1DldA=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#TS-35">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>OPmJN60ggUWBc3EoJ+m8p7jbG50=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#UsernameToken-34">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>/N9BmZT8YqTsrcdvX7AVYbnkofQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>OfwAzd25uNxfjPMzRHgZbXAoW0HQ20nkdNL/QS0KyyXH80es9RqzoB8F0QtXkJC4kcGr3xjHqftM
jQUWxioFqk4G/jG01080kuJHkJULGVKkTf5zpJzu3F9cdfG9pkuhFjuPCKiFfIaxc5dDu20OT5KD
EPjXFW7NqlIcBOFaVSM5feR224cRkvRqzqYOc3bCDSUpqT6+o5Gce5LyV4OKhPpWfsFy1g3FbSsF
vElsygbjSxo3mDREBY3pEPBJruN5Gd8T/kCL/nNNos++L4MwwMIFyQbzsaxINiFKA3YoUSUb9mfB
ZeMu6z6zd3CSebMHnZVi2iOgSApomLGsUhsmEg==
</ds:SignatureValue>
<ds:KeyInfo Id="KI-8F87C8BB7153C9F44A137511765007838">
<wsse:SecurityTokenReference
wsu:Id="STR-8F87C8BB7153C9F44A137511765007839">
<wsse:Reference URI="#X509-8F87C8BB7153C9F44A137511765007837"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-35">
<wsu:Created>2013-07-29T17:07:30.076Z</wsu:Created>
<wsu:Expires>2013-08-05T15:47:30.076Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-34">
<wsse:Username>abc</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">abcd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<idp:IDP wsu:Id="id-8"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ServiceUserMUID>?</ServiceUserMUID>
</idp:IDP>
<ebs:EBS wsu:Id="id-7"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<SoftwareConformanceKey>12345</SoftwareConformanceKey>
<AuditId>12345</AuditId>
</ebs:EBS>
</soapenv:Header>
<soapenv:Body wsu:Id="id-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<hcv:validate>
<requests>
<hcvRequest>
<healthNumber>9876543217</healthNumber>
<versionCode>AB</versionCode>
</hcvRequest>
</requests>
</hcv:validate>
</soapenv:Body>
</soapenv:Envelope>
On 2013-07-27, at 1:17 AM, Jason Pell <ja...@pellcorp.com> wrote:
> Yea the namespace cannot be Namespace="" either.
>
>
> On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com> wrote:
> That got rid of the problem with Eclipse complaining about the invalid element. I still get this error though:
>
> Jul 27, 2013 1:12:05 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
> WARNING: Failed to build the policy 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>
> Which I find weird, because all the <sp:Header> elements in <sp:RequiredParts> tag have a Namespace attribute and the attribute has a value.
>
>
>
> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > that's with the new sp namespace I mean...
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Yea the namespace cannot be Namespace="" either.
On Sat, Jul 27, 2013 at 3:14 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> That got rid of the problem with Eclipse complaining about the invalid
> element. I still get this error though:
>
> Jul 27, 2013 1:12:05 AM
> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
> getElementPolicy
> WARNING: Failed to build the policy
> 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
>
> Which I find weird, because all the <sp:Header> elements in
> <sp:RequiredParts> tag have a Namespace attribute and the attribute has a
> value.
>
>
>
> On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > that's with the new sp namespace I mean...
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
That got rid of the problem with Eclipse complaining about the invalid element. I still get this error though:
Jul 27, 2013 1:12:05 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
WARNING: Failed to build the policy 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
Which I find weird, because all the <sp:Header> elements in <sp:RequiredParts> tag have a Namespace attribute and the attribute has a value.
On 2013-07-27, at 1:11 AM, Jason Pell <ja...@pellcorp.com> wrote:
> that's with the new sp namespace I mean...
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
that's with the new sp namespace I mean...
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
can you try moving the sp:Body to start of <sp:SignedParts> as the order in
the XSD has the body first.
Do it in both cases.
On Sat, Jul 27, 2013 at 3:08 PM, Jason Pell <ja...@pellcorp.com> wrote:
> I am attempting to load your policy into my test case and I will get back
> to you.
>
>
> On Sat, Jul 27, 2013 at 3:05 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Unfortunately, I've got no idea how things are going with the other
>> users. There's no way for me to get in touch with them and I have no idea
>> who any of them are. I've sent a message to the service provider asking
>> them to clarify the WSDL namespaces. Presumably if they got it to work it
>> should be possible to build something that conforms to it...
>>
>>
>> On 2013-07-27, at 12:56 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>> > I don't think RequiredParts is available in the older SP namespace. I
>> > checked the xsd and cannot find it.
>> >
>> >
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
>> >
>> > Not sure how other clients of that service are fairing?
>> >
>> >
>> > On Sat, Jul 27, 2013 at 2:48 PM, Jason Pell <ja...@pellcorp.com> wrote:
>> >
>> >> I think that RequiredParts is not supported by the SP namespace you are
>> >> using, at least in CXF. Try changing sp namespace to
>> >>
>> >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>> >>
>> >> And see if you get further. I checked the RequiredParts builder and it
>> >> does seem to assume this namespace.
>> >>
>> >>
>> >> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <
>> jennifer@indivica.com>wrote:
>> >>
>> >>> Ok. Following that, I've now got:
>> >>>
>> >>> Jul 27, 2013 12:41:56 AM
>> >>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>> >>> handleNoRegisteredBuilder
>> >>> WARNING: No assertion builder for type {
>> >>>
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered
>> .
>> >>>
>> >>> Maybe I'm missing a JAR? But I've included all the CXF modules into
>> the
>> >>> classpath.
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>> >>>
>> >>>> That should be:
>> >>>>
>> >>>> <sp:SignedSupportingTokens>
>> >>>> <wsp:Policy>
>> >>>> <sp:UsernameToken>
>> >>>> <wsp:Policy>
>> >>>> <wsp:All>
>> >>>> <sp:NoPassword/>
>> >>>> <sp:WssUsernameToken10/>
>> >>>> </wsp:All>
>> >>>> </wsp:Policy>
>> >>>> </sp:UsernameToken>
>> >>>> </wsp:Policy>
>> >>>> </sp:SignedSupportingTokens>
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>> On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>> >>>>
>> >>>>> Ok - try putting a <wsp:Policy> immediately inside the
>> >>>>> <sp:SignedSupportingTokens> tag and I think you might get further.
>> >>>>>
>> >>>>> So instead of:
>> >>>>>
>> >>>>>
>> >>>>> <sp:SignedSupportingTokens>
>> >>>>> <sp:UsernameToken>
>> >>>>> <wsp:Policy>
>> >>>>> <wsp:All>
>> >>>>> <sp:NoPassword/>
>> >>>>> <sp:WssUsernameToken10/>
>> >>>>> </wsp:All>
>> >>>>> </wsp:Policy>
>> >>>>> </sp:UsernameToken>
>> >>>>> </sp:SignedSupportingTokens>
>> >>>>>
>> >>>>> Try:
>> >>>>>
>> >>>>> <sp:SignedSupportingTokens>
>> >>>>> <wsp:Policy>
>> >>>>>
>> >>>>> <sp:UsernameToken>
>> >>>>> <wsp:Policy>
>> >>>>> <wsp:All>
>> >>>>> <sp:NoPassword/>
>> >>>>> <sp:WssUsernameToken10/>
>> >>>>> </wsp:All>
>> >>>>> </wsp:Policy>
>> >>>>> </sp:UsernameToken>
>> >>>>> <wsp:Policy>
>> >>>>> </sp:SignedSupportingTokens>
>> >>>>>
>> >>>>> Do this for both occurences.
>> >>>>>
>> >>>>>
>> >>>>> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com>
>> >>> wrote:
>> >>>>>
>> >>>>>> I realised you had already got that far yourself, apologies for
>> >>> wasting
>> >>>>>> everyone's time. I misread the email thread. So you already
>> changed
>> >>> your
>> >>>>>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>> >>>>>>
>> >>>>>> However when I change my policy file to use SignedSupportingToken
>> >>> rather
>> >>>>>> than SupportingToken I also get:
>> >>>>>> {
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameTokenis
>> >>>>>> not a <wsp:Policy> element.
>> >>>>>>
>> >>>>>> So I will have a play around with that now.
>> >>>>>>
>> >>>>>>
>> >>>>>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
>> >>> wrote:
>> >>>>>>
>> >>>>>>> Actually I just realised what the problem is. Your original
>> >>> namespace
>> >>>>>>> for sp was wrong. Just change it to
>> >>>>>>>
>> >>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>> >>>>>>>
>> >>>>>>> And it will all work. Sorry for the confusion, I am no expert,
>> but
>> >>> did
>> >>>>>>> have the same problems so was worth the trial and error.
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
>> >>> wrote:
>> >>>>>>>
>> >>>>>>>> In fact just replacing the SP namespace should do it. The
>> >>> xmlns:wsp="
>> >>>>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be
>> the
>> >>>>>>>> problem.
>> >>>>>>>>
>> >>>>>>>> So just change the sp to:
>> >>>>>>>>
>> >>>>>>>> xmlns:sp="
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>> >>> "
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
>> >>> wrote:
>> >>>>>>>>
>> >>>>>>>>> Changing the namespaces to the following will allow it to work
>> with
>> >>>>>>>>> CXF:
>> >>>>>>>>>
>> >>>>>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>> >>>>>>>>> xmlns:wsu="
>> >>>>>>>>>
>> >>>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> >>>>>>>>> "
>> >>>>>>>>> xmlns:sp="
>> >>>>>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>> >>>>>>>>> jennifer@indivica.com> wrote:
>> >>>>>>>>>
>> >>>>>>>>>> Hi,
>> >>>>>>>>>>
>> >>>>>>>>>> Thanks for your message. The WSDL file clearly contains a
>> number
>> >>> of
>> >>>>>>>>>> errors and so I'm happy to change it. The owners of the service
>> >>> will have
>> >>>>>>>>>> to adjust it anyway. What should I change the namespaces to?
>> >>>>>>>>>>
>> >>>>>>>>>> Thanks again
>> >>>>>>>>>> Jen
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>> >>>>>>>>>>
>> >>>>>>>>>>>
>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>> >>>>>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
>> >>>
>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
>> >>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>> This test case reproduces your issue I think. Changing the
>> >>>>>>>>>>> namespaces of
>> >>>>>>>>>>> the policy file will actually fix this, but probably not an
>> >>> option
>> >>>>>>>>>>> for you.
>> >>>>>>>>>>>
>> >>>>>>>>>>> public void testOldWspSpClient() throws Exception {
>> >>>>>>>>>>> ClassPathXmlApplicationContext clientContext =
>> >>>>>>>>>>> TestUtils.getContext(
>> >>>>>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>> >>>>>>>>>>>
>> >>>>>>>>>>> OldSpWspSimpleService simpleService =
>> clientContext.getBean(
>> >>>>>>>>>>> "OldSpWspSimpleServiceClient",
>> >>>>>>>>>>> OldSpWspSimpleService.class);
>> >>>>>>>>>>>
>> >>>>>>>>>>> WSS4JOutInterceptor wssOut =
>> >>> TestUtils.**getWssOutInterceptor(
>> >>>>>>>>>>> simpleService);
>> >>>>>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>> >>>>>>>>>>> "password");
>> >>>>>>>>>>>
>> >>>>>>>>>>> try {
>> >>>>>>>>>>> simpleService.ping();
>> >>>>>>>>>>> } catch (SOAPFaultException e) {
>> >>>>>>>>>>> assertTrue(e.getMessage().**
>> >>>>>>>>>>> contains("MustUnderstand"));
>> >>>>>>>>>>> }
>> >>>>>>>>>>> }
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <
>> jason@pellcorp.com
>> >>>>
>> >>>>>>>>>>> wrote:
>> >>>>>>>>>>>
>> >>>>>>>>>>> Hi,
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> I changed over my java first samples to use your namespaces,
>> >>> and I
>> >>>>>>>>>>>> also
>> >>>>>>>>>>>> got the Must understand error.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around
>> to
>> >>> see
>> >>>>>>>>>>>> what
>> >>>>>>>>>>>> the problem is.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>> >>>>>>>>>>>> jennifer@indivica.com>wrote:
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Hi,
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Thanks for your help.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> The project path did not export the appropriate jars to the
>> >>>>>>>>>>>>> WEB-INF/lib
>> >>>>>>>>>>>>> directory when being built, so I added them to the
>> deployment
>> >>>>>>>>>>>>> assembly step
>> >>>>>>>>>>>>> in eclipse. I added all the dependencies as well.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>> >>>>>>>>>>>>> headers are
>> >>>>>>>>>>>>> not understood" error message. But there's more. I'm also
>> >>> getting
>> >>>>>>>>>>>>> a strange
>> >>>>>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>>>>> SignedSupportingTokensregister**ed<
>> >>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
>> >>>>
>> >>>>>>>>>>>>> .
>> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>>>>> RequiredPartsregistered<
>> >>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
>> >>>>
>> >>>>>>>>>>>>> .
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>>>>> SignedPartsregistered<
>> >>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
>> >>>>
>> >>>>>>>>>>>>> .
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> I thought that was weird because in all the examples I've
>> seen
>> >>> the
>> >>>>>>>>>>>>> sp
>> >>>>>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>> >>>>>>>>>>>>> 2005/07/securitypolicy<
>> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>> >>>>>>>>>>>>> So I
>> >>>>>>>>>>>>> made the change in the WSDL and I got the following message
>> >>> upon
>> >>>>>>>>>>>>> restarting
>> >>>>>>>>>>>>> the server:
>> >>>>>>>>>>>>> Jul 26, 2013 1:25:16 PM
>> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>> >>>>>>>>>>>>> Wsdl11AttachmentPolicyProvider
>> >>>>>>>>>>>>> getElementPolicy
>> >>>>>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>> >>>>>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>> >>>>>>>>>>>>> UsernameToken<
>> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken
>> >is
>> >>>>>>>>>>>>> not a <wsp:Policy> element.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>> >>>>>>>>>>>>> 2004/09/policy <
>> http://schemas.xmlsoap.org/ws/2004/09/policy>,
>> >>>>>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>> >>>>>>>>>>>>> pretty close,
>> >>>>>>>>>>>>> I'm lost at this point. Do you happen to have any further
>> >>>>>>>>>>>>> suggestions?
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Thanks
>> >>>>>>>>>>>>> Jen
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
>> >>> ashakirin@talend.com>
>> >>>>>>>>>>>>> wrote:
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Hi,
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> "mustunderstand header is not understood" error is thrown
>> by
>> >>> CXF
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> MustUnderstandInterceptor.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> MustUnderstandInterceptor checks if must understand
>> headers in
>> >>>>>>>>>>>>>> SOAP
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> message can be processed by at least one CXF interceptor in
>> >>> chain.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders()
>> >>> method
>> >>>>>>>>>>>>>> to say
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> which headers they are able to proceed.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Security headers can be processed either by
>> >>>>>>>>>>>>>> AbstractTokenInterceptor
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> (extended by UsernameTokenInterceptor,
>> >>> SamlTokenInterceptor.java,
>> >>>>>>>>>>>>> KerberosTokenInterceptor.java) or
>> AbstractWSS4JInterceptor.java
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> WSS4JInInterceptor.java).
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> In your case no any from these interceptors is in chain on
>> the
>> >>>>>>>>>>>>>> service
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> side.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> That could happens because:
>> >>>>>>>>>>>>>> a) service uses other ws-policy (or nor policy) that
>> doesn't
>> >>>>>>>>>>>>>> activate
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> that interceptors
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> b) service uses no ws-policy way and not configured with
>> >>> security
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> interceptor
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> c) appropriate CXF jars are not available:
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Can you please check how your service is configured?
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Regards,
>> >>>>>>>>>>>>>> Andrei.
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> -----Original Message-----
>> >>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >>>>>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>> >>>>>>>>>>>>>>> To: users@cxf.apache.org
>> >>>>>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Hi,
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There
>> may
>> >>> be an
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> issue with
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> the WSDL file itself.
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> My request matches the example provided by the author of
>> the
>> >>>>>>>>>>>>>>> WSDL file,
>> >>>>>>>>>>>>>>> but neither of them work. They both cause the same
>> >>>>>>>>>>>>>>> "mustunderstand
>> >>>>>>>>>>>>>>> header is not understood" error.
>> >>>>>>>>>>>>>>> Disabling the security policy allows the request to
>> complete
>> >>>>>>>>>>>>>>> properly.
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> CXF is configured to read the security policy from the
>> WSDL
>> >>>>>>>>>>>>>>> file, and
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> I know
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> that part is working because if I miss a required part (the
>> >>>>>>>>>>>>>>> timestamp,
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> for
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> example) in the header, CXF complains that not all of the
>> >>> required
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> parts have
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> been submitted. I guess this could be because of a signing
>> >>> issue,
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> although I'm
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> not sure.
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> My reasons for building the service are because while
>> there
>> >>> is a
>> >>>>>>>>>>>>>>> WSDL
>> >>>>>>>>>>>>>>> definition for the service, there's no way to access the
>> >>> service
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> itself. I know
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> exactly how the service is supposed to react to various
>> >>> inputs so
>> >>>>>>>>>>>>>>> I'm
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> trying to
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> build the same web service. It's for a health insurance
>> card
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> validation service
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> in Ontario, Canada, and the service is provided by the
>> >>> government.
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Thanks.
>> >>>>>>>>>>>>>>> Jen
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> ---------------------
>> >>>>>>>>>>>>>>> HCValidationService.wsdl
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>> >>>>>>>>>>>>>>> name="HCValidationService"
>> >>>>>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
>> >>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
>> >>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>> >>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
>> >>> http://schemas.xmlsoap.org/wsdl/soap/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>> >>>>>>>>>>>>>>> securitypolicy/200512<
>> >>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>> >>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
>> >>> http://schemas.xmlsoap.org/wsdl/soap/>
>> >>>>>>>>>>>>>>> **"
>> >>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy
>> <
>> >>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>> >>> open.org/wss/2004/01/oasis-**
>> >>>>>>>>>>>>>>> 200401-wss-<
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>> >>>>>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
>> >>> http://www.w3.org/2001/XMLSchema>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <types>
>> >>>>>>>>>>>>>>> <xsd:schema>
>> >>>>>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>> >>>>>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
>> >>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>> >>>>>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>> >>>>>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>> >>>>>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>> >>>>>>>>>>>>>>> </xsd:schema>
>> >>>>>>>>>>>>>>> </types>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>> >>>>>>>>>>>>>>> <sp:UsernameToken>
>> >>>>>>>>>>>>>>> <wsp:Policy>
>> >>>>>>>>>>>>>>>
>> >>> <wsp:All>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <sp:NoPassword/>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>> >>>>>>>>>>>>>>>
>> >>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>>>>> </sp:UsernameToken>
>> >>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="MSA"
>> >>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="AuditId"
>> >>>>>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="UserID"
>> >>>>>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:SignedParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="MSA"
>> >>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Body/>
>> >>>>>>>>>>>>>>> </sp:SignedParts>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>> >>>>>>>>>>>>>>> <sp:UsernameToken>
>> >>>>>>>>>>>>>>> <wsp:Policy>
>> >>>>>>>>>>>>>>>
>> >>> <wsp:All>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>> >>>>>>>>>>>>>>>
>> >>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>>>>> </sp:UsernameToken>
>> >>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:SignedParts>
>> >>>>>>>>>>>>>>> <sp:Header Name="EBS"
>> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Header Name="IDP"
>> >>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>> Name="Timestamp"
>> >>>>>>>>>>>>>>> Namespace="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-**
>> >>>>>>>>>>>>>>> 200401-wss-<
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>> >>>>>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> <sp:Body/>
>> >>>>>>>>>>>>>>> </sp:SignedParts>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="IDP"
>> >>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="AuditId"
>> >>>>>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsdl:message name="EBSHeader">
>> >>>>>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>> >>>>>>>>>>>>>>> name="ebsrequest_header"/>
>> >>>>>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>>>>> <wsdl:message name="MSAHeader">
>> >>>>>>>>>>>>>>> <wsdl:part element="msa:MSA"
>> >>>>>>>>>>>>>>> name="msarequest_header"/>
>> >>>>>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>>>>> <wsdl:message name="IDPHeader">
>> >>>>>>>>>>>>>>> <wsdl:part element="idp:IDP"
>> >>>>>>>>>>>>>>> name="idprequest_header"/>
>> >>>>>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <message name="validate">
>> >>>>>>>>>>>>>>> <wsdl:part element="hcv:validate"
>> >>>>>>>>>>>>>>> name="parameters"/>
>> >>>>>>>>>>>>>>> </message>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <message name="validateResponse">
>> >>>>>>>>>>>>>>> <part element="hcv:validateResponse"
>> >>>>>>>>>>>>>>> name="parameters"/>
>> >>>>>>>>>>>>>>> </message>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <message name="faultexception">
>> >>>>>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>> >>>>>>>>>>>>>>> </message>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <portType name="HCValidation">
>> >>>>>>>>>>>>>>> <operation name="validate">
>> >>>>>>>>>>>>>>> <input message="hcv:validate"/>
>> >>>>>>>>>>>>>>> <output
>> >>> message="hcv:validateResponse"**/>
>> >>>>>>>>>>>>>>> <fault message="hcv:faultexception"
>> >>>>>>>>>>>>>>> name="FaultException"/>
>> >>>>>>>>>>>>>>> </operation>
>> >>>>>>>>>>>>>>> </portType>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <binding name="HCValidationPortBinding"
>> >>>>>>>>>>>>>>> type="hcv:HCValidation">
>> >>>>>>>>>>>>>>> <soap:binding style="document"
>> >>>>>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
>> >>> http://schemas.xmlsoap.org/soap/http>
>> >>>>>>>>>>>>>>> "/>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <operation name="validate">
>> >>>>>>>>>>>>>>> <soap:operation soapAction=""/>
>> >>>>>>>>>>>>>>> <input>
>> >>>>>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>> >>>>>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
>> >>> use="literal"/>
>> >>>>>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
>> >>> use="literal"/>
>> >>>>>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
>> >>> use="literal"/>
>> >>>>>>>>>>>>>>> <wsdlsoap:body
>> >>> parts="parameters"
>> >>>>>>>>>>>>>>> use="literal"/>
>> >>>>>>>>>>>>>>> </input>
>> >>>>>>>>>>>>>>> <output>
>> >>>>>>>>>>>>>>> <soap:body use="literal"/>
>> >>>>>>>>>>>>>>> </output>
>> >>>>>>>>>>>>>>> <fault name="FaultException">
>> >>>>>>>>>>>>>>> <soap:fault
>> >>> name="FaultException"
>> >>>>>>>>>>>>>>> use="literal"/>
>> >>>>>>>>>>>>>>> </fault>
>> >>>>>>>>>>>>>>> </operation>
>> >>>>>>>>>>>>>>> </binding>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <service name="HCValidationService">
>> >>>>>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>> >>>>>>>>>>>>>>> name="HCValidationPort">
>> >>>>>>>>>>>>>>> <soap:address
>> >>>>>>>>>>>>>>> location="
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>> >>>>>>>>>>>>> HCValidationSe<
>> >>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> rvice"/>
>> >>>>>>>>>>>>>>> </port>
>> >>>>>>>>>>>>>>> </service>
>> >>>>>>>>>>>>>>> </definitions>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> ---------------------
>> >>>>>>>>>>>>>>> Sample Request (provided by author of WSDL)
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>> >>>>>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
>> >>> http://schemas.xmlsoap.org/security/2000-12>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>> >>>>>>>>>>>>>>> xmlns:xsi="
>> http://www.w3.org/**2001/XMLSchema-instance<
>> >>> http://www.w3.org/2001/XMLSchema-instance>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>> >>>>>>>>>>>>>>> securitypolicy<
>> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>> >>>>>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>> >>>>>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
>> >>> http://www.w3.org/2001/XMLSchema>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
>> >>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>> >>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>>>>> **200401- <
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>> >>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
>> >>> ontario.ca/security/2012-03<
>> http://ebs.health.ontario.ca/security/2012-03
>> >>>>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>> >>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**
>> >>> xmlsoap.org/ws/2004/09/policy<
>> >>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**
>> xmlsoap.org/soap/envelope/<
>> >>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <soapenv:Header>
>> >>>>>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>> >>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <SoftwareConformanceKey>**
>> >>>>>>>>>>>>>>> 444561ee-277f-77b2-
>> >>>>>>>>>>>>>>> c664-7a9923jfgh1b
>> >>>>>>>>>>>>>>> </SoftwareConformanceKey>
>> >>>>>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>> >>>>>>>>>>>>>>> 21b707ca8a53</AuditId>
>> >>>>>>>>>>>>>>> </ns2:EBS>
>> >>>>>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>> >>>>>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <ServiceUserMUID>4523394</**
>> >>>>>>>>>>>>>>> ServiceUserMUID>
>> >>>>>>>>>>>>>>> </ns2:IDP>
>> >>>>>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>> >>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>> >>>>>>>>>>>>>>> <wsu:Created>2012-06-
>> >>>>>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>> >>>>>>>>>>>>>>> <wsu:Expires>2012-06-
>> >>>>>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>> >>>>>>>>>>>>>>> </wsu:Timestamp>
>> >>>>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>> >>>>>>>>>>>>>>> </wsse:Username>
>> >>>>>>>>>>>>>>> <wsse:Password
>> >>>>>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>> >>>>>>>>>>>>>>> </wsse:UsernameToken>
>> >>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>> >>>>>>>>>>>>>>> EncodingType="http://docs.
>> >>> **oasis-<http://docs.oasis->
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>> >>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>> >>>>>>>>>>>>>>> 1.0#Base64Binary"
>> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>> >>>>>>>>>>>>>>> 1.0#X509v3<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> >>>>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> wsu:Id="X509-
>> >>>>>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>> >>>>>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>> >>>>>>>>>>>>>>>
>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>> >>>>>>>>>>>>>>> wNTJaM
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>> >>>>>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>> >>>>>>>>>>>>>>> TDj
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>> >>>>>>>>>>>>>>>
>> >>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>> >>>>>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>> >>>>>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>> >>>>>>>>>>>>>>>
>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>> >>>>>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>> >>>>>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>> >>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>> >>>>>>>>>>>>>>> <ds:Signature Id="SIG-6"
>> >>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>> >>> http://www.w3.org/2000/09/xmldsig#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <ds:SignedInfo>
>> >>>>>>>>>>>>>>>
>> >>> <ds:CanonicalizationMethod
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-
>> >>>>>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>> >>>>>>>>>>>>>>> <ds:SignatureMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-1">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> >>> wsp
>> >>>>>>>>>>>>>>> wsse
>> >>>>>>>>>>>>>>> wsu xs xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>> >>>>>>>>>>>>>>> hAp3ByFuG9c
>> >>>>>>>>>>>>>>> Hs=
>> >>>>>>>>>>>>>>>
>> >>> </ds:DigestValue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-2">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> >>> wsp
>> >>>>>>>>>>>>>>> wsse
>> >>>>>>>>>>>>>>> wsu xs xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>> >>>>>>>>>>>>>>> PE
>> >>>>>>>>>>>>>>> Oz3E=
>> >>>>>>>>>>>>>>>
>> >>> </ds:DigestValue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-3">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> >>> wsp
>> >>>>>>>>>>>>>>> wsse xs
>> >>>>>>>>>>>>>>> xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>> >>>>>>>>>>>>>>> GGE=
>> >>>>>>>>>>>>>>>
>> >>> </ds:DigestValue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-4">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> >>> wsp
>> >>>>>>>>>>>>>>> wsu xs
>> >>>>>>>>>>>>>>> xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>> >>>>>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>> >>>>>>>>>>>>>>> Gjo=
>> >>>>>>>>>>>>>>>
>> >>> </ds:DigestValue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-5">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
>> >>> wsu
>> >>>>>>>>>>>>>>> xs xsi"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>> >>>>>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>> >>>>>>>>>>>>>>> 9Y=
>> >>>>>>>>>>>>>>>
>> >>> </ds:DigestValue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> </ds:SignedInfo>
>> >>>>>>>>>>>>>>> <ds:SignatureValue>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>> >>>>>>>>>>>>>>> 0oUXV5B4nzU4fg
>> >>>>>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>> >>>>>>>>>>>>>>> LaD+S/j3QKc=
>> >>>>>>>>>>>>>>> </ds:SignatureValue>
>> >>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>> >>>>>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>> >>>>>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>> >>>>>>>>>>>>>>>
>> <wsse:Reference
>> >>>>>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>> >>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>>>>> **200401- <
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>> >>>>>>>>>>>>>>> </ds:KeyInfo>
>> >>>>>>>>>>>>>>> </ds:Signature>
>> >>>>>>>>>>>>>>> </wsse:Security>
>> >>>>>>>>>>>>>>> </soapenv:Header>
>> >>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>> >>>>>>>>>>>>>>> <ns5:validate xmlns:ns4="
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>> "
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>> >>>>>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>> >>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>> >>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
>> >>> ontario.ca/<http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <requests>
>> >>>>>>>>>>>>>>> <hcvRequest>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <versionCode>WW</versionCode>
>> >>>>>>>>>>>>>>> </hcvRequest>
>> >>>>>>>>>>>>>>> </requests>
>> >>>>>>>>>>>>>>> <locale>en</locale>
>> >>>>>>>>>>>>>>> </ns5:validate>
>> >>>>>>>>>>>>>>> </soapenv:Body>
>> >>>>>>>>>>>>>>> </soapenv:Envelope>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> -------------------
>> >>>>>>>>>>>>>>> Sample Request (Built via SoapUI)
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**
>> ontario.ca/
>> >>> <http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>> >>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>> >>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>> >>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**
>> xmlsoap.org/soap/envelope/<
>> >>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <soapenv:Header>
>> >>>>>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>> >>>>>>>>>>>>>>> EncodingType="http://docs.
>> >>> **oasis-<http://docs.oasis->
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>> >>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>> >>>>>>>>>>>>>>> 1.0#Base64Binary"
>> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>> >>>>>>>>>>>>>>> 1.0#X509v3<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> >>>>
>> >>>>>>>>>>>>>>> "
>> >>>>>>>>>>>>>>> wsu:Id="X509-
>> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>> >>>>>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>> >>>>>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>> >>>>>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>> >>>>>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>> >>>>>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>> >>>>>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>> >>>>>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>> >>>>>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>> >>>>>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>> >>>>>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>> >>>>>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>> >>>>>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>> >>>>>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>> >>>>>>>>>>>>>>> OM0XL3xwzblWi++B
>> >>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>> >>>>>>>>>>>>>>> <ds:Signature Id="SIG-30"
>> >>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>> >>> http://www.w3.org/2000/09/xmldsig#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <ds:SignedInfo>
>> >>>>>>>>>>>>>>>
>> >>> <ds:CanonicalizationMethod
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>> >>>>>>>>>>>>>>> <ds:SignatureMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-7">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa
>> soapenv"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>> >>>>>>>>>>>>>>> DigestVal
>> >>>>>>>>>>>>>>> ue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-8">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa
>> soapenv"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>> >>>>>>>>>>>>>>> DigestVal
>> >>>>>>>>>>>>>>> ue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#TS-29">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp
>> msa
>> >>>>>>>>>>>>>>> soapenv"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>> >>>>>>>>>>>>>>> ds:DigestVal
>> >>>>>>>>>>>>>>> ue>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>>>>>>>>>>>>>> URI="#UsernameToken-28">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>> >>>>>>>>>>>>>>> soapenv"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>> >>>>>>>>>>>>>>> ds:DigestValu
>> >>>>>>>>>>>>>>> e>
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> <ds:Reference
>> >>> URI="#id-12">
>> >>>>>>>>>>>>>>>
>> <ds:Transforms>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>>>>>
>> </ds:Transforms>
>> >>>>>>>>>>>>>>>
>> <ds:DigestMethod
>> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>>>>> />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>> >>>>>>>>>>>>>>> ds:DigestValue
>> >>>>>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>>>>> </ds:SignedInfo>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>> >>>>>>>>>>>>>>> UZ51zrXi3
>> >>>>>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>> >>>>>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>> >>>>>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>> >>>>>>>>>>>>>>> 336idp
>> >>>>>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>> >>>>>>>>>>>>>>> </ds:SignatureValue>
>> >>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>> >>>>>>>>>>>>>>> wsu:Id="STR-
>> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>> >>>>>>>>>>>>>>>
>> <wsse:Reference
>> >>>>>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>> >>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>>>>> **200401- <
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>> >>>>>>>>>>>>>>> </ds:KeyInfo>
>> >>>>>>>>>>>>>>> </ds:Signature>
>> >>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>> >>>>>>>>>>>>>>> <wsu:Created>2013-07-
>> >>>>>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>> >>>>>>>>>>>>>>> <wsu:Expires>2013-07-
>> >>>>>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>> >>>>>>>>>>>>>>> </wsu:Timestamp>
>> >>>>>>>>>>>>>>> <wsse:UsernameToken
>> >>> wsu:Id="UsernameToken-
>> >>>>>>>>>>>>>>> 28">
>> >>>>>>>>>>>>>>> <wsse:Username>abc</wsse:**
>> >>>>>>>>>>>>>>> Username>
>> >>>>>>>>>>>>>>> <wsse:Password
>> >>>>>>>>>>>>>>> Type="
>> >>> http://docs.oasis-
>> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>> >>>>>>>>>>>>>>> profile-<
>> >>> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>> >>>>>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>> >>>>>>>>>>>>>>> </wsse:UsernameToken>
>> >>>>>>>>>>>>>>> </wsse:Security>
>> >>>>>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>> <ServiceUserMUID>12345</**ServiceUserMUID>
>> >>>>>>>>>>>>>>> </idp:IDP>
>> >>>>>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>>>>> 1.0.xsd<
>> >>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>> >>>>>>>>>>>>>>> <AuditId>12345</AuditId>
>> >>>>>>>>>>>>>>> </ebs:EBS>
>> >>>>>>>>>>>>>>> </soapenv:Header>
>> >>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-<
>> >>> http://docs.oasis-open.org/wss/2004/01/oasis->
>> >>>>>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>> >>>>>>>>>>>>>>> <hcv:validate>
>> >>>>>>>>>>>>>>> <requests>
>> >>>>>>>>>>>>>>> <hcvRequest>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <versionCode>AB</versionCode>
>> >>>>>>>>>>>>>>> </hcvRequest>
>> >>>>>>>>>>>>>>> </requests>
>> >>>>>>>>>>>>>>> </hcv:validate>
>> >>>>>>>>>>>>>>> </soapenv:Body>
>> >>>>>>>>>>>>>>> </soapenv:Envelope>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> -----------------------
>> >>>>>>>>>>>>>>> Response (In either case):
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> <soap:Envelope
>> >>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
>> >>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>>>>> ">
>> >>>>>>>>>>>>>>> <soap:Body>
>> >>>>>>>>>>>>>>> <soap:Fault>
>> >>>>>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>> >>>>>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>> >>>>>>>>>>>>>>> http://docs.oasis-
>> >>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<
>> >>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>> >>>>>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>> >>>>>>>>>>>>>>> </soap:Fault>
>> >>>>>>>>>>>>>>> </soap:Body>
>> >>>>>>>>>>>>>>> </soap:Envelope>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>> >>>>>>>>>>>>>>> ashakirin@talend.com>
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> wrote:
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Hi,
>> >>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>> It seems that your service doesn't use the same
>> WS-Policy as
>> >>>>>>>>>>>>>>>> client,
>> >>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>> therefore appropriate interceptors are not activated on
>> the
>> >>>>>>>>>>>>>>> service
>> >>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> side.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Could you double check that?
>> >>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>> Exact request and response will be also useful for
>> further
>> >>>>>>>>>>>>>>>> analyse.
>> >>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>> Regards,
>> >>>>>>>>>>>>>>>> Andrei.
>> >>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>> -----Original Message-----
>> >>>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >>>>>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>> >>>>>>>>>>>>>>>>> To: users@cxf.apache.org
>> >>>>>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and
>> >>> deploying a
>> >>>>>>>>>>>>>>>>> WSDL-first service via Eclipse.
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create
>> it)
>> >>> with
>> >>>>>>>>>>>>>>>>> the
>> >>>>>>>>>>>>>>>>> intention of implementing the service that it describes.
>> >>> The
>> >>>>>>>>>>>>>>>>> WSDL
>> >>>>>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>> >>>>>>>>>>>>>>>>> UsernameToken,
>> >>>>>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every
>> >>> time I
>> >>>>>>>>>>>>>>>>> run a
>> >>>>>>>>>>>>>>>>> sample request that includes all of those components in
>> the
>> >>>>>>>>>>>>>>>>> WS-Security header I get a "must understand header is
>> not
>> >>>>>>>>>>>>>>>>> understood"
>> >>>>>>>>>>>>>>>>> message, regarding the WS-Security header.
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>> >>>>>>>>>>>>>>>>> dependencies
>> >>>>>>>>>>>>>>>>> must be included in the classpath to have
>> WS-SecurityPolicy
>> >>>>>>>>>>>>>>>>> work, but
>> >>>>>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
>> >>> entire
>> >>>>>>>>>>>>>>>>> CXF ZIP
>> >>>>>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>> >>>>>>>>>>>>>>>>> Runtime. Is
>> >>>>>>>>>>>>>>>>> there anything that I'm missing? Or is there a better
>> way
>> >>> for
>> >>>>>>>>>>>>>>>>> me to
>> >>>>>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated
>> tools?
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>> Thanks for any help.
>> >>>>>>>>>>>>>>>>> Jen
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>>>>
>> >>>>>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>
>> >>>>>>>
>> >>>>>>
>> >>>>>
>> >>>
>> >>>
>> >>
>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Thanks Jason. I really appreciate your help.
On 2013-07-27, at 1:08 AM, Jason Pell <ja...@pellcorp.com> wrote:
> I am attempting to load your policy into my test case and I will get back
> to you.
>
>
> On Sat, Jul 27, 2013 at 3:05 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Unfortunately, I've got no idea how things are going with the other users.
>> There's no way for me to get in touch with them and I have no idea who any
>> of them are. I've sent a message to the service provider asking them to
>> clarify the WSDL namespaces. Presumably if they got it to work it should be
>> possible to build something that conforms to it...
>>
>>
>> On 2013-07-27, at 12:56 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> I don't think RequiredParts is available in the older SP namespace. I
>>> checked the xsd and cannot find it.
>>>
>>>
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
>>>
>>> Not sure how other clients of that service are fairing?
>>>
>>>
>>> On Sat, Jul 27, 2013 at 2:48 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> I think that RequiredParts is not supported by the SP namespace you are
>>>> using, at least in CXF. Try changing sp namespace to
>>>>
>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>>>>
>>>> And see if you get further. I checked the RequiredParts builder and it
>>>> does seem to assume this namespace.
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <jennifer@indivica.com
>>> wrote:
>>>>
>>>>> Ok. Following that, I've now got:
>>>>>
>>>>> Jul 27, 2013 12:41:56 AM
>>>>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>>>>> handleNoRegisteredBuilder
>>>>> WARNING: No assertion builder for type {
>>>>>
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered
>> .
>>>>>
>>>>> Maybe I'm missing a JAR? But I've included all the CXF modules into the
>>>>> classpath.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>>>>
>>>>>> That should be:
>>>>>>
>>>>>> <sp:SignedSupportingTokens>
>>>>>> <wsp:Policy>
>>>>>> <sp:UsernameToken>
>>>>>> <wsp:Policy>
>>>>>> <wsp:All>
>>>>>> <sp:NoPassword/>
>>>>>> <sp:WssUsernameToken10/>
>>>>>> </wsp:All>
>>>>>> </wsp:Policy>
>>>>>> </sp:UsernameToken>
>>>>>> </wsp:Policy>
>>>>>> </sp:SignedSupportingTokens>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>>>>>>
>>>>>>> Ok - try putting a <wsp:Policy> immediately inside the
>>>>>>> <sp:SignedSupportingTokens> tag and I think you might get further.
>>>>>>>
>>>>>>> So instead of:
>>>>>>>
>>>>>>>
>>>>>>> <sp:SignedSupportingTokens>
>>>>>>> <sp:UsernameToken>
>>>>>>> <wsp:Policy>
>>>>>>> <wsp:All>
>>>>>>> <sp:NoPassword/>
>>>>>>> <sp:WssUsernameToken10/>
>>>>>>> </wsp:All>
>>>>>>> </wsp:Policy>
>>>>>>> </sp:UsernameToken>
>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>
>>>>>>> Try:
>>>>>>>
>>>>>>> <sp:SignedSupportingTokens>
>>>>>>> <wsp:Policy>
>>>>>>>
>>>>>>> <sp:UsernameToken>
>>>>>>> <wsp:Policy>
>>>>>>> <wsp:All>
>>>>>>> <sp:NoPassword/>
>>>>>>> <sp:WssUsernameToken10/>
>>>>>>> </wsp:All>
>>>>>>> </wsp:Policy>
>>>>>>> </sp:UsernameToken>
>>>>>>> <wsp:Policy>
>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>
>>>>>>> Do this for both occurences.
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com>
>>>>> wrote:
>>>>>>>
>>>>>>>> I realised you had already got that far yourself, apologies for
>>>>> wasting
>>>>>>>> everyone's time. I misread the email thread. So you already
>> changed
>>>>> your
>>>>>>>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>>>>>>>>
>>>>>>>> However when I change my policy file to use SignedSupportingToken
>>>>> rather
>>>>>>>> than SupportingToken I also get:
>>>>>>>> {
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameTokenis
>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>
>>>>>>>> So I will have a play around with that now.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
>>>>> wrote:
>>>>>>>>
>>>>>>>>> Actually I just realised what the problem is. Your original
>>>>> namespace
>>>>>>>>> for sp was wrong. Just change it to
>>>>>>>>>
>>>>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>>>>>>>>>
>>>>>>>>> And it will all work. Sorry for the confusion, I am no expert, but
>>>>> did
>>>>>>>>> have the same problems so was worth the trial and error.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> In fact just replacing the SP namespace should do it. The
>>>>> xmlns:wsp="
>>>>>>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>>>>>>>>>> problem.
>>>>>>>>>>
>>>>>>>>>> So just change the sp to:
>>>>>>>>>>
>>>>>>>>>> xmlns:sp="
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>>>>> "
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Changing the namespaces to the following will allow it to work
>> with
>>>>>>>>>>> CXF:
>>>>>>>>>>>
>>>>>>>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>>>>>>>>>> xmlns:wsu="
>>>>>>>>>>>
>>>>>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:sp="
>>>>>>>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>>>>>>>>>>> jennifer@indivica.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks for your message. The WSDL file clearly contains a number
>>>>> of
>>>>>>>>>>>> errors and so I'm happy to change it. The owners of the service
>>>>> will have
>>>>>>>>>>>> to adjust it anyway. What should I change the namespaces to?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks again
>>>>>>>>>>>> Jen
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>>>>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
>>>>>
>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> This test case reproduces your issue I think. Changing the
>>>>>>>>>>>>> namespaces of
>>>>>>>>>>>>> the policy file will actually fix this, but probably not an
>>>>> option
>>>>>>>>>>>>> for you.
>>>>>>>>>>>>>
>>>>>>>>>>>>> public void testOldWspSpClient() throws Exception {
>>>>>>>>>>>>> ClassPathXmlApplicationContext clientContext =
>>>>>>>>>>>>> TestUtils.getContext(
>>>>>>>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>>>>>>>>>
>>>>>>>>>>>>> OldSpWspSimpleService simpleService =
>> clientContext.getBean(
>>>>>>>>>>>>> "OldSpWspSimpleServiceClient",
>>>>>>>>>>>>> OldSpWspSimpleService.class);
>>>>>>>>>>>>>
>>>>>>>>>>>>> WSS4JOutInterceptor wssOut =
>>>>> TestUtils.**getWssOutInterceptor(
>>>>>>>>>>>>> simpleService);
>>>>>>>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>>>>>>>>>>>>> "password");
>>>>>>>>>>>>>
>>>>>>>>>>>>> try {
>>>>>>>>>>>>> simpleService.ping();
>>>>>>>>>>>>> } catch (SOAPFaultException e) {
>>>>>>>>>>>>> assertTrue(e.getMessage().**
>>>>>>>>>>>>> contains("MustUnderstand"));
>>>>>>>>>>>>> }
>>>>>>>>>>>>> }
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <
>> jason@pellcorp.com
>>>>>>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I changed over my java first samples to use your namespaces,
>>>>> and I
>>>>>>>>>>>>>> also
>>>>>>>>>>>>>> got the Must understand error.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around
>> to
>>>>> see
>>>>>>>>>>>>>> what
>>>>>>>>>>>>>> the problem is.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>>>>>>>>>> jennifer@indivica.com>wrote:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> The project path did not export the appropriate jars to the
>>>>>>>>>>>>>>> WEB-INF/lib
>>>>>>>>>>>>>>> directory when being built, so I added them to the deployment
>>>>>>>>>>>>>>> assembly step
>>>>>>>>>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>>>>>>>>>>>>>>> headers are
>>>>>>>>>>>>>>> not understood" error message. But there's more. I'm also
>>>>> getting
>>>>>>>>>>>>>>> a strange
>>>>>>>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>>>> SignedSupportingTokensregister**ed<
>>>>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
>>>>>>
>>>>>>>>>>>>>>> .
>>>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>>>> RequiredPartsregistered<
>>>>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
>>>>>>
>>>>>>>>>>>>>>> .
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>>>>
>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>>>> SignedPartsregistered<
>>>>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
>>>>>>
>>>>>>>>>>>>>>> .
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> I thought that was weird because in all the examples I've
>> seen
>>>>> the
>>>>>>>>>>>>>>> sp
>>>>>>>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>>>>>>> 2005/07/securitypolicy<
>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>>>>>>>>>> So I
>>>>>>>>>>>>>>> made the change in the WSDL and I got the following message
>>>>> upon
>>>>>>>>>>>>>>> restarting
>>>>>>>>>>>>>>> the server:
>>>>>>>>>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>>>>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>>>>>>>>>> getElementPolicy
>>>>>>>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>>>>>>>>>> UsernameToken<
>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken
>>> is
>>>>>>>>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy
>>> ,
>>>>>>>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>>>>>>>>>>>>>>> pretty close,
>>>>>>>>>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>>>>>>>>>> suggestions?
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
>>>>> ashakirin@talend.com>
>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> "mustunderstand header is not understood" error is thrown by
>>>>> CXF
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> MustUnderstandInterceptor.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers
>> in
>>>>>>>>>>>>>>>> SOAP
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> message can be processed by at least one CXF interceptor in
>>>>> chain.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders()
>>>>> method
>>>>>>>>>>>>>>>> to say
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> which headers they are able to proceed.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Security headers can be processed either by
>>>>>>>>>>>>>>>> AbstractTokenInterceptor
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> (extended by UsernameTokenInterceptor,
>>>>> SamlTokenInterceptor.java,
>>>>>>>>>>>>>>> KerberosTokenInterceptor.java) or
>> AbstractWSS4JInterceptor.java
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> WSS4JInInterceptor.java).
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> In your case no any from these interceptors is in chain on
>> the
>>>>>>>>>>>>>>>> service
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> side.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> That could happens because:
>>>>>>>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>>>>>>>>>> activate
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> that interceptors
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> b) service uses no ws-policy way and not configured with
>>>>> security
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> interceptor
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Can you please check how your service is configured?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may
>>>>> be an
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> issue with
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> the WSDL file itself.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> My request matches the example provided by the author of
>> the
>>>>>>>>>>>>>>>>> WSDL file,
>>>>>>>>>>>>>>>>> but neither of them work. They both cause the same
>>>>>>>>>>>>>>>>> "mustunderstand
>>>>>>>>>>>>>>>>> header is not understood" error.
>>>>>>>>>>>>>>>>> Disabling the security policy allows the request to
>> complete
>>>>>>>>>>>>>>>>> properly.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
>>>>>>>>>>>>>>>>> file, and
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I know
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>>>>>>>>>> timestamp,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> for
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> example) in the header, CXF complains that not all of the
>>>>> required
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> parts have
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> been submitted. I guess this could be because of a signing
>>>>> issue,
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> although I'm
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> not sure.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> My reasons for building the service are because while there
>>>>> is a
>>>>>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>>>>>> definition for the service, there's no way to access the
>>>>> service
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> itself. I know
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> exactly how the service is supposed to react to various
>>>>> inputs so
>>>>>>>>>>>>>>>>> I'm
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> trying to
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> validation service
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> in Ontario, Canada, and the service is provided by the
>>>>> government.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Thanks.
>>>>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ---------------------
>>>>>>>>>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>>>>>>>>>> name="HCValidationService"
>>>>>>>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
>>>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
>>>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>>>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
>>>>> http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>>>>>>>>>> securitypolicy/200512<
>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>>>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
>>>>> http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>>>>>>> **"
>>>>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<
>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>>>> open.org/wss/2004/01/oasis-**
>>>>>>>>>>>>>>>>> 200401-wss-<
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
>>>>> http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <types>
>>>>>>>>>>>>>>>>> <xsd:schema>
>>>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
>>>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>>>>>>>>>> </xsd:schema>
>>>>>>>>>>>>>>>>> </types>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>>>>>>>
>>>>> <wsp:All>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>>>>>>>
>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="UserID"
>>>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>>>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>>>>>>>
>>>>> <wsp:All>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>>>>>>>
>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>> Name="Timestamp"
>>>>>>>>>>>>>>>>> Namespace="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-**
>>>>>>>>>>>>>>>>> 200401-wss-<
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>>>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="IDP"
>>>>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>>>>>>>>>> name="msarequest_header"/>
>>>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>>>>>>>>>> name="idprequest_header"/>
>>>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <message name="validate">
>>>>>>>>>>>>>>>>> <wsdl:part element="hcv:validate"
>>>>>>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <message name="validateResponse">
>>>>>>>>>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <message name="faultexception">
>>>>>>>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <portType name="HCValidation">
>>>>>>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>>>>>>>>>> <output
>>>>> message="hcv:validateResponse"**/>
>>>>>>>>>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>>>>>>>>>> name="FaultException"/>
>>>>>>>>>>>>>>>>> </operation>
>>>>>>>>>>>>>>>>> </portType>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>>>>>>>>>> <soap:binding style="document"
>>>>>>>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
>>>>> http://schemas.xmlsoap.org/soap/http>
>>>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>>>>>>>>>> <input>
>>>>>>>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
>>>>> use="literal"/>
>>>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
>>>>> use="literal"/>
>>>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
>>>>> use="literal"/>
>>>>>>>>>>>>>>>>> <wsdlsoap:body
>>>>> parts="parameters"
>>>>>>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>>>>>>> </input>
>>>>>>>>>>>>>>>>> <output>
>>>>>>>>>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>>>>>>>>>> </output>
>>>>>>>>>>>>>>>>> <fault name="FaultException">
>>>>>>>>>>>>>>>>> <soap:fault
>>>>> name="FaultException"
>>>>>>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>>>>>>> </fault>
>>>>>>>>>>>>>>>>> </operation>
>>>>>>>>>>>>>>>>> </binding>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <service name="HCValidationService">
>>>>>>>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>>>>>>>>>> name="HCValidationPort">
>>>>>>>>>>>>>>>>> <soap:address
>>>>>>>>>>>>>>>>> location="
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>>>>>>>>>>>>>>> HCValidationSe<
>>>>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> rvice"/>
>>>>>>>>>>>>>>>>> </port>
>>>>>>>>>>>>>>>>> </service>
>>>>>>>>>>>>>>>>> </definitions>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ---------------------
>>>>>>>>>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
>>>>> http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance
>> <
>>>>> http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>>>>>>>>>>>>>>>>> securitypolicy<
>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
>>>>> http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
>>>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>>>> **200401- <
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
>>>>> ontario.ca/security/2012-03<
>> http://ebs.health.ontario.ca/security/2012-03
>>>>>>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>>>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**
>>>>> xmlsoap.org/ws/2004/09/policy<
>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/
>> <
>>>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>>>>>>>>>> </ns2:EBS>
>>>>>>>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <ServiceUserMUID>4523394</**
>>>>>>>>>>>>>>>>> ServiceUserMUID>
>>>>>>>>>>>>>>>>> </ns2:IDP>
>>>>>>>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>>>>>>>>>> </wsse:Username>
>>>>>>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>>>>>>> EncodingType="http://docs.
>>>>> **oasis-<http://docs.oasis->
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>>>>>>> 1.0#X509v3<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>>>>>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>>>>>>>>>> wNTJaM
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>>>>>>>>>> TDj
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>>>>>>>>>>
>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>>>>>>>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>>>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>>>>>>>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>>>>> http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>>>>>>>
>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-
>>>>>>>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-1">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>>>> wsp
>>>>>>>>>>>>>>>>> wsse
>>>>>>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>>>>>>>>>> hAp3ByFuG9c
>>>>>>>>>>>>>>>>> Hs=
>>>>>>>>>>>>>>>>>
>>>>> </ds:DigestValue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-2">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>>>> wsp
>>>>>>>>>>>>>>>>> wsse
>>>>>>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>>>>>>>>>>>>>>>>> PE
>>>>>>>>>>>>>>>>> Oz3E=
>>>>>>>>>>>>>>>>>
>>>>> </ds:DigestValue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-3">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>>>> wsp
>>>>>>>>>>>>>>>>> wsse xs
>>>>>>>>>>>>>>>>> xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>>>>>>>>>> GGE=
>>>>>>>>>>>>>>>>>
>>>>> </ds:DigestValue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-4">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>>>> wsp
>>>>>>>>>>>>>>>>> wsu xs
>>>>>>>>>>>>>>>>> xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>>>>>>>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>>>>>>>>>> Gjo=
>>>>>>>>>>>>>>>>>
>>>>> </ds:DigestValue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-5">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
>>>>> wsu
>>>>>>>>>>>>>>>>> xs xsi"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>>>>>>>>>> 9Y=
>>>>>>>>>>>>>>>>>
>>>>> </ds:DigestValue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>>>>>>>>>>>>>>>>> 0oUXV5B4nzU4fg
>>>>>>>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>>>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>>>> **200401- <
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>>>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
>>>>> ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <requests>
>>>>>>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>>>>>>> </requests>
>>>>>>>>>>>>>>>>> <locale>en</locale>
>>>>>>>>>>>>>>>>> </ns5:validate>
>>>>>>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> -------------------
>>>>>>>>>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**
>> ontario.ca/
>>>>> <http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>>>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>>>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>>>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/
>> <
>>>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>>>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>>>>>>> EncodingType="http://docs.
>>>>> **oasis-<http://docs.oasis->
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>>>>>>> 1.0#X509v3<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>>>>>
>>>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>>>>>>>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>>>>>>>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>>>>> http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>>>>>>>
>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-7">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa
>> soapenv"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>>>>>>>>>> DigestVal
>>>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-8">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa
>> soapenv"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>>>>>>>>>> DigestVal
>>>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#TS-29">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp
>> msa
>>>>>>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>>>>>>>>>> ds:DigestVal
>>>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>>>>>>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>>>>>>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>>>>>>>>>> ds:DigestValu
>>>>>>>>>>>>>>>>> e>
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> <ds:Reference
>>>>> URI="#id-12">
>>>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>>>>
>> </ds:Transforms>
>>>>>>>>>>>>>>>>>
>> <ds:DigestMethod
>>>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>>>>>>>>>> ds:DigestValue
>>>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>>>>>>>>>> UZ51zrXi3
>>>>>>>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>>>>>>>>>>>>>>>>> 336idp
>>>>>>>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>>>>>>> wsu:Id="STR-
>>>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>>>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>>>> **200401- <
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>>>>>>> <wsse:UsernameToken
>>>>> wsu:Id="UsernameToken-
>>>>>>>>>>>>>>>>> 28">
>>>>>>>>>>>>>>>>> <wsse:Username>abc</wsse:**
>>>>>>>>>>>>>>>>> Username>
>>>>>>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>>>>>>> Type="
>>>>> http://docs.oasis-
>>>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>>>>>>>>>>>>>>>>> profile-<
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>>>>>>>>>> </idp:IDP>
>>>>>>>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>>>
>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>>>> 1.0.xsd<
>>>>>
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>>>>>>>>>> </ebs:EBS>
>>>>>>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-<
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>>>>>>>>>> <hcv:validate>
>>>>>>>>>>>>>>>>> <requests>
>>>>>>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>>>>>>> </requests>
>>>>>>>>>>>>>>>>> </hcv:validate>
>>>>>>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> -----------------------
>>>>>>>>>>>>>>>>> Response (In either case):
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> <soap:Envelope
>>>>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
>>>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>>> <soap:Body>
>>>>>>>>>>>>>>>>> <soap:Fault>
>>>>>>>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>>>>>>>>>>>>>>>>> http://docs.oasis-
>>>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-
>> <
>>>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>>>>>>>>>> </soap:Fault>
>>>>>>>>>>>>>>>>> </soap:Body>
>>>>>>>>>>>>>>>>> </soap:Envelope>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>>>>>>>>>>>>>>>>> ashakirin@talend.com>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy
>> as
>>>>>>>>>>>>>>>>>> client,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> therefore appropriate interceptors are not activated on the
>>>>>>>>>>>>>>>>> service
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> side.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Could you double check that?
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>>>>>>>>>> analyse.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and
>>>>> deploying a
>>>>>>>>>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it)
>>>>> with
>>>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>>>> intention of implementing the service that it describes.
>>>>> The
>>>>>>>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>>>>>>>>>> UsernameToken,
>>>>>>>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every
>>>>> time I
>>>>>>>>>>>>>>>>>>> run a
>>>>>>>>>>>>>>>>>>> sample request that includes all of those components in
>> the
>>>>>>>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>>>>>>>>>> understood"
>>>>>>>>>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>>>>>>>>>> dependencies
>>>>>>>>>>>>>>>>>>> must be included in the classpath to have
>> WS-SecurityPolicy
>>>>>>>>>>>>>>>>>>> work, but
>>>>>>>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
>>>>> entire
>>>>>>>>>>>>>>>>>>> CXF ZIP
>>>>>>>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>>>>>>>>>>>>>>>>>>> Runtime. Is
>>>>>>>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way
>>>>> for
>>>>>>>>>>>>>>>>>>> me to
>>>>>>>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated
>> tools?
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>
>>
>>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
I am attempting to load your policy into my test case and I will get back
to you.
On Sat, Jul 27, 2013 at 3:05 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> Unfortunately, I've got no idea how things are going with the other users.
> There's no way for me to get in touch with them and I have no idea who any
> of them are. I've sent a message to the service provider asking them to
> clarify the WSDL namespaces. Presumably if they got it to work it should be
> possible to build something that conforms to it...
>
>
> On 2013-07-27, at 12:56 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > I don't think RequiredParts is available in the older SP namespace. I
> > checked the xsd and cannot find it.
> >
> >
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
> >
> > Not sure how other clients of that service are fairing?
> >
> >
> > On Sat, Jul 27, 2013 at 2:48 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >
> >> I think that RequiredParts is not supported by the SP namespace you are
> >> using, at least in CXF. Try changing sp namespace to
> >>
> >> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> >>
> >> And see if you get further. I checked the RequiredParts builder and it
> >> does seem to assume this namespace.
> >>
> >>
> >> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <jennifer@indivica.com
> >wrote:
> >>
> >>> Ok. Following that, I've now got:
> >>>
> >>> Jul 27, 2013 12:41:56 AM
> >>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> >>> handleNoRegisteredBuilder
> >>> WARNING: No assertion builder for type {
> >>>
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered
> .
> >>>
> >>> Maybe I'm missing a JAR? But I've included all the CXF modules into the
> >>> classpath.
> >>>
> >>>
> >>>
> >>>
> >>> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
> >>>
> >>>> That should be:
> >>>>
> >>>> <sp:SignedSupportingTokens>
> >>>> <wsp:Policy>
> >>>> <sp:UsernameToken>
> >>>> <wsp:Policy>
> >>>> <wsp:All>
> >>>> <sp:NoPassword/>
> >>>> <sp:WssUsernameToken10/>
> >>>> </wsp:All>
> >>>> </wsp:Policy>
> >>>> </sp:UsernameToken>
> >>>> </wsp:Policy>
> >>>> </sp:SignedSupportingTokens>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com>
> wrote:
> >>>>
> >>>>> Ok - try putting a <wsp:Policy> immediately inside the
> >>>>> <sp:SignedSupportingTokens> tag and I think you might get further.
> >>>>>
> >>>>> So instead of:
> >>>>>
> >>>>>
> >>>>> <sp:SignedSupportingTokens>
> >>>>> <sp:UsernameToken>
> >>>>> <wsp:Policy>
> >>>>> <wsp:All>
> >>>>> <sp:NoPassword/>
> >>>>> <sp:WssUsernameToken10/>
> >>>>> </wsp:All>
> >>>>> </wsp:Policy>
> >>>>> </sp:UsernameToken>
> >>>>> </sp:SignedSupportingTokens>
> >>>>>
> >>>>> Try:
> >>>>>
> >>>>> <sp:SignedSupportingTokens>
> >>>>> <wsp:Policy>
> >>>>>
> >>>>> <sp:UsernameToken>
> >>>>> <wsp:Policy>
> >>>>> <wsp:All>
> >>>>> <sp:NoPassword/>
> >>>>> <sp:WssUsernameToken10/>
> >>>>> </wsp:All>
> >>>>> </wsp:Policy>
> >>>>> </sp:UsernameToken>
> >>>>> <wsp:Policy>
> >>>>> </sp:SignedSupportingTokens>
> >>>>>
> >>>>> Do this for both occurences.
> >>>>>
> >>>>>
> >>>>> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com>
> >>> wrote:
> >>>>>
> >>>>>> I realised you had already got that far yourself, apologies for
> >>> wasting
> >>>>>> everyone's time. I misread the email thread. So you already
> changed
> >>> your
> >>>>>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
> >>>>>>
> >>>>>> However when I change my policy file to use SignedSupportingToken
> >>> rather
> >>>>>> than SupportingToken I also get:
> >>>>>> {
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameTokenis
> >>>>>> not a <wsp:Policy> element.
> >>>>>>
> >>>>>> So I will have a play around with that now.
> >>>>>>
> >>>>>>
> >>>>>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
> >>> wrote:
> >>>>>>
> >>>>>>> Actually I just realised what the problem is. Your original
> >>> namespace
> >>>>>>> for sp was wrong. Just change it to
> >>>>>>>
> >>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
> >>>>>>>
> >>>>>>> And it will all work. Sorry for the confusion, I am no expert, but
> >>> did
> >>>>>>> have the same problems so was worth the trial and error.
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
> >>> wrote:
> >>>>>>>
> >>>>>>>> In fact just replacing the SP namespace should do it. The
> >>> xmlns:wsp="
> >>>>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
> >>>>>>>> problem.
> >>>>>>>>
> >>>>>>>> So just change the sp to:
> >>>>>>>>
> >>>>>>>> xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
> >>> "
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
> >>> wrote:
> >>>>>>>>
> >>>>>>>>> Changing the namespaces to the following will allow it to work
> with
> >>>>>>>>> CXF:
> >>>>>>>>>
> >>>>>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
> >>>>>>>>> xmlns:wsu="
> >>>>>>>>>
> >>>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >>>>>>>>> "
> >>>>>>>>> xmlns:sp="
> >>>>>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
> >>>>>>>>> jennifer@indivica.com> wrote:
> >>>>>>>>>
> >>>>>>>>>> Hi,
> >>>>>>>>>>
> >>>>>>>>>> Thanks for your message. The WSDL file clearly contains a number
> >>> of
> >>>>>>>>>> errors and so I'm happy to change it. The owners of the service
> >>> will have
> >>>>>>>>>> to adjust it anyway. What should I change the namespaces to?
> >>>>>>>>>>
> >>>>>>>>>> Thanks again
> >>>>>>>>>> Jen
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
> >>>>>>>>>>
> >>>>>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
> >>>>>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
> >>>
> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
> >>>>
> >>>>>>>>>>>
> >>>>>>>>>>> This test case reproduces your issue I think. Changing the
> >>>>>>>>>>> namespaces of
> >>>>>>>>>>> the policy file will actually fix this, but probably not an
> >>> option
> >>>>>>>>>>> for you.
> >>>>>>>>>>>
> >>>>>>>>>>> public void testOldWspSpClient() throws Exception {
> >>>>>>>>>>> ClassPathXmlApplicationContext clientContext =
> >>>>>>>>>>> TestUtils.getContext(
> >>>>>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
> >>>>>>>>>>>
> >>>>>>>>>>> OldSpWspSimpleService simpleService =
> clientContext.getBean(
> >>>>>>>>>>> "OldSpWspSimpleServiceClient",
> >>>>>>>>>>> OldSpWspSimpleService.class);
> >>>>>>>>>>>
> >>>>>>>>>>> WSS4JOutInterceptor wssOut =
> >>> TestUtils.**getWssOutInterceptor(
> >>>>>>>>>>> simpleService);
> >>>>>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
> >>>>>>>>>>> "password");
> >>>>>>>>>>>
> >>>>>>>>>>> try {
> >>>>>>>>>>> simpleService.ping();
> >>>>>>>>>>> } catch (SOAPFaultException e) {
> >>>>>>>>>>> assertTrue(e.getMessage().**
> >>>>>>>>>>> contains("MustUnderstand"));
> >>>>>>>>>>> }
> >>>>>>>>>>> }
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <
> jason@pellcorp.com
> >>>>
> >>>>>>>>>>> wrote:
> >>>>>>>>>>>
> >>>>>>>>>>> Hi,
> >>>>>>>>>>>>
> >>>>>>>>>>>> I changed over my java first samples to use your namespaces,
> >>> and I
> >>>>>>>>>>>> also
> >>>>>>>>>>>> got the Must understand error.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around
> to
> >>> see
> >>>>>>>>>>>> what
> >>>>>>>>>>>> the problem is.
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
> >>>>>>>>>>>> jennifer@indivica.com>wrote:
> >>>>>>>>>>>>
> >>>>>>>>>>>> Hi,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Thanks for your help.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> The project path did not export the appropriate jars to the
> >>>>>>>>>>>>> WEB-INF/lib
> >>>>>>>>>>>>> directory when being built, so I added them to the deployment
> >>>>>>>>>>>>> assembly step
> >>>>>>>>>>>>> in eclipse. I added all the dependencies as well.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
> >>>>>>>>>>>>> headers are
> >>>>>>>>>>>>> not understood" error message. But there's more. I'm also
> >>> getting
> >>>>>>>>>>>>> a strange
> >>>>>>>>>>>>> message when Tomcat is deploying the application, from CXF:
> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>>>>>
> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>>>>> SignedSupportingTokensregister**ed<
> >>>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
> >>>>
> >>>>>>>>>>>>> .
> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>>>>>
> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>>>>> RequiredPartsregistered<
> >>>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
> >>>>
> >>>>>>>>>>>>> .
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>>>>>
> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>>>>> SignedPartsregistered<
> >>>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
> >>>>
> >>>>>>>>>>>>> .
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> I thought that was weird because in all the examples I've
> seen
> >>> the
> >>>>>>>>>>>>> sp
> >>>>>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>>>>> 2005/07/securitypolicy<
> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
> >>>>>>>>>>>>> So I
> >>>>>>>>>>>>> made the change in the WSDL and I got the following message
> >>> upon
> >>>>>>>>>>>>> restarting
> >>>>>>>>>>>>> the server:
> >>>>>>>>>>>>> Jul 26, 2013 1:25:16 PM
> >>>>>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
> >>>>>>>>>>>>> Wsdl11AttachmentPolicyProvider
> >>>>>>>>>>>>> getElementPolicy
> >>>>>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
> >>>>>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
> >>>>>>>>>>>>> UsernameToken<
> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken
> >is
> >>>>>>>>>>>>> not a <wsp:Policy> element.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy
> >,
> >>>>>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
> >>>>>>>>>>>>> pretty close,
> >>>>>>>>>>>>> I'm lost at this point. Do you happen to have any further
> >>>>>>>>>>>>> suggestions?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Thanks
> >>>>>>>>>>>>> Jen
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
> >>> ashakirin@talend.com>
> >>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Hi,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> "mustunderstand header is not understood" error is thrown by
> >>> CXF
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> MustUnderstandInterceptor.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers
> in
> >>>>>>>>>>>>>> SOAP
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> message can be processed by at least one CXF interceptor in
> >>> chain.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders()
> >>> method
> >>>>>>>>>>>>>> to say
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> which headers they are able to proceed.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Security headers can be processed either by
> >>>>>>>>>>>>>> AbstractTokenInterceptor
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> (extended by UsernameTokenInterceptor,
> >>> SamlTokenInterceptor.java,
> >>>>>>>>>>>>> KerberosTokenInterceptor.java) or
> AbstractWSS4JInterceptor.java
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> WSS4JInInterceptor.java).
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> In your case no any from these interceptors is in chain on
> the
> >>>>>>>>>>>>>> service
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> side.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> That could happens because:
> >>>>>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
> >>>>>>>>>>>>>> activate
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> that interceptors
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> b) service uses no ws-policy way and not configured with
> >>> security
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> interceptor
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> c) appropriate CXF jars are not available:
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Can you please check how your service is configured?
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Regards,
> >>>>>>>>>>>>>> Andrei.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
> >>>>>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Hi,
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may
> >>> be an
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> issue with
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> the WSDL file itself.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> My request matches the example provided by the author of
> the
> >>>>>>>>>>>>>>> WSDL file,
> >>>>>>>>>>>>>>> but neither of them work. They both cause the same
> >>>>>>>>>>>>>>> "mustunderstand
> >>>>>>>>>>>>>>> header is not understood" error.
> >>>>>>>>>>>>>>> Disabling the security policy allows the request to
> complete
> >>>>>>>>>>>>>>> properly.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
> >>>>>>>>>>>>>>> file, and
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I know
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> that part is working because if I miss a required part (the
> >>>>>>>>>>>>>>> timestamp,
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> for
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> example) in the header, CXF complains that not all of the
> >>> required
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> parts have
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> been submitted. I guess this could be because of a signing
> >>> issue,
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> although I'm
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> not sure.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> My reasons for building the service are because while there
> >>> is a
> >>>>>>>>>>>>>>> WSDL
> >>>>>>>>>>>>>>> definition for the service, there's no way to access the
> >>> service
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> itself. I know
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> exactly how the service is supposed to react to various
> >>> inputs so
> >>>>>>>>>>>>>>> I'm
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> trying to
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> build the same web service. It's for a health insurance card
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> validation service
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> in Ontario, Canada, and the service is provided by the
> >>> government.
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Thanks.
> >>>>>>>>>>>>>>> Jen
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ---------------------
> >>>>>>>>>>>>>>> HCValidationService.wsdl
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
> >>>>>>>>>>>>>>> name="HCValidationService"
> >>>>>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
> >>> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
> >>> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
> >>> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
> >>> http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
> >>>>>>>>>>>>>>> securitypolicy/200512<
> >>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
> >>> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
> >>> http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>>>>> **"
> >>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<
> >>> http://schemas.xmlsoap.org/ws/2004/09/policy>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
> >>> open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>>>>> 200401-wss-<
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
> >>> http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <types>
> >>>>>>>>>>>>>>> <xsd:schema>
> >>>>>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
> >>>>>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
> >>> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
> >>>>>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
> >>>>>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
> >>>>>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
> >>>>>>>>>>>>>>> </xsd:schema>
> >>>>>>>>>>>>>>> </types>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>>>>>
> >>> <wsp:All>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <sp:NoPassword/>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>>>>>
> >>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="UserID"
> >>>>>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>>>>>
> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>>>>>
> >>> <wsp:All>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>>>>>
> >>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>>>>> <sp:Header Name="EBS"
> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Header Name="IDP"
> >>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Header
> >>> Name="Timestamp"
> >>>>>>>>>>>>>>> Namespace="http://docs.oasis-**
> open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>>>>> 200401-wss-<
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>>>>>
> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="IDP"
> >>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsdl:message name="EBSHeader">
> >>>>>>>>>>>>>>> <wsdl:part element="ebs:EBS"
> >>>>>>>>>>>>>>> name="ebsrequest_header"/>
> >>>>>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>>>>> <wsdl:message name="MSAHeader">
> >>>>>>>>>>>>>>> <wsdl:part element="msa:MSA"
> >>>>>>>>>>>>>>> name="msarequest_header"/>
> >>>>>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>>>>> <wsdl:message name="IDPHeader">
> >>>>>>>>>>>>>>> <wsdl:part element="idp:IDP"
> >>>>>>>>>>>>>>> name="idprequest_header"/>
> >>>>>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <message name="validate">
> >>>>>>>>>>>>>>> <wsdl:part element="hcv:validate"
> >>>>>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>>>>> </message>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <message name="validateResponse">
> >>>>>>>>>>>>>>> <part element="hcv:validateResponse"
> >>>>>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>>>>> </message>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <message name="faultexception">
> >>>>>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
> >>>>>>>>>>>>>>> </message>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <portType name="HCValidation">
> >>>>>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>>>>> <input message="hcv:validate"/>
> >>>>>>>>>>>>>>> <output
> >>> message="hcv:validateResponse"**/>
> >>>>>>>>>>>>>>> <fault message="hcv:faultexception"
> >>>>>>>>>>>>>>> name="FaultException"/>
> >>>>>>>>>>>>>>> </operation>
> >>>>>>>>>>>>>>> </portType>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <binding name="HCValidationPortBinding"
> >>>>>>>>>>>>>>> type="hcv:HCValidation">
> >>>>>>>>>>>>>>> <soap:binding style="document"
> >>>>>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
> >>> http://schemas.xmlsoap.org/soap/http>
> >>>>>>>>>>>>>>> "/>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>>>>> <soap:operation soapAction=""/>
> >>>>>>>>>>>>>>> <input>
> >>>>>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
> >>>>>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
> >>> use="literal"/>
> >>>>>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
> >>> use="literal"/>
> >>>>>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
> >>> use="literal"/>
> >>>>>>>>>>>>>>> <wsdlsoap:body
> >>> parts="parameters"
> >>>>>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>>>>> </input>
> >>>>>>>>>>>>>>> <output>
> >>>>>>>>>>>>>>> <soap:body use="literal"/>
> >>>>>>>>>>>>>>> </output>
> >>>>>>>>>>>>>>> <fault name="FaultException">
> >>>>>>>>>>>>>>> <soap:fault
> >>> name="FaultException"
> >>>>>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>>>>> </fault>
> >>>>>>>>>>>>>>> </operation>
> >>>>>>>>>>>>>>> </binding>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <service name="HCValidationService">
> >>>>>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
> >>>>>>>>>>>>>>> name="HCValidationPort">
> >>>>>>>>>>>>>>> <soap:address
> >>>>>>>>>>>>>>> location="
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
> >>>>>>>>>>>>> HCValidationSe<
> >>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> rvice"/>
> >>>>>>>>>>>>>>> </port>
> >>>>>>>>>>>>>>> </service>
> >>>>>>>>>>>>>>> </definitions>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ---------------------
> >>>>>>>>>>>>>>> Sample Request (provided by author of WSDL)
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
> >>>>>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
> >>> http://schemas.xmlsoap.org/security/2000-12>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
> >>>>>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance
> <
> >>> http://www.w3.org/2001/XMLSchema-instance>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
> >>>>>>>>>>>>>>> securitypolicy<
> >>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
> >>>>>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
> >>>>>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
> >>> http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
> >>> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
> >>> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>>>>> **200401- <
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
> >>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
> >>> ontario.ca/security/2012-03<
> http://ebs.health.ontario.ca/security/2012-03
> >>>>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
> >>> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**
> >>> xmlsoap.org/ws/2004/09/policy<
> >>> http://schemas.xmlsoap.org/ws/2004/09/policy>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/
> <
> >>> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
> >>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <SoftwareConformanceKey>**
> >>>>>>>>>>>>>>> 444561ee-277f-77b2-
> >>>>>>>>>>>>>>> c664-7a9923jfgh1b
> >>>>>>>>>>>>>>> </SoftwareConformanceKey>
> >>>>>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
> >>>>>>>>>>>>>>> 21b707ca8a53</AuditId>
> >>>>>>>>>>>>>>> </ns2:EBS>
> >>>>>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
> >>>>>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <ServiceUserMUID>4523394</**
> >>>>>>>>>>>>>>> ServiceUserMUID>
> >>>>>>>>>>>>>>> </ns2:IDP>
> >>>>>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
> >>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
> >>>>>>>>>>>>>>> <wsu:Created>2012-06-
> >>>>>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
> >>>>>>>>>>>>>>> <wsu:Expires>2012-06-
> >>>>>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
> >>>>>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
> >>>>>>>>>>>>>>> </wsse:Username>
> >>>>>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
> >>>>>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>>>>> EncodingType="http://docs.
> >>> **oasis-<http://docs.oasis->
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>>>>> 1.0#X509v3<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> >>>>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
> >>>>>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
> >>>>>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
> >>>>>>>>>>>>>>> wNTJaM
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
> >>>>>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
> >>>>>>>>>>>>>>> TDj
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
> >>>>>>>>>>>>>>>
> >>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
> >>>>>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
> >>>>>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
> >>>>>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
> >>>>>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
> >>>>>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
> >>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>>>>> <ds:Signature Id="SIG-6"
> >>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
> >>> http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>>>>>
> >>> <ds:CanonicalizationMethod
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-
> >>>>>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
> >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-1">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
> >>> wsp
> >>>>>>>>>>>>>>> wsse
> >>>>>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
> >>>>>>>>>>>>>>> hAp3ByFuG9c
> >>>>>>>>>>>>>>> Hs=
> >>>>>>>>>>>>>>>
> >>> </ds:DigestValue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-2">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
> >>> wsp
> >>>>>>>>>>>>>>> wsse
> >>>>>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
> >>>>>>>>>>>>>>> PE
> >>>>>>>>>>>>>>> Oz3E=
> >>>>>>>>>>>>>>>
> >>> </ds:DigestValue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-3">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
> >>> wsp
> >>>>>>>>>>>>>>> wsse xs
> >>>>>>>>>>>>>>> xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
> >>>>>>>>>>>>>>> GGE=
> >>>>>>>>>>>>>>>
> >>> </ds:DigestValue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-4">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
> >>> wsp
> >>>>>>>>>>>>>>> wsu xs
> >>>>>>>>>>>>>>> xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
> >>>>>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
> >>>>>>>>>>>>>>> Gjo=
> >>>>>>>>>>>>>>>
> >>> </ds:DigestValue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-5">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
> >>> wsu
> >>>>>>>>>>>>>>> xs xsi"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> >>> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
> >>>>>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
> >>>>>>>>>>>>>>> 9Y=
> >>>>>>>>>>>>>>>
> >>> </ds:DigestValue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>>>>> <ds:SignatureValue>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
> >>>>>>>>>>>>>>> 0oUXV5B4nzU4fg
> >>>>>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
> >>>>>>>>>>>>>>> LaD+S/j3QKc=
> >>>>>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
> >>>>>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
> >>> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>>>>> **200401- <
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
> >>>>>>>>>>>>>>> <ns5:validate xmlns:ns4="
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>> "
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
> >>>>>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
> >>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
> >>> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
> >>> ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <requests>
> >>>>>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <versionCode>WW</versionCode>
> >>>>>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>>>>> </requests>
> >>>>>>>>>>>>>>> <locale>en</locale>
> >>>>>>>>>>>>>>> </ns5:validate>
> >>>>>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> -------------------
> >>>>>>>>>>>>>>> Sample Request (Built via SoapUI)
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**
> ontario.ca/
> >>> <http://ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
> >>> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
> >>> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
> >>> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/
> <
> >>> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
> >>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
> >>>>>>>>>>>>>>>
> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>>>>> EncodingType="http://docs.
> >>> **oasis-<http://docs.oasis->
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>>>>> 1.0#X509v3<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> >>>>
> >>>>>>>>>>>>>>> "
> >>>>>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
> >>>>>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
> >>>>>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
> >>>>>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
> >>>>>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
> >>>>>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
> >>>>>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
> >>>>>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
> >>>>>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
> >>>>>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
> >>>>>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
> >>>>>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
> >>>>>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
> >>>>>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
> >>>>>>>>>>>>>>> OM0XL3xwzblWi++B
> >>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>>>>> <ds:Signature Id="SIG-30"
> >>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
> >>> http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>>>>>
> >>> <ds:CanonicalizationMethod
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
> >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-7">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa
> soapenv"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
> >>>>>>>>>>>>>>> DigestVal
> >>>>>>>>>>>>>>> ue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-8">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa
> soapenv"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
> >>>>>>>>>>>>>>> DigestVal
> >>>>>>>>>>>>>>> ue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#TS-29">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp
> msa
> >>>>>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
> >>>>>>>>>>>>>>> ds:DigestVal
> >>>>>>>>>>>>>>> ue>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>>>>>>>>>>>>>> URI="#UsernameToken-28">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
> >>>>>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
> >>>>>>>>>>>>>>> ds:DigestValu
> >>>>>>>>>>>>>>> e>
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> <ds:Reference
> >>> URI="#id-12">
> >>>>>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> >>> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>>>>>
> </ds:Transforms>
> >>>>>>>>>>>>>>>
> <ds:DigestMethod
> >>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> >>> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>>>>> />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
> >>>>>>>>>>>>>>> ds:DigestValue
> >>>>>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
> >>>>>>>>>>>>>>> UZ51zrXi3
> >>>>>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
> >>>>>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
> >>>>>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
> >>>>>>>>>>>>>>> 336idp
> >>>>>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
> >>>>>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>>>>> wsu:Id="STR-
> >>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
> >>>>>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
> >>> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>>>>> **200401- <
> >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
> >>>>>>>>>>>>>>> <wsu:Created>2013-07-
> >>>>>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
> >>>>>>>>>>>>>>> <wsu:Expires>2013-07-
> >>>>>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
> >>>>>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>>>>> <wsse:UsernameToken
> >>> wsu:Id="UsernameToken-
> >>>>>>>>>>>>>>> 28">
> >>>>>>>>>>>>>>> <wsse:Username>abc</wsse:**
> >>>>>>>>>>>>>>> Username>
> >>>>>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>>>>> Type="
> >>> http://docs.oasis-
> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
> >>>>>>>>>>>>>>> profile-<
> >>> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
> >>>>>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
> >>>>>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>> <ServiceUserMUID>12345</**ServiceUserMUID>
> >>>>>>>>>>>>>>> </idp:IDP>
> >>>>>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>>>>>
> >>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>>>>> 1.0.xsd<
> >>>
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
> >>>>>>>>>>>>>>> <AuditId>12345</AuditId>
> >>>>>>>>>>>>>>> </ebs:EBS>
> >>>>>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
> >>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-<
> >>> http://docs.oasis-open.org/wss/2004/01/oasis->
> >>>>>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
> >>>>>>>>>>>>>>> <hcv:validate>
> >>>>>>>>>>>>>>> <requests>
> >>>>>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <versionCode>AB</versionCode>
> >>>>>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>>>>> </requests>
> >>>>>>>>>>>>>>> </hcv:validate>
> >>>>>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> -----------------------
> >>>>>>>>>>>>>>> Response (In either case):
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> <soap:Envelope
> >>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
> >>> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>>>>> ">
> >>>>>>>>>>>>>>> <soap:Body>
> >>>>>>>>>>>>>>> <soap:Fault>
> >>>>>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
> >>>>>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
> >>>>>>>>>>>>>>> http://docs.oasis-
> >>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-
> <
> >>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
> >>>>>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
> >>>>>>>>>>>>>>> </soap:Fault>
> >>>>>>>>>>>>>>> </soap:Body>
> >>>>>>>>>>>>>>> </soap:Envelope>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
> >>>>>>>>>>>>>>> ashakirin@talend.com>
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> wrote:
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Hi,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy
> as
> >>>>>>>>>>>>>>>> client,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> therefore appropriate interceptors are not activated on the
> >>>>>>>>>>>>>>> service
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>> side.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Could you double check that?
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Exact request and response will be also useful for further
> >>>>>>>>>>>>>>>> analyse.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Regards,
> >>>>>>>>>>>>>>>> Andrei.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
> >>>>>>>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and
> >>> deploying a
> >>>>>>>>>>>>>>>>> WSDL-first service via Eclipse.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it)
> >>> with
> >>>>>>>>>>>>>>>>> the
> >>>>>>>>>>>>>>>>> intention of implementing the service that it describes.
> >>> The
> >>>>>>>>>>>>>>>>> WSDL
> >>>>>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
> >>>>>>>>>>>>>>>>> UsernameToken,
> >>>>>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every
> >>> time I
> >>>>>>>>>>>>>>>>> run a
> >>>>>>>>>>>>>>>>> sample request that includes all of those components in
> the
> >>>>>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
> >>>>>>>>>>>>>>>>> understood"
> >>>>>>>>>>>>>>>>> message, regarding the WS-Security header.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> I've read on the documentation of CXF that additional
> >>>>>>>>>>>>>>>>> dependencies
> >>>>>>>>>>>>>>>>> must be included in the classpath to have
> WS-SecurityPolicy
> >>>>>>>>>>>>>>>>> work, but
> >>>>>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
> >>> entire
> >>>>>>>>>>>>>>>>> CXF ZIP
> >>>>>>>>>>>>>>>>> file as downloaded from the project website as the CXF
> >>>>>>>>>>>>>>>>> Runtime. Is
> >>>>>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way
> >>> for
> >>>>>>>>>>>>>>>>> me to
> >>>>>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated
> tools?
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Thanks for any help.
> >>>>>>>>>>>>>>>>> Jen
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>
> >>>
> >>>
> >>
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Unfortunately, I've got no idea how things are going with the other users. There's no way for me to get in touch with them and I have no idea who any of them are. I've sent a message to the service provider asking them to clarify the WSDL namespaces. Presumably if they got it to work it should be possible to build something that conforms to it...
On 2013-07-27, at 12:56 AM, Jason Pell <ja...@pellcorp.com> wrote:
> I don't think RequiredParts is available in the older SP namespace. I
> checked the xsd and cannot find it.
>
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
>
> Not sure how other clients of that service are fairing?
>
>
> On Sat, Jul 27, 2013 at 2:48 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> I think that RequiredParts is not supported by the SP namespace you are
>> using, at least in CXF. Try changing sp namespace to
>>
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>>
>> And see if you get further. I checked the RequiredParts builder and it
>> does seem to assume this namespace.
>>
>>
>> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>>
>>> Ok. Following that, I've now got:
>>>
>>> Jul 27, 2013 12:41:56 AM
>>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>>> handleNoRegisteredBuilder
>>> WARNING: No assertion builder for type {
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered.
>>>
>>> Maybe I'm missing a JAR? But I've included all the CXF modules into the
>>> classpath.
>>>
>>>
>>>
>>>
>>> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> That should be:
>>>>
>>>> <sp:SignedSupportingTokens>
>>>> <wsp:Policy>
>>>> <sp:UsernameToken>
>>>> <wsp:Policy>
>>>> <wsp:All>
>>>> <sp:NoPassword/>
>>>> <sp:WssUsernameToken10/>
>>>> </wsp:All>
>>>> </wsp:Policy>
>>>> </sp:UsernameToken>
>>>> </wsp:Policy>
>>>> </sp:SignedSupportingTokens>
>>>>
>>>>
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>>
>>>>> Ok - try putting a <wsp:Policy> immediately inside the
>>>>> <sp:SignedSupportingTokens> tag and I think you might get further.
>>>>>
>>>>> So instead of:
>>>>>
>>>>>
>>>>> <sp:SignedSupportingTokens>
>>>>> <sp:UsernameToken>
>>>>> <wsp:Policy>
>>>>> <wsp:All>
>>>>> <sp:NoPassword/>
>>>>> <sp:WssUsernameToken10/>
>>>>> </wsp:All>
>>>>> </wsp:Policy>
>>>>> </sp:UsernameToken>
>>>>> </sp:SignedSupportingTokens>
>>>>>
>>>>> Try:
>>>>>
>>>>> <sp:SignedSupportingTokens>
>>>>> <wsp:Policy>
>>>>>
>>>>> <sp:UsernameToken>
>>>>> <wsp:Policy>
>>>>> <wsp:All>
>>>>> <sp:NoPassword/>
>>>>> <sp:WssUsernameToken10/>
>>>>> </wsp:All>
>>>>> </wsp:Policy>
>>>>> </sp:UsernameToken>
>>>>> <wsp:Policy>
>>>>> </sp:SignedSupportingTokens>
>>>>>
>>>>> Do this for both occurences.
>>>>>
>>>>>
>>>>> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com>
>>> wrote:
>>>>>
>>>>>> I realised you had already got that far yourself, apologies for
>>> wasting
>>>>>> everyone's time. I misread the email thread. So you already changed
>>> your
>>>>>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>>>>>>
>>>>>> However when I change my policy file to use SignedSupportingToken
>>> rather
>>>>>> than SupportingToken I also get:
>>>>>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameTokenis
>>>>>> not a <wsp:Policy> element.
>>>>>>
>>>>>> So I will have a play around with that now.
>>>>>>
>>>>>>
>>>>>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
>>> wrote:
>>>>>>
>>>>>>> Actually I just realised what the problem is. Your original
>>> namespace
>>>>>>> for sp was wrong. Just change it to
>>>>>>>
>>>>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>>>>>>>
>>>>>>> And it will all work. Sorry for the confusion, I am no expert, but
>>> did
>>>>>>> have the same problems so was worth the trial and error.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
>>> wrote:
>>>>>>>
>>>>>>>> In fact just replacing the SP namespace should do it. The
>>> xmlns:wsp="
>>>>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>>>>>>>> problem.
>>>>>>>>
>>>>>>>> So just change the sp to:
>>>>>>>>
>>>>>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>>> "
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
>>> wrote:
>>>>>>>>
>>>>>>>>> Changing the namespaces to the following will allow it to work with
>>>>>>>>> CXF:
>>>>>>>>>
>>>>>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>>>>>>>> xmlns:wsu="
>>>>>>>>>
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>>>>>>>> "
>>>>>>>>> xmlns:sp="
>>>>>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>>>>>>>>> jennifer@indivica.com> wrote:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Thanks for your message. The WSDL file clearly contains a number
>>> of
>>>>>>>>>> errors and so I'm happy to change it. The owners of the service
>>> will have
>>>>>>>>>> to adjust it anyway. What should I change the namespaces to?
>>>>>>>>>>
>>>>>>>>>> Thanks again
>>>>>>>>>> Jen
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>>>>>>>
>>>>>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
>>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
>>>>
>>>>>>>>>>>
>>>>>>>>>>> This test case reproduces your issue I think. Changing the
>>>>>>>>>>> namespaces of
>>>>>>>>>>> the policy file will actually fix this, but probably not an
>>> option
>>>>>>>>>>> for you.
>>>>>>>>>>>
>>>>>>>>>>> public void testOldWspSpClient() throws Exception {
>>>>>>>>>>> ClassPathXmlApplicationContext clientContext =
>>>>>>>>>>> TestUtils.getContext(
>>>>>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>>>>>>>
>>>>>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>>>>>>>>> "OldSpWspSimpleServiceClient",
>>>>>>>>>>> OldSpWspSimpleService.class);
>>>>>>>>>>>
>>>>>>>>>>> WSS4JOutInterceptor wssOut =
>>> TestUtils.**getWssOutInterceptor(
>>>>>>>>>>> simpleService);
>>>>>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>>>>>>>>>>> "password");
>>>>>>>>>>>
>>>>>>>>>>> try {
>>>>>>>>>>> simpleService.ping();
>>>>>>>>>>> } catch (SOAPFaultException e) {
>>>>>>>>>>> assertTrue(e.getMessage().**
>>>>>>>>>>> contains("MustUnderstand"));
>>>>>>>>>>> }
>>>>>>>>>>> }
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <jason@pellcorp.com
>>>>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I changed over my java first samples to use your namespaces,
>>> and I
>>>>>>>>>>>> also
>>>>>>>>>>>> got the Must understand error.
>>>>>>>>>>>>
>>>>>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to
>>> see
>>>>>>>>>>>> what
>>>>>>>>>>>> the problem is.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>>>>>>>> jennifer@indivica.com>wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks for your help.
>>>>>>>>>>>>>
>>>>>>>>>>>>> The project path did not export the appropriate jars to the
>>>>>>>>>>>>> WEB-INF/lib
>>>>>>>>>>>>> directory when being built, so I added them to the deployment
>>>>>>>>>>>>> assembly step
>>>>>>>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>>>>>>>>>>>>> headers are
>>>>>>>>>>>>> not understood" error message. But there's more. I'm also
>>> getting
>>>>>>>>>>>>> a strange
>>>>>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>> SignedSupportingTokensregister**ed<
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
>>>>
>>>>>>>>>>>>> .
>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>> RequiredPartsregistered<
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
>>>>
>>>>>>>>>>>>> .
>>>>>>>>>>>>>
>>>>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>>>>> SignedPartsregistered<
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
>>>>
>>>>>>>>>>>>> .
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> I thought that was weird because in all the examples I've seen
>>> the
>>>>>>>>>>>>> sp
>>>>>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>>>>> 2005/07/securitypolicy<
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>>>>>>>> So I
>>>>>>>>>>>>> made the change in the WSDL and I got the following message
>>> upon
>>>>>>>>>>>>> restarting
>>>>>>>>>>>>> the server:
>>>>>>>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>>>>>>>> getElementPolicy
>>>>>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>>>>>>>> UsernameToken<
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>>>>>>
>>>>>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>>>>>>>>>>>>> pretty close,
>>>>>>>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>>>>>>>> suggestions?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks
>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
>>> ashakirin@talend.com>
>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> "mustunderstand header is not understood" error is thrown by
>>> CXF
>>>>>>>>>>>>>>
>>>>>>>>>>>>> MustUnderstandInterceptor.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
>>>>>>>>>>>>>> SOAP
>>>>>>>>>>>>>>
>>>>>>>>>>>>> message can be processed by at least one CXF interceptor in
>>> chain.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders()
>>> method
>>>>>>>>>>>>>> to say
>>>>>>>>>>>>>>
>>>>>>>>>>>>> which headers they are able to proceed.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Security headers can be processed either by
>>>>>>>>>>>>>> AbstractTokenInterceptor
>>>>>>>>>>>>>>
>>>>>>>>>>>>> (extended by UsernameTokenInterceptor,
>>> SamlTokenInterceptor.java,
>>>>>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>>>>>>>>
>>>>>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>>>>>>>
>>>>>>>>>>>>> WSS4JInInterceptor.java).
>>>>>>>>>>>>>
>>>>>>>>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>>>>>>>>> service
>>>>>>>>>>>>>>
>>>>>>>>>>>>> side.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> That could happens because:
>>>>>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>>>>>>>> activate
>>>>>>>>>>>>>>
>>>>>>>>>>>>> that interceptors
>>>>>>>>>>>>>
>>>>>>>>>>>>>> b) service uses no ws-policy way and not configured with
>>> security
>>>>>>>>>>>>>>
>>>>>>>>>>>>> interceptor
>>>>>>>>>>>>>
>>>>>>>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>>>>>>>
>>>>>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Can you please check how your service is configured?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may
>>> be an
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> issue with
>>>>>>>>>>>>>
>>>>>>>>>>>>>> the WSDL file itself.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> My request matches the example provided by the author of the
>>>>>>>>>>>>>>> WSDL file,
>>>>>>>>>>>>>>> but neither of them work. They both cause the same
>>>>>>>>>>>>>>> "mustunderstand
>>>>>>>>>>>>>>> header is not understood" error.
>>>>>>>>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>>>>>>>>> properly.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
>>>>>>>>>>>>>>> file, and
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I know
>>>>>>>>>>>>>
>>>>>>>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>>>>>>>> timestamp,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> for
>>>>>>>>>>>>>
>>>>>>>>>>>>>> example) in the header, CXF complains that not all of the
>>> required
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> parts have
>>>>>>>>>>>>>
>>>>>>>>>>>>>> been submitted. I guess this could be because of a signing
>>> issue,
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> although I'm
>>>>>>>>>>>>>
>>>>>>>>>>>>>> not sure.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> My reasons for building the service are because while there
>>> is a
>>>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>>>> definition for the service, there's no way to access the
>>> service
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> itself. I know
>>>>>>>>>>>>>
>>>>>>>>>>>>>> exactly how the service is supposed to react to various
>>> inputs so
>>>>>>>>>>>>>>> I'm
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> trying to
>>>>>>>>>>>>>
>>>>>>>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> validation service
>>>>>>>>>>>>>
>>>>>>>>>>>>>> in Ontario, Canada, and the service is provided by the
>>> government.
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Thanks.
>>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ---------------------
>>>>>>>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>>>>>>>> name="HCValidationService"
>>>>>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
>>> http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>>>>>>>> securitypolicy/200512<
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
>>> http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>>>>> **"
>>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<
>>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>> open.org/wss/2004/01/oasis-**
>>>>>>>>>>>>>>> 200401-wss-<
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
>>> http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <types>
>>>>>>>>>>>>>>> <xsd:schema>
>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>>>>>>>> </xsd:schema>
>>>>>>>>>>>>>>> </types>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>>>>>
>>> <wsp:All>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>>>>>
>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="UserID"
>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>>>>>
>>> <wsp:All>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>>>>>
>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Header
>>> Name="Timestamp"
>>>>>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>>>>>>> 200401-wss-<
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="IDP"
>>>>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>>>>>>>> name="msarequest_header"/>
>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>>>>>>>> name="idprequest_header"/>
>>>>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <message name="validate">
>>>>>>>>>>>>>>> <wsdl:part element="hcv:validate"
>>>>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <message name="validateResponse">
>>>>>>>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <message name="faultexception">
>>>>>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>>>>>>>> </message>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <portType name="HCValidation">
>>>>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>>>>>>>> <output
>>> message="hcv:validateResponse"**/>
>>>>>>>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>>>>>>>> name="FaultException"/>
>>>>>>>>>>>>>>> </operation>
>>>>>>>>>>>>>>> </portType>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>>>>>>>> <soap:binding style="document"
>>>>>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
>>> http://schemas.xmlsoap.org/soap/http>
>>>>>>>>>>>>>>> "/>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>>>>>>>> <input>
>>>>>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
>>> use="literal"/>
>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
>>> use="literal"/>
>>>>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
>>> use="literal"/>
>>>>>>>>>>>>>>> <wsdlsoap:body
>>> parts="parameters"
>>>>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>>>>> </input>
>>>>>>>>>>>>>>> <output>
>>>>>>>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>>>>>>>> </output>
>>>>>>>>>>>>>>> <fault name="FaultException">
>>>>>>>>>>>>>>> <soap:fault
>>> name="FaultException"
>>>>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>>>>> </fault>
>>>>>>>>>>>>>>> </operation>
>>>>>>>>>>>>>>> </binding>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <service name="HCValidationService">
>>>>>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>>>>>>>> name="HCValidationPort">
>>>>>>>>>>>>>>> <soap:address
>>>>>>>>>>>>>>> location="
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>>>>>>>>>>>>> HCValidationSe<
>>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> rvice"/>
>>>>>>>>>>>>>>> </port>
>>>>>>>>>>>>>>> </service>
>>>>>>>>>>>>>>> </definitions>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ---------------------
>>>>>>>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
>>> http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<
>>> http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>>>>>>>>>>>>>>> securitypolicy<
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
>>> http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>> **200401- <
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
>>> ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03
>>>>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>>> http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsp="http://schemas.**
>>> xmlsoap.org/ws/2004/09/policy<
>>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>>>>>>>> </ns2:EBS>
>>>>>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <ServiceUserMUID>4523394</**
>>>>>>>>>>>>>>> ServiceUserMUID>
>>>>>>>>>>>>>>> </ns2:IDP>
>>>>>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>>>>>>>> </wsse:Username>
>>>>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>>>>> EncodingType="http://docs.
>>> **oasis-<http://docs.oasis->
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>>>>> 1.0#X509v3<
>>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>>>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>>>>>>>> wNTJaM
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>>>>>>>> TDj
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>>>>>>>>
>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>>>>>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>>>>>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>>> http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>>>>>
>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-
>>>>>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-1">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>> wsp
>>>>>>>>>>>>>>> wsse
>>>>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>>>>>>>> hAp3ByFuG9c
>>>>>>>>>>>>>>> Hs=
>>>>>>>>>>>>>>>
>>> </ds:DigestValue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-2">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>> wsp
>>>>>>>>>>>>>>> wsse
>>>>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>>>>>>>>>>>>>>> PE
>>>>>>>>>>>>>>> Oz3E=
>>>>>>>>>>>>>>>
>>> </ds:DigestValue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-3">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>> wsp
>>>>>>>>>>>>>>> wsse xs
>>>>>>>>>>>>>>> xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>>>>>>>> GGE=
>>>>>>>>>>>>>>>
>>> </ds:DigestValue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-4">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>>> wsp
>>>>>>>>>>>>>>> wsu xs
>>>>>>>>>>>>>>> xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>>>>>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>>>>>>>> Gjo=
>>>>>>>>>>>>>>>
>>> </ds:DigestValue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-5">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
>>> wsu
>>>>>>>>>>>>>>> xs xsi"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>>> http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>>>>>>>> 9Y=
>>>>>>>>>>>>>>>
>>> </ds:DigestValue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>>>>>>>>>>>>>>> 0oUXV5B4nzU4fg
>>>>>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>> **200401- <
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>> "
>>>>>>>>>>>>>
>>>>>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>>> http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
>>> ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <requests>
>>>>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>>>>> </requests>
>>>>>>>>>>>>>>> <locale>en</locale>
>>>>>>>>>>>>>>> </ns5:validate>
>>>>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> -------------------
>>>>>>>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/
>>> <http://ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>>> http://hcv.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>>> http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>>> http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>>>>> EncodingType="http://docs.
>>> **oasis-<http://docs.oasis->
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>>>>> 1.0#X509v3<
>>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>>>>
>>>>>>>>>>>>>>> "
>>>>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>>>>>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>>>>>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>>> http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>>>>>
>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-7">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>>>>>>>> DigestVal
>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-8">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>>>>>>>> DigestVal
>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#TS-29">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>>>>>>>> ds:DigestVal
>>>>>>>>>>>>>>> ue>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>>>>>>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>>>>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>>>>>>>> ds:DigestValu
>>>>>>>>>>>>>>> e>
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> <ds:Reference
>>> URI="#id-12">
>>>>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>>> http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>>>>> />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>>>>>>>> ds:DigestValue
>>>>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>>>>>>>> UZ51zrXi3
>>>>>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>>>>>>>>>>>>>>> 336idp
>>>>>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>>>>> wsu:Id="STR-
>>>>>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> ValueType="http://docs.oasis-**
>>> open.org/wss/2004/01/oasis-
>>>>>>>>>>>>>>> **200401- <
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>>>>> <wsse:UsernameToken
>>> wsu:Id="UsernameToken-
>>>>>>>>>>>>>>> 28">
>>>>>>>>>>>>>>> <wsse:Username>abc</wsse:**
>>>>>>>>>>>>>>> Username>
>>>>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>>>>> Type="
>>> http://docs.oasis-
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>>>>>>>>>>>>>>> profile-<
>>> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>>>>>>>> </idp:IDP>
>>>>>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>>>>>
>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>>>>> 1.0.xsd<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>>>>>>>> </ebs:EBS>
>>>>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-<
>>> http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>>>>>>>> <hcv:validate>
>>>>>>>>>>>>>>> <requests>
>>>>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>>>>> </requests>
>>>>>>>>>>>>>>> </hcv:validate>
>>>>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> -----------------------
>>>>>>>>>>>>>>> Response (In either case):
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> <soap:Envelope
>>>>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
>>> http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>>>>> ">
>>>>>>>>>>>>>>> <soap:Body>
>>>>>>>>>>>>>>> <soap:Fault>
>>>>>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>>>>>>>>>>>>>>> http://docs.oasis-
>>>>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<
>>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>>>>>>>> </soap:Fault>
>>>>>>>>>>>>>>> </soap:Body>
>>>>>>>>>>>>>>> </soap:Envelope>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>>>>>>>>>>>>>>> ashakirin@talend.com>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>>>>>>>>> client,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> therefore appropriate interceptors are not activated on the
>>>>>>>>>>>>>>> service
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> side.
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Could you double check that?
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>>>>>>>> analyse.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and
>>> deploying a
>>>>>>>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it)
>>> with
>>>>>>>>>>>>>>>>> the
>>>>>>>>>>>>>>>>> intention of implementing the service that it describes.
>>> The
>>>>>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>>>>>>>> UsernameToken,
>>>>>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every
>>> time I
>>>>>>>>>>>>>>>>> run a
>>>>>>>>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>>>>>>>> understood"
>>>>>>>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>>>>>>>> dependencies
>>>>>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>>>>>>>>>>>>>>>>> work, but
>>>>>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
>>> entire
>>>>>>>>>>>>>>>>> CXF ZIP
>>>>>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>>>>>>>>>>>>>>>>> Runtime. Is
>>>>>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way
>>> for
>>>>>>>>>>>>>>>>> me to
>>>>>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>
>>>
>>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
I don't think RequiredParts is available in the older SP namespace. I
checked the xsd and cannot find it.
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.xsd
Not sure how other clients of that service are fairing?
On Sat, Jul 27, 2013 at 2:48 PM, Jason Pell <ja...@pellcorp.com> wrote:
> I think that RequiredParts is not supported by the SP namespace you are
> using, at least in CXF. Try changing sp namespace to
>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>
> And see if you get further. I checked the RequiredParts builder and it
> does seem to assume this namespace.
>
>
> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Ok. Following that, I've now got:
>>
>> Jul 27, 2013 12:41:56 AM
>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>> handleNoRegisteredBuilder
>> WARNING: No assertion builder for type {
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered.
>>
>> Maybe I'm missing a JAR? But I've included all the CXF modules into the
>> classpath.
>>
>>
>>
>>
>> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>> > That should be:
>> >
>> > <sp:SignedSupportingTokens>
>> > <wsp:Policy>
>> > <sp:UsernameToken>
>> > <wsp:Policy>
>> > <wsp:All>
>> > <sp:NoPassword/>
>> > <sp:WssUsernameToken10/>
>> > </wsp:All>
>> > </wsp:Policy>
>> > </sp:UsernameToken>
>> > </wsp:Policy>
>> > </sp:SignedSupportingTokens>
>> >
>> >
>> >
>> >
>> > On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
>> >
>> >> Ok - try putting a <wsp:Policy> immediately inside the
>> >> <sp:SignedSupportingTokens> tag and I think you might get further.
>> >>
>> >> So instead of:
>> >>
>> >>
>> >> <sp:SignedSupportingTokens>
>> >> <sp:UsernameToken>
>> >> <wsp:Policy>
>> >> <wsp:All>
>> >> <sp:NoPassword/>
>> >> <sp:WssUsernameToken10/>
>> >> </wsp:All>
>> >> </wsp:Policy>
>> >> </sp:UsernameToken>
>> >> </sp:SignedSupportingTokens>
>> >>
>> >> Try:
>> >>
>> >> <sp:SignedSupportingTokens>
>> >> <wsp:Policy>
>> >>
>> >> <sp:UsernameToken>
>> >> <wsp:Policy>
>> >> <wsp:All>
>> >> <sp:NoPassword/>
>> >> <sp:WssUsernameToken10/>
>> >> </wsp:All>
>> >> </wsp:Policy>
>> >> </sp:UsernameToken>
>> >> <wsp:Policy>
>> >> </sp:SignedSupportingTokens>
>> >>
>> >> Do this for both occurences.
>> >>
>> >>
>> >> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>> >>
>> >>> I realised you had already got that far yourself, apologies for
>> wasting
>> >>> everyone's time. I misread the email thread. So you already changed
>> your
>> >>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>> >>>
>> >>> However when I change my policy file to use SignedSupportingToken
>> rather
>> >>> than SupportingToken I also get:
>> >>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameTokenis
>> >>> not a <wsp:Policy> element.
>> >>>
>> >>> So I will have a play around with that now.
>> >>>
>> >>>
>> >>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>> >>>
>> >>>> Actually I just realised what the problem is. Your original
>> namespace
>> >>>> for sp was wrong. Just change it to
>> >>>>
>> >>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>> >>>>
>> >>>> And it will all work. Sorry for the confusion, I am no expert, but
>> did
>> >>>> have the same problems so was worth the trial and error.
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>> >>>>
>> >>>>> In fact just replacing the SP namespace should do it. The
>> xmlns:wsp="
>> >>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>> >>>>> problem.
>> >>>>>
>> >>>>> So just change the sp to:
>> >>>>>
>> >>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>> "
>> >>>>>
>> >>>>>
>> >>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
>> wrote:
>> >>>>>
>> >>>>>> Changing the namespaces to the following will allow it to work with
>> >>>>>> CXF:
>> >>>>>>
>> >>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>> >>>>>> xmlns:wsu="
>> >>>>>>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> >>>>>> "
>> >>>>>> xmlns:sp="
>> >>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>> >>>>>> jennifer@indivica.com> wrote:
>> >>>>>>
>> >>>>>>> Hi,
>> >>>>>>>
>> >>>>>>> Thanks for your message. The WSDL file clearly contains a number
>> of
>> >>>>>>> errors and so I'm happy to change it. The owners of the service
>> will have
>> >>>>>>> to adjust it anyway. What should I change the namespaces to?
>> >>>>>>>
>> >>>>>>> Thanks again
>> >>>>>>> Jen
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>> >>>>>>>
>> >>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>> >>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
>> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
>> >
>> >>>>>>>>
>> >>>>>>>> This test case reproduces your issue I think. Changing the
>> >>>>>>>> namespaces of
>> >>>>>>>> the policy file will actually fix this, but probably not an
>> option
>> >>>>>>>> for you.
>> >>>>>>>>
>> >>>>>>>> public void testOldWspSpClient() throws Exception {
>> >>>>>>>> ClassPathXmlApplicationContext clientContext =
>> >>>>>>>> TestUtils.getContext(
>> >>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>> >>>>>>>>
>> >>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>> >>>>>>>> "OldSpWspSimpleServiceClient",
>> >>>>>>>> OldSpWspSimpleService.class);
>> >>>>>>>>
>> >>>>>>>> WSS4JOutInterceptor wssOut =
>> TestUtils.**getWssOutInterceptor(
>> >>>>>>>> simpleService);
>> >>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>> >>>>>>>> "password");
>> >>>>>>>>
>> >>>>>>>> try {
>> >>>>>>>> simpleService.ping();
>> >>>>>>>> } catch (SOAPFaultException e) {
>> >>>>>>>> assertTrue(e.getMessage().**
>> >>>>>>>> contains("MustUnderstand"));
>> >>>>>>>> }
>> >>>>>>>> }
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>>
>> >>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <jason@pellcorp.com
>> >
>> >>>>>>>> wrote:
>> >>>>>>>>
>> >>>>>>>> Hi,
>> >>>>>>>>>
>> >>>>>>>>> I changed over my java first samples to use your namespaces,
>> and I
>> >>>>>>>>> also
>> >>>>>>>>> got the Must understand error.
>> >>>>>>>>>
>> >>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to
>> see
>> >>>>>>>>> what
>> >>>>>>>>> the problem is.
>> >>>>>>>>>
>> >>>>>>>>>
>> >>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>> >>>>>>>>> jennifer@indivica.com>wrote:
>> >>>>>>>>>
>> >>>>>>>>> Hi,
>> >>>>>>>>>>
>> >>>>>>>>>> Thanks for your help.
>> >>>>>>>>>>
>> >>>>>>>>>> The project path did not export the appropriate jars to the
>> >>>>>>>>>> WEB-INF/lib
>> >>>>>>>>>> directory when being built, so I added them to the deployment
>> >>>>>>>>>> assembly step
>> >>>>>>>>>> in eclipse. I added all the dependencies as well.
>> >>>>>>>>>>
>> >>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>> >>>>>>>>>> headers are
>> >>>>>>>>>> not understood" error message. But there's more. I'm also
>> getting
>> >>>>>>>>>> a strange
>> >>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>> SignedSupportingTokensregister**ed<
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
>> >
>> >>>>>>>>>> .
>> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>> RequiredPartsregistered<
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
>> >
>> >>>>>>>>>> .
>> >>>>>>>>>>
>> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
>> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>> >>>>>>>>>> handleNoRegisteredBuilder
>> >>>>>>>>>> WARNING: No assertion builder for type {
>> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>> >>>>>>>>>> SignedPartsregistered<
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
>> >
>> >>>>>>>>>> .
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>> I thought that was weird because in all the examples I've seen
>> the
>> >>>>>>>>>> sp
>> >>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>> >>>>>>>>>> 2005/07/securitypolicy<
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>> >>>>>>>>>> So I
>> >>>>>>>>>> made the change in the WSDL and I got the following message
>> upon
>> >>>>>>>>>> restarting
>> >>>>>>>>>> the server:
>> >>>>>>>>>> Jul 26, 2013 1:25:16 PM
>> >>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>> >>>>>>>>>> Wsdl11AttachmentPolicyProvider
>> >>>>>>>>>> getElementPolicy
>> >>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>> >>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>> >>>>>>>>>> UsernameToken<
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>> >>>>>>>>>> not a <wsp:Policy> element.
>> >>>>>>>>>>
>> >>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>> >>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>> >>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>> >>>>>>>>>> pretty close,
>> >>>>>>>>>> I'm lost at this point. Do you happen to have any further
>> >>>>>>>>>> suggestions?
>> >>>>>>>>>>
>> >>>>>>>>>> Thanks
>> >>>>>>>>>> Jen
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
>> ashakirin@talend.com>
>> >>>>>>>>>> wrote:
>> >>>>>>>>>>
>> >>>>>>>>>> Hi,
>> >>>>>>>>>>>
>> >>>>>>>>>>> "mustunderstand header is not understood" error is thrown by
>> CXF
>> >>>>>>>>>>>
>> >>>>>>>>>> MustUnderstandInterceptor.
>> >>>>>>>>>>
>> >>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
>> >>>>>>>>>>> SOAP
>> >>>>>>>>>>>
>> >>>>>>>>>> message can be processed by at least one CXF interceptor in
>> chain.
>> >>>>>>>>>>
>> >>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders()
>> method
>> >>>>>>>>>>> to say
>> >>>>>>>>>>>
>> >>>>>>>>>> which headers they are able to proceed.
>> >>>>>>>>>>
>> >>>>>>>>>>> Security headers can be processed either by
>> >>>>>>>>>>> AbstractTokenInterceptor
>> >>>>>>>>>>>
>> >>>>>>>>>> (extended by UsernameTokenInterceptor,
>> SamlTokenInterceptor.java,
>> >>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>> >>>>>>>>>>
>> >>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>> >>>>>>>>>>>
>> >>>>>>>>>> WSS4JInInterceptor.java).
>> >>>>>>>>>>
>> >>>>>>>>>>> In your case no any from these interceptors is in chain on the
>> >>>>>>>>>>> service
>> >>>>>>>>>>>
>> >>>>>>>>>> side.
>> >>>>>>>>>>
>> >>>>>>>>>>> That could happens because:
>> >>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>> >>>>>>>>>>> activate
>> >>>>>>>>>>>
>> >>>>>>>>>> that interceptors
>> >>>>>>>>>>
>> >>>>>>>>>>> b) service uses no ws-policy way and not configured with
>> security
>> >>>>>>>>>>>
>> >>>>>>>>>> interceptor
>> >>>>>>>>>>
>> >>>>>>>>>>> c) appropriate CXF jars are not available:
>> >>>>>>>>>>>
>> >>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>> >>>>>>>>>>
>> >>>>>>>>>>> Can you please check how your service is configured?
>> >>>>>>>>>>>
>> >>>>>>>>>>> Regards,
>> >>>>>>>>>>> Andrei.
>> >>>>>>>>>>>
>> >>>>>>>>>>>
>> >>>>>>>>>>> -----Original Message-----
>> >>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>> >>>>>>>>>>>> To: users@cxf.apache.org
>> >>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Hi,
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may
>> be an
>> >>>>>>>>>>>>
>> >>>>>>>>>>> issue with
>> >>>>>>>>>>
>> >>>>>>>>>>> the WSDL file itself.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> My request matches the example provided by the author of the
>> >>>>>>>>>>>> WSDL file,
>> >>>>>>>>>>>> but neither of them work. They both cause the same
>> >>>>>>>>>>>> "mustunderstand
>> >>>>>>>>>>>> header is not understood" error.
>> >>>>>>>>>>>> Disabling the security policy allows the request to complete
>> >>>>>>>>>>>> properly.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
>> >>>>>>>>>>>> file, and
>> >>>>>>>>>>>>
>> >>>>>>>>>>> I know
>> >>>>>>>>>>
>> >>>>>>>>>>> that part is working because if I miss a required part (the
>> >>>>>>>>>>>> timestamp,
>> >>>>>>>>>>>>
>> >>>>>>>>>>> for
>> >>>>>>>>>>
>> >>>>>>>>>>> example) in the header, CXF complains that not all of the
>> required
>> >>>>>>>>>>>>
>> >>>>>>>>>>> parts have
>> >>>>>>>>>>
>> >>>>>>>>>>> been submitted. I guess this could be because of a signing
>> issue,
>> >>>>>>>>>>>>
>> >>>>>>>>>>> although I'm
>> >>>>>>>>>>
>> >>>>>>>>>>> not sure.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> My reasons for building the service are because while there
>> is a
>> >>>>>>>>>>>> WSDL
>> >>>>>>>>>>>> definition for the service, there's no way to access the
>> service
>> >>>>>>>>>>>>
>> >>>>>>>>>>> itself. I know
>> >>>>>>>>>>
>> >>>>>>>>>>> exactly how the service is supposed to react to various
>> inputs so
>> >>>>>>>>>>>> I'm
>> >>>>>>>>>>>>
>> >>>>>>>>>>> trying to
>> >>>>>>>>>>
>> >>>>>>>>>>> build the same web service. It's for a health insurance card
>> >>>>>>>>>>>>
>> >>>>>>>>>>> validation service
>> >>>>>>>>>>
>> >>>>>>>>>>> in Ontario, Canada, and the service is provided by the
>> government.
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Thanks.
>> >>>>>>>>>>>> Jen
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> ---------------------
>> >>>>>>>>>>>> HCValidationService.wsdl
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>> >>>>>>>>>>>> name="HCValidationService"
>> >>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
>> http://schemas.xmlsoap.org/wsdl/soap/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>> >>>>>>>>>>>> securitypolicy/200512<
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
>> http://schemas.xmlsoap.org/wsdl/soap/>
>> >>>>>>>>>>>> **"
>> >>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<
>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-**
>> >>>>>>>>>>>> 200401-wss-<
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>> >>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
>> http://www.w3.org/2001/XMLSchema>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <types>
>> >>>>>>>>>>>> <xsd:schema>
>> >>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>> >>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>> >>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>> >>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>> >>>>>>>>>>>> <xsd:import
>> >>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>> >>>>>>>>>>>> </xsd:schema>
>> >>>>>>>>>>>> </types>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>> >>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:SignedSupportingTokens>
>> >>>>>>>>>>>> <sp:UsernameToken>
>> >>>>>>>>>>>> <wsp:Policy>
>> >>>>>>>>>>>>
>> <wsp:All>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <sp:NoPassword/>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <sp:WssUsernameToken10/>
>> >>>>>>>>>>>>
>> </wsp:All>
>> >>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>> </sp:UsernameToken>
>> >>>>>>>>>>>> </sp:SignedSupportingTokens>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="MSA"
>> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="AuditId"
>> >>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="UserID"
>> >>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:SignedParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="MSA"
>> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Body/>
>> >>>>>>>>>>>> </sp:SignedParts>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:SignedSupportingTokens>
>> >>>>>>>>>>>> <sp:UsernameToken>
>> >>>>>>>>>>>> <wsp:Policy>
>> >>>>>>>>>>>>
>> <wsp:All>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <sp:WssUsernameToken10/>
>> >>>>>>>>>>>>
>> </wsp:All>
>> >>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>> </sp:UsernameToken>
>> >>>>>>>>>>>> </sp:SignedSupportingTokens>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:SignedParts>
>> >>>>>>>>>>>> <sp:Header Name="EBS"
>> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Header Name="IDP"
>> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Header
>> Name="Timestamp"
>> >>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>> >>>>>>>>>>>> 200401-wss-<
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>> >>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> <sp:Body/>
>> >>>>>>>>>>>> </sp:SignedParts>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsp:ExactlyOne>
>> >>>>>>>>>>>> <wsp:All>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="EBS"
>> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="IDP"
>> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="AuditId"
>> >>>>>>>>>>>> Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> <sp:RequiredParts>
>> >>>>>>>>>>>> <sp:Header
>> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>> </sp:RequiredParts>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>> </wsp:All>
>> >>>>>>>>>>>> </wsp:ExactlyOne>
>> >>>>>>>>>>>> </wsp:Policy>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsdl:message name="EBSHeader">
>> >>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>> >>>>>>>>>>>> name="ebsrequest_header"/>
>> >>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>> <wsdl:message name="MSAHeader">
>> >>>>>>>>>>>> <wsdl:part element="msa:MSA"
>> >>>>>>>>>>>> name="msarequest_header"/>
>> >>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>> <wsdl:message name="IDPHeader">
>> >>>>>>>>>>>> <wsdl:part element="idp:IDP"
>> >>>>>>>>>>>> name="idprequest_header"/>
>> >>>>>>>>>>>> </wsdl:message>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <message name="validate">
>> >>>>>>>>>>>> <wsdl:part element="hcv:validate"
>> >>>>>>>>>>>> name="parameters"/>
>> >>>>>>>>>>>> </message>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <message name="validateResponse">
>> >>>>>>>>>>>> <part element="hcv:validateResponse"
>> >>>>>>>>>>>> name="parameters"/>
>> >>>>>>>>>>>> </message>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <message name="faultexception">
>> >>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>> >>>>>>>>>>>> </message>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <portType name="HCValidation">
>> >>>>>>>>>>>> <operation name="validate">
>> >>>>>>>>>>>> <input message="hcv:validate"/>
>> >>>>>>>>>>>> <output
>> message="hcv:validateResponse"**/>
>> >>>>>>>>>>>> <fault message="hcv:faultexception"
>> >>>>>>>>>>>> name="FaultException"/>
>> >>>>>>>>>>>> </operation>
>> >>>>>>>>>>>> </portType>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <binding name="HCValidationPortBinding"
>> >>>>>>>>>>>> type="hcv:HCValidation">
>> >>>>>>>>>>>> <soap:binding style="document"
>> >>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
>> http://schemas.xmlsoap.org/soap/http>
>> >>>>>>>>>>>> "/>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <operation name="validate">
>> >>>>>>>>>>>> <soap:operation soapAction=""/>
>> >>>>>>>>>>>> <input>
>> >>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>> >>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
>> use="literal"/>
>> >>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
>> use="literal"/>
>> >>>>>>>>>>>> <wsdlsoap:header
>> >>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
>> use="literal"/>
>> >>>>>>>>>>>> <wsdlsoap:body
>> parts="parameters"
>> >>>>>>>>>>>> use="literal"/>
>> >>>>>>>>>>>> </input>
>> >>>>>>>>>>>> <output>
>> >>>>>>>>>>>> <soap:body use="literal"/>
>> >>>>>>>>>>>> </output>
>> >>>>>>>>>>>> <fault name="FaultException">
>> >>>>>>>>>>>> <soap:fault
>> name="FaultException"
>> >>>>>>>>>>>> use="literal"/>
>> >>>>>>>>>>>> </fault>
>> >>>>>>>>>>>> </operation>
>> >>>>>>>>>>>> </binding>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <service name="HCValidationService">
>> >>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>> >>>>>>>>>>>> name="HCValidationPort">
>> >>>>>>>>>>>> <soap:address
>> >>>>>>>>>>>> location="
>> >>>>>>>>>>>>
>> >>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>> >>>>>>>>>> HCValidationSe<
>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>> >>>>>>>>>>
>> >>>>>>>>>>> rvice"/>
>> >>>>>>>>>>>> </port>
>> >>>>>>>>>>>> </service>
>> >>>>>>>>>>>> </definitions>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> ---------------------
>> >>>>>>>>>>>> Sample Request (provided by author of WSDL)
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>> >>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
>> http://schemas.xmlsoap.org/security/2000-12>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>> >>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<
>> http://www.w3.org/2001/XMLSchema-instance>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>> >>>>>>>>>>>> securitypolicy<
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>> >>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>> >>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
>> http://www.w3.org/2001/XMLSchema>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>> **200401- <
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
>> ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03
>> >
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
>> http://schemas.xmlsoap.org/wsdl/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsp="http://schemas.**
>> xmlsoap.org/ws/2004/09/policy<
>> http://schemas.xmlsoap.org/ws/2004/09/policy>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <soapenv:Header>
>> >>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <SoftwareConformanceKey>**
>> >>>>>>>>>>>> 444561ee-277f-77b2-
>> >>>>>>>>>>>> c664-7a9923jfgh1b
>> >>>>>>>>>>>> </SoftwareConformanceKey>
>> >>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>> >>>>>>>>>>>> 21b707ca8a53</AuditId>
>> >>>>>>>>>>>> </ns2:EBS>
>> >>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>> >>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <ServiceUserMUID>4523394</**
>> >>>>>>>>>>>> ServiceUserMUID>
>> >>>>>>>>>>>> </ns2:IDP>
>> >>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>> >>>>>>>>>>>> <wsu:Created>2012-06-
>> >>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>> >>>>>>>>>>>> <wsu:Expires>2012-06-
>> >>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>> >>>>>>>>>>>> </wsu:Timestamp>
>> >>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>> >>>>>>>>>>>> </wsse:Username>
>> >>>>>>>>>>>> <wsse:Password
>> >>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>> >>>>>>>>>>>> </wsse:UsernameToken>
>> >>>>>>>>>>>> <wsse:BinarySecurityToken
>> >>>>>>>>>>>> EncodingType="http://docs.
>> **oasis-<http://docs.oasis->
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>> >>>>>>>>>>>> 1.0#Base64Binary"
>> >>>>>>>>>>>> ValueType="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>> >>>>>>>>>>>> 1.0#X509v3<
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> >
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> wsu:Id="X509-
>> >>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>> >>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>> >>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>> >>>>>>>>>>>> wNTJaM
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>> >>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>> >>>>>>>>>>>> TDj
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>> >>>>>>>>>>>>
>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>> >>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>> >>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>> >>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>> >>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>> >>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>> >>>>>>>>>>>> </wsse:BinarySecurityToken>
>> >>>>>>>>>>>> <ds:Signature Id="SIG-6"
>> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>> http://www.w3.org/2000/09/xmldsig#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <ds:SignedInfo>
>> >>>>>>>>>>>>
>> <ds:CanonicalizationMethod
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-
>> >>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:CanonicalizationMethod>
>> >>>>>>>>>>>> <ds:SignatureMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-1">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> wsp
>> >>>>>>>>>>>> wsse
>> >>>>>>>>>>>> wsu xs xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>> >>>>>>>>>>>> hAp3ByFuG9c
>> >>>>>>>>>>>> Hs=
>> >>>>>>>>>>>>
>> </ds:DigestValue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-2">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> wsp
>> >>>>>>>>>>>> wsse
>> >>>>>>>>>>>> wsu xs xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>> >>>>>>>>>>>> PE
>> >>>>>>>>>>>> Oz3E=
>> >>>>>>>>>>>>
>> </ds:DigestValue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-3">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> wsp
>> >>>>>>>>>>>> wsse xs
>> >>>>>>>>>>>> xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>> >>>>>>>>>>>> GGE=
>> >>>>>>>>>>>>
>> </ds:DigestValue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-4">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl
>> wsp
>> >>>>>>>>>>>> wsu xs
>> >>>>>>>>>>>> xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>> >>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>> >>>>>>>>>>>> Gjo=
>> >>>>>>>>>>>>
>> </ds:DigestValue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-5">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
>> wsu
>> >>>>>>>>>>>> xs xsi"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
>> http://www.w3.org/2001/04/xmlenc#sha256>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>> >>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>> >>>>>>>>>>>> 9Y=
>> >>>>>>>>>>>>
>> </ds:DigestValue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> </ds:SignedInfo>
>> >>>>>>>>>>>> <ds:SignatureValue>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>> >>>>>>>>>>>> 0oUXV5B4nzU4fg
>> >>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>> >>>>>>>>>>>> LaD+S/j3QKc=
>> >>>>>>>>>>>> </ds:SignatureValue>
>> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
>> >>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsse:SecurityTokenReference
>> >>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>> >>>>>>>>>>>> <wsse:Reference
>> >>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> ValueType="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>> **200401- <
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </wsse:SecurityTokenReference>
>> >>>>>>>>>>>> </ds:KeyInfo>
>> >>>>>>>>>>>> </ds:Signature>
>> >>>>>>>>>>>> </wsse:Security>
>> >>>>>>>>>>>> </soapenv:Header>
>> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>> >>>>>>>>>>>> <ns5:validate xmlns:ns4="
>> >>>>>>>>>>>>
>> >>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>> "
>> >>>>>>>>>>
>> >>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>> >>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
>> http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
>> ontario.ca/<http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <requests>
>> >>>>>>>>>>>> <hcvRequest>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <versionCode>WW</versionCode>
>> >>>>>>>>>>>> </hcvRequest>
>> >>>>>>>>>>>> </requests>
>> >>>>>>>>>>>> <locale>en</locale>
>> >>>>>>>>>>>> </ns5:validate>
>> >>>>>>>>>>>> </soapenv:Body>
>> >>>>>>>>>>>> </soapenv:Envelope>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> -------------------
>> >>>>>>>>>>>> Sample Request (Built via SoapUI)
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/
>> <http://ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
>> http://hcv.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
>> http://idp.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
>> http://msa.ebs.health.ontario.ca/>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <soapenv:Header>
>> >>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <wsse:BinarySecurityToken
>> >>>>>>>>>>>> EncodingType="http://docs.
>> **oasis-<http://docs.oasis->
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
>> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>> >>>>>>>>>>>> 1.0#Base64Binary"
>> >>>>>>>>>>>> ValueType="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>> >>>>>>>>>>>> 1.0#X509v3<
>> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
>> >
>> >>>>>>>>>>>> "
>> >>>>>>>>>>>> wsu:Id="X509-
>> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>> >>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>> >>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>> >>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>> >>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>> >>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>> >>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>> >>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>> >>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>> >>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>> >>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>> >>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>> >>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>> >>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>> >>>>>>>>>>>> OM0XL3xwzblWi++B
>> >>>>>>>>>>>> </wsse:BinarySecurityToken>
>> >>>>>>>>>>>> <ds:Signature Id="SIG-30"
>> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
>> http://www.w3.org/2000/09/xmldsig#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <ds:SignedInfo>
>> >>>>>>>>>>>>
>> <ds:CanonicalizationMethod
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces
>> >>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:CanonicalizationMethod>
>> >>>>>>>>>>>> <ds:SignatureMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
>> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-7">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>> >>>>>>>>>>>> DigestVal
>> >>>>>>>>>>>> ue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-8">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>> >>>>>>>>>>>> DigestVal
>> >>>>>>>>>>>> ue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#TS-29">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>> >>>>>>>>>>>> soapenv"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>> >>>>>>>>>>>> ds:DigestVal
>> >>>>>>>>>>>> ue>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> >>>>>>>>>>>> URI="#UsernameToken-28">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>> >>>>>>>>>>>> soapenv"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>> >>>>>>>>>>>> ds:DigestValu
>> >>>>>>>>>>>> e>
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> <ds:Reference
>> URI="#id-12">
>> >>>>>>>>>>>> <ds:Transforms>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:Transform
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
>> http://www.w3.org/2001/10/xml-exc-c14n#>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </ds:Transform>
>> >>>>>>>>>>>> </ds:Transforms>
>> >>>>>>>>>>>> <ds:DigestMethod
>> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
>> http://www.w3.org/2000/09/xmldsig#sha1>"
>> >>>>>>>>>>>> />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>> >>>>>>>>>>>> ds:DigestValue
>> >>>>>>>>>>>> </ds:Reference>
>> >>>>>>>>>>>> </ds:SignedInfo>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>> >>>>>>>>>>>> UZ51zrXi3
>> >>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>> >>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>> >>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>> >>>>>>>>>>>> 336idp
>> >>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>> >>>>>>>>>>>> </ds:SignatureValue>
>> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
>> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <wsse:SecurityTokenReference
>> >>>>>>>>>>>> wsu:Id="STR-
>> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>> >>>>>>>>>>>> <wsse:Reference
>> >>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> ValueType="http://docs.oasis-**
>> open.org/wss/2004/01/oasis-
>> >>>>>>>>>>>> **200401- <
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> </wsse:SecurityTokenReference>
>> >>>>>>>>>>>> </ds:KeyInfo>
>> >>>>>>>>>>>> </ds:Signature>
>> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>> >>>>>>>>>>>> <wsu:Created>2013-07-
>> >>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>> >>>>>>>>>>>> <wsu:Expires>2013-07-
>> >>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>> >>>>>>>>>>>> </wsu:Timestamp>
>> >>>>>>>>>>>> <wsse:UsernameToken
>> wsu:Id="UsernameToken-
>> >>>>>>>>>>>> 28">
>> >>>>>>>>>>>> <wsse:Username>abc</wsse:**
>> >>>>>>>>>>>> Username>
>> >>>>>>>>>>>> <wsse:Password
>> >>>>>>>>>>>> Type="
>> http://docs.oasis-
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>> >>>>>>>>>>>> profile-<
>> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>> >>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>> >>>>>>>>>>>> </wsse:UsernameToken>
>> >>>>>>>>>>>> </wsse:Security>
>> >>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> <ServiceUserMUID>12345</**ServiceUserMUID>
>> >>>>>>>>>>>> </idp:IDP>
>> >>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>> >>>>>>>>>>>>
>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>> >>>>>>>>>>>> 1.0.xsd<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>> >>>>>>>>>>>> <AuditId>12345</AuditId>
>> >>>>>>>>>>>> </ebs:EBS>
>> >>>>>>>>>>>> </soapenv:Header>
>> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-<
>> http://docs.oasis-open.org/wss/2004/01/oasis->
>> >>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>> >>>>>>>>>>>> <hcv:validate>
>> >>>>>>>>>>>> <requests>
>> >>>>>>>>>>>> <hcvRequest>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <versionCode>AB</versionCode>
>> >>>>>>>>>>>> </hcvRequest>
>> >>>>>>>>>>>> </requests>
>> >>>>>>>>>>>> </hcv:validate>
>> >>>>>>>>>>>> </soapenv:Body>
>> >>>>>>>>>>>> </soapenv:Envelope>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> -----------------------
>> >>>>>>>>>>>> Response (In either case):
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> <soap:Envelope
>> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
>> http://schemas.xmlsoap.org/soap/envelope/>
>> >>>>>>>>>>>> ">
>> >>>>>>>>>>>> <soap:Body>
>> >>>>>>>>>>>> <soap:Fault>
>> >>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>> >>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>> >>>>>>>>>>>> http://docs.oasis-
>> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<
>> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>> >>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>> >>>>>>>>>>>> </soap:Fault>
>> >>>>>>>>>>>> </soap:Body>
>> >>>>>>>>>>>> </soap:Envelope>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>>
>> >>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>> >>>>>>>>>>>> ashakirin@talend.com>
>> >>>>>>>>>>>>
>> >>>>>>>>>>> wrote:
>> >>>>>>>>>>
>> >>>>>>>>>>> Hi,
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>> >>>>>>>>>>>>> client,
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>> therefore appropriate interceptors are not activated on the
>> >>>>>>>>>>>> service
>> >>>>>>>>>>>>
>> >>>>>>>>>>> side.
>> >>>>>>>>>>
>> >>>>>>>>>>> Could you double check that?
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Exact request and response will be also useful for further
>> >>>>>>>>>>>>> analyse.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> Regards,
>> >>>>>>>>>>>>> Andrei.
>> >>>>>>>>>>>>>
>> >>>>>>>>>>>>> -----Original Message-----
>> >>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>> >>>>>>>>>>>>>> To: users@cxf.apache.org
>> >>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and
>> deploying a
>> >>>>>>>>>>>>>> WSDL-first service via Eclipse.
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it)
>> with
>> >>>>>>>>>>>>>> the
>> >>>>>>>>>>>>>> intention of implementing the service that it describes.
>> The
>> >>>>>>>>>>>>>> WSDL
>> >>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>> >>>>>>>>>>>>>> UsernameToken,
>> >>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every
>> time I
>> >>>>>>>>>>>>>> run a
>> >>>>>>>>>>>>>> sample request that includes all of those components in the
>> >>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>> >>>>>>>>>>>>>> understood"
>> >>>>>>>>>>>>>> message, regarding the WS-Security header.
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>> >>>>>>>>>>>>>> dependencies
>> >>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>> >>>>>>>>>>>>>> work, but
>> >>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
>> entire
>> >>>>>>>>>>>>>> CXF ZIP
>> >>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>> >>>>>>>>>>>>>> Runtime. Is
>> >>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way
>> for
>> >>>>>>>>>>>>>> me to
>> >>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>> Thanks for any help.
>> >>>>>>>>>>>>>> Jen
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>>>>>
>> >>>>>>>>>>
>> >>>>>>>
>> >>>>>>
>> >>>>>
>> >>>>
>> >>>
>> >>
>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
With that namespace it appears that <sp:Body> is not supported under <sp:SignedParts>. Since signing the body is one of the requirements of the system, I can't remove that component.
The message in Eclipse is:
cvc-complex-type.2.4.a: Invalid content was found starting with element 'sp:Body'. One of '{"http://docs.oasis-open.org/ws-sx/ws-securitypolicy/
200702":Header, "http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702":Attachments, WC[##other:"http://docs.oasis-open.org/ws-sx/
ws-securitypolicy/200702"]}' is expected.
I also get:
Jul 27, 2013 12:55:16 AM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
WARNING: Failed to build the policy 'request-policy':sp:RequiredParts/sp:Header@Namespace must have a value
When starting the server.
The <sp:SignedParts> tag looks like this:
<sp:SignedParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/" />
<sp:Header Name="IDP" Namespace="http://idp.ebs.health.ontario.ca/" />
<sp:Header Name="Timestamp"
Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" />
<sp:Header Name="UsernameToken"
Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
<sp:Body />
</sp:SignedParts>
and:
<sp:SignedParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/" />
<sp:Header Name="MSA" Namespace="http://msa.ebs.health.ontario.ca/" />
<sp:Header Name="Timestamp"
Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" />
<sp:Header Name="UsernameToken"
Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
<sp:Body />
</sp:SignedParts>
(I didn't remove the <sp:Body> tag - even though Eclipse complains it's invalid, it doesn't seem to make a difference whether it's there or not.
On 2013-07-27, at 12:48 AM, Jason Pell <ja...@pellcorp.com> wrote:
> I think that RequiredParts is not supported by the SP namespace you are using, at least in CXF. Try changing sp namespace to
>
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
>
> And see if you get further. I checked the RequiredParts builder and it does seem to assume this namespace.
>
>
> On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <je...@indivica.com> wrote:
> Ok. Following that, I've now got:
>
> Jul 27, 2013 12:41:56 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
> WARNING: No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredParts registered.
>
> Maybe I'm missing a JAR? But I've included all the CXF modules into the classpath.
>
>
>
>
> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > That should be:
> >
> > <sp:SignedSupportingTokens>
> > <wsp:Policy>
> > <sp:UsernameToken>
> > <wsp:Policy>
> > <wsp:All>
> > <sp:NoPassword/>
> > <sp:WssUsernameToken10/>
> > </wsp:All>
> > </wsp:Policy>
> > </sp:UsernameToken>
> > </wsp:Policy>
> > </sp:SignedSupportingTokens>
> >
> >
> >
> >
> > On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >
> >> Ok - try putting a <wsp:Policy> immediately inside the
> >> <sp:SignedSupportingTokens> tag and I think you might get further.
> >>
> >> So instead of:
> >>
> >>
> >> <sp:SignedSupportingTokens>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >> <sp:NoPassword/>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> </sp:SignedSupportingTokens>
> >>
> >> Try:
> >>
> >> <sp:SignedSupportingTokens>
> >> <wsp:Policy>
> >>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >> <sp:NoPassword/>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> <wsp:Policy>
> >> </sp:SignedSupportingTokens>
> >>
> >> Do this for both occurences.
> >>
> >>
> >> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >>
> >>> I realised you had already got that far yourself, apologies for wasting
> >>> everyone's time. I misread the email thread. So you already changed your
> >>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
> >>>
> >>> However when I change my policy file to use SignedSupportingToken rather
> >>> than SupportingToken I also get:
> >>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
> >>> not a <wsp:Policy> element.
> >>>
> >>> So I will have a play around with that now.
> >>>
> >>>
> >>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >>>
> >>>> Actually I just realised what the problem is. Your original namespace
> >>>> for sp was wrong. Just change it to
> >>>>
> >>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
> >>>>
> >>>> And it will all work. Sorry for the confusion, I am no expert, but did
> >>>> have the same problems so was worth the trial and error.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >>>>
> >>>>> In fact just replacing the SP namespace should do it. The xmlns:wsp="
> >>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
> >>>>> problem.
> >>>>>
> >>>>> So just change the sp to:
> >>>>>
> >>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
> >>>>>
> >>>>>
> >>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >>>>>
> >>>>>> Changing the namespaces to the following will allow it to work with
> >>>>>> CXF:
> >>>>>>
> >>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
> >>>>>> xmlns:wsu="
> >>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >>>>>> "
> >>>>>> xmlns:sp="
> >>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
> >>>>>> jennifer@indivica.com> wrote:
> >>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> Thanks for your message. The WSDL file clearly contains a number of
> >>>>>>> errors and so I'm happy to change it. The owners of the service will have
> >>>>>>> to adjust it anyway. What should I change the namespaces to?
> >>>>>>>
> >>>>>>> Thanks again
> >>>>>>> Jen
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
> >>>>>>>
> >>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
> >>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
> >>>>>>>>
> >>>>>>>> This test case reproduces your issue I think. Changing the
> >>>>>>>> namespaces of
> >>>>>>>> the policy file will actually fix this, but probably not an option
> >>>>>>>> for you.
> >>>>>>>>
> >>>>>>>> public void testOldWspSpClient() throws Exception {
> >>>>>>>> ClassPathXmlApplicationContext clientContext =
> >>>>>>>> TestUtils.getContext(
> >>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
> >>>>>>>>
> >>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
> >>>>>>>> "OldSpWspSimpleServiceClient",
> >>>>>>>> OldSpWspSimpleService.class);
> >>>>>>>>
> >>>>>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
> >>>>>>>> simpleService);
> >>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
> >>>>>>>> "password");
> >>>>>>>>
> >>>>>>>> try {
> >>>>>>>> simpleService.ping();
> >>>>>>>> } catch (SOAPFaultException e) {
> >>>>>>>> assertTrue(e.getMessage().**
> >>>>>>>> contains("MustUnderstand"));
> >>>>>>>> }
> >>>>>>>> }
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
> >>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>> Hi,
> >>>>>>>>>
> >>>>>>>>> I changed over my java first samples to use your namespaces, and I
> >>>>>>>>> also
> >>>>>>>>> got the Must understand error.
> >>>>>>>>>
> >>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
> >>>>>>>>> what
> >>>>>>>>> the problem is.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
> >>>>>>>>> jennifer@indivica.com>wrote:
> >>>>>>>>>
> >>>>>>>>> Hi,
> >>>>>>>>>>
> >>>>>>>>>> Thanks for your help.
> >>>>>>>>>>
> >>>>>>>>>> The project path did not export the appropriate jars to the
> >>>>>>>>>> WEB-INF/lib
> >>>>>>>>>> directory when being built, so I added them to the deployment
> >>>>>>>>>> assembly step
> >>>>>>>>>> in eclipse. I added all the dependencies as well.
> >>>>>>>>>>
> >>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
> >>>>>>>>>> headers are
> >>>>>>>>>> not understood" error message. But there's more. I'm also getting
> >>>>>>>>>> a strange
> >>>>>>>>>> message when Tomcat is deploying the application, from CXF:
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
> >>>>>>>>>> .
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
> >>>>>>>>>> .
> >>>>>>>>>>
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
> >>>>>>>>>> .
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> I thought that was weird because in all the examples I've seen the
> >>>>>>>>>> sp
> >>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>> 2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
> >>>>>>>>>> So I
> >>>>>>>>>> made the change in the WSDL and I got the following message upon
> >>>>>>>>>> restarting
> >>>>>>>>>> the server:
> >>>>>>>>>> Jul 26, 2013 1:25:16 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
> >>>>>>>>>> Wsdl11AttachmentPolicyProvider
> >>>>>>>>>> getElementPolicy
> >>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
> >>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
> >>>>>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
> >>>>>>>>>> not a <wsp:Policy> element.
> >>>>>>>>>>
> >>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
> >>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
> >>>>>>>>>> pretty close,
> >>>>>>>>>> I'm lost at this point. Do you happen to have any further
> >>>>>>>>>> suggestions?
> >>>>>>>>>>
> >>>>>>>>>> Thanks
> >>>>>>>>>> Jen
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
> >>>>>>>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>> Hi,
> >>>>>>>>>>>
> >>>>>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
> >>>>>>>>>>>
> >>>>>>>>>> MustUnderstandInterceptor.
> >>>>>>>>>>
> >>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
> >>>>>>>>>>> SOAP
> >>>>>>>>>>>
> >>>>>>>>>> message can be processed by at least one CXF interceptor in chain.
> >>>>>>>>>>
> >>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method
> >>>>>>>>>>> to say
> >>>>>>>>>>>
> >>>>>>>>>> which headers they are able to proceed.
> >>>>>>>>>>
> >>>>>>>>>>> Security headers can be processed either by
> >>>>>>>>>>> AbstractTokenInterceptor
> >>>>>>>>>>>
> >>>>>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
> >>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
> >>>>>>>>>>
> >>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
> >>>>>>>>>>>
> >>>>>>>>>> WSS4JInInterceptor.java).
> >>>>>>>>>>
> >>>>>>>>>>> In your case no any from these interceptors is in chain on the
> >>>>>>>>>>> service
> >>>>>>>>>>>
> >>>>>>>>>> side.
> >>>>>>>>>>
> >>>>>>>>>>> That could happens because:
> >>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
> >>>>>>>>>>> activate
> >>>>>>>>>>>
> >>>>>>>>>> that interceptors
> >>>>>>>>>>
> >>>>>>>>>>> b) service uses no ws-policy way and not configured with security
> >>>>>>>>>>>
> >>>>>>>>>> interceptor
> >>>>>>>>>>
> >>>>>>>>>>> c) appropriate CXF jars are not available:
> >>>>>>>>>>>
> >>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
> >>>>>>>>>>
> >>>>>>>>>>> Can you please check how your service is configured?
> >>>>>>>>>>>
> >>>>>>>>>>> Regards,
> >>>>>>>>>>> Andrei.
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
> >>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>
> >>>>>>>>>>>> Hi,
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
> >>>>>>>>>>>>
> >>>>>>>>>>> issue with
> >>>>>>>>>>
> >>>>>>>>>>> the WSDL file itself.
> >>>>>>>>>>>>
> >>>>>>>>>>>> My request matches the example provided by the author of the
> >>>>>>>>>>>> WSDL file,
> >>>>>>>>>>>> but neither of them work. They both cause the same
> >>>>>>>>>>>> "mustunderstand
> >>>>>>>>>>>> header is not understood" error.
> >>>>>>>>>>>> Disabling the security policy allows the request to complete
> >>>>>>>>>>>> properly.
> >>>>>>>>>>>>
> >>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
> >>>>>>>>>>>> file, and
> >>>>>>>>>>>>
> >>>>>>>>>>> I know
> >>>>>>>>>>
> >>>>>>>>>>> that part is working because if I miss a required part (the
> >>>>>>>>>>>> timestamp,
> >>>>>>>>>>>>
> >>>>>>>>>>> for
> >>>>>>>>>>
> >>>>>>>>>>> example) in the header, CXF complains that not all of the required
> >>>>>>>>>>>>
> >>>>>>>>>>> parts have
> >>>>>>>>>>
> >>>>>>>>>>> been submitted. I guess this could be because of a signing issue,
> >>>>>>>>>>>>
> >>>>>>>>>>> although I'm
> >>>>>>>>>>
> >>>>>>>>>>> not sure.
> >>>>>>>>>>>>
> >>>>>>>>>>>> My reasons for building the service are because while there is a
> >>>>>>>>>>>> WSDL
> >>>>>>>>>>>> definition for the service, there's no way to access the service
> >>>>>>>>>>>>
> >>>>>>>>>>> itself. I know
> >>>>>>>>>>
> >>>>>>>>>>> exactly how the service is supposed to react to various inputs so
> >>>>>>>>>>>> I'm
> >>>>>>>>>>>>
> >>>>>>>>>>> trying to
> >>>>>>>>>>
> >>>>>>>>>>> build the same web service. It's for a health insurance card
> >>>>>>>>>>>>
> >>>>>>>>>>> validation service
> >>>>>>>>>>
> >>>>>>>>>>> in Ontario, Canada, and the service is provided by the government.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks.
> >>>>>>>>>>>> Jen
> >>>>>>>>>>>>
> >>>>>>>>>>>> ---------------------
> >>>>>>>>>>>> HCValidationService.wsdl
> >>>>>>>>>>>>
> >>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
> >>>>>>>>>>>> name="HCValidationService"
> >>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
> >>>>>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>> **"
> >>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <types>
> >>>>>>>>>>>> <xsd:schema>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
> >>>>>>>>>>>> </xsd:schema>
> >>>>>>>>>>>> </types>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:NoPassword/>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UserID"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>> <sp:Header Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header Name="IDP"
> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header Name="Timestamp"
> >>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="IDP"
> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsdl:message name="EBSHeader">
> >>>>>>>>>>>> <wsdl:part element="ebs:EBS"
> >>>>>>>>>>>> name="ebsrequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>> <wsdl:message name="MSAHeader">
> >>>>>>>>>>>> <wsdl:part element="msa:MSA"
> >>>>>>>>>>>> name="msarequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>> <wsdl:message name="IDPHeader">
> >>>>>>>>>>>> <wsdl:part element="idp:IDP"
> >>>>>>>>>>>> name="idprequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="validate">
> >>>>>>>>>>>> <wsdl:part element="hcv:validate"
> >>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="validateResponse">
> >>>>>>>>>>>> <part element="hcv:validateResponse"
> >>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="faultexception">
> >>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <portType name="HCValidation">
> >>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>> <input message="hcv:validate"/>
> >>>>>>>>>>>> <output message="hcv:validateResponse"**/>
> >>>>>>>>>>>> <fault message="hcv:faultexception"
> >>>>>>>>>>>> name="FaultException"/>
> >>>>>>>>>>>> </operation>
> >>>>>>>>>>>> </portType>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <binding name="HCValidationPortBinding"
> >>>>>>>>>>>> type="hcv:HCValidation">
> >>>>>>>>>>>> <soap:binding style="document"
> >>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>> <soap:operation soapAction=""/>
> >>>>>>>>>>>> <input>
> >>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:body parts="parameters"
> >>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>> </input>
> >>>>>>>>>>>> <output>
> >>>>>>>>>>>> <soap:body use="literal"/>
> >>>>>>>>>>>> </output>
> >>>>>>>>>>>> <fault name="FaultException">
> >>>>>>>>>>>> <soap:fault name="FaultException"
> >>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>> </fault>
> >>>>>>>>>>>> </operation>
> >>>>>>>>>>>> </binding>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <service name="HCValidationService">
> >>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
> >>>>>>>>>>>> name="HCValidationPort">
> >>>>>>>>>>>> <soap:address
> >>>>>>>>>>>> location="
> >>>>>>>>>>>>
> >>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
> >>>>>>>>>> HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
> >>>>>>>>>>
> >>>>>>>>>>> rvice"/>
> >>>>>>>>>>>> </port>
> >>>>>>>>>>>> </service>
> >>>>>>>>>>>> </definitions>
> >>>>>>>>>>>>
> >>>>>>>>>>>> ---------------------
> >>>>>>>>>>>> Sample Request (provided by author of WSDL)
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
> >>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
> >>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
> >>>>>>>>>>>> securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
> >>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
> >>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <SoftwareConformanceKey>**
> >>>>>>>>>>>> 444561ee-277f-77b2-
> >>>>>>>>>>>> c664-7a9923jfgh1b
> >>>>>>>>>>>> </SoftwareConformanceKey>
> >>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
> >>>>>>>>>>>> 21b707ca8a53</AuditId>
> >>>>>>>>>>>> </ns2:EBS>
> >>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
> >>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ServiceUserMUID>4523394</**
> >>>>>>>>>>>> ServiceUserMUID>
> >>>>>>>>>>>> </ns2:IDP>
> >>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
> >>>>>>>>>>>> <wsu:Created>2012-06-
> >>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
> >>>>>>>>>>>> <wsu:Expires>2012-06-
> >>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
> >>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
> >>>>>>>>>>>> </wsse:Username>
> >>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
> >>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
> >>>>>>>>>>>>
> >>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
> >>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
> >>>>>>>>>>>>
> >>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
> >>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
> >>>>>>>>>>>> wNTJaM
> >>>>>>>>>>>>
> >>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
> >>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
> >>>>>>>>>>>> TDj
> >>>>>>>>>>>>
> >>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
> >>>>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
> >>>>>>>>>>>>
> >>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
> >>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
> >>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
> >>>>>>>>>>>>
> >>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
> >>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
> >>>>>>>>>>>>
> >>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
> >>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
> >>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
> >>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>> <ds:Signature Id="SIG-6"
> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>> <ds:CanonicalizationMethod
> >>>>>>>>>>>>
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-
> >>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>> <ds:Reference URI="#id-1">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse
> >>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
> >>>>>>>>>>>> hAp3ByFuG9c
> >>>>>>>>>>>> Hs=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-2">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse
> >>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
> >>>>>>>>>>>> PE
> >>>>>>>>>>>> Oz3E=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-3">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse xs
> >>>>>>>>>>>> xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
> >>>>>>>>>>>> GGE=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-4">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsu xs
> >>>>>>>>>>>> xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
> >>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
> >>>>>>>>>>>> Gjo=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-5">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu
> >>>>>>>>>>>> xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
> >>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
> >>>>>>>>>>>> 9Y=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>> <ds:SignatureValue>
> >>>>>>>>>>>>
> >>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
> >>>>>>>>>>>> 0oUXV5B4nzU4fg
> >>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
> >>>>>>>>>>>>
> >>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
> >>>>>>>>>>>> LaD+S/j3QKc=
> >>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
> >>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
> >>>>>>>>>>>>
> >>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
> >>>>>>>>>>>> <ns5:validate xmlns:ns4="
> >>>>>>>>>>>>
> >>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>> "
> >>>>>>>>>>
> >>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
> >>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <requests>
> >>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <versionCode>WW</versionCode>
> >>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>> </requests>
> >>>>>>>>>>>> <locale>en</locale>
> >>>>>>>>>>>> </ns5:validate>
> >>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>> -------------------
> >>>>>>>>>>>> Sample Request (Built via SoapUI)
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
> >>>>>>>>>>>>
> >>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
> >>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
> >>>>>>>>>>>>
> >>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
> >>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
> >>>>>>>>>>>>
> >>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
> >>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
> >>>>>>>>>>>>
> >>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
> >>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
> >>>>>>>>>>>>
> >>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
> >>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
> >>>>>>>>>>>>
> >>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
> >>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
> >>>>>>>>>>>>
> >>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
> >>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
> >>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
> >>>>>>>>>>>>
> >>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
> >>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
> >>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
> >>>>>>>>>>>>
> >>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
> >>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
> >>>>>>>>>>>>
> >>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
> >>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
> >>>>>>>>>>>>
> >>>>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
> >>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
> >>>>>>>>>>>>
> >>>>>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
> >>>>>>>>>>>> OM0XL3xwzblWi++B
> >>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>> <ds:Signature Id="SIG-30"
> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>> <ds:CanonicalizationMethod
> >>>>>>>>>>>>
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>> <ds:Reference URI="#id-7">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
> >>>>>>>>>>>> DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-8">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
> >>>>>>>>>>>> DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#TS-29">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
> >>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
> >>>>>>>>>>>> ds:DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> >>>>>>>>>>>> URI="#UsernameToken-28">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
> >>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
> >>>>>>>>>>>> ds:DigestValu
> >>>>>>>>>>>> e>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference URI="#id-12">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
> >>>>>>>>>>>> ds:DigestValue
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
> >>>>>>>>>>>> UZ51zrXi3
> >>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
> >>>>>>>>>>>>
> >>>>>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
> >>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
> >>>>>>>>>>>>
> >>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
> >>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
> >>>>>>>>>>>>
> >>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
> >>>>>>>>>>>> 336idp
> >>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
> >>>>>>>>>>>>
> >>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
> >>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>> wsu:Id="STR-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
> >>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
> >>>>>>>>>>>>
> >>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
> >>>>>>>>>>>> <wsu:Created>2013-07-
> >>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
> >>>>>>>>>>>> <wsu:Expires>2013-07-
> >>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
> >>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
> >>>>>>>>>>>> 28">
> >>>>>>>>>>>> <wsse:Username>abc</wsse:**
> >>>>>>>>>>>> Username>
> >>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>> Type="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
> >>>>>>>>>>>> profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
> >>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
> >>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
> >>>>>>>>>>>> </idp:IDP>
> >>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
> >>>>>>>>>>>> <AuditId>12345</AuditId>
> >>>>>>>>>>>> </ebs:EBS>
> >>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
> >>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
> >>>>>>>>>>>> <hcv:validate>
> >>>>>>>>>>>> <requests>
> >>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <versionCode>AB</versionCode>
> >>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>> </requests>
> >>>>>>>>>>>> </hcv:validate>
> >>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> -----------------------
> >>>>>>>>>>>> Response (In either case):
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soap:Envelope
> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soap:Body>
> >>>>>>>>>>>> <soap:Fault>
> >>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
> >>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
> >>>>>>>>>>>> http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
> >>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
> >>>>>>>>>>>> </soap:Fault>
> >>>>>>>>>>>> </soap:Body>
> >>>>>>>>>>>> </soap:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
> >>>>>>>>>>>> ashakirin@talend.com>
> >>>>>>>>>>>>
> >>>>>>>>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Hi,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
> >>>>>>>>>>>>> client,
> >>>>>>>>>>>>>
> >>>>>>>>>>>> therefore appropriate interceptors are not activated on the
> >>>>>>>>>>>> service
> >>>>>>>>>>>>
> >>>>>>>>>>> side.
> >>>>>>>>>>
> >>>>>>>>>>> Could you double check that?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Exact request and response will be also useful for further
> >>>>>>>>>>>>> analyse.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Regards,
> >>>>>>>>>>>>> Andrei.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
> >>>>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
> >>>>>>>>>>>>>> WSDL-first service via Eclipse.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with
> >>>>>>>>>>>>>> the
> >>>>>>>>>>>>>> intention of implementing the service that it describes. The
> >>>>>>>>>>>>>> WSDL
> >>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
> >>>>>>>>>>>>>> UsernameToken,
> >>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I
> >>>>>>>>>>>>>> run a
> >>>>>>>>>>>>>> sample request that includes all of those components in the
> >>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
> >>>>>>>>>>>>>> understood"
> >>>>>>>>>>>>>> message, regarding the WS-Security header.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I've read on the documentation of CXF that additional
> >>>>>>>>>>>>>> dependencies
> >>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
> >>>>>>>>>>>>>> work, but
> >>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the entire
> >>>>>>>>>>>>>> CXF ZIP
> >>>>>>>>>>>>>> file as downloaded from the project website as the CXF
> >>>>>>>>>>>>>> Runtime. Is
> >>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way for
> >>>>>>>>>>>>>> me to
> >>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Thanks for any help.
> >>>>>>>>>>>>>> Jen
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>
> >>
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
I think that RequiredParts is not supported by the SP namespace you are
using, at least in CXF. Try changing sp namespace to
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702
And see if you get further. I checked the RequiredParts builder and it
does seem to assume this namespace.
On Sat, Jul 27, 2013 at 2:43 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> Ok. Following that, I've now got:
>
> Jul 27, 2013 12:41:56 AM
> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> handleNoRegisteredBuilder
> WARNING: No assertion builder for type {
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredPartsregistered.
>
> Maybe I'm missing a JAR? But I've included all the CXF modules into the
> classpath.
>
>
>
>
> On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
> > That should be:
> >
> > <sp:SignedSupportingTokens>
> > <wsp:Policy>
> > <sp:UsernameToken>
> > <wsp:Policy>
> > <wsp:All>
> > <sp:NoPassword/>
> > <sp:WssUsernameToken10/>
> > </wsp:All>
> > </wsp:Policy>
> > </sp:UsernameToken>
> > </wsp:Policy>
> > </sp:SignedSupportingTokens>
> >
> >
> >
> >
> > On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >
> >> Ok - try putting a <wsp:Policy> immediately inside the
> >> <sp:SignedSupportingTokens> tag and I think you might get further.
> >>
> >> So instead of:
> >>
> >>
> >> <sp:SignedSupportingTokens>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >> <sp:NoPassword/>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> </sp:SignedSupportingTokens>
> >>
> >> Try:
> >>
> >> <sp:SignedSupportingTokens>
> >> <wsp:Policy>
> >>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >> <sp:NoPassword/>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> <wsp:Policy>
> >> </sp:SignedSupportingTokens>
> >>
> >> Do this for both occurences.
> >>
> >>
> >> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com> wrote:
> >>
> >>> I realised you had already got that far yourself, apologies for wasting
> >>> everyone's time. I misread the email thread. So you already changed
> your
> >>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
> >>>
> >>> However when I change my policy file to use SignedSupportingToken
> rather
> >>> than SupportingToken I also get:
> >>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
> >>> not a <wsp:Policy> element.
> >>>
> >>> So I will have a play around with that now.
> >>>
> >>>
> >>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com>
> wrote:
> >>>
> >>>> Actually I just realised what the problem is. Your original namespace
> >>>> for sp was wrong. Just change it to
> >>>>
> >>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
> >>>>
> >>>> And it will all work. Sorry for the confusion, I am no expert, but
> did
> >>>> have the same problems so was worth the trial and error.
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com>
> wrote:
> >>>>
> >>>>> In fact just replacing the SP namespace should do it. The
> xmlns:wsp="
> >>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
> >>>>> problem.
> >>>>>
> >>>>> So just change the sp to:
> >>>>>
> >>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
> >>>>>
> >>>>>
> >>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com>
> wrote:
> >>>>>
> >>>>>> Changing the namespaces to the following will allow it to work with
> >>>>>> CXF:
> >>>>>>
> >>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
> >>>>>> xmlns:wsu="
> >>>>>>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >>>>>> "
> >>>>>> xmlns:sp="
> >>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
> >>>>>> jennifer@indivica.com> wrote:
> >>>>>>
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> Thanks for your message. The WSDL file clearly contains a number of
> >>>>>>> errors and so I'm happy to change it. The owners of the service
> will have
> >>>>>>> to adjust it anyway. What should I change the namespaces to?
> >>>>>>>
> >>>>>>> Thanks again
> >>>>>>> Jen
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
> >>>>>>>
> >>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
> >>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<
> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
> >
> >>>>>>>>
> >>>>>>>> This test case reproduces your issue I think. Changing the
> >>>>>>>> namespaces of
> >>>>>>>> the policy file will actually fix this, but probably not an option
> >>>>>>>> for you.
> >>>>>>>>
> >>>>>>>> public void testOldWspSpClient() throws Exception {
> >>>>>>>> ClassPathXmlApplicationContext clientContext =
> >>>>>>>> TestUtils.getContext(
> >>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
> >>>>>>>>
> >>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
> >>>>>>>> "OldSpWspSimpleServiceClient",
> >>>>>>>> OldSpWspSimpleService.class);
> >>>>>>>>
> >>>>>>>> WSS4JOutInterceptor wssOut =
> TestUtils.**getWssOutInterceptor(
> >>>>>>>> simpleService);
> >>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
> >>>>>>>> "password");
> >>>>>>>>
> >>>>>>>> try {
> >>>>>>>> simpleService.ping();
> >>>>>>>> } catch (SOAPFaultException e) {
> >>>>>>>> assertTrue(e.getMessage().**
> >>>>>>>> contains("MustUnderstand"));
> >>>>>>>> }
> >>>>>>>> }
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
> >>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>> Hi,
> >>>>>>>>>
> >>>>>>>>> I changed over my java first samples to use your namespaces, and
> I
> >>>>>>>>> also
> >>>>>>>>> got the Must understand error.
> >>>>>>>>>
> >>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to
> see
> >>>>>>>>> what
> >>>>>>>>> the problem is.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
> >>>>>>>>> jennifer@indivica.com>wrote:
> >>>>>>>>>
> >>>>>>>>> Hi,
> >>>>>>>>>>
> >>>>>>>>>> Thanks for your help.
> >>>>>>>>>>
> >>>>>>>>>> The project path did not export the appropriate jars to the
> >>>>>>>>>> WEB-INF/lib
> >>>>>>>>>> directory when being built, so I added them to the deployment
> >>>>>>>>>> assembly step
> >>>>>>>>>> in eclipse. I added all the dependencies as well.
> >>>>>>>>>>
> >>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
> >>>>>>>>>> headers are
> >>>>>>>>>> not understood" error message. But there's more. I'm also
> getting
> >>>>>>>>>> a strange
> >>>>>>>>>> message when Tomcat is deploying the application, from CXF:
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> SignedSupportingTokensregister**ed<
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered
> >
> >>>>>>>>>> .
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> RequiredPartsregistered<
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered
> >
> >>>>>>>>>> .
> >>>>>>>>>>
> >>>>>>>>>> Jul 26, 2013 1:23:24 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
> >>>>>>>>>> handleNoRegisteredBuilder
> >>>>>>>>>> WARNING: No assertion builder for type {
> >>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
> >>>>>>>>>> SignedPartsregistered<
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered
> >
> >>>>>>>>>> .
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> I thought that was weird because in all the examples I've seen
> the
> >>>>>>>>>> sp
> >>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>> 2005/07/securitypolicy<
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
> >>>>>>>>>> So I
> >>>>>>>>>> made the change in the WSDL and I got the following message upon
> >>>>>>>>>> restarting
> >>>>>>>>>> the server:
> >>>>>>>>>> Jul 26, 2013 1:25:16 PM
> >>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
> >>>>>>>>>> Wsdl11AttachmentPolicyProvider
> >>>>>>>>>> getElementPolicy
> >>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
> >>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
> >>>>>>>>>> UsernameToken<
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
> >>>>>>>>>> not a <wsp:Policy> element.
> >>>>>>>>>>
> >>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
> >>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
> >>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
> >>>>>>>>>> pretty close,
> >>>>>>>>>> I'm lost at this point. Do you happen to have any further
> >>>>>>>>>> suggestions?
> >>>>>>>>>>
> >>>>>>>>>> Thanks
> >>>>>>>>>> Jen
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <
> ashakirin@talend.com>
> >>>>>>>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>> Hi,
> >>>>>>>>>>>
> >>>>>>>>>>> "mustunderstand header is not understood" error is thrown by
> CXF
> >>>>>>>>>>>
> >>>>>>>>>> MustUnderstandInterceptor.
> >>>>>>>>>>
> >>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
> >>>>>>>>>>> SOAP
> >>>>>>>>>>>
> >>>>>>>>>> message can be processed by at least one CXF interceptor in
> chain.
> >>>>>>>>>>
> >>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method
> >>>>>>>>>>> to say
> >>>>>>>>>>>
> >>>>>>>>>> which headers they are able to proceed.
> >>>>>>>>>>
> >>>>>>>>>>> Security headers can be processed either by
> >>>>>>>>>>> AbstractTokenInterceptor
> >>>>>>>>>>>
> >>>>>>>>>> (extended by UsernameTokenInterceptor,
> SamlTokenInterceptor.java,
> >>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
> >>>>>>>>>>
> >>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
> >>>>>>>>>>>
> >>>>>>>>>> WSS4JInInterceptor.java).
> >>>>>>>>>>
> >>>>>>>>>>> In your case no any from these interceptors is in chain on the
> >>>>>>>>>>> service
> >>>>>>>>>>>
> >>>>>>>>>> side.
> >>>>>>>>>>
> >>>>>>>>>>> That could happens because:
> >>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
> >>>>>>>>>>> activate
> >>>>>>>>>>>
> >>>>>>>>>> that interceptors
> >>>>>>>>>>
> >>>>>>>>>>> b) service uses no ws-policy way and not configured with
> security
> >>>>>>>>>>>
> >>>>>>>>>> interceptor
> >>>>>>>>>>
> >>>>>>>>>>> c) appropriate CXF jars are not available:
> >>>>>>>>>>>
> >>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
> >>>>>>>>>>
> >>>>>>>>>>> Can you please check how your service is configured?
> >>>>>>>>>>>
> >>>>>>>>>>> Regards,
> >>>>>>>>>>> Andrei.
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
> >>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>
> >>>>>>>>>>>> Hi,
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may
> be an
> >>>>>>>>>>>>
> >>>>>>>>>>> issue with
> >>>>>>>>>>
> >>>>>>>>>>> the WSDL file itself.
> >>>>>>>>>>>>
> >>>>>>>>>>>> My request matches the example provided by the author of the
> >>>>>>>>>>>> WSDL file,
> >>>>>>>>>>>> but neither of them work. They both cause the same
> >>>>>>>>>>>> "mustunderstand
> >>>>>>>>>>>> header is not understood" error.
> >>>>>>>>>>>> Disabling the security policy allows the request to complete
> >>>>>>>>>>>> properly.
> >>>>>>>>>>>>
> >>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
> >>>>>>>>>>>> file, and
> >>>>>>>>>>>>
> >>>>>>>>>>> I know
> >>>>>>>>>>
> >>>>>>>>>>> that part is working because if I miss a required part (the
> >>>>>>>>>>>> timestamp,
> >>>>>>>>>>>>
> >>>>>>>>>>> for
> >>>>>>>>>>
> >>>>>>>>>>> example) in the header, CXF complains that not all of the
> required
> >>>>>>>>>>>>
> >>>>>>>>>>> parts have
> >>>>>>>>>>
> >>>>>>>>>>> been submitted. I guess this could be because of a signing
> issue,
> >>>>>>>>>>>>
> >>>>>>>>>>> although I'm
> >>>>>>>>>>
> >>>>>>>>>>> not sure.
> >>>>>>>>>>>>
> >>>>>>>>>>>> My reasons for building the service are because while there
> is a
> >>>>>>>>>>>> WSDL
> >>>>>>>>>>>> definition for the service, there's no way to access the
> service
> >>>>>>>>>>>>
> >>>>>>>>>>> itself. I know
> >>>>>>>>>>
> >>>>>>>>>>> exactly how the service is supposed to react to various inputs
> so
> >>>>>>>>>>>> I'm
> >>>>>>>>>>>>
> >>>>>>>>>>> trying to
> >>>>>>>>>>
> >>>>>>>>>>> build the same web service. It's for a health insurance card
> >>>>>>>>>>>>
> >>>>>>>>>>> validation service
> >>>>>>>>>>
> >>>>>>>>>>> in Ontario, Canada, and the service is provided by the
> government.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks.
> >>>>>>>>>>>> Jen
> >>>>>>>>>>>>
> >>>>>>>>>>>> ---------------------
> >>>>>>>>>>>> HCValidationService.wsdl
> >>>>>>>>>>>>
> >>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
> >>>>>>>>>>>> name="HCValidationService"
> >>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<
> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<
> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<
> http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
> >>>>>>>>>>>> securitypolicy/200512<
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<
> http://schemas.xmlsoap.org/wsdl/soap/>
> >>>>>>>>>>>> **"
> >>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<
> http://schemas.xmlsoap.org/ws/2004/09/policy>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>> 200401-wss-<
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<
> http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <types>
> >>>>>>>>>>>> <xsd:schema>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<
> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
> >>>>>>>>>>>> <xsd:import
> >>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
> >>>>>>>>>>>> </xsd:schema>
> >>>>>>>>>>>> </types>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:NoPassword/>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>>
> </wsp:All>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UserID"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="MSA"
> >>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedSupportingTokens>
> >>>>>>>>>>>> <sp:UsernameToken>
> >>>>>>>>>>>> <wsp:Policy>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <sp:WssUsernameToken10/>
> >>>>>>>>>>>>
> </wsp:All>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>> </sp:UsernameToken>
> >>>>>>>>>>>> </sp:SignedSupportingTokens>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:SignedParts>
> >>>>>>>>>>>> <sp:Header Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header Name="IDP"
> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Header
> Name="Timestamp"
> >>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
> >>>>>>>>>>>> 200401-wss-<
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
> >>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> <sp:Body/>
> >>>>>>>>>>>> </sp:SignedParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsp:ExactlyOne>
> >>>>>>>>>>>> <wsp:All>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="EBS"
> >>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="IDP"
> >>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="AuditId"
> >>>>>>>>>>>> Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> <sp:RequiredParts>
> >>>>>>>>>>>> <sp:Header
> >>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>> </sp:RequiredParts>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:All>
> >>>>>>>>>>>> </wsp:ExactlyOne>
> >>>>>>>>>>>> </wsp:Policy>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsdl:message name="EBSHeader">
> >>>>>>>>>>>> <wsdl:part element="ebs:EBS"
> >>>>>>>>>>>> name="ebsrequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>> <wsdl:message name="MSAHeader">
> >>>>>>>>>>>> <wsdl:part element="msa:MSA"
> >>>>>>>>>>>> name="msarequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>> <wsdl:message name="IDPHeader">
> >>>>>>>>>>>> <wsdl:part element="idp:IDP"
> >>>>>>>>>>>> name="idprequest_header"/>
> >>>>>>>>>>>> </wsdl:message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="validate">
> >>>>>>>>>>>> <wsdl:part element="hcv:validate"
> >>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="validateResponse">
> >>>>>>>>>>>> <part element="hcv:validateResponse"
> >>>>>>>>>>>> name="parameters"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <message name="faultexception">
> >>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
> >>>>>>>>>>>> </message>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <portType name="HCValidation">
> >>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>> <input message="hcv:validate"/>
> >>>>>>>>>>>> <output
> message="hcv:validateResponse"**/>
> >>>>>>>>>>>> <fault message="hcv:faultexception"
> >>>>>>>>>>>> name="FaultException"/>
> >>>>>>>>>>>> </operation>
> >>>>>>>>>>>> </portType>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <binding name="HCValidationPortBinding"
> >>>>>>>>>>>> type="hcv:HCValidation">
> >>>>>>>>>>>> <soap:binding style="document"
> >>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<
> http://schemas.xmlsoap.org/soap/http>
> >>>>>>>>>>>> "/>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <operation name="validate">
> >>>>>>>>>>>> <soap:operation soapAction=""/>
> >>>>>>>>>>>> <input>
> >>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header"
> use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header"
> use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:header
> >>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header"
> use="literal"/>
> >>>>>>>>>>>> <wsdlsoap:body parts="parameters"
> >>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>> </input>
> >>>>>>>>>>>> <output>
> >>>>>>>>>>>> <soap:body use="literal"/>
> >>>>>>>>>>>> </output>
> >>>>>>>>>>>> <fault name="FaultException">
> >>>>>>>>>>>> <soap:fault name="FaultException"
> >>>>>>>>>>>> use="literal"/>
> >>>>>>>>>>>> </fault>
> >>>>>>>>>>>> </operation>
> >>>>>>>>>>>> </binding>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <service name="HCValidationService">
> >>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
> >>>>>>>>>>>> name="HCValidationPort">
> >>>>>>>>>>>> <soap:address
> >>>>>>>>>>>> location="
> >>>>>>>>>>>>
> >>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
> >>>>>>>>>> HCValidationSe<
> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
> >>>>>>>>>>
> >>>>>>>>>>> rvice"/>
> >>>>>>>>>>>> </port>
> >>>>>>>>>>>> </service>
> >>>>>>>>>>>> </definitions>
> >>>>>>>>>>>>
> >>>>>>>>>>>> ---------------------
> >>>>>>>>>>>> Sample Request (provided by author of WSDL)
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
> >>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<
> http://schemas.xmlsoap.org/security/2000-12>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<
> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
> >>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<
> http://www.w3.org/2001/XMLSchema-instance>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
> >>>>>>>>>>>> securitypolicy<
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
> >>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
> >>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<
> http://www.w3.org/2001/XMLSchema>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<
> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <
> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
> >>>>>>>>>>>> xmlns:ebs="http://ebs.health.**
> ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<
> http://schemas.xmlsoap.org/wsdl/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsp="http://schemas.**
> xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy
> >
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <SoftwareConformanceKey>**
> >>>>>>>>>>>> 444561ee-277f-77b2-
> >>>>>>>>>>>> c664-7a9923jfgh1b
> >>>>>>>>>>>> </SoftwareConformanceKey>
> >>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
> >>>>>>>>>>>> 21b707ca8a53</AuditId>
> >>>>>>>>>>>> </ns2:EBS>
> >>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
> >>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ServiceUserMUID>4523394</**
> >>>>>>>>>>>> ServiceUserMUID>
> >>>>>>>>>>>> </ns2:IDP>
> >>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
> >>>>>>>>>>>> <wsu:Created>2012-06-
> >>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
> >>>>>>>>>>>> <wsu:Expires>2012-06-
> >>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
> >>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
> >>>>>>>>>>>> </wsse:Username>
> >>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
> >>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>> EncodingType="http://docs.
> **oasis-<http://docs.oasis->
> >>>>>>>>>>>>
> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>> 1.0#X509v3<
> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> >
> >>>>>>>>>>>> "
> >>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
> >>>>>>>>>>>>
> >>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
> >>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
> >>>>>>>>>>>>
> >>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
> >>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
> >>>>>>>>>>>> wNTJaM
> >>>>>>>>>>>>
> >>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
> >>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
> >>>>>>>>>>>> TDj
> >>>>>>>>>>>>
> >>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
> >>>>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
> >>>>>>>>>>>>
> >>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
> >>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
> >>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
> >>>>>>>>>>>>
> >>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
> >>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
> >>>>>>>>>>>>
> >>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
> >>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
> >>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
> >>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>> <ds:Signature Id="SIG-6"
> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
> http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>>
> <ds:CanonicalizationMethod
> >>>>>>>>>>>>
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-
> >>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>> <ds:Reference
> URI="#id-1">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse
> >>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
> >>>>>>>>>>>> hAp3ByFuG9c
> >>>>>>>>>>>> Hs=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-2">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse
> >>>>>>>>>>>> wsu xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
> >>>>>>>>>>>> PE
> >>>>>>>>>>>> Oz3E=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-3">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsse xs
> >>>>>>>>>>>> xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
> >>>>>>>>>>>> GGE=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-4">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
> >>>>>>>>>>>> wsu xs
> >>>>>>>>>>>> xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
> >>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
> >>>>>>>>>>>> Gjo=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-5">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>>
> >>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse
> wsu
> >>>>>>>>>>>> xs xsi"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<
> http://www.w3.org/2001/04/xmlenc#sha256>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
> >>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
> >>>>>>>>>>>> 9Y=
> >>>>>>>>>>>> </ds:DigestValue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>> <ds:SignatureValue>
> >>>>>>>>>>>>
> >>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
> >>>>>>>>>>>> 0oUXV5B4nzU4fg
> >>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
> >>>>>>>>>>>>
> >>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
> >>>>>>>>>>>> LaD+S/j3QKc=
> >>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
> >>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
> >>>>>>>>>>>>
> >>>>>>>>>>>> ValueType="http://docs.oasis-**
> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <
> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
> >>>>>>>>>>>> <ns5:validate xmlns:ns4="
> >>>>>>>>>>>>
> >>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>> "
> >>>>>>>>>>
> >>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
> >>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
> >>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:ns5="http://hcv.health.**
> ontario.ca/<http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <requests>
> >>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <versionCode>WW</versionCode>
> >>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>> </requests>
> >>>>>>>>>>>> <locale>en</locale>
> >>>>>>>>>>>> </ns5:validate>
> >>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>> -------------------
> >>>>>>>>>>>> Sample Request (Built via SoapUI)
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<
> http://ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<
> http://hcv.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<
> http://idp.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<
> http://msa.ebs.health.ontario.ca/>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<
> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soapenv:Header>
> >>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
> >>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
> >>>>>>>>>>>> "
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <wsse:BinarySecurityToken
> >>>>>>>>>>>> EncodingType="http://docs.
> **oasis-<http://docs.oasis->
> >>>>>>>>>>>>
> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<
> http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
> >>>>>>>>>>>> 1.0#Base64Binary"
> >>>>>>>>>>>> ValueType="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
> >>>>>>>>>>>> 1.0#X509v3<
> http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> >
> >>>>>>>>>>>> "
> >>>>>>>>>>>> wsu:Id="X509-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
> >>>>>>>>>>>>
> >>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
> >>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
> >>>>>>>>>>>>
> >>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
> >>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
> >>>>>>>>>>>>
> >>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
> >>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
> >>>>>>>>>>>>
> >>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
> >>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
> >>>>>>>>>>>>
> >>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
> >>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
> >>>>>>>>>>>>
> >>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
> >>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
> >>>>>>>>>>>>
> >>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
> >>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
> >>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
> >>>>>>>>>>>>
> >>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
> >>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
> >>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
> >>>>>>>>>>>>
> >>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
> >>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
> >>>>>>>>>>>>
> >>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
> >>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
> >>>>>>>>>>>>
> >>>>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
> >>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
> >>>>>>>>>>>> OM0XL3xwzblWi++B
> >>>>>>>>>>>> </wsse:BinarySecurityToken>
> >>>>>>>>>>>> <ds:Signature Id="SIG-30"
> >>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<
> http://www.w3.org/2000/09/xmldsig#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <ds:SignedInfo>
> >>>>>>>>>>>>
> <ds:CanonicalizationMethod
> >>>>>>>>>>>>
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces
> >>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:CanonicalizationMethod>
> >>>>>>>>>>>> <ds:SignatureMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<
> http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>> <ds:Reference
> URI="#id-7">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
> >>>>>>>>>>>> DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-8">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
> >>>>>>>>>>>> DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#TS-29">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
> >>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
> >>>>>>>>>>>> ds:DigestVal
> >>>>>>>>>>>> ue>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> >>>>>>>>>>>> URI="#UsernameToken-28">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
> >>>>>>>>>>>> soapenv"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
> >>>>>>>>>>>> ds:DigestValu
> >>>>>>>>>>>> e>
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> <ds:Reference
> URI="#id-12">
> >>>>>>>>>>>> <ds:Transforms>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:Transform
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> >>>>>>>>>>>>
> >>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<
> http://www.w3.org/2001/10/xml-exc-c14n#>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </ds:Transform>
> >>>>>>>>>>>> </ds:Transforms>
> >>>>>>>>>>>> <ds:DigestMethod
> >>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<
> http://www.w3.org/2000/09/xmldsig#sha1>"
> >>>>>>>>>>>> />
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
> >>>>>>>>>>>> ds:DigestValue
> >>>>>>>>>>>> </ds:Reference>
> >>>>>>>>>>>> </ds:SignedInfo>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
> >>>>>>>>>>>> UZ51zrXi3
> >>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
> >>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
> >>>>>>>>>>>>
> >>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
> >>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
> >>>>>>>>>>>>
> >>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
> >>>>>>>>>>>> 336idp
> >>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
> >>>>>>>>>>>>
> >>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
> >>>>>>>>>>>> </ds:SignatureValue>
> >>>>>>>>>>>> <ds:KeyInfo Id="KI-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <wsse:SecurityTokenReference
> >>>>>>>>>>>> wsu:Id="STR-
> >>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
> >>>>>>>>>>>> <wsse:Reference
> >>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
> >>>>>>>>>>>>
> >>>>>>>>>>>> ValueType="http://docs.oasis-**
> open.org/wss/2004/01/oasis-
> >>>>>>>>>>>> **200401- <
> http://docs.oasis-open.org/wss/2004/01/oasis-200401->
> >>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
> >>>>>>>>>>>>
> >>>>>>>>>>>> </wsse:SecurityTokenReference>
> >>>>>>>>>>>> </ds:KeyInfo>
> >>>>>>>>>>>> </ds:Signature>
> >>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
> >>>>>>>>>>>> <wsu:Created>2013-07-
> >>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
> >>>>>>>>>>>> <wsu:Expires>2013-07-
> >>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
> >>>>>>>>>>>> </wsu:Timestamp>
> >>>>>>>>>>>> <wsse:UsernameToken
> wsu:Id="UsernameToken-
> >>>>>>>>>>>> 28">
> >>>>>>>>>>>> <wsse:Username>abc</wsse:**
> >>>>>>>>>>>> Username>
> >>>>>>>>>>>> <wsse:Password
> >>>>>>>>>>>> Type="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
> >>>>>>>>>>>> profile-<
> http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
> >>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
> >>>>>>>>>>>> </wsse:UsernameToken>
> >>>>>>>>>>>> </wsse:Security>
> >>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> <ServiceUserMUID>12345</**ServiceUserMUID>
> >>>>>>>>>>>> </idp:IDP>
> >>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
> >>>>>>>>>>>> 1.0.xsd<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>>
> >>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
> >>>>>>>>>>>> <AuditId>12345</AuditId>
> >>>>>>>>>>>> </ebs:EBS>
> >>>>>>>>>>>> </soapenv:Header>
> >>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
> >>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-<
> http://docs.oasis-open.org/wss/2004/01/oasis->
> >>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
> >>>>>>>>>>>> <hcv:validate>
> >>>>>>>>>>>> <requests>
> >>>>>>>>>>>> <hcvRequest>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
> >>>>>>>>>>>>
> >>>>>>>>>>>> <versionCode>AB</versionCode>
> >>>>>>>>>>>> </hcvRequest>
> >>>>>>>>>>>> </requests>
> >>>>>>>>>>>> </hcv:validate>
> >>>>>>>>>>>> </soapenv:Body>
> >>>>>>>>>>>> </soapenv:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> -----------------------
> >>>>>>>>>>>> Response (In either case):
> >>>>>>>>>>>>
> >>>>>>>>>>>> <soap:Envelope
> >>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<
> http://schemas.xmlsoap.org/soap/envelope/>
> >>>>>>>>>>>> ">
> >>>>>>>>>>>> <soap:Body>
> >>>>>>>>>>>> <soap:Fault>
> >>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
> >>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
> >>>>>>>>>>>> http://docs.oasis-
> >>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<
> http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
> >>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
> >>>>>>>>>>>> </soap:Fault>
> >>>>>>>>>>>> </soap:Body>
> >>>>>>>>>>>> </soap:Envelope>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>>
> >>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
> >>>>>>>>>>>> ashakirin@talend.com>
> >>>>>>>>>>>>
> >>>>>>>>>>> wrote:
> >>>>>>>>>>
> >>>>>>>>>>> Hi,
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
> >>>>>>>>>>>>> client,
> >>>>>>>>>>>>>
> >>>>>>>>>>>> therefore appropriate interceptors are not activated on the
> >>>>>>>>>>>> service
> >>>>>>>>>>>>
> >>>>>>>>>>> side.
> >>>>>>>>>>
> >>>>>>>>>>> Could you double check that?
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Exact request and response will be also useful for further
> >>>>>>>>>>>>> analyse.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> Regards,
> >>>>>>>>>>>>> Andrei.
> >>>>>>>>>>>>>
> >>>>>>>>>>>>> -----Original Message-----
> >>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
> >>>>>>>>>>>>>> To: users@cxf.apache.org
> >>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying
> a
> >>>>>>>>>>>>>> WSDL-first service via Eclipse.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it)
> with
> >>>>>>>>>>>>>> the
> >>>>>>>>>>>>>> intention of implementing the service that it describes. The
> >>>>>>>>>>>>>> WSDL
> >>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
> >>>>>>>>>>>>>> UsernameToken,
> >>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time
> I
> >>>>>>>>>>>>>> run a
> >>>>>>>>>>>>>> sample request that includes all of those components in the
> >>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
> >>>>>>>>>>>>>> understood"
> >>>>>>>>>>>>>> message, regarding the WS-Security header.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I've read on the documentation of CXF that additional
> >>>>>>>>>>>>>> dependencies
> >>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
> >>>>>>>>>>>>>> work, but
> >>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the
> entire
> >>>>>>>>>>>>>> CXF ZIP
> >>>>>>>>>>>>>> file as downloaded from the project website as the CXF
> >>>>>>>>>>>>>> Runtime. Is
> >>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way
> for
> >>>>>>>>>>>>>> me to
> >>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Thanks for any help.
> >>>>>>>>>>>>>> Jen
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>
> >>
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Ok. Following that, I've now got:
Jul 27, 2013 12:41:56 AM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}RequiredParts registered.
Maybe I'm missing a JAR? But I've included all the CXF modules into the classpath.
On 2013-07-27, at 12:38 AM, Jason Pell <ja...@pellcorp.com> wrote:
> That should be:
>
> <sp:SignedSupportingTokens>
> <wsp:Policy>
> <sp:UsernameToken>
> <wsp:Policy>
> <wsp:All>
> <sp:NoPassword/>
> <sp:WssUsernameToken10/>
> </wsp:All>
> </wsp:Policy>
> </sp:UsernameToken>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
>
>
>
> On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> Ok - try putting a <wsp:Policy> immediately inside the
>> <sp:SignedSupportingTokens> tag and I think you might get further.
>>
>> So instead of:
>>
>>
>> <sp:SignedSupportingTokens>
>> <sp:UsernameToken>
>> <wsp:Policy>
>> <wsp:All>
>> <sp:NoPassword/>
>> <sp:WssUsernameToken10/>
>> </wsp:All>
>> </wsp:Policy>
>> </sp:UsernameToken>
>> </sp:SignedSupportingTokens>
>>
>> Try:
>>
>> <sp:SignedSupportingTokens>
>> <wsp:Policy>
>>
>> <sp:UsernameToken>
>> <wsp:Policy>
>> <wsp:All>
>> <sp:NoPassword/>
>> <sp:WssUsernameToken10/>
>> </wsp:All>
>> </wsp:Policy>
>> </sp:UsernameToken>
>> <wsp:Policy>
>> </sp:SignedSupportingTokens>
>>
>> Do this for both occurences.
>>
>>
>> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> I realised you had already got that far yourself, apologies for wasting
>>> everyone's time. I misread the email thread. So you already changed your
>>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>>>
>>> However when I change my policy file to use SignedSupportingToken rather
>>> than SupportingToken I also get:
>>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
>>> not a <wsp:Policy> element.
>>>
>>> So I will have a play around with that now.
>>>
>>>
>>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> Actually I just realised what the problem is. Your original namespace
>>>> for sp was wrong. Just change it to
>>>>
>>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>>>>
>>>> And it will all work. Sorry for the confusion, I am no expert, but did
>>>> have the same problems so was worth the trial and error.
>>>>
>>>>
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>>
>>>>> In fact just replacing the SP namespace should do it. The xmlns:wsp="
>>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>>>>> problem.
>>>>>
>>>>> So just change the sp to:
>>>>>
>>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>>
>>>>>
>>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>>>
>>>>>> Changing the namespaces to the following will allow it to work with
>>>>>> CXF:
>>>>>>
>>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>>>>> xmlns:wsu="
>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>>>>> "
>>>>>> xmlns:sp="
>>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>>>>>> jennifer@indivica.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Thanks for your message. The WSDL file clearly contains a number of
>>>>>>> errors and so I'm happy to change it. The owners of the service will have
>>>>>>> to adjust it anyway. What should I change the namespaces to?
>>>>>>>
>>>>>>> Thanks again
>>>>>>> Jen
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>>>>
>>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>>>>>>
>>>>>>>> This test case reproduces your issue I think. Changing the
>>>>>>>> namespaces of
>>>>>>>> the policy file will actually fix this, but probably not an option
>>>>>>>> for you.
>>>>>>>>
>>>>>>>> public void testOldWspSpClient() throws Exception {
>>>>>>>> ClassPathXmlApplicationContext clientContext =
>>>>>>>> TestUtils.getContext(
>>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>>>>
>>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>>>>>> "OldSpWspSimpleServiceClient",
>>>>>>>> OldSpWspSimpleService.class);
>>>>>>>>
>>>>>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>>>>>>> simpleService);
>>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>>>>>>>> "password");
>>>>>>>>
>>>>>>>> try {
>>>>>>>> simpleService.ping();
>>>>>>>> } catch (SOAPFaultException e) {
>>>>>>>> assertTrue(e.getMessage().**
>>>>>>>> contains("MustUnderstand"));
>>>>>>>> }
>>>>>>>> }
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I changed over my java first samples to use your namespaces, and I
>>>>>>>>> also
>>>>>>>>> got the Must understand error.
>>>>>>>>>
>>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
>>>>>>>>> what
>>>>>>>>> the problem is.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>>>>> jennifer@indivica.com>wrote:
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Thanks for your help.
>>>>>>>>>>
>>>>>>>>>> The project path did not export the appropriate jars to the
>>>>>>>>>> WEB-INF/lib
>>>>>>>>>> directory when being built, so I added them to the deployment
>>>>>>>>>> assembly step
>>>>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>>>>
>>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>>>>>>>>>> headers are
>>>>>>>>>> not understood" error message. But there's more. I'm also getting
>>>>>>>>>> a strange
>>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>>>>>>> .
>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>>>>>>> .
>>>>>>>>>>
>>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>>>>>>> .
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I thought that was weird because in all the examples I've seen the
>>>>>>>>>> sp
>>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>> 2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>>>>> So I
>>>>>>>>>> made the change in the WSDL and I got the following message upon
>>>>>>>>>> restarting
>>>>>>>>>> the server:
>>>>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>>>>> getElementPolicy
>>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>>>
>>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>>>>>>>>>> pretty close,
>>>>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>>>>> suggestions?
>>>>>>>>>>
>>>>>>>>>> Thanks
>>>>>>>>>> Jen
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>>>>>>
>>>>>>>>>> MustUnderstandInterceptor.
>>>>>>>>>>
>>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
>>>>>>>>>>> SOAP
>>>>>>>>>>>
>>>>>>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>>>>>>
>>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method
>>>>>>>>>>> to say
>>>>>>>>>>>
>>>>>>>>>> which headers they are able to proceed.
>>>>>>>>>>
>>>>>>>>>>> Security headers can be processed either by
>>>>>>>>>>> AbstractTokenInterceptor
>>>>>>>>>>>
>>>>>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>>>>>
>>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>>>>
>>>>>>>>>> WSS4JInInterceptor.java).
>>>>>>>>>>
>>>>>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>>>>>> service
>>>>>>>>>>>
>>>>>>>>>> side.
>>>>>>>>>>
>>>>>>>>>>> That could happens because:
>>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>>>>> activate
>>>>>>>>>>>
>>>>>>>>>> that interceptors
>>>>>>>>>>
>>>>>>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>>>>>>
>>>>>>>>>> interceptor
>>>>>>>>>>
>>>>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>>>>
>>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>>>>
>>>>>>>>>>> Can you please check how your service is configured?
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Andrei.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>>>>>>
>>>>>>>>>>> issue with
>>>>>>>>>>
>>>>>>>>>>> the WSDL file itself.
>>>>>>>>>>>>
>>>>>>>>>>>> My request matches the example provided by the author of the
>>>>>>>>>>>> WSDL file,
>>>>>>>>>>>> but neither of them work. They both cause the same
>>>>>>>>>>>> "mustunderstand
>>>>>>>>>>>> header is not understood" error.
>>>>>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>>>>>> properly.
>>>>>>>>>>>>
>>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
>>>>>>>>>>>> file, and
>>>>>>>>>>>>
>>>>>>>>>>> I know
>>>>>>>>>>
>>>>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>>>>> timestamp,
>>>>>>>>>>>>
>>>>>>>>>>> for
>>>>>>>>>>
>>>>>>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>>>>>>
>>>>>>>>>>> parts have
>>>>>>>>>>
>>>>>>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>>>>>>
>>>>>>>>>>> although I'm
>>>>>>>>>>
>>>>>>>>>>> not sure.
>>>>>>>>>>>>
>>>>>>>>>>>> My reasons for building the service are because while there is a
>>>>>>>>>>>> WSDL
>>>>>>>>>>>> definition for the service, there's no way to access the service
>>>>>>>>>>>>
>>>>>>>>>>> itself. I know
>>>>>>>>>>
>>>>>>>>>>> exactly how the service is supposed to react to various inputs so
>>>>>>>>>>>> I'm
>>>>>>>>>>>>
>>>>>>>>>>> trying to
>>>>>>>>>>
>>>>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>>>>
>>>>>>>>>>> validation service
>>>>>>>>>>
>>>>>>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks.
>>>>>>>>>>>> Jen
>>>>>>>>>>>>
>>>>>>>>>>>> ---------------------
>>>>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>>>>
>>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>>>>> name="HCValidationService"
>>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>>> **"
>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <types>
>>>>>>>>>>>> <xsd:schema>
>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>>>>> <xsd:import
>>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>>>>> </xsd:schema>
>>>>>>>>>>>> </types>
>>>>>>>>>>>>
>>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>
>>>>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>>>>
>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="UserID"
>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="MSA"
>>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>>
>>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Header Name="Timestamp"
>>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>>
>>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="EBS"
>>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="IDP"
>>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>>> <sp:Header
>>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> "/>
>>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>> </wsp:All>
>>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>>
>>>>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>>>>> name="msarequest_header"/>
>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>>>>> name="idprequest_header"/>
>>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>>
>>>>>>>>>>>> <message name="validate">
>>>>>>>>>>>> <wsdl:part element="hcv:validate"
>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>> </message>
>>>>>>>>>>>>
>>>>>>>>>>>> <message name="validateResponse">
>>>>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>>> </message>
>>>>>>>>>>>>
>>>>>>>>>>>> <message name="faultexception">
>>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>>>>> </message>
>>>>>>>>>>>>
>>>>>>>>>>>> <portType name="HCValidation">
>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>>>>> name="FaultException"/>
>>>>>>>>>>>> </operation>
>>>>>>>>>>>> </portType>
>>>>>>>>>>>>
>>>>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>>>>> <soap:binding style="document"
>>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>>>>>>> "/>
>>>>>>>>>>>>
>>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>>>>> <input>
>>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>> </input>
>>>>>>>>>>>> <output>
>>>>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>>>>> </output>
>>>>>>>>>>>> <fault name="FaultException">
>>>>>>>>>>>> <soap:fault name="FaultException"
>>>>>>>>>>>> use="literal"/>
>>>>>>>>>>>> </fault>
>>>>>>>>>>>> </operation>
>>>>>>>>>>>> </binding>
>>>>>>>>>>>>
>>>>>>>>>>>> <service name="HCValidationService">
>>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>>>>> name="HCValidationPort">
>>>>>>>>>>>> <soap:address
>>>>>>>>>>>> location="
>>>>>>>>>>>>
>>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>>>>>>>>>> HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>>>>
>>>>>>>>>>> rvice"/>
>>>>>>>>>>>> </port>
>>>>>>>>>>>> </service>
>>>>>>>>>>>> </definitions>
>>>>>>>>>>>>
>>>>>>>>>>>> ---------------------
>>>>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>>>>
>>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>>>>>>>>>>>> securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>>>>> </ns2:EBS>
>>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <ServiceUserMUID>4523394</**
>>>>>>>>>>>> ServiceUserMUID>
>>>>>>>>>>>> </ns2:IDP>
>>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>>>>> </wsse:Username>
>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>>>> "
>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>>>>
>>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>>>>
>>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>>>>> wNTJaM
>>>>>>>>>>>>
>>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>>>>> TDj
>>>>>>>>>>>>
>>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>>>>
>>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>>>>
>>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>>>>
>>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-
>>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>> <ds:Reference URI="#id-1">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>>> wsse
>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>>>>> hAp3ByFuG9c
>>>>>>>>>>>> Hs=
>>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-2">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>>> wsse
>>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>>>>>>>>>>>> PE
>>>>>>>>>>>> Oz3E=
>>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-3">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>>> wsse xs
>>>>>>>>>>>> xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>>>>> GGE=
>>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-4">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>>> wsu xs
>>>>>>>>>>>> xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>>>>> Gjo=
>>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-5">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>>
>>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu
>>>>>>>>>>>> xs xsi"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>>>>> 9Y=
>>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>>>>
>>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>>>>>>>>>>>> 0oUXV5B4nzU4fg
>>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>>>>
>>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>>>>>
>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>>>>
>>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>
>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>>>>
>>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>>
>>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <requests>
>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>
>>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>>>>>
>>>>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>> </requests>
>>>>>>>>>>>> <locale>en</locale>
>>>>>>>>>>>> </ns5:validate>
>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>
>>>>>>>>>>>> -------------------
>>>>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>>>>
>>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>>> "
>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>>>> "
>>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>>>>
>>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>>>>
>>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>>>>
>>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>>>>
>>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>>>>
>>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>>>>
>>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>>>>
>>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>>>>
>>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>>>>
>>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>>>>
>>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>>>>
>>>>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>>>>
>>>>>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>>
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>> <ds:Reference URI="#id-7">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>>>>> DigestVal
>>>>>>>>>>>> ue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-8">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>>>>> DigestVal
>>>>>>>>>>>> ue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>>>>> ds:DigestVal
>>>>>>>>>>>> ue>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference
>>>>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>>>>>>>>>>>> soapenv"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>>>>> ds:DigestValu
>>>>>>>>>>>> e>
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> <ds:Reference URI="#id-12">
>>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:Transform
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>>>>
>>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>>> />
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>>>>> ds:DigestValue
>>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>>
>>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>>>>> UZ51zrXi3
>>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>>>>
>>>>>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>>>>
>>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>>>>
>>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>>>>>>>>>>>> 336idp
>>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>>>>
>>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>>>>>
>>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>>> wsu:Id="STR-
>>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>>>>
>>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>>
>>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>>>>>>> 28">
>>>>>>>>>>>> <wsse:Username>abc</wsse:**
>>>>>>>>>>>> Username>
>>>>>>>>>>>> <wsse:Password
>>>>>>>>>>>> Type="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>>>>>>>>>>>> profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>>>>> </idp:IDP>
>>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>>> ">
>>>>>>>>>>>>
>>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>>>>> </ebs:EBS>
>>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>>>>> <hcv:validate>
>>>>>>>>>>>> <requests>
>>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>>
>>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>>>>>
>>>>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>>> </requests>
>>>>>>>>>>>> </hcv:validate>
>>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> -----------------------
>>>>>>>>>>>> Response (In either case):
>>>>>>>>>>>>
>>>>>>>>>>>> <soap:Envelope
>>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>>> ">
>>>>>>>>>>>> <soap:Body>
>>>>>>>>>>>> <soap:Fault>
>>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>>>>>>>>>>>> http://docs.oasis-
>>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>>>>> </soap:Fault>
>>>>>>>>>>>> </soap:Body>
>>>>>>>>>>>> </soap:Envelope>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>>>>>>>>>>>> ashakirin@talend.com>
>>>>>>>>>>>>
>>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>>>
>>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>>>>>> client,
>>>>>>>>>>>>>
>>>>>>>>>>>> therefore appropriate interceptors are not activated on the
>>>>>>>>>>>> service
>>>>>>>>>>>>
>>>>>>>>>>> side.
>>>>>>>>>>
>>>>>>>>>>> Could you double check that?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>>>>> analyse.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>>
>>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with
>>>>>>>>>>>>>> the
>>>>>>>>>>>>>> intention of implementing the service that it describes. The
>>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>>>>> UsernameToken,
>>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I
>>>>>>>>>>>>>> run a
>>>>>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>>>>> understood"
>>>>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>>>>> dependencies
>>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>>>>>>>>>>>>>> work, but
>>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the entire
>>>>>>>>>>>>>> CXF ZIP
>>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>>>>>>>>>>>>>> Runtime. Is
>>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way for
>>>>>>>>>>>>>> me to
>>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
That should be:
<sp:SignedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<wsp:All>
<sp:NoPassword/>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
On Sat, Jul 27, 2013 at 2:36 PM, Jason Pell <ja...@pellcorp.com> wrote:
> Ok - try putting a <wsp:Policy> immediately inside the
> <sp:SignedSupportingTokens> tag and I think you might get further.
>
> So instead of:
>
>
> <sp:SignedSupportingTokens>
> <sp:UsernameToken>
> <wsp:Policy>
> <wsp:All>
> <sp:NoPassword/>
> <sp:WssUsernameToken10/>
> </wsp:All>
> </wsp:Policy>
> </sp:UsernameToken>
> </sp:SignedSupportingTokens>
>
> Try:
>
> <sp:SignedSupportingTokens>
> <wsp:Policy>
>
> <sp:UsernameToken>
> <wsp:Policy>
> <wsp:All>
> <sp:NoPassword/>
> <sp:WssUsernameToken10/>
> </wsp:All>
> </wsp:Policy>
> </sp:UsernameToken>
> <wsp:Policy>
> </sp:SignedSupportingTokens>
>
> Do this for both occurences.
>
>
> On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> I realised you had already got that far yourself, apologies for wasting
>> everyone's time. I misread the email thread. So you already changed your
>> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>>
>> However when I change my policy file to use SignedSupportingToken rather
>> than SupportingToken I also get:
>> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
>> not a <wsp:Policy> element.
>>
>> So I will have a play around with that now.
>>
>>
>> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> Actually I just realised what the problem is. Your original namespace
>>> for sp was wrong. Just change it to
>>>
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>>>
>>> And it will all work. Sorry for the confusion, I am no expert, but did
>>> have the same problems so was worth the trial and error.
>>>
>>>
>>>
>>>
>>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> In fact just replacing the SP namespace should do it. The xmlns:wsp="
>>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>>>> problem.
>>>>
>>>> So just change the sp to:
>>>>
>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>>
>>>>> Changing the namespaces to the following will allow it to work with
>>>>> CXF:
>>>>>
>>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>>>> xmlns:wsu="
>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>>>> "
>>>>> xmlns:sp="
>>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <
>>>>> jennifer@indivica.com> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Thanks for your message. The WSDL file clearly contains a number of
>>>>>> errors and so I'm happy to change it. The owners of the service will have
>>>>>> to adjust it anyway. What should I change the namespaces to?
>>>>>>
>>>>>> Thanks again
>>>>>> Jen
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>>>
>>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>>>>>
>>>>>>> This test case reproduces your issue I think. Changing the
>>>>>>> namespaces of
>>>>>>> the policy file will actually fix this, but probably not an option
>>>>>>> for you.
>>>>>>>
>>>>>>> public void testOldWspSpClient() throws Exception {
>>>>>>> ClassPathXmlApplicationContext clientContext =
>>>>>>> TestUtils.getContext(
>>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>>>
>>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>>>>> "OldSpWspSimpleServiceClient",
>>>>>>> OldSpWspSimpleService.class);
>>>>>>>
>>>>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>>>>>> simpleService);
>>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice",
>>>>>>> "password");
>>>>>>>
>>>>>>> try {
>>>>>>> simpleService.ping();
>>>>>>> } catch (SOAPFaultException e) {
>>>>>>> assertTrue(e.getMessage().**
>>>>>>> contains("MustUnderstand"));
>>>>>>> }
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I changed over my java first samples to use your namespaces, and I
>>>>>>>> also
>>>>>>>> got the Must understand error.
>>>>>>>>
>>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
>>>>>>>> what
>>>>>>>> the problem is.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>>>> jennifer@indivica.com>wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> Thanks for your help.
>>>>>>>>>
>>>>>>>>> The project path did not export the appropriate jars to the
>>>>>>>>> WEB-INF/lib
>>>>>>>>> directory when being built, so I added them to the deployment
>>>>>>>>> assembly step
>>>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>>>
>>>>>>>>> Unfortunately, I was still getting the same "mustunderstand
>>>>>>>>> headers are
>>>>>>>>> not understood" error message. But there's more. I'm also getting
>>>>>>>>> a strange
>>>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>>>>>> .
>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>>>>>> .
>>>>>>>>>
>>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>>> handleNoRegisteredBuilder
>>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>>>>>> .
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I thought that was weird because in all the examples I've seen the
>>>>>>>>> sp
>>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**
>>>>>>>>> 2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>>>> So I
>>>>>>>>> made the change in the WSDL and I got the following message upon
>>>>>>>>> restarting
>>>>>>>>> the server:
>>>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>>>> getElementPolicy
>>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>>
>>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm
>>>>>>>>> pretty close,
>>>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>>>> suggestions?
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>> Jen
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>>>>>
>>>>>>>>> MustUnderstandInterceptor.
>>>>>>>>>
>>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in
>>>>>>>>>> SOAP
>>>>>>>>>>
>>>>>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>>>>>
>>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method
>>>>>>>>>> to say
>>>>>>>>>>
>>>>>>>>> which headers they are able to proceed.
>>>>>>>>>
>>>>>>>>>> Security headers can be processed either by
>>>>>>>>>> AbstractTokenInterceptor
>>>>>>>>>>
>>>>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>>>>
>>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>>>
>>>>>>>>> WSS4JInInterceptor.java).
>>>>>>>>>
>>>>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>>>>> service
>>>>>>>>>>
>>>>>>>>> side.
>>>>>>>>>
>>>>>>>>>> That could happens because:
>>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>>>> activate
>>>>>>>>>>
>>>>>>>>> that interceptors
>>>>>>>>>
>>>>>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>>>>>
>>>>>>>>> interceptor
>>>>>>>>>
>>>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>>>
>>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>>>
>>>>>>>>>> Can you please check how your service is configured?
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Andrei.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> -----Original Message-----
>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>>>>>
>>>>>>>>>> issue with
>>>>>>>>>
>>>>>>>>>> the WSDL file itself.
>>>>>>>>>>>
>>>>>>>>>>> My request matches the example provided by the author of the
>>>>>>>>>>> WSDL file,
>>>>>>>>>>> but neither of them work. They both cause the same
>>>>>>>>>>> "mustunderstand
>>>>>>>>>>> header is not understood" error.
>>>>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>>>>> properly.
>>>>>>>>>>>
>>>>>>>>>>> CXF is configured to read the security policy from the WSDL
>>>>>>>>>>> file, and
>>>>>>>>>>>
>>>>>>>>>> I know
>>>>>>>>>
>>>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>>>> timestamp,
>>>>>>>>>>>
>>>>>>>>>> for
>>>>>>>>>
>>>>>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>>>>>
>>>>>>>>>> parts have
>>>>>>>>>
>>>>>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>>>>>
>>>>>>>>>> although I'm
>>>>>>>>>
>>>>>>>>>> not sure.
>>>>>>>>>>>
>>>>>>>>>>> My reasons for building the service are because while there is a
>>>>>>>>>>> WSDL
>>>>>>>>>>> definition for the service, there's no way to access the service
>>>>>>>>>>>
>>>>>>>>>> itself. I know
>>>>>>>>>
>>>>>>>>>> exactly how the service is supposed to react to various inputs so
>>>>>>>>>>> I'm
>>>>>>>>>>>
>>>>>>>>>> trying to
>>>>>>>>>
>>>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>>>
>>>>>>>>>> validation service
>>>>>>>>>
>>>>>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>>>>>
>>>>>>>>>>> Thanks.
>>>>>>>>>>> Jen
>>>>>>>>>>>
>>>>>>>>>>> ---------------------
>>>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>>>
>>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>>>> name="HCValidationService"
>>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>>> **"
>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <types>
>>>>>>>>>>> <xsd:schema>
>>>>>>>>>>> <xsd:import
>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>>>> <xsd:import
>>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>>>> <xsd:import
>>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>>>> <xsd:import
>>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>>>> <xsd:import
>>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>>>> </xsd:schema>
>>>>>>>>>>> </types>
>>>>>>>>>>>
>>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>
>>>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>>>
>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="EBS"
>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="MSA"
>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="UserID"
>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="EBS"
>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="MSA"
>>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>>> <wsp:Policy>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>>
>>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Header Name="Timestamp"
>>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>> "/>
>>>>>>>>>>> <sp:Body/>
>>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>>
>>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>>> <wsp:All>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="EBS"
>>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="IDP"
>>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="AuditId"
>>>>>>>>>>> Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>>> <sp:Header
>>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> "/>
>>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>> </wsp:All>
>>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>>
>>>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>>>> name="msarequest_header"/>
>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>>>> name="idprequest_header"/>
>>>>>>>>>>> </wsdl:message>
>>>>>>>>>>>
>>>>>>>>>>> <message name="validate">
>>>>>>>>>>> <wsdl:part element="hcv:validate"
>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>> </message>
>>>>>>>>>>>
>>>>>>>>>>> <message name="validateResponse">
>>>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>>>> name="parameters"/>
>>>>>>>>>>> </message>
>>>>>>>>>>>
>>>>>>>>>>> <message name="faultexception">
>>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>>>> </message>
>>>>>>>>>>>
>>>>>>>>>>> <portType name="HCValidation">
>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>>>> name="FaultException"/>
>>>>>>>>>>> </operation>
>>>>>>>>>>> </portType>
>>>>>>>>>>>
>>>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>>>> <soap:binding style="document"
>>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>>>>>> "/>
>>>>>>>>>>>
>>>>>>>>>>> <operation name="validate">
>>>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>>>> <input>
>>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>>>>>> use="literal"/>
>>>>>>>>>>> </input>
>>>>>>>>>>> <output>
>>>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>>>> </output>
>>>>>>>>>>> <fault name="FaultException">
>>>>>>>>>>> <soap:fault name="FaultException"
>>>>>>>>>>> use="literal"/>
>>>>>>>>>>> </fault>
>>>>>>>>>>> </operation>
>>>>>>>>>>> </binding>
>>>>>>>>>>>
>>>>>>>>>>> <service name="HCValidationService">
>>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>>>> name="HCValidationPort">
>>>>>>>>>>> <soap:address
>>>>>>>>>>> location="
>>>>>>>>>>>
>>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**
>>>>>>>>> HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>>>
>>>>>>>>>> rvice"/>
>>>>>>>>>>> </port>
>>>>>>>>>>> </service>
>>>>>>>>>>> </definitions>
>>>>>>>>>>>
>>>>>>>>>>> ---------------------
>>>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>>>
>>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsse="http://docs.oasis-**
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-<http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>>>>>>>>>>> securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>> ">
>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> ">
>>>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>>>> </ns2:EBS>
>>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> ">
>>>>>>>>>>> <ServiceUserMUID>4523394</**
>>>>>>>>>>> ServiceUserMUID>
>>>>>>>>>>> </ns2:IDP>
>>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>>>> </wsse:Username>
>>>>>>>>>>> <wsse:Password
>>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>>> "
>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>>>
>>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>>>
>>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>>>> wNTJaM
>>>>>>>>>>>
>>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>>>> TDj
>>>>>>>>>>>
>>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>>>
>>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**
>>>>>>>>>>> GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>>>
>>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>>>
>>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>> ">
>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-
>>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>> />
>>>>>>>>>>> <ds:Reference URI="#id-1">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>> wsse
>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>>>> hAp3ByFuG9c
>>>>>>>>>>> Hs=
>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-2">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>> wsse
>>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**
>>>>>>>>>>> PE
>>>>>>>>>>> Oz3E=
>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-3">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>> wsse xs
>>>>>>>>>>> xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>>>> GGE=
>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-4">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>>> wsu xs
>>>>>>>>>>> xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>>>> Gjo=
>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-5">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>>
>>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu
>>>>>>>>>>> xs xsi"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>>>> 9Y=
>>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>>>
>>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>>>>>>>>>>> 0oUXV5B4nzU4fg
>>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>>>
>>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>>>>
>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>>>
>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>
>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>>>
>>>>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>>
>>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> ">
>>>>>>>>>>> <requests>
>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>
>>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>>>>
>>>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>> </requests>
>>>>>>>>>>> <locale>en</locale>
>>>>>>>>>>> </ns5:validate>
>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>
>>>>>>>>>>> -------------------
>>>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>>>
>>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>> ">
>>>>>>>>>>> <soapenv:Header>
>>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>>> "
>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> ">
>>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>>> "
>>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>>>
>>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>>>
>>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>>>
>>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>>>
>>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>>>
>>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>>>
>>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>>>
>>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**
>>>>>>>>>>> r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>>>
>>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>>>
>>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>>>
>>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>>>
>>>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>>>
>>>>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>>> ">
>>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>>
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>>> />
>>>>>>>>>>> <ds:Reference URI="#id-7">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>>>> DigestVal
>>>>>>>>>>> ue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-8">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>>>> DigestVal
>>>>>>>>>>> ue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>>>>> soapenv"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>>>> ds:DigestVal
>>>>>>>>>>> ue>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference
>>>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa
>>>>>>>>>>> soapenv"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>>>> ds:DigestValu
>>>>>>>>>>> e>
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> <ds:Reference URI="#id-12">
>>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>>
>>>>>>>>>>> <ds:Transform
>>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>>>
>>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> </ds:Transform>
>>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>>> />
>>>>>>>>>>>
>>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>>>> ds:DigestValue
>>>>>>>>>>> </ds:Reference>
>>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>>
>>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>>>> UZ51zrXi3
>>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>>>
>>>>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>>>
>>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>>>
>>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>>>>>>>>>>> 336idp
>>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>>>
>>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>>>>
>>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>>> wsu:Id="STR-
>>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>>>> <wsse:Reference
>>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>>>
>>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>>
>>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>>> </ds:Signature>
>>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>>>>>> 28">
>>>>>>>>>>> <wsse:Username>abc</wsse:**
>>>>>>>>>>> Username>
>>>>>>>>>>> <wsse:Password
>>>>>>>>>>> Type="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**
>>>>>>>>>>> profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>>> </wsse:Security>
>>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> ">
>>>>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>>>> </idp:IDP>
>>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>>> ">
>>>>>>>>>>>
>>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>>>> </ebs:EBS>
>>>>>>>>>>> </soapenv:Header>
>>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>>>> <hcv:validate>
>>>>>>>>>>> <requests>
>>>>>>>>>>> <hcvRequest>
>>>>>>>>>>>
>>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>>>>
>>>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>>>> </hcvRequest>
>>>>>>>>>>> </requests>
>>>>>>>>>>> </hcv:validate>
>>>>>>>>>>> </soapenv:Body>
>>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> -----------------------
>>>>>>>>>>> Response (In either case):
>>>>>>>>>>>
>>>>>>>>>>> <soap:Envelope
>>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>>> ">
>>>>>>>>>>> <soap:Body>
>>>>>>>>>>> <soap:Fault>
>>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>>>>>>>>>>> http://docs.oasis-
>>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>>>> </soap:Fault>
>>>>>>>>>>> </soap:Body>
>>>>>>>>>>> </soap:Envelope>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <
>>>>>>>>>>> ashakirin@talend.com>
>>>>>>>>>>>
>>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>>>>> client,
>>>>>>>>>>>>
>>>>>>>>>>> therefore appropriate interceptors are not activated on the
>>>>>>>>>>> service
>>>>>>>>>>>
>>>>>>>>>> side.
>>>>>>>>>
>>>>>>>>>> Could you double check that?
>>>>>>>>>>>>
>>>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>>>> analyse.
>>>>>>>>>>>>
>>>>>>>>>>>> Regards,
>>>>>>>>>>>> Andrei.
>>>>>>>>>>>>
>>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>>
>>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with
>>>>>>>>>>>>> the
>>>>>>>>>>>>> intention of implementing the service that it describes. The
>>>>>>>>>>>>> WSDL
>>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>>>> UsernameToken,
>>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I
>>>>>>>>>>>>> run a
>>>>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>>>> understood"
>>>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>>>
>>>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>>>> dependencies
>>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>>>>>>>>>>>>> work, but
>>>>>>>>>>>>> I've used Eclipse's deployment method and given it the entire
>>>>>>>>>>>>> CXF ZIP
>>>>>>>>>>>>> file as downloaded from the project website as the CXF
>>>>>>>>>>>>> Runtime. Is
>>>>>>>>>>>>> there anything that I'm missing? Or is there a better way for
>>>>>>>>>>>>> me to
>>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>>>>
>>>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>>>> Jen
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Ok - try putting a <wsp:Policy> immediately inside the
<sp:SignedSupportingTokens> tag and I think you might get further.
So instead of:
<sp:SignedSupportingTokens>
<sp:UsernameToken>
<wsp:Policy>
<wsp:All>
<sp:NoPassword/>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:Policy>
</sp:UsernameToken>
</sp:SignedSupportingTokens>
Try:
<sp:SignedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken>
<wsp:Policy>
<wsp:All>
<sp:NoPassword/>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:Policy>
</sp:UsernameToken>
<wsp:Policy>
</sp:SignedSupportingTokens>
Do this for both occurences.
On Sat, Jul 27, 2013 at 2:33 PM, Jason Pell <ja...@pellcorp.com> wrote:
> I realised you had already got that far yourself, apologies for wasting
> everyone's time. I misread the email thread. So you already changed your
> sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
>
> However when I change my policy file to use SignedSupportingToken rather
> than SupportingToken I also get:
> {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
> not a <wsp:Policy> element.
>
> So I will have a play around with that now.
>
>
> On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> Actually I just realised what the problem is. Your original namespace
>> for sp was wrong. Just change it to
>>
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>>
>> And it will all work. Sorry for the confusion, I am no expert, but did
>> have the same problems so was worth the trial and error.
>>
>>
>>
>>
>> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> In fact just replacing the SP namespace should do it. The xmlns:wsp="
>>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>>> problem.
>>>
>>> So just change the sp to:
>>>
>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>
>>>
>>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>>> Changing the namespaces to the following will allow it to work with CXF:
>>>>
>>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>>> xmlns:wsu="
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>>> "
>>>> xmlns:sp="
>>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>>
>>>>
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <jennifer@indivica.com
>>>> > wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Thanks for your message. The WSDL file clearly contains a number of
>>>>> errors and so I'm happy to change it. The owners of the service will have
>>>>> to adjust it anyway. What should I change the namespaces to?
>>>>>
>>>>> Thanks again
>>>>> Jen
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>>
>>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>>>>
>>>>>> This test case reproduces your issue I think. Changing the
>>>>>> namespaces of
>>>>>> the policy file will actually fix this, but probably not an option
>>>>>> for you.
>>>>>>
>>>>>> public void testOldWspSpClient() throws Exception {
>>>>>> ClassPathXmlApplicationContext clientContext =
>>>>>> TestUtils.getContext(
>>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>>
>>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>>>> "OldSpWspSimpleServiceClient",
>>>>>> OldSpWspSimpleService.class);
>>>>>>
>>>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>>>>> simpleService);
>>>>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password");
>>>>>>
>>>>>> try {
>>>>>> simpleService.ping();
>>>>>> } catch (SOAPFaultException e) {
>>>>>> assertTrue(e.getMessage().**contains("MustUnderstand"));
>>>>>> }
>>>>>> }
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>>
>>>>>>> I changed over my java first samples to use your namespaces, and I
>>>>>>> also
>>>>>>> got the Must understand error.
>>>>>>>
>>>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
>>>>>>> what
>>>>>>> the problem is.
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>>> jennifer@indivica.com>wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Thanks for your help.
>>>>>>>>
>>>>>>>> The project path did not export the appropriate jars to the
>>>>>>>> WEB-INF/lib
>>>>>>>> directory when being built, so I added them to the deployment
>>>>>>>> assembly step
>>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>>
>>>>>>>> Unfortunately, I was still getting the same "mustunderstand headers
>>>>>>>> are
>>>>>>>> not understood" error message. But there's more. I'm also getting a
>>>>>>>> strange
>>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>> handleNoRegisteredBuilder
>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>>>>> .
>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>> handleNoRegisteredBuilder
>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>>>>> .
>>>>>>>>
>>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>>> handleNoRegisteredBuilder
>>>>>>>> WARNING: No assertion builder for type {
>>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>>>>> .
>>>>>>>>
>>>>>>>>
>>>>>>>> I thought that was weird because in all the examples I've seen the
>>>>>>>> sp
>>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>>> So I
>>>>>>>> made the change in the WSDL and I got the following message upon
>>>>>>>> restarting
>>>>>>>> the server:
>>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>>> getElementPolicy
>>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>>>> not a <wsp:Policy> element.
>>>>>>>>
>>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty
>>>>>>>> close,
>>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>>> suggestions?
>>>>>>>>
>>>>>>>> Thanks
>>>>>>>> Jen
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>>>>
>>>>>>>> MustUnderstandInterceptor.
>>>>>>>>
>>>>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>>>>>>>>
>>>>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>>>>
>>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to
>>>>>>>>> say
>>>>>>>>>
>>>>>>>> which headers they are able to proceed.
>>>>>>>>
>>>>>>>>> Security headers can be processed either by
>>>>>>>>> AbstractTokenInterceptor
>>>>>>>>>
>>>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>>>
>>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>>
>>>>>>>> WSS4JInInterceptor.java).
>>>>>>>>
>>>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>>>> service
>>>>>>>>>
>>>>>>>> side.
>>>>>>>>
>>>>>>>>> That could happens because:
>>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>>> activate
>>>>>>>>>
>>>>>>>> that interceptors
>>>>>>>>
>>>>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>>>>
>>>>>>>> interceptor
>>>>>>>>
>>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>>
>>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>>
>>>>>>>>> Can you please check how your service is configured?
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Andrei.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> -----Original Message-----
>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>>>>
>>>>>>>>> issue with
>>>>>>>>
>>>>>>>>> the WSDL file itself.
>>>>>>>>>>
>>>>>>>>>> My request matches the example provided by the author of the WSDL
>>>>>>>>>> file,
>>>>>>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>>>>>>> header is not understood" error.
>>>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>>>> properly.
>>>>>>>>>>
>>>>>>>>>> CXF is configured to read the security policy from the WSDL file,
>>>>>>>>>> and
>>>>>>>>>>
>>>>>>>>> I know
>>>>>>>>
>>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>>> timestamp,
>>>>>>>>>>
>>>>>>>>> for
>>>>>>>>
>>>>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>>>>
>>>>>>>>> parts have
>>>>>>>>
>>>>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>>>>
>>>>>>>>> although I'm
>>>>>>>>
>>>>>>>>> not sure.
>>>>>>>>>>
>>>>>>>>>> My reasons for building the service are because while there is a
>>>>>>>>>> WSDL
>>>>>>>>>> definition for the service, there's no way to access the service
>>>>>>>>>>
>>>>>>>>> itself. I know
>>>>>>>>
>>>>>>>>> exactly how the service is supposed to react to various inputs so
>>>>>>>>>> I'm
>>>>>>>>>>
>>>>>>>>> trying to
>>>>>>>>
>>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>>
>>>>>>>>> validation service
>>>>>>>>
>>>>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>>>>
>>>>>>>>>> Thanks.
>>>>>>>>>> Jen
>>>>>>>>>>
>>>>>>>>>> ---------------------
>>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>>
>>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>>> name="HCValidationService"
>>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>>> **"
>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> "
>>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <types>
>>>>>>>>>> <xsd:schema>
>>>>>>>>>> <xsd:import
>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>>> <xsd:import
>>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>>> <xsd:import
>>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>>> <xsd:import
>>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>>> <xsd:import
>>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>>> </xsd:schema>
>>>>>>>>>> </types>
>>>>>>>>>>
>>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>> <wsp:Policy>
>>>>>>>>>> <wsp:All>
>>>>>>>>>>
>>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>>
>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:Policy>
>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="EBS"
>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="MSA"
>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="AuditId"
>>>>>>>>>> Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="UserID"
>>>>>>>>>> Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="EBS"
>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="MSA"
>>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Body/>
>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>>> <sp:UsernameToken>
>>>>>>>>>> <wsp:Policy>
>>>>>>>>>> <wsp:All>
>>>>>>>>>>
>>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:Policy>
>>>>>>>>>> </sp:UsernameToken>
>>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:SignedParts>
>>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Header Name="Timestamp"
>>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>> "/>
>>>>>>>>>> <sp:Body/>
>>>>>>>>>> </sp:SignedParts>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>>
>>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>>> <wsp:All>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="EBS"
>>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="IDP"
>>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="AuditId"
>>>>>>>>>> Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> <sp:RequiredParts>
>>>>>>>>>> <sp:Header
>>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> "/>
>>>>>>>>>> </sp:RequiredParts>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>> </wsp:All>
>>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>> </wsp:Policy>
>>>>>>>>>>
>>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>>> </wsdl:message>
>>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>>> name="msarequest_header"/>
>>>>>>>>>> </wsdl:message>
>>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>>> name="idprequest_header"/>
>>>>>>>>>> </wsdl:message>
>>>>>>>>>>
>>>>>>>>>> <message name="validate">
>>>>>>>>>> <wsdl:part element="hcv:validate"
>>>>>>>>>> name="parameters"/>
>>>>>>>>>> </message>
>>>>>>>>>>
>>>>>>>>>> <message name="validateResponse">
>>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>>> name="parameters"/>
>>>>>>>>>> </message>
>>>>>>>>>>
>>>>>>>>>> <message name="faultexception">
>>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>>> </message>
>>>>>>>>>>
>>>>>>>>>> <portType name="HCValidation">
>>>>>>>>>> <operation name="validate">
>>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>>> name="FaultException"/>
>>>>>>>>>> </operation>
>>>>>>>>>> </portType>
>>>>>>>>>>
>>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>>> <soap:binding style="document"
>>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>>>>> "/>
>>>>>>>>>>
>>>>>>>>>> <operation name="validate">
>>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>>> <input>
>>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>>>>> <wsdlsoap:header
>>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>>>>> use="literal"/>
>>>>>>>>>> </input>
>>>>>>>>>> <output>
>>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>>> </output>
>>>>>>>>>> <fault name="FaultException">
>>>>>>>>>> <soap:fault name="FaultException"
>>>>>>>>>> use="literal"/>
>>>>>>>>>> </fault>
>>>>>>>>>> </operation>
>>>>>>>>>> </binding>
>>>>>>>>>>
>>>>>>>>>> <service name="HCValidationService">
>>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>>> name="HCValidationPort">
>>>>>>>>>> <soap:address
>>>>>>>>>> location="
>>>>>>>>>>
>>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>>
>>>>>>>>> rvice"/>
>>>>>>>>>> </port>
>>>>>>>>>> </service>
>>>>>>>>>> </definitions>
>>>>>>>>>>
>>>>>>>>>> ---------------------
>>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>>
>>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-
>>>>>>>>>> **200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>>> "
>>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**
>>>>>>>>>> securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>>> "
>>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>>> "
>>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-*
>>>>>>>>>> *200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>>> "
>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>> ">
>>>>>>>>>> <soapenv:Header>
>>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> ">
>>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>>> </ns2:EBS>
>>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> ">
>>>>>>>>>> <ServiceUserMUID>4523394</**
>>>>>>>>>> ServiceUserMUID>
>>>>>>>>>> </ns2:IDP>
>>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>>> </wsse:Username>
>>>>>>>>>> <wsse:Password
>>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>> "
>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>>
>>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>>
>>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>>> wNTJaM
>>>>>>>>>>
>>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>>> TDj
>>>>>>>>>>
>>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>>
>>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC
>>>>>>>>>> **o
>>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>>
>>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>>
>>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**
>>>>>>>>>> gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>> ">
>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-
>>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>> />
>>>>>>>>>> <ds:Reference URI="#id-1">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>> wsse
>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>>> hAp3ByFuG9c
>>>>>>>>>> Hs=
>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-2">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>> wsse
>>>>>>>>>> wsu xs xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE
>>>>>>>>>> Oz3E=
>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-3">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>> wsse xs
>>>>>>>>>> xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>>> GGE=
>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-4">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>>> wsu xs
>>>>>>>>>> xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**
>>>>>>>>>> 9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>>> Gjo=
>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-5">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>>
>>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu
>>>>>>>>>> xs xsi"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>>> 9Y=
>>>>>>>>>> </ds:DigestValue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>>
>>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**
>>>>>>>>>> 0oUXV5B4nzU4fg
>>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>>
>>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>>> <wsse:Reference
>>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>>
>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-*
>>>>>>>>>> *200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>
>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>> </ds:Signature>
>>>>>>>>>> </wsse:Security>
>>>>>>>>>> </soapenv:Header>
>>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>>
>>>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>>
>>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> ">
>>>>>>>>>> <requests>
>>>>>>>>>> <hcvRequest>
>>>>>>>>>>
>>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>>>
>>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>>> </hcvRequest>
>>>>>>>>>> </requests>
>>>>>>>>>> <locale>en</locale>
>>>>>>>>>> </ns5:validate>
>>>>>>>>>> </soapenv:Body>
>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>
>>>>>>>>>> -------------------
>>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>>
>>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>>> "
>>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>> ">
>>>>>>>>>> <soapenv:Header>
>>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>>> "
>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> ">
>>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>>> "
>>>>>>>>>> wsu:Id="X509-
>>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>>
>>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>>
>>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>>
>>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>>
>>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>>
>>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>>
>>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>>
>>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>>
>>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**
>>>>>>>>>> 1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>>
>>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>>
>>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>>
>>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>>
>>>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>>> ">
>>>>>>>>>> <ds:SignedInfo>
>>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>>
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>>> <ds:SignatureMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>>> />
>>>>>>>>>> <ds:Reference URI="#id-7">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>>> DigestVal
>>>>>>>>>> ue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-8">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>>> DigestVal
>>>>>>>>>> ue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>>>> soapenv"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>>> ds:DigestVal
>>>>>>>>>> ue>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference
>>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>>> ds:DigestValu
>>>>>>>>>> e>
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> <ds:Reference URI="#id-12">
>>>>>>>>>> <ds:Transforms>
>>>>>>>>>>
>>>>>>>>>> <ds:Transform
>>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>>
>>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> </ds:Transform>
>>>>>>>>>> </ds:Transforms>
>>>>>>>>>> <ds:DigestMethod
>>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>>> />
>>>>>>>>>>
>>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>>> ds:DigestValue
>>>>>>>>>> </ds:Reference>
>>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>>
>>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>>> UZ51zrXi3
>>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>>
>>>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>>
>>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>>
>>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**
>>>>>>>>>> 336idp
>>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>>
>>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>>> </ds:SignatureValue>
>>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>>> wsu:Id="STR-
>>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>>> <wsse:Reference
>>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>>
>>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-*
>>>>>>>>>> *200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>>
>>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>>> </ds:KeyInfo>
>>>>>>>>>> </ds:Signature>
>>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>>> </wsu:Timestamp>
>>>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>>>>> 28">
>>>>>>>>>> <wsse:Username>abc</wsse:**
>>>>>>>>>> Username>
>>>>>>>>>> <wsse:Password
>>>>>>>>>> Type="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>>> </wsse:Security>
>>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> ">
>>>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>>> </idp:IDP>
>>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>>> ">
>>>>>>>>>>
>>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>>> </ebs:EBS>
>>>>>>>>>> </soapenv:Header>
>>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>>> <hcv:validate>
>>>>>>>>>> <requests>
>>>>>>>>>> <hcvRequest>
>>>>>>>>>>
>>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>>>
>>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>>> </hcvRequest>
>>>>>>>>>> </requests>
>>>>>>>>>> </hcv:validate>
>>>>>>>>>> </soapenv:Body>
>>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> -----------------------
>>>>>>>>>> Response (In either case):
>>>>>>>>>>
>>>>>>>>>> <soap:Envelope
>>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>>> ">
>>>>>>>>>> <soap:Body>
>>>>>>>>>> <soap:Fault>
>>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>>> <faultstring>MustUnderstand headers: [{
>>>>>>>>>> http://docs.oasis-
>>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>>> </soap:Fault>
>>>>>>>>>> </soap:Body>
>>>>>>>>>> </soap:Envelope>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <ashakirin@talend.com
>>>>>>>>>> >
>>>>>>>>>>
>>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>>>> client,
>>>>>>>>>>>
>>>>>>>>>> therefore appropriate interceptors are not activated on the
>>>>>>>>>> service
>>>>>>>>>>
>>>>>>>>> side.
>>>>>>>>
>>>>>>>>> Could you double check that?
>>>>>>>>>>>
>>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>>> analyse.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Andrei.
>>>>>>>>>>>
>>>>>>>>>>> -----Original Message-----
>>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>>
>>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>>
>>>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with
>>>>>>>>>>>> the
>>>>>>>>>>>> intention of implementing the service that it describes. The
>>>>>>>>>>>> WSDL
>>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>>> UsernameToken,
>>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I
>>>>>>>>>>>> run a
>>>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>>> understood"
>>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>>
>>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>>> dependencies
>>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>>>>>>>>>>>> work, but
>>>>>>>>>>>> I've used Eclipse's deployment method and given it the entire
>>>>>>>>>>>> CXF ZIP
>>>>>>>>>>>> file as downloaded from the project website as the CXF Runtime.
>>>>>>>>>>>> Is
>>>>>>>>>>>> there anything that I'm missing? Or is there a better way for
>>>>>>>>>>>> me to
>>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>>> Jen
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>
>>>>>
>>>>
>>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
I realised you had already got that far yourself, apologies for wasting
everyone's time. I misread the email thread. So you already changed your
sp to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy.
However when I change my policy file to use SignedSupportingToken rather
than SupportingToken I also get:
{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is not
a <wsp:Policy> element.
So I will have a play around with that now.
On Sat, Jul 27, 2013 at 1:59 PM, Jason Pell <ja...@pellcorp.com> wrote:
> Actually I just realised what the problem is. Your original namespace for
> sp was wrong. Just change it to
>
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
>
> And it will all work. Sorry for the confusion, I am no expert, but did
> have the same problems so was worth the trial and error.
>
>
>
>
> On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> In fact just replacing the SP namespace should do it. The xmlns:wsp="
>> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the
>> problem.
>>
>> So just change the sp to:
>>
>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>
>>
>> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>>> Changing the namespaces to the following will allow it to work with CXF:
>>>
>>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>>> xmlns:wsu="
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>>> "
>>> xmlns:sp="
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>>
>>>
>>>
>>>
>>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>>>
>>>> Hi,
>>>>
>>>> Thanks for your message. The WSDL file clearly contains a number of
>>>> errors and so I'm happy to change it. The owners of the service will have
>>>> to adjust it anyway. What should I change the namespaces to?
>>>>
>>>> Thanks again
>>>> Jen
>>>>
>>>>
>>>>
>>>>
>>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>>
>>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>>>
>>>>> This test case reproduces your issue I think. Changing the namespaces
>>>>> of
>>>>> the policy file will actually fix this, but probably not an option for
>>>>> you.
>>>>>
>>>>> public void testOldWspSpClient() throws Exception {
>>>>> ClassPathXmlApplicationContext clientContext =
>>>>> TestUtils.getContext(
>>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>>
>>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>>> "OldSpWspSimpleServiceClient",
>>>>> OldSpWspSimpleService.class);
>>>>>
>>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>>>> simpleService);
>>>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password");
>>>>>
>>>>> try {
>>>>> simpleService.ping();
>>>>> } catch (SOAPFaultException e) {
>>>>> assertTrue(e.getMessage().**contains("MustUnderstand"));
>>>>> }
>>>>> }
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
>>>>> wrote:
>>>>>
>>>>> Hi,
>>>>>>
>>>>>> I changed over my java first samples to use your namespaces, and I
>>>>>> also
>>>>>> got the Must understand error.
>>>>>>
>>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
>>>>>> what
>>>>>> the problem is.
>>>>>>
>>>>>>
>>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>>> jennifer@indivica.com>wrote:
>>>>>>
>>>>>> Hi,
>>>>>>>
>>>>>>> Thanks for your help.
>>>>>>>
>>>>>>> The project path did not export the appropriate jars to the
>>>>>>> WEB-INF/lib
>>>>>>> directory when being built, so I added them to the deployment
>>>>>>> assembly step
>>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>>
>>>>>>> Unfortunately, I was still getting the same "mustunderstand headers
>>>>>>> are
>>>>>>> not understood" error message. But there's more. I'm also getting a
>>>>>>> strange
>>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>> handleNoRegisteredBuilder
>>>>>>> WARNING: No assertion builder for type {
>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>>>> .
>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>> handleNoRegisteredBuilder
>>>>>>> WARNING: No assertion builder for type {
>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>>>> .
>>>>>>>
>>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>>> handleNoRegisteredBuilder
>>>>>>> WARNING: No assertion builder for type {
>>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>>>> .
>>>>>>>
>>>>>>>
>>>>>>> I thought that was weird because in all the examples I've seen the sp
>>>>>>> namespace is http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>>> So I
>>>>>>> made the change in the WSDL and I got the following message upon
>>>>>>> restarting
>>>>>>> the server:
>>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>>> getElementPolicy
>>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>>> not a <wsp:Policy> element.
>>>>>>>
>>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty
>>>>>>> close,
>>>>>>> I'm lost at this point. Do you happen to have any further
>>>>>>> suggestions?
>>>>>>>
>>>>>>> Thanks
>>>>>>> Jen
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Hi,
>>>>>>>>
>>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>>>
>>>>>>> MustUnderstandInterceptor.
>>>>>>>
>>>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>>>>>>>
>>>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>>>
>>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to
>>>>>>>> say
>>>>>>>>
>>>>>>> which headers they are able to proceed.
>>>>>>>
>>>>>>>> Security headers can be processed either by AbstractTokenInterceptor
>>>>>>>>
>>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>>
>>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>>
>>>>>>> WSS4JInInterceptor.java).
>>>>>>>
>>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>>> service
>>>>>>>>
>>>>>>> side.
>>>>>>>
>>>>>>>> That could happens because:
>>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't
>>>>>>>> activate
>>>>>>>>
>>>>>>> that interceptors
>>>>>>>
>>>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>>>
>>>>>>> interceptor
>>>>>>>
>>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>>
>>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>>
>>>>>>>> Can you please check how your service is configured?
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Andrei.
>>>>>>>>
>>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>>>
>>>>>>>> issue with
>>>>>>>
>>>>>>>> the WSDL file itself.
>>>>>>>>>
>>>>>>>>> My request matches the example provided by the author of the WSDL
>>>>>>>>> file,
>>>>>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>>>>>> header is not understood" error.
>>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>>> properly.
>>>>>>>>>
>>>>>>>>> CXF is configured to read the security policy from the WSDL file,
>>>>>>>>> and
>>>>>>>>>
>>>>>>>> I know
>>>>>>>
>>>>>>>> that part is working because if I miss a required part (the
>>>>>>>>> timestamp,
>>>>>>>>>
>>>>>>>> for
>>>>>>>
>>>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>>>
>>>>>>>> parts have
>>>>>>>
>>>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>>>
>>>>>>>> although I'm
>>>>>>>
>>>>>>>> not sure.
>>>>>>>>>
>>>>>>>>> My reasons for building the service are because while there is a
>>>>>>>>> WSDL
>>>>>>>>> definition for the service, there's no way to access the service
>>>>>>>>>
>>>>>>>> itself. I know
>>>>>>>
>>>>>>>> exactly how the service is supposed to react to various inputs so
>>>>>>>>> I'm
>>>>>>>>>
>>>>>>>> trying to
>>>>>>>
>>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>>
>>>>>>>> validation service
>>>>>>>
>>>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>>>
>>>>>>>>> Thanks.
>>>>>>>>> Jen
>>>>>>>>>
>>>>>>>>> ---------------------
>>>>>>>>> HCValidationService.wsdl
>>>>>>>>>
>>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>>> name="HCValidationService"
>>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>> "
>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>> "
>>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>>> "
>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>> "
>>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>>> **"
>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>> "
>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> "
>>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <types>
>>>>>>>>> <xsd:schema>
>>>>>>>>> <xsd:import
>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>>> <xsd:import
>>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>>> <xsd:import
>>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>>> <xsd:import
>>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>>> <xsd:import
>>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>>> </xsd:schema>
>>>>>>>>> </types>
>>>>>>>>>
>>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>> <wsp:All>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>> <sp:UsernameToken>
>>>>>>>>> <wsp:Policy>
>>>>>>>>> <wsp:All>
>>>>>>>>>
>>>>>>>>> <sp:NoPassword/>
>>>>>>>>>
>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:Policy>
>>>>>>>>> </sp:UsernameToken>
>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>> </wsp:All>
>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header Name="MSA"
>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="AuditId"
>>>>>>>>> Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="UserID"
>>>>>>>>> Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:SignedParts>
>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> <sp:Header Name="MSA"
>>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> "/>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>> "/>
>>>>>>>>> <sp:Body/>
>>>>>>>>> </sp:SignedParts>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>> </wsp:All>
>>>>>>>>> <wsp:All>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>>> <sp:UsernameToken>
>>>>>>>>> <wsp:Policy>
>>>>>>>>> <wsp:All>
>>>>>>>>>
>>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:Policy>
>>>>>>>>> </sp:UsernameToken>
>>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>>> </wsp:All>
>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:SignedParts>
>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> <sp:Header Name="Timestamp"
>>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>> "/>
>>>>>>>>> <sp:Body/>
>>>>>>>>> </sp:SignedParts>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>>
>>>>>>>>> <wsp:ExactlyOne>
>>>>>>>>> <wsp:All>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header Name="EBS"
>>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header Name="IDP"
>>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="AuditId"
>>>>>>>>> Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> <sp:RequiredParts>
>>>>>>>>> <sp:Header
>>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> "/>
>>>>>>>>> </sp:RequiredParts>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>> </wsp:All>
>>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>> </wsp:Policy>
>>>>>>>>>
>>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>>> name="ebsrequest_header"/>
>>>>>>>>> </wsdl:message>
>>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>>> name="msarequest_header"/>
>>>>>>>>> </wsdl:message>
>>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>>> name="idprequest_header"/>
>>>>>>>>> </wsdl:message>
>>>>>>>>>
>>>>>>>>> <message name="validate">
>>>>>>>>> <wsdl:part element="hcv:validate" name="parameters"/>
>>>>>>>>> </message>
>>>>>>>>>
>>>>>>>>> <message name="validateResponse">
>>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>>> name="parameters"/>
>>>>>>>>> </message>
>>>>>>>>>
>>>>>>>>> <message name="faultexception">
>>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>>> </message>
>>>>>>>>>
>>>>>>>>> <portType name="HCValidation">
>>>>>>>>> <operation name="validate">
>>>>>>>>> <input message="hcv:validate"/>
>>>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>>> name="FaultException"/>
>>>>>>>>> </operation>
>>>>>>>>> </portType>
>>>>>>>>>
>>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>>> type="hcv:HCValidation">
>>>>>>>>> <soap:binding style="document"
>>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>>>> "/>
>>>>>>>>>
>>>>>>>>> <operation name="validate">
>>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>>> <input>
>>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>>> <wsdlsoap:header
>>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>>>> <wsdlsoap:header
>>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>>>> <wsdlsoap:header
>>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>>>> use="literal"/>
>>>>>>>>> </input>
>>>>>>>>> <output>
>>>>>>>>> <soap:body use="literal"/>
>>>>>>>>> </output>
>>>>>>>>> <fault name="FaultException">
>>>>>>>>> <soap:fault name="FaultException"
>>>>>>>>> use="literal"/>
>>>>>>>>> </fault>
>>>>>>>>> </operation>
>>>>>>>>> </binding>
>>>>>>>>>
>>>>>>>>> <service name="HCValidationService">
>>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>>> name="HCValidationPort">
>>>>>>>>> <soap:address
>>>>>>>>> location="
>>>>>>>>>
>>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>>
>>>>>>>> rvice"/>
>>>>>>>>> </port>
>>>>>>>>> </service>
>>>>>>>>> </definitions>
>>>>>>>>>
>>>>>>>>> ---------------------
>>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>>
>>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>>> "
>>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-*
>>>>>>>>> *200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>>> "
>>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>>> "
>>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**
>>>>>>>>> envelope/ <http://schemas.xmlsoap.org/soap/envelope/>"
>>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>>> "
>>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>>>> "
>>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>>> "
>>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>>> "
>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>> ">
>>>>>>>>> <soapenv:Header>
>>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> ">
>>>>>>>>> <SoftwareConformanceKey>**
>>>>>>>>> 444561ee-277f-77b2-
>>>>>>>>> c664-7a9923jfgh1b
>>>>>>>>> </SoftwareConformanceKey>
>>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>>> </ns2:EBS>
>>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> ">
>>>>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID>
>>>>>>>>> </ns2:IDP>
>>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>>> <wsu:Created>2012-06-
>>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>>> </wsu:Timestamp>
>>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>>> </wsse:Username>
>>>>>>>>> <wsse:Password
>>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>> "
>>>>>>>>> wsu:Id="X509-
>>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>>
>>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>>
>>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>>> wNTJaM
>>>>>>>>>
>>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>>> TDj
>>>>>>>>>
>>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>>
>>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC*
>>>>>>>>> *o
>>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>>
>>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>>
>>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>> ">
>>>>>>>>> <ds:SignedInfo>
>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-
>>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>> <ds:SignatureMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>> />
>>>>>>>>> <ds:Reference URI="#id-1">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>> wsse
>>>>>>>>> wsu xs xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**
>>>>>>>>> hAp3ByFuG9c
>>>>>>>>> Hs=
>>>>>>>>> </ds:DigestValue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-2">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>> wsse
>>>>>>>>> wsu xs xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE
>>>>>>>>> Oz3E=
>>>>>>>>> </ds:DigestValue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-3">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>> wsse xs
>>>>>>>>> xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>>> GGE=
>>>>>>>>> </ds:DigestValue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-4">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>>> wsu xs
>>>>>>>>> xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>>> Gjo=
>>>>>>>>> </ds:DigestValue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-5">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>>
>>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu
>>>>>>>>> xs xsi"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**
>>>>>>>>> tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>>> 9Y=
>>>>>>>>> </ds:DigestValue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> </ds:SignedInfo>
>>>>>>>>> <ds:SignatureValue>
>>>>>>>>>
>>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg
>>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>>
>>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>>> LaD+S/j3QKc=
>>>>>>>>> </ds:SignatureValue>
>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>>> <wsse:Reference
>>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>>
>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>
>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>> </ds:KeyInfo>
>>>>>>>>> </ds:Signature>
>>>>>>>>> </wsse:Security>
>>>>>>>>> </soapenv:Header>
>>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>>
>>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>>
>>>>>>>> xmlns:ns3="http://idp.ebs.**
>>>>>>>>> health.ontario.ca/ <http://idp.ebs.health.ontario.ca/>"
>>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> ">
>>>>>>>>> <requests>
>>>>>>>>> <hcvRequest>
>>>>>>>>>
>>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>>> </hcvRequest>
>>>>>>>>> </requests>
>>>>>>>>> <locale>en</locale>
>>>>>>>>> </ns5:validate>
>>>>>>>>> </soapenv:Body>
>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>
>>>>>>>>> -------------------
>>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>>
>>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>>> "
>>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>> ">
>>>>>>>>> <soapenv:Header>
>>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>>> "
>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> ">
>>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>>> 1.0#Base64Binary"
>>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>>> "
>>>>>>>>> wsu:Id="X509-
>>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>>
>>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>>
>>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>>
>>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>>
>>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>>
>>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>>
>>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>>
>>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>>
>>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>>
>>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>>
>>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>>
>>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>>
>>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>>> ">
>>>>>>>>> <ds:SignedInfo>
>>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>>
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>>> <ds:SignatureMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>>> />
>>>>>>>>> <ds:Reference URI="#id-7">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>>> DigestVal
>>>>>>>>> ue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-8">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>>> DigestVal
>>>>>>>>> ue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>>> soapenv"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>>> ds:DigestVal
>>>>>>>>> ue>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference
>>>>>>>>> URI="#UsernameToken-28">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>>> ds:DigestValu
>>>>>>>>> e>
>>>>>>>>> </ds:Reference>
>>>>>>>>> <ds:Reference URI="#id-12">
>>>>>>>>> <ds:Transforms>
>>>>>>>>> <ds:Transform
>>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>>
>>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> </ds:Transform>
>>>>>>>>> </ds:Transforms>
>>>>>>>>> <ds:DigestMethod
>>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>>> />
>>>>>>>>>
>>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>>> ds:DigestValue
>>>>>>>>> </ds:Reference>
>>>>>>>>> </ds:SignedInfo>
>>>>>>>>>
>>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>>> UZ51zrXi3
>>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>>
>>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>>
>>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>>
>>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp
>>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>>
>>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>>> </ds:SignatureValue>
>>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>>> wsu:Id="STR-
>>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>>> <wsse:Reference
>>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>>
>>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>>>
>>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>>> </ds:KeyInfo>
>>>>>>>>> </ds:Signature>
>>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>>> <wsu:Created>2013-07-
>>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>>> </wsu:Timestamp>
>>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>>>> 28">
>>>>>>>>> <wsse:Username>abc</wsse:**Username>
>>>>>>>>> <wsse:Password
>>>>>>>>> Type="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>>> </wsse:UsernameToken>
>>>>>>>>> </wsse:Security>
>>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> ">
>>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>>> </idp:IDP>
>>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>>> ">
>>>>>>>>>
>>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>>> </ebs:EBS>
>>>>>>>>> </soapenv:Header>
>>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>>> <hcv:validate>
>>>>>>>>> <requests>
>>>>>>>>> <hcvRequest>
>>>>>>>>>
>>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>>> </hcvRequest>
>>>>>>>>> </requests>
>>>>>>>>> </hcv:validate>
>>>>>>>>> </soapenv:Body>
>>>>>>>>> </soapenv:Envelope>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> -----------------------
>>>>>>>>> Response (In either case):
>>>>>>>>>
>>>>>>>>> <soap:Envelope
>>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>>> ">
>>>>>>>>> <soap:Body>
>>>>>>>>> <soap:Fault>
>>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>>> </soap:Fault>
>>>>>>>>> </soap:Body>
>>>>>>>>> </soap:Envelope>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>>>
>>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>>> client,
>>>>>>>>>>
>>>>>>>>> therefore appropriate interceptors are not activated on the service
>>>>>>>>>
>>>>>>>> side.
>>>>>>>
>>>>>>>> Could you double check that?
>>>>>>>>>>
>>>>>>>>>> Exact request and response will be also useful for further
>>>>>>>>>> analyse.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Andrei.
>>>>>>>>>>
>>>>>>>>>> -----Original Message-----
>>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>>
>>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>>
>>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with
>>>>>>>>>>> the
>>>>>>>>>>> intention of implementing the service that it describes. The WSDL
>>>>>>>>>>> file describes a WS- SecurityPolicy that includes a
>>>>>>>>>>> UsernameToken,
>>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I
>>>>>>>>>>> run a
>>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>>> understood"
>>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>>
>>>>>>>>>>> I've read on the documentation of CXF that additional
>>>>>>>>>>> dependencies
>>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy
>>>>>>>>>>> work, but
>>>>>>>>>>> I've used Eclipse's deployment method and given it the entire
>>>>>>>>>>> CXF ZIP
>>>>>>>>>>> file as downloaded from the project website as the CXF Runtime.
>>>>>>>>>>> Is
>>>>>>>>>>> there anything that I'm missing? Or is there a better way for me
>>>>>>>>>>> to
>>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>>
>>>>>>>>>>> Thanks for any help.
>>>>>>>>>>> Jen
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>
>>>>
>>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Actually I just realised what the problem is. Your original namespace for
sp was wrong. Just change it to
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
And it will all work. Sorry for the confusion, I am no expert, but did
have the same problems so was worth the trial and error.
On Sat, Jul 27, 2013 at 1:57 PM, Jason Pell <ja...@pellcorp.com> wrote:
> In fact just replacing the SP namespace should do it. The xmlns:wsp="
> http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the problem.
>
> So just change the sp to:
>
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
>
> On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> Changing the namespaces to the following will allow it to work with CXF:
>>
>> xmlns:wsp="http://www.w3.org/ns/ws-policy"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> "
>> xmlns:sp="
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>>
>>
>>
>>
>> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>>
>>> Hi,
>>>
>>> Thanks for your message. The WSDL file clearly contains a number of
>>> errors and so I'm happy to change it. The owners of the service will have
>>> to adjust it anyway. What should I change the namespaces to?
>>>
>>> Thanks again
>>> Jen
>>>
>>>
>>>
>>>
>>> On 2013/07/26 23:16, Jason Pell wrote:
>>>
>>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>>
>>>> This test case reproduces your issue I think. Changing the namespaces
>>>> of
>>>> the policy file will actually fix this, but probably not an option for
>>>> you.
>>>>
>>>> public void testOldWspSpClient() throws Exception {
>>>> ClassPathXmlApplicationContext clientContext =
>>>> TestUtils.getContext(
>>>> "/META-INF/**oldWspSpClientContext.xml");
>>>>
>>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>>> "OldSpWspSimpleServiceClient",
>>>> OldSpWspSimpleService.class);
>>>>
>>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>>> simpleService);
>>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password");
>>>>
>>>> try {
>>>> simpleService.ping();
>>>> } catch (SOAPFaultException e) {
>>>> assertTrue(e.getMessage().**contains("MustUnderstand"));
>>>> }
>>>> }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com>
>>>> wrote:
>>>>
>>>> Hi,
>>>>>
>>>>> I changed over my java first samples to use your namespaces, and I also
>>>>> got the Must understand error.
>>>>>
>>>>> Since I can reproduce it, i will have a bit of a hunt around to see
>>>>> what
>>>>> the problem is.
>>>>>
>>>>>
>>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <
>>>>> jennifer@indivica.com>wrote:
>>>>>
>>>>> Hi,
>>>>>>
>>>>>> Thanks for your help.
>>>>>>
>>>>>> The project path did not export the appropriate jars to the
>>>>>> WEB-INF/lib
>>>>>> directory when being built, so I added them to the deployment
>>>>>> assembly step
>>>>>> in eclipse. I added all the dependencies as well.
>>>>>>
>>>>>> Unfortunately, I was still getting the same "mustunderstand headers
>>>>>> are
>>>>>> not understood" error message. But there's more. I'm also getting a
>>>>>> strange
>>>>>> message when Tomcat is deploying the application, from CXF:
>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>> handleNoRegisteredBuilder
>>>>>> WARNING: No assertion builder for type {
>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>>> .
>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>> handleNoRegisteredBuilder
>>>>>> WARNING: No assertion builder for type {
>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>>> .
>>>>>>
>>>>>> Jul 26, 2013 1:23:24 PM
>>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>>> handleNoRegisteredBuilder
>>>>>> WARNING: No assertion builder for type {
>>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>>> .
>>>>>>
>>>>>>
>>>>>> I thought that was weird because in all the examples I've seen the sp
>>>>>> namespace is http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>>> So I
>>>>>> made the change in the WSDL and I got the following message upon
>>>>>> restarting
>>>>>> the server:
>>>>>> Jul 26, 2013 1:25:16 PM
>>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>>> Wsdl11AttachmentPolicyProvider
>>>>>> getElementPolicy
>>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**
>>>>>> UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>>> not a <wsp:Policy> element.
>>>>>>
>>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty
>>>>>> close,
>>>>>> I'm lost at this point. Do you happen to have any further suggestions?
>>>>>>
>>>>>> Thanks
>>>>>> Jen
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>>> wrote:
>>>>>>
>>>>>> Hi,
>>>>>>>
>>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>>
>>>>>> MustUnderstandInterceptor.
>>>>>>
>>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>>>>>>
>>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>>
>>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to
>>>>>>> say
>>>>>>>
>>>>>> which headers they are able to proceed.
>>>>>>
>>>>>>> Security headers can be processed either by AbstractTokenInterceptor
>>>>>>>
>>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>>
>>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>>
>>>>>> WSS4JInInterceptor.java).
>>>>>>
>>>>>>> In your case no any from these interceptors is in chain on the
>>>>>>> service
>>>>>>>
>>>>>> side.
>>>>>>
>>>>>>> That could happens because:
>>>>>>> a) service uses other ws-policy (or nor policy) that doesn't activate
>>>>>>>
>>>>>> that interceptors
>>>>>>
>>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>>
>>>>>> interceptor
>>>>>>
>>>>>>> c) appropriate CXF jars are not available:
>>>>>>>
>>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>>
>>>>>>> Can you please check how your service is configured?
>>>>>>>
>>>>>>> Regards,
>>>>>>> Andrei.
>>>>>>>
>>>>>>>
>>>>>>> -----Original Message-----
>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>>> To: users@cxf.apache.org
>>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>>
>>>>>>> issue with
>>>>>>
>>>>>>> the WSDL file itself.
>>>>>>>>
>>>>>>>> My request matches the example provided by the author of the WSDL
>>>>>>>> file,
>>>>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>>>>> header is not understood" error.
>>>>>>>> Disabling the security policy allows the request to complete
>>>>>>>> properly.
>>>>>>>>
>>>>>>>> CXF is configured to read the security policy from the WSDL file,
>>>>>>>> and
>>>>>>>>
>>>>>>> I know
>>>>>>
>>>>>>> that part is working because if I miss a required part (the
>>>>>>>> timestamp,
>>>>>>>>
>>>>>>> for
>>>>>>
>>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>>
>>>>>>> parts have
>>>>>>
>>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>>
>>>>>>> although I'm
>>>>>>
>>>>>>> not sure.
>>>>>>>>
>>>>>>>> My reasons for building the service are because while there is a
>>>>>>>> WSDL
>>>>>>>> definition for the service, there's no way to access the service
>>>>>>>>
>>>>>>> itself. I know
>>>>>>
>>>>>>> exactly how the service is supposed to react to various inputs so I'm
>>>>>>>>
>>>>>>> trying to
>>>>>>
>>>>>>> build the same web service. It's for a health insurance card
>>>>>>>>
>>>>>>> validation service
>>>>>>
>>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>>
>>>>>>>> Thanks.
>>>>>>>> Jen
>>>>>>>>
>>>>>>>> ---------------------
>>>>>>>> HCValidationService.wsdl
>>>>>>>>
>>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>>> name="HCValidationService"
>>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>> "
>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>> "
>>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>>> "
>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>> "
>>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>>> **"
>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>> "
>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> "
>>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <types>
>>>>>>>> <xsd:schema>
>>>>>>>> <xsd:import
>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>>> <xsd:import
>>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>>> <xsd:import
>>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>>> <xsd:import
>>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>>> <xsd:import
>>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>>> </xsd:schema>
>>>>>>>> </types>
>>>>>>>>
>>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>>> <wsp:ExactlyOne>
>>>>>>>> <wsp:All>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>> <sp:UsernameToken>
>>>>>>>> <wsp:Policy>
>>>>>>>> <wsp:All>
>>>>>>>>
>>>>>>>> <sp:NoPassword/>
>>>>>>>>
>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:Policy>
>>>>>>>> </sp:UsernameToken>
>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>> </wsp:All>
>>>>>>>> <wsp:ExactlyOne>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header Name="EBS"
>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header Name="MSA"
>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="AuditId"
>>>>>>>> Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="UserID"
>>>>>>>> Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:ExactlyOne>
>>>>>>>> <wsp:ExactlyOne>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:SignedParts>
>>>>>>>> <sp:Header Name="EBS"
>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> <sp:Header Name="MSA"
>>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> <sp:Header
>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> "/>
>>>>>>>> <sp:Header
>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>> "/>
>>>>>>>> <sp:Body/>
>>>>>>>> </sp:SignedParts>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:ExactlyOne>
>>>>>>>> </wsp:All>
>>>>>>>> <wsp:All>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:SignedSupportingTokens>
>>>>>>>> <sp:UsernameToken>
>>>>>>>> <wsp:Policy>
>>>>>>>> <wsp:All>
>>>>>>>>
>>>>>>>> <sp:WssUsernameToken10/>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:Policy>
>>>>>>>> </sp:UsernameToken>
>>>>>>>> </sp:SignedSupportingTokens>
>>>>>>>> </wsp:All>
>>>>>>>> <wsp:ExactlyOne>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:SignedParts>
>>>>>>>> <sp:Header Name="EBS"
>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> <sp:Header Name="IDP"
>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> <sp:Header Name="Timestamp"
>>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>>> <sp:Header
>>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>> "/>
>>>>>>>> <sp:Body/>
>>>>>>>> </sp:SignedParts>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:ExactlyOne>
>>>>>>>>
>>>>>>>> <wsp:ExactlyOne>
>>>>>>>> <wsp:All>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header Name="EBS"
>>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header Name="IDP"
>>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="AuditId"
>>>>>>>> Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> <sp:RequiredParts>
>>>>>>>> <sp:Header
>>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> "/>
>>>>>>>> </sp:RequiredParts>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:ExactlyOne>
>>>>>>>> </wsp:All>
>>>>>>>> </wsp:ExactlyOne>
>>>>>>>> </wsp:Policy>
>>>>>>>>
>>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>>> name="ebsrequest_header"/>
>>>>>>>> </wsdl:message>
>>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>>> name="msarequest_header"/>
>>>>>>>> </wsdl:message>
>>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>>> name="idprequest_header"/>
>>>>>>>> </wsdl:message>
>>>>>>>>
>>>>>>>> <message name="validate">
>>>>>>>> <wsdl:part element="hcv:validate" name="parameters"/>
>>>>>>>> </message>
>>>>>>>>
>>>>>>>> <message name="validateResponse">
>>>>>>>> <part element="hcv:validateResponse"
>>>>>>>> name="parameters"/>
>>>>>>>> </message>
>>>>>>>>
>>>>>>>> <message name="faultexception">
>>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>>> </message>
>>>>>>>>
>>>>>>>> <portType name="HCValidation">
>>>>>>>> <operation name="validate">
>>>>>>>> <input message="hcv:validate"/>
>>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>>> <fault message="hcv:faultexception"
>>>>>>>> name="FaultException"/>
>>>>>>>> </operation>
>>>>>>>> </portType>
>>>>>>>>
>>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>>> type="hcv:HCValidation">
>>>>>>>> <soap:binding style="document"
>>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>>> "/>
>>>>>>>>
>>>>>>>> <operation name="validate">
>>>>>>>> <soap:operation soapAction=""/>
>>>>>>>> <input>
>>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>>> <wsdlsoap:header
>>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>>> <wsdlsoap:header
>>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>>> <wsdlsoap:header
>>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>>> use="literal"/>
>>>>>>>> </input>
>>>>>>>> <output>
>>>>>>>> <soap:body use="literal"/>
>>>>>>>> </output>
>>>>>>>> <fault name="FaultException">
>>>>>>>> <soap:fault name="FaultException"
>>>>>>>> use="literal"/>
>>>>>>>> </fault>
>>>>>>>> </operation>
>>>>>>>> </binding>
>>>>>>>>
>>>>>>>> <service name="HCValidationService">
>>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>>> name="HCValidationPort">
>>>>>>>> <soap:address
>>>>>>>> location="
>>>>>>>>
>>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>>
>>>>>>> rvice"/>
>>>>>>>> </port>
>>>>>>>> </service>
>>>>>>>> </definitions>
>>>>>>>>
>>>>>>>> ---------------------
>>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>>
>>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>>> "
>>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>>> "
>>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>>> "
>>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>> "
>>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>>> "
>>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>>> "
>>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>>> "
>>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>>> "
>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>> ">
>>>>>>>> <soapenv:Header>
>>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> ">
>>>>>>>> <SoftwareConformanceKey>**444561ee-277f-77b2-
>>>>>>>> c664-7a9923jfgh1b
>>>>>>>> </SoftwareConformanceKey>
>>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>>> 21b707ca8a53</AuditId>
>>>>>>>> </ns2:EBS>
>>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> ">
>>>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID>
>>>>>>>> </ns2:IDP>
>>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>>> <wsu:Created>2012-06-
>>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>>> <wsu:Expires>2012-06-
>>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>>> </wsu:Timestamp>
>>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>>
>>>>>>>>
>>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>>> </wsse:Username>
>>>>>>>> <wsse:Password
>>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>>> </wsse:UsernameToken>
>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>> 1.0#Base64Binary"
>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>> "
>>>>>>>> wsu:Id="X509-
>>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>>
>>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>>
>>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>>> wNTJaM
>>>>>>>>
>>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>>> TDj
>>>>>>>>
>>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>>
>>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**
>>>>>>>> o
>>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>>
>>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>>
>>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>> ">
>>>>>>>> <ds:SignedInfo>
>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-
>>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>> <ds:SignatureMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>> />
>>>>>>>> <ds:Reference URI="#id-1">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>>>> wsu xs xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**hAp3ByFuG9c
>>>>>>>> Hs=
>>>>>>>> </ds:DigestValue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-2">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>>>> wsu xs xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE
>>>>>>>> Oz3E=
>>>>>>>> </ds:DigestValue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-3">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp
>>>>>>>> wsse xs
>>>>>>>> xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>>> GGE=
>>>>>>>> </ds:DigestValue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-4">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu
>>>>>>>> xs
>>>>>>>> xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>>> Gjo=
>>>>>>>> </ds:DigestValue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-5">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>>
>>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs
>>>>>>>> xsi"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>>> 9Y=
>>>>>>>> </ds:DigestValue>
>>>>>>>> </ds:Reference>
>>>>>>>> </ds:SignedInfo>
>>>>>>>> <ds:SignatureValue>
>>>>>>>>
>>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg
>>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>>
>>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>>> LaD+S/j3QKc=
>>>>>>>> </ds:SignatureValue>
>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>>> <wsse:Reference
>>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>>
>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>> </ds:KeyInfo>
>>>>>>>> </ds:Signature>
>>>>>>>> </wsse:Security>
>>>>>>>> </soapenv:Header>
>>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>>
>>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "
>>>>>>
>>>>>>> xmlns:ns3="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> ">
>>>>>>>> <requests>
>>>>>>>> <hcvRequest>
>>>>>>>>
>>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>>> <versionCode>WW</versionCode>
>>>>>>>> </hcvRequest>
>>>>>>>> </requests>
>>>>>>>> <locale>en</locale>
>>>>>>>> </ns5:validate>
>>>>>>>> </soapenv:Body>
>>>>>>>> </soapenv:Envelope>
>>>>>>>>
>>>>>>>> -------------------
>>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>>
>>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>>> "
>>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>> ">
>>>>>>>> <soapenv:Header>
>>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>>> "
>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> ">
>>>>>>>> <wsse:BinarySecurityToken
>>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>>> 1.0#Base64Binary"
>>>>>>>> ValueType="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>>> "
>>>>>>>> wsu:Id="X509-
>>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>>
>>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>>
>>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>>
>>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>>
>>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>>
>>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>>
>>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>>
>>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>>
>>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>>
>>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>>
>>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>>
>>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>>
>>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>>> OM0XL3xwzblWi++B
>>>>>>>> </wsse:BinarySecurityToken>
>>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>>> ">
>>>>>>>> <ds:SignedInfo>
>>>>>>>> <ds:CanonicalizationMethod
>>>>>>>>
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces
>>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>> </ds:CanonicalizationMethod>
>>>>>>>> <ds:SignatureMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>>> />
>>>>>>>> <ds:Reference URI="#id-7">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**
>>>>>>>> DigestVal
>>>>>>>> ue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-8">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**
>>>>>>>> DigestVal
>>>>>>>> ue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>>> soapenv"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**
>>>>>>>> ds:DigestVal
>>>>>>>> ue>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference
>>>>>>>> URI="#UsernameToken-28">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>>> ds:DigestValu
>>>>>>>> e>
>>>>>>>> </ds:Reference>
>>>>>>>> <ds:Reference URI="#id-12">
>>>>>>>> <ds:Transforms>
>>>>>>>> <ds:Transform
>>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>>
>>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> </ds:Transform>
>>>>>>>> </ds:Transforms>
>>>>>>>> <ds:DigestMethod
>>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>>> />
>>>>>>>>
>>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>>> ds:DigestValue
>>>>>>>> </ds:Reference>
>>>>>>>> </ds:SignedInfo>
>>>>>>>>
>>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**
>>>>>>>> UZ51zrXi3
>>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>>
>>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>>
>>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>>
>>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp
>>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>>
>>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>>> </ds:SignatureValue>
>>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>>> <wsse:SecurityTokenReference
>>>>>>>> wsu:Id="STR-
>>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>>> <wsse:Reference
>>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>>
>>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>>> </wsse:SecurityTokenReference>
>>>>>>>> </ds:KeyInfo>
>>>>>>>> </ds:Signature>
>>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>>> <wsu:Created>2013-07-
>>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>>> <wsu:Expires>2013-07-
>>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>>> </wsu:Timestamp>
>>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>>> 28">
>>>>>>>> <wsse:Username>abc</wsse:**Username>
>>>>>>>> <wsse:Password
>>>>>>>> Type="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>>> </wsse:UsernameToken>
>>>>>>>> </wsse:Security>
>>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> ">
>>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>>> </idp:IDP>
>>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**
>>>>>>>> 1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>>> ">
>>>>>>>>
>>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>>> <AuditId>12345</AuditId>
>>>>>>>> </ebs:EBS>
>>>>>>>> </soapenv:Header>
>>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>>> <hcv:validate>
>>>>>>>> <requests>
>>>>>>>> <hcvRequest>
>>>>>>>>
>>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>>> <versionCode>AB</versionCode>
>>>>>>>> </hcvRequest>
>>>>>>>> </requests>
>>>>>>>> </hcv:validate>
>>>>>>>> </soapenv:Body>
>>>>>>>> </soapenv:Envelope>
>>>>>>>>
>>>>>>>>
>>>>>>>> -----------------------
>>>>>>>> Response (In either case):
>>>>>>>>
>>>>>>>> <soap:Envelope
>>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>>> ">
>>>>>>>> <soap:Body>
>>>>>>>> <soap:Fault>
>>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>>> </soap:Fault>
>>>>>>>> </soap:Body>
>>>>>>>> </soap:Envelope>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>>
>>>>>>> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> It seems that your service doesn't use the same WS-Policy as
>>>>>>>>> client,
>>>>>>>>>
>>>>>>>> therefore appropriate interceptors are not activated on the service
>>>>>>>>
>>>>>>> side.
>>>>>>
>>>>>>> Could you double check that?
>>>>>>>>>
>>>>>>>>> Exact request and response will be also useful for further analyse.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Andrei.
>>>>>>>>>
>>>>>>>>> -----Original Message-----
>>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>>
>>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>>
>>>>>>>>>> I created a project from a WSDL file (I didn't create it) with the
>>>>>>>>>> intention of implementing the service that it describes. The WSDL
>>>>>>>>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run
>>>>>>>>>> a
>>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>>> understood"
>>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>>
>>>>>>>>>> I've read on the documentation of CXF that additional dependencies
>>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy work,
>>>>>>>>>> but
>>>>>>>>>> I've used Eclipse's deployment method and given it the entire CXF
>>>>>>>>>> ZIP
>>>>>>>>>> file as downloaded from the project website as the CXF Runtime. Is
>>>>>>>>>> there anything that I'm missing? Or is there a better way for me
>>>>>>>>>> to
>>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>>
>>>>>>>>>> Thanks for any help.
>>>>>>>>>> Jen
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>
>>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
In fact just replacing the SP namespace should do it. The xmlns:wsp="
http://schemas.xmlsoap.org/ws/2004/09/policy" seems to not be the problem.
So just change the sp to:
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
On Sat, Jul 27, 2013 at 1:55 PM, Jason Pell <ja...@pellcorp.com> wrote:
> Changing the namespaces to the following will allow it to work with CXF:
>
> xmlns:wsp="http://www.w3.org/ns/ws-policy"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
>
>
>
> On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Hi,
>>
>> Thanks for your message. The WSDL file clearly contains a number of
>> errors and so I'm happy to change it. The owners of the service will have
>> to adjust it anyway. What should I change the namespaces to?
>>
>> Thanks again
>> Jen
>>
>>
>>
>>
>> On 2013/07/26 23:16, Jason Pell wrote:
>>
>>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>>
>>> This test case reproduces your issue I think. Changing the namespaces of
>>> the policy file will actually fix this, but probably not an option for
>>> you.
>>>
>>> public void testOldWspSpClient() throws Exception {
>>> ClassPathXmlApplicationContext clientContext =
>>> TestUtils.getContext(
>>> "/META-INF/**oldWspSpClientContext.xml");
>>>
>>> OldSpWspSimpleService simpleService = clientContext.getBean(
>>> "OldSpWspSimpleServiceClient",
>>> OldSpWspSimpleService.class);
>>>
>>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>>> simpleService);
>>> TestUtils.**setPasswordProperties(wssOut, "alice", "password");
>>>
>>> try {
>>> simpleService.ping();
>>> } catch (SOAPFaultException e) {
>>> assertTrue(e.getMessage().**contains("MustUnderstand"));
>>> }
>>> }
>>>
>>>
>>>
>>>
>>>
>>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>>
>>> Hi,
>>>>
>>>> I changed over my java first samples to use your namespaces, and I also
>>>> got the Must understand error.
>>>>
>>>> Since I can reproduce it, i will have a bit of a hunt around to see what
>>>> the problem is.
>>>>
>>>>
>>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <jennifer@indivica.com
>>>> >wrote:
>>>>
>>>> Hi,
>>>>>
>>>>> Thanks for your help.
>>>>>
>>>>> The project path did not export the appropriate jars to the WEB-INF/lib
>>>>> directory when being built, so I added them to the deployment assembly
>>>>> step
>>>>> in eclipse. I added all the dependencies as well.
>>>>>
>>>>> Unfortunately, I was still getting the same "mustunderstand headers are
>>>>> not understood" error message. But there's more. I'm also getting a
>>>>> strange
>>>>> message when Tomcat is deploying the application, from CXF:
>>>>> Jul 26, 2013 1:23:24 PM
>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>> handleNoRegisteredBuilder
>>>>> WARNING: No assertion builder for type {
>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>>> .
>>>>> Jul 26, 2013 1:23:24 PM
>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>> handleNoRegisteredBuilder
>>>>> WARNING: No assertion builder for type {
>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>>> .
>>>>>
>>>>> Jul 26, 2013 1:23:24 PM
>>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>>> handleNoRegisteredBuilder
>>>>> WARNING: No assertion builder for type {
>>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>>> .
>>>>>
>>>>>
>>>>> I thought that was weird because in all the examples I've seen the sp
>>>>> namespace is http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>>> So I
>>>>> made the change in the WSDL and I got the following message upon
>>>>> restarting
>>>>> the server:
>>>>> Jul 26, 2013 1:25:16 PM
>>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>>> Wsdl11AttachmentPolicyProvider
>>>>> getElementPolicy
>>>>> WARNING: Failed to build the policy 'request-policy':{
>>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>>> not a <wsp:Policy> element.
>>>>>
>>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**
>>>>> 2004/09/policy <http://schemas.xmlsoap.org/ws/2004/09/policy>,
>>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty
>>>>> close,
>>>>> I'm lost at this point. Do you happen to have any further suggestions?
>>>>>
>>>>> Thanks
>>>>> Jen
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>>> wrote:
>>>>>
>>>>> Hi,
>>>>>>
>>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>>
>>>>> MustUnderstandInterceptor.
>>>>>
>>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>>>>>
>>>>> message can be processed by at least one CXF interceptor in chain.
>>>>>
>>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to say
>>>>>>
>>>>> which headers they are able to proceed.
>>>>>
>>>>>> Security headers can be processed either by AbstractTokenInterceptor
>>>>>>
>>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>>
>>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>>
>>>>> WSS4JInInterceptor.java).
>>>>>
>>>>>> In your case no any from these interceptors is in chain on the service
>>>>>>
>>>>> side.
>>>>>
>>>>>> That could happens because:
>>>>>> a) service uses other ws-policy (or nor policy) that doesn't activate
>>>>>>
>>>>> that interceptors
>>>>>
>>>>>> b) service uses no ws-policy way and not configured with security
>>>>>>
>>>>> interceptor
>>>>>
>>>>>> c) appropriate CXF jars are not available:
>>>>>>
>>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>>
>>>>>> Can you please check how your service is configured?
>>>>>>
>>>>>> Regards,
>>>>>> Andrei.
>>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>>> To: users@cxf.apache.org
>>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>>
>>>>>> issue with
>>>>>
>>>>>> the WSDL file itself.
>>>>>>>
>>>>>>> My request matches the example provided by the author of the WSDL
>>>>>>> file,
>>>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>>>> header is not understood" error.
>>>>>>> Disabling the security policy allows the request to complete
>>>>>>> properly.
>>>>>>>
>>>>>>> CXF is configured to read the security policy from the WSDL file, and
>>>>>>>
>>>>>> I know
>>>>>
>>>>>> that part is working because if I miss a required part (the timestamp,
>>>>>>>
>>>>>> for
>>>>>
>>>>>> example) in the header, CXF complains that not all of the required
>>>>>>>
>>>>>> parts have
>>>>>
>>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>>
>>>>>> although I'm
>>>>>
>>>>>> not sure.
>>>>>>>
>>>>>>> My reasons for building the service are because while there is a WSDL
>>>>>>> definition for the service, there's no way to access the service
>>>>>>>
>>>>>> itself. I know
>>>>>
>>>>>> exactly how the service is supposed to react to various inputs so I'm
>>>>>>>
>>>>>> trying to
>>>>>
>>>>>> build the same web service. It's for a health insurance card
>>>>>>>
>>>>>> validation service
>>>>>
>>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>>
>>>>>>> Thanks.
>>>>>>> Jen
>>>>>>>
>>>>>>> ---------------------
>>>>>>> HCValidationService.wsdl
>>>>>>>
>>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>>> name="HCValidationService"
>>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>> "
>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>> "
>>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>>> "
>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>> "
>>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>>> **"
>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>> "
>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> "
>>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>> ">
>>>>>>>
>>>>>>> <types>
>>>>>>> <xsd:schema>
>>>>>>> <xsd:import
>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>>> <xsd:import
>>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> "
>>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>>> <xsd:import
>>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>>> <xsd:import
>>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>>> <xsd:import
>>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>>> </xsd:schema>
>>>>>>> </types>
>>>>>>>
>>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>>> <wsp:ExactlyOne>
>>>>>>> <wsp:All>
>>>>>>> <wsp:All>
>>>>>>> <sp:SignedSupportingTokens>
>>>>>>> <sp:UsernameToken>
>>>>>>> <wsp:Policy>
>>>>>>> <wsp:All>
>>>>>>>
>>>>>>> <sp:NoPassword/>
>>>>>>>
>>>>>>> <sp:WssUsernameToken10/>
>>>>>>> </wsp:All>
>>>>>>> </wsp:Policy>
>>>>>>> </sp:UsernameToken>
>>>>>>> </sp:SignedSupportingTokens>
>>>>>>> </wsp:All>
>>>>>>> <wsp:ExactlyOne>
>>>>>>> <wsp:All>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header Name="EBS"
>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header Name="MSA"
>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="AuditId"
>>>>>>> Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="UserID"
>>>>>>> Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> </wsp:All>
>>>>>>> </wsp:ExactlyOne>
>>>>>>> <wsp:ExactlyOne>
>>>>>>> <wsp:All>
>>>>>>> <sp:SignedParts>
>>>>>>> <sp:Header Name="EBS"
>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> <sp:Header Name="MSA"
>>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> <sp:Header
>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> "/>
>>>>>>> <sp:Header
>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>> "/>
>>>>>>> <sp:Body/>
>>>>>>> </sp:SignedParts>
>>>>>>> </wsp:All>
>>>>>>> </wsp:ExactlyOne>
>>>>>>> </wsp:All>
>>>>>>> <wsp:All>
>>>>>>> <wsp:All>
>>>>>>> <sp:SignedSupportingTokens>
>>>>>>> <sp:UsernameToken>
>>>>>>> <wsp:Policy>
>>>>>>> <wsp:All>
>>>>>>>
>>>>>>> <sp:WssUsernameToken10/>
>>>>>>> </wsp:All>
>>>>>>> </wsp:Policy>
>>>>>>> </sp:UsernameToken>
>>>>>>> </sp:SignedSupportingTokens>
>>>>>>> </wsp:All>
>>>>>>> <wsp:ExactlyOne>
>>>>>>> <wsp:All>
>>>>>>> <sp:SignedParts>
>>>>>>> <sp:Header Name="EBS"
>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> <sp:Header Name="IDP"
>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> <sp:Header Name="Timestamp"
>>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>>> <sp:Header
>>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>> "/>
>>>>>>> <sp:Body/>
>>>>>>> </sp:SignedParts>
>>>>>>> </wsp:All>
>>>>>>> </wsp:ExactlyOne>
>>>>>>>
>>>>>>> <wsp:ExactlyOne>
>>>>>>> <wsp:All>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header Name="EBS"
>>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header Name="IDP"
>>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="AuditId"
>>>>>>> Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>>> </sp:RequiredParts>
>>>>>>> <sp:RequiredParts>
>>>>>>> <sp:Header
>>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> "/>
>>>>>>> </sp:RequiredParts>
>>>>>>> </wsp:All>
>>>>>>> </wsp:ExactlyOne>
>>>>>>> </wsp:All>
>>>>>>> </wsp:ExactlyOne>
>>>>>>> </wsp:Policy>
>>>>>>>
>>>>>>> <wsdl:message name="EBSHeader">
>>>>>>> <wsdl:part element="ebs:EBS"
>>>>>>> name="ebsrequest_header"/>
>>>>>>> </wsdl:message>
>>>>>>> <wsdl:message name="MSAHeader">
>>>>>>> <wsdl:part element="msa:MSA"
>>>>>>> name="msarequest_header"/>
>>>>>>> </wsdl:message>
>>>>>>> <wsdl:message name="IDPHeader">
>>>>>>> <wsdl:part element="idp:IDP"
>>>>>>> name="idprequest_header"/>
>>>>>>> </wsdl:message>
>>>>>>>
>>>>>>> <message name="validate">
>>>>>>> <wsdl:part element="hcv:validate" name="parameters"/>
>>>>>>> </message>
>>>>>>>
>>>>>>> <message name="validateResponse">
>>>>>>> <part element="hcv:validateResponse"
>>>>>>> name="parameters"/>
>>>>>>> </message>
>>>>>>>
>>>>>>> <message name="faultexception">
>>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>>> </message>
>>>>>>>
>>>>>>> <portType name="HCValidation">
>>>>>>> <operation name="validate">
>>>>>>> <input message="hcv:validate"/>
>>>>>>> <output message="hcv:validateResponse"**/>
>>>>>>> <fault message="hcv:faultexception"
>>>>>>> name="FaultException"/>
>>>>>>> </operation>
>>>>>>> </portType>
>>>>>>>
>>>>>>> <binding name="HCValidationPortBinding"
>>>>>>> type="hcv:HCValidation">
>>>>>>> <soap:binding style="document"
>>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>>> "/>
>>>>>>>
>>>>>>> <operation name="validate">
>>>>>>> <soap:operation soapAction=""/>
>>>>>>> <input>
>>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>>> <wsdlsoap:header
>>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>>> <wsdlsoap:header
>>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>>> <wsdlsoap:header
>>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>>> <wsdlsoap:body parts="parameters"
>>>>>>> use="literal"/>
>>>>>>> </input>
>>>>>>> <output>
>>>>>>> <soap:body use="literal"/>
>>>>>>> </output>
>>>>>>> <fault name="FaultException">
>>>>>>> <soap:fault name="FaultException"
>>>>>>> use="literal"/>
>>>>>>> </fault>
>>>>>>> </operation>
>>>>>>> </binding>
>>>>>>>
>>>>>>> <service name="HCValidationService">
>>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>>> name="HCValidationPort">
>>>>>>> <soap:address
>>>>>>> location="
>>>>>>>
>>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>>
>>>>>> rvice"/>
>>>>>>> </port>
>>>>>>> </service>
>>>>>>> </definitions>
>>>>>>>
>>>>>>> ---------------------
>>>>>>> Sample Request (provided by author of WSDL)
>>>>>>>
>>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>>> "
>>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>>> "
>>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>>> "
>>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>> "
>>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>>> "
>>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>>> "
>>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>>> "
>>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>>> "
>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>> ">
>>>>>>> <soapenv:Header>
>>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> ">
>>>>>>> <SoftwareConformanceKey>**444561ee-277f-77b2-
>>>>>>> c664-7a9923jfgh1b
>>>>>>> </SoftwareConformanceKey>
>>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>>> 21b707ca8a53</AuditId>
>>>>>>> </ns2:EBS>
>>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> ">
>>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID>
>>>>>>> </ns2:IDP>
>>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>>> <wsu:Created>2012-06-
>>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>>> <wsu:Expires>2012-06-
>>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>>> </wsu:Timestamp>
>>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>>
>>>>>>>
>>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>>> </wsse:Username>
>>>>>>> <wsse:Password
>>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>>> </wsse:UsernameToken>
>>>>>>> <wsse:BinarySecurityToken
>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>> 1.0#Base64Binary"
>>>>>>> ValueType="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>> "
>>>>>>> wsu:Id="X509-
>>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>>
>>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>>
>>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>>> wNTJaM
>>>>>>>
>>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>>> TDj
>>>>>>>
>>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>>
>>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>>
>>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>>
>>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>>> </wsse:BinarySecurityToken>
>>>>>>> <ds:Signature Id="SIG-6"
>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>> ">
>>>>>>> <ds:SignedInfo>
>>>>>>> <ds:CanonicalizationMethod
>>>>>>>
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-
>>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:CanonicalizationMethod>
>>>>>>> <ds:SignatureMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>> />
>>>>>>> <ds:Reference URI="#id-1">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>>> wsu xs xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**hAp3ByFuG9c
>>>>>>> Hs=
>>>>>>> </ds:DigestValue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-2">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>>> wsu xs xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE
>>>>>>> Oz3E=
>>>>>>> </ds:DigestValue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-3">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>>> xs
>>>>>>> xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>>> GGE=
>>>>>>> </ds:DigestValue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-4">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu
>>>>>>> xs
>>>>>>> xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>>
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc
>>>>>>> Gjo=
>>>>>>> </ds:DigestValue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-5">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces
>>>>>>>
>>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs
>>>>>>> xsi"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>>> 9Y=
>>>>>>> </ds:DigestValue>
>>>>>>> </ds:Reference>
>>>>>>> </ds:SignedInfo>
>>>>>>> <ds:SignatureValue>
>>>>>>>
>>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg
>>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>>
>>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>>> LaD+S/j3QKc=
>>>>>>> </ds:SignatureValue>
>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>>> <wsse:SecurityTokenReference
>>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>>> <wsse:Reference
>>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>>
>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>> </wsse:SecurityTokenReference>
>>>>>>> </ds:KeyInfo>
>>>>>>> </ds:Signature>
>>>>>>> </wsse:Security>
>>>>>>> </soapenv:Header>
>>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>>> <ns5:validate xmlns:ns4="
>>>>>>>
>>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>>> "
>>>>>
>>>>>> xmlns:ns3="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> ">
>>>>>>> <requests>
>>>>>>> <hcvRequest>
>>>>>>>
>>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>>> <versionCode>WW</versionCode>
>>>>>>> </hcvRequest>
>>>>>>> </requests>
>>>>>>> <locale>en</locale>
>>>>>>> </ns5:validate>
>>>>>>> </soapenv:Body>
>>>>>>> </soapenv:Envelope>
>>>>>>>
>>>>>>> -------------------
>>>>>>> Sample Request (Built via SoapUI)
>>>>>>>
>>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>>> "
>>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>> ">
>>>>>>> <soapenv:Header>
>>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>>> "
>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> ">
>>>>>>> <wsse:BinarySecurityToken
>>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>>> 1.0#Base64Binary"
>>>>>>> ValueType="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>>> "
>>>>>>> wsu:Id="X509-
>>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>>
>>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>>
>>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>>
>>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>>
>>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>>
>>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>>
>>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>>
>>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>>
>>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>>
>>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>>
>>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>>
>>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>>
>>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>>> OM0XL3xwzblWi++B
>>>>>>> </wsse:BinarySecurityToken>
>>>>>>> <ds:Signature Id="SIG-30"
>>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>>> ">
>>>>>>> <ds:SignedInfo>
>>>>>>> <ds:CanonicalizationMethod
>>>>>>>
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>> <ec:InclusiveNamespaces
>>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:CanonicalizationMethod>
>>>>>>> <ds:SignatureMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>>> />
>>>>>>> <ds:Reference URI="#id-7">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**DigestVal
>>>>>>> ue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-8">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**DigestVal
>>>>>>> ue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#TS-29">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>>> soapenv"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**ds:DigestVal
>>>>>>> ue>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference
>>>>>>> URI="#UsernameToken-28">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**
>>>>>>> ds:DigestValu
>>>>>>> e>
>>>>>>> </ds:Reference>
>>>>>>> <ds:Reference URI="#id-12">
>>>>>>> <ds:Transforms>
>>>>>>> <ds:Transform
>>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>>> ">
>>>>>>>
>>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>>
>>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>>> />
>>>>>>> </ds:Transform>
>>>>>>> </ds:Transforms>
>>>>>>> <ds:DigestMethod
>>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>>> />
>>>>>>>
>>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>>> ds:DigestValue
>>>>>>> </ds:Reference>
>>>>>>> </ds:SignedInfo>
>>>>>>>
>>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**UZ51zrXi3
>>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>>
>>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>>
>>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>>
>>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp
>>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>>
>>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>>> </ds:SignatureValue>
>>>>>>> <ds:KeyInfo Id="KI-
>>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>>> <wsse:SecurityTokenReference
>>>>>>> wsu:Id="STR-
>>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>>> <wsse:Reference
>>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>>
>>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>>> </wsse:SecurityTokenReference>
>>>>>>> </ds:KeyInfo>
>>>>>>> </ds:Signature>
>>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>>> <wsu:Created>2013-07-
>>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>>> <wsu:Expires>2013-07-
>>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>>> </wsu:Timestamp>
>>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>>> 28">
>>>>>>> <wsse:Username>abc</wsse:**Username>
>>>>>>> <wsse:Password
>>>>>>> Type="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>>> </wsse:UsernameToken>
>>>>>>> </wsse:Security>
>>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> ">
>>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>>> </idp:IDP>
>>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>>> ">
>>>>>>>
>>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>>> <AuditId>12345</AuditId>
>>>>>>> </ebs:EBS>
>>>>>>> </soapenv:Header>
>>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>>> <hcv:validate>
>>>>>>> <requests>
>>>>>>> <hcvRequest>
>>>>>>>
>>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>>> <versionCode>AB</versionCode>
>>>>>>> </hcvRequest>
>>>>>>> </requests>
>>>>>>> </hcv:validate>
>>>>>>> </soapenv:Body>
>>>>>>> </soapenv:Envelope>
>>>>>>>
>>>>>>>
>>>>>>> -----------------------
>>>>>>> Response (In either case):
>>>>>>>
>>>>>>> <soap:Envelope
>>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>>> ">
>>>>>>> <soap:Body>
>>>>>>> <soap:Fault>
>>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>>> </soap:Fault>
>>>>>>> </soap:Body>
>>>>>>> </soap:Envelope>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>>>>>>>
>>>>>> wrote:
>>>>>
>>>>>> Hi,
>>>>>>>>
>>>>>>>> It seems that your service doesn't use the same WS-Policy as client,
>>>>>>>>
>>>>>>> therefore appropriate interceptors are not activated on the service
>>>>>>>
>>>>>> side.
>>>>>
>>>>>> Could you double check that?
>>>>>>>>
>>>>>>>> Exact request and response will be also useful for further analyse.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Andrei.
>>>>>>>>
>>>>>>>> -----Original Message-----
>>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>>> To: users@cxf.apache.org
>>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>>
>>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>>
>>>>>>>>> I created a project from a WSDL file (I didn't create it) with the
>>>>>>>>> intention of implementing the service that it describes. The WSDL
>>>>>>>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
>>>>>>>>> sample request that includes all of those components in the
>>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>>> understood"
>>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>>
>>>>>>>>> I've read on the documentation of CXF that additional dependencies
>>>>>>>>> must be included in the classpath to have WS-SecurityPolicy work,
>>>>>>>>> but
>>>>>>>>> I've used Eclipse's deployment method and given it the entire CXF
>>>>>>>>> ZIP
>>>>>>>>> file as downloaded from the project website as the CXF Runtime. Is
>>>>>>>>> there anything that I'm missing? Or is there a better way for me to
>>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>>
>>>>>>>>> Thanks for any help.
>>>>>>>>> Jen
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Changing the namespaces to the following will allow it to work with CXF:
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
On Sat, Jul 27, 2013 at 1:39 PM, Jennifer Ruttan <je...@indivica.com>wrote:
> Hi,
>
> Thanks for your message. The WSDL file clearly contains a number of errors
> and so I'm happy to change it. The owners of the service will have to
> adjust it anyway. What should I change the namespaces to?
>
> Thanks again
> Jen
>
>
>
>
> On 2013/07/26 23:16, Jason Pell wrote:
>
>> https://github.com/pellcorp/**cxf/blob/master/JavaFirst/src/**
>> test/java/com/pellcorp/server/**PolicyServiceTest.java<https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java>
>>
>> This test case reproduces your issue I think. Changing the namespaces of
>> the policy file will actually fix this, but probably not an option for
>> you.
>>
>> public void testOldWspSpClient() throws Exception {
>> ClassPathXmlApplicationContext clientContext = TestUtils.getContext(
>> "/META-INF/**oldWspSpClientContext.xml");
>>
>> OldSpWspSimpleService simpleService = clientContext.getBean(
>> "OldSpWspSimpleServiceClient",
>> OldSpWspSimpleService.class);
>>
>> WSS4JOutInterceptor wssOut = TestUtils.**getWssOutInterceptor(
>> simpleService);
>> TestUtils.**setPasswordProperties(wssOut, "alice", "password");
>>
>> try {
>> simpleService.ping();
>> } catch (SOAPFaultException e) {
>> assertTrue(e.getMessage().**contains("MustUnderstand"));
>> }
>> }
>>
>>
>>
>>
>>
>> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> wrote:
>>
>> Hi,
>>>
>>> I changed over my java first samples to use your namespaces, and I also
>>> got the Must understand error.
>>>
>>> Since I can reproduce it, i will have a bit of a hunt around to see what
>>> the problem is.
>>>
>>>
>>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <jennifer@indivica.com
>>> >wrote:
>>>
>>> Hi,
>>>>
>>>> Thanks for your help.
>>>>
>>>> The project path did not export the appropriate jars to the WEB-INF/lib
>>>> directory when being built, so I added them to the deployment assembly
>>>> step
>>>> in eclipse. I added all the dependencies as well.
>>>>
>>>> Unfortunately, I was still getting the same "mustunderstand headers are
>>>> not understood" error message. But there's more. I'm also getting a
>>>> strange
>>>> message when Tomcat is deploying the application, from CXF:
>>>> Jul 26, 2013 1:23:24 PM
>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>> handleNoRegisteredBuilder
>>>> WARNING: No assertion builder for type {
>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>> SignedSupportingTokensregister**ed<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedSupportingTokensregistered>
>>>> .
>>>> Jul 26, 2013 1:23:24 PM
>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>> handleNoRegisteredBuilder
>>>> WARNING: No assertion builder for type {
>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>> RequiredPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DRequiredPartsregistered>
>>>> .
>>>>
>>>> Jul 26, 2013 1:23:24 PM
>>>> org.apache.cxf.ws.policy.**AssertionBuilderRegistryImpl
>>>> handleNoRegisteredBuilder
>>>> WARNING: No assertion builder for type {
>>>> http://docs.oasis-open.org/ws-**sx/ws-securitypolicy/200512}**
>>>> SignedPartsregistered<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512%7DSignedPartsregistered>
>>>> .
>>>>
>>>>
>>>> I thought that was weird because in all the examples I've seen the sp
>>>> namespace is http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>.
>>>> So I
>>>> made the change in the WSDL and I got the following message upon
>>>> restarting
>>>> the server:
>>>> Jul 26, 2013 1:25:16 PM
>>>> org.apache.cxf.ws.policy.**attachment.wsdl11.**
>>>> Wsdl11AttachmentPolicyProvider
>>>> getElementPolicy
>>>> WARNING: Failed to build the policy 'request-policy':{
>>>> http://schemas.xmlsoap.org/ws/**2005/07/securitypolicy}**UsernameToken<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy%7DUsernameToken>is
>>>> not a <wsp:Policy> element.
>>>>
>>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/**2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>> ,
>>>> and I'm pretty sure that's correct. Although I feel like I'm pretty
>>>> close,
>>>> I'm lost at this point. Do you happen to have any further suggestions?
>>>>
>>>> Thanks
>>>> Jen
>>>>
>>>>
>>>>
>>>>
>>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com>
>>>> wrote:
>>>>
>>>> Hi,
>>>>>
>>>>> "mustunderstand header is not understood" error is thrown by CXF
>>>>>
>>>> MustUnderstandInterceptor.
>>>>
>>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>>>>
>>>> message can be processed by at least one CXF interceptor in chain.
>>>>
>>>>> For that CXF interceptors provide getUnderstoodHeaders() method to say
>>>>>
>>>> which headers they are able to proceed.
>>>>
>>>>> Security headers can be processed either by AbstractTokenInterceptor
>>>>>
>>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>>
>>>>> (extended by PolicyBasedWSS4JInInterceptor.**java,
>>>>>
>>>> WSS4JInInterceptor.java).
>>>>
>>>>> In your case no any from these interceptors is in chain on the service
>>>>>
>>>> side.
>>>>
>>>>> That could happens because:
>>>>> a) service uses other ws-policy (or nor policy) that doesn't activate
>>>>>
>>>> that interceptors
>>>>
>>>>> b) service uses no ws-policy way and not configured with security
>>>>>
>>>> interceptor
>>>>
>>>>> c) appropriate CXF jars are not available:
>>>>>
>>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>>
>>>>> Can you please check how your service is configured?
>>>>>
>>>>> Regards,
>>>>> Andrei.
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>>> To: users@cxf.apache.org
>>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>>>>>
>>>>> issue with
>>>>
>>>>> the WSDL file itself.
>>>>>>
>>>>>> My request matches the example provided by the author of the WSDL
>>>>>> file,
>>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>>> header is not understood" error.
>>>>>> Disabling the security policy allows the request to complete properly.
>>>>>>
>>>>>> CXF is configured to read the security policy from the WSDL file, and
>>>>>>
>>>>> I know
>>>>
>>>>> that part is working because if I miss a required part (the timestamp,
>>>>>>
>>>>> for
>>>>
>>>>> example) in the header, CXF complains that not all of the required
>>>>>>
>>>>> parts have
>>>>
>>>>> been submitted. I guess this could be because of a signing issue,
>>>>>>
>>>>> although I'm
>>>>
>>>>> not sure.
>>>>>>
>>>>>> My reasons for building the service are because while there is a WSDL
>>>>>> definition for the service, there's no way to access the service
>>>>>>
>>>>> itself. I know
>>>>
>>>>> exactly how the service is supposed to react to various inputs so I'm
>>>>>>
>>>>> trying to
>>>>
>>>>> build the same web service. It's for a health insurance card
>>>>>>
>>>>> validation service
>>>>
>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>>
>>>>>> Thanks.
>>>>>> Jen
>>>>>>
>>>>>> ---------------------
>>>>>> HCValidationService.wsdl
>>>>>>
>>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>>> name="HCValidationService"
>>>>>> targetNamespace="http://hcv.**health.ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns="http://schemas.xmlsoap.**org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>> "
>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>> "
>>>>>> xmlns:sp="http://docs.oasis-**open.org/ws-sx/ws-**
>>>>>> securitypolicy/200512<http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512>
>>>>>> "
>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>> "
>>>>>> xmlns:wsdlsoap="http://**schemas.xmlsoap.org/wsdl/soap/<http://schemas.xmlsoap.org/wsdl/soap/>
>>>>>> **"
>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>> "
>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> "
>>>>>> xmlns:xsd="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>> ">
>>>>>>
>>>>>> <types>
>>>>>> <xsd:schema>
>>>>>> <xsd:import
>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "
>>>>>> schemaLocation="EBSFault_**schema.xsd"/>
>>>>>> <xsd:import
>>>>>> namespace="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> "
>>>>>> schemaLocation="**HCValidationService_schema.**xsd"/>
>>>>>> <xsd:import
>>>>>> namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "
>>>>>> schemaLocation="EBS_schema.**xsd"/>
>>>>>> <xsd:import
>>>>>> namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> schemaLocation="MSA_schema.**xsd"/>
>>>>>> <xsd:import
>>>>>> namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> schemaLocation="IDP_schema.**xsd"/>
>>>>>> </xsd:schema>
>>>>>> </types>
>>>>>>
>>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>>> <wsp:ExactlyOne>
>>>>>> <wsp:All>
>>>>>> <wsp:All>
>>>>>> <sp:SignedSupportingTokens>
>>>>>> <sp:UsernameToken>
>>>>>> <wsp:Policy>
>>>>>> <wsp:All>
>>>>>>
>>>>>> <sp:NoPassword/>
>>>>>>
>>>>>> <sp:WssUsernameToken10/>
>>>>>> </wsp:All>
>>>>>> </wsp:Policy>
>>>>>> </sp:UsernameToken>
>>>>>> </sp:SignedSupportingTokens>
>>>>>> </wsp:All>
>>>>>> <wsp:ExactlyOne>
>>>>>> <wsp:All>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header Name="EBS"
>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header Name="MSA"
>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="AuditId"
>>>>>> Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header Name="UserID"
>>>>>> Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> </wsp:All>
>>>>>> </wsp:ExactlyOne>
>>>>>> <wsp:ExactlyOne>
>>>>>> <wsp:All>
>>>>>> <sp:SignedParts>
>>>>>> <sp:Header Name="EBS"
>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> <sp:Header Name="MSA"
>>>>>> Namespace="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> <sp:Header
>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> "/>
>>>>>> <sp:Header
>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>> "/>
>>>>>> <sp:Body/>
>>>>>> </sp:SignedParts>
>>>>>> </wsp:All>
>>>>>> </wsp:ExactlyOne>
>>>>>> </wsp:All>
>>>>>> <wsp:All>
>>>>>> <wsp:All>
>>>>>> <sp:SignedSupportingTokens>
>>>>>> <sp:UsernameToken>
>>>>>> <wsp:Policy>
>>>>>> <wsp:All>
>>>>>>
>>>>>> <sp:WssUsernameToken10/>
>>>>>> </wsp:All>
>>>>>> </wsp:Policy>
>>>>>> </sp:UsernameToken>
>>>>>> </sp:SignedSupportingTokens>
>>>>>> </wsp:All>
>>>>>> <wsp:ExactlyOne>
>>>>>> <wsp:All>
>>>>>> <sp:SignedParts>
>>>>>> <sp:Header Name="EBS"
>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> <sp:Header Name="IDP"
>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> <sp:Header Name="Timestamp"
>>>>>> Namespace="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401-wss-<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss->
>>>>>> wssecurity-utility-1.0.xsd"/>
>>>>>> <sp:Header
>>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>> "/>
>>>>>> <sp:Body/>
>>>>>> </sp:SignedParts>
>>>>>> </wsp:All>
>>>>>> </wsp:ExactlyOne>
>>>>>>
>>>>>> <wsp:ExactlyOne>
>>>>>> <wsp:All>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header Name="EBS"
>>>>>> Namespace="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header Name="IDP"
>>>>>> Namespace="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="AuditId"
>>>>>> Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>>> </sp:RequiredParts>
>>>>>> <sp:RequiredParts>
>>>>>> <sp:Header
>>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> "/>
>>>>>> </sp:RequiredParts>
>>>>>> </wsp:All>
>>>>>> </wsp:ExactlyOne>
>>>>>> </wsp:All>
>>>>>> </wsp:ExactlyOne>
>>>>>> </wsp:Policy>
>>>>>>
>>>>>> <wsdl:message name="EBSHeader">
>>>>>> <wsdl:part element="ebs:EBS"
>>>>>> name="ebsrequest_header"/>
>>>>>> </wsdl:message>
>>>>>> <wsdl:message name="MSAHeader">
>>>>>> <wsdl:part element="msa:MSA"
>>>>>> name="msarequest_header"/>
>>>>>> </wsdl:message>
>>>>>> <wsdl:message name="IDPHeader">
>>>>>> <wsdl:part element="idp:IDP"
>>>>>> name="idprequest_header"/>
>>>>>> </wsdl:message>
>>>>>>
>>>>>> <message name="validate">
>>>>>> <wsdl:part element="hcv:validate" name="parameters"/>
>>>>>> </message>
>>>>>>
>>>>>> <message name="validateResponse">
>>>>>> <part element="hcv:validateResponse"
>>>>>> name="parameters"/>
>>>>>> </message>
>>>>>>
>>>>>> <message name="faultexception">
>>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>>> </message>
>>>>>>
>>>>>> <portType name="HCValidation">
>>>>>> <operation name="validate">
>>>>>> <input message="hcv:validate"/>
>>>>>> <output message="hcv:validateResponse"**/>
>>>>>> <fault message="hcv:faultexception"
>>>>>> name="FaultException"/>
>>>>>> </operation>
>>>>>> </portType>
>>>>>>
>>>>>> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
>>>>>> <soap:binding style="document"
>>>>>> transport="http://schemas.**xmlsoap.org/soap/http<http://schemas.xmlsoap.org/soap/http>
>>>>>> "/>
>>>>>>
>>>>>> <operation name="validate">
>>>>>> <soap:operation soapAction=""/>
>>>>>> <input>
>>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>>> <wsdlsoap:header
>>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>>> <wsdlsoap:header
>>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>>> <wsdlsoap:header
>>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>>> <wsdlsoap:body parts="parameters"
>>>>>> use="literal"/>
>>>>>> </input>
>>>>>> <output>
>>>>>> <soap:body use="literal"/>
>>>>>> </output>
>>>>>> <fault name="FaultException">
>>>>>> <soap:fault name="FaultException"
>>>>>> use="literal"/>
>>>>>> </fault>
>>>>>> </operation>
>>>>>> </binding>
>>>>>>
>>>>>> <service name="HCValidationService">
>>>>>> <port binding="hcv:**HCValidationPortBinding"
>>>>>> name="HCValidationPort">
>>>>>> <soap:address
>>>>>> location="
>>>>>>
>>>>> https://ws.ebs.health.gov.on.**ca:1440/HCVService/**HCValidationSe<https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe>
>>>>
>>>>> rvice"/>
>>>>>> </port>
>>>>>> </service>
>>>>>> </definitions>
>>>>>>
>>>>>> ---------------------
>>>>>> Sample Request (provided by author of WSDL)
>>>>>>
>>>>>> <soapenv:Envelope xmlns:soap-
>>>>>> sec="http://schemas.xmlsoap.**org/security/2000-12<http://schemas.xmlsoap.org/security/2000-12>
>>>>>> "
>>>>>> xmlns:wsse="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>>> xmlns:xsi="http://www.w3.org/**2001/XMLSchema-instance<http://www.w3.org/2001/XMLSchema-instance>
>>>>>> "
>>>>>> xmlns:sp="http://schemas.**xmlsoap.org/ws/2005/07/**securitypolicy<http://schemas.xmlsoap.org/ws/2005/07/securitypolicy>
>>>>>> "
>>>>>> xmlns:SOAP-ENV="http://**schemas.xmlsoap.org/soap/**envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>> "
>>>>>> xmlns:xs="http://www.w3.org/**2001/XMLSchema<http://www.w3.org/2001/XMLSchema>
>>>>>> "
>>>>>> xmlns:tns="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:wsu="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>> wss-wssecurity-utility-1.0.**xsd"
>>>>>> xmlns:ebs="http://ebs.health.**ontario.ca/security/2012-03<http://ebs.health.ontario.ca/security/2012-03>
>>>>>> "
>>>>>> xmlns:wsdl="http://schemas.**xmlsoap.org/wsdl/<http://schemas.xmlsoap.org/wsdl/>
>>>>>> "
>>>>>> xmlns:wsp="http://schemas.**xmlsoap.org/ws/2004/09/policy<http://schemas.xmlsoap.org/ws/2004/09/policy>
>>>>>> "
>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>> ">
>>>>>> <soapenv:Header>
>>>>>> <ns2:EBS wsu:Id="id-1"
>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> ">
>>>>>> <SoftwareConformanceKey>**444561ee-277f-77b2-
>>>>>> c664-7a9923jfgh1b
>>>>>> </SoftwareConformanceKey>
>>>>>> <AuditId>73b7051e-6126-4b41-**9ae0-
>>>>>> 21b707ca8a53</AuditId>
>>>>>> </ns2:EBS>
>>>>>> <ns2:IDP wsu:Id="id-2"
>>>>>> xmlns:ns2="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> ">
>>>>>> <ServiceUserMUID>4523394</**ServiceUserMUID>
>>>>>> </ns2:IDP>
>>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>>> <wsu:Created>2012-06-
>>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>>> <wsu:Expires>2012-06-
>>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>>> </wsu:Timestamp>
>>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>>
>>>>>>
>>>>>> <wsse:Username>JOHNDOE@YAHOO.**CA <JO...@YAHOO.CA>
>>>>>> </wsse:Username>
>>>>>> <wsse:Password
>>>>>> Type="wsse:PasswordText">**Password</wsse:Password>
>>>>>> </wsse:UsernameToken>
>>>>>> <wsse:BinarySecurityToken
>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>> 1.0#Base64Binary"
>>>>>> ValueType="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>> "
>>>>>> wsu:Id="X509-
>>>>>> 02F859690D5C74E209134021512282**11">
>>>>>>
>>>>>> MIICMzCCAZygAwIBAgIET1e+**dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT2**50YXJpbzENMAsGA1UEChMET0hJ
>>>>>>
>>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW**9uMRcwFQYDVQQDEw
>>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAz**MDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>>> wNTJaM
>>>>>>
>>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQ**IEwdPbnRhcmlvMQ0wCwY
>>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZ**Wdpc3RyYXRpb24xFzAVBgNVBAM
>>>>>> TDj
>>>>>>
>>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqG**SIb3DQEBAQUAA4GNADCBi
>>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+**QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH**4
>>>>>>
>>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+**GDKOLlLZRfSy0cB8IcpXonAuGqMzhC**o
>>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpT**yZdpYDi92up5E+FYL3jEe
>>>>>>
>>>>>> jhp+**1iDFJQIDAQABMA0GCSqGSIb3DQEBBQ**UAA4GBAHn8VZS169BJ
>>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dE**icv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>>
>>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0**gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06E**rRa/51szOFFxWrB
>>>>>> </wsse:BinarySecurityToken>
>>>>>> <ds:Signature Id="SIG-6"
>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>> ">
>>>>>> <ds:SignedInfo>
>>>>>> <ds:CanonicalizationMethod
>>>>>>
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-
>>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:CanonicalizationMethod>
>>>>>> <ds:SignatureMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>> />
>>>>>> <ds:Reference URI="#id-1">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>> wsu xs xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>**gpejbitTQxuMOhUirdbGNtHjsGhAAr**hAp3ByFuG9c
>>>>>> Hs=
>>>>>> </ds:DigestValue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-2">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>> wsu xs xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>ZWKvgN+**eB0NFmQHPGYN5RoSZzbuboqKLzLcV6**PE
>>>>>> Oz3E=
>>>>>> </ds:DigestValue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-3">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>>> xs
>>>>>> xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>1AvUG2EE6+**bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>>> GGE=
>>>>>> </ds:DigestValue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-4">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
>>>>>> xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>>
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>Lw6C0//**TpU0uuta+**9pjDPfD0aOokdgbVOEM9eaWc
>>>>>> Gjo=
>>>>>> </ds:DigestValue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-5">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces
>>>>>>
>>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs
>>>>>> xsi"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2001/04/xmlenc#sha256<http://www.w3.org/2001/04/xmlenc#sha256>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>**lGKOfXxmbsLds9+**tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>>> 9Y=
>>>>>> </ds:DigestValue>
>>>>>> </ds:Reference>
>>>>>> </ds:SignedInfo>
>>>>>> <ds:SignatureValue>
>>>>>>
>>>>>> Yn5iRnjs/T2+**nNgW8pArIgqc445RwL2wYPHZaydVJk**0oUXV5B4nzU4fg
>>>>>> X/**sQTcY0O5vuReP8th4QZoGG6tSnxuBf**qiDd2rkRZDrdgotJT++W
>>>>>>
>>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3Q**DuMWr5PSlm1RWbkA3W5B4Y
>>>>>> LaD+S/j3QKc=
>>>>>> </ds:SignatureValue>
>>>>>> <ds:KeyInfo Id="KI-
>>>>>> 02F859690D5C74E209134021512283**12">
>>>>>> <wsse:SecurityTokenReference
>>>>>> wsu:Id="STR-**02F859690D5C74E209134021512284**13">
>>>>>> <wsse:Reference
>>>>>> URI="#X509-**02F859690D5C74E209134021512282**11"
>>>>>>
>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>> </wsse:SecurityTokenReference>
>>>>>> </ds:KeyInfo>
>>>>>> </ds:Signature>
>>>>>> </wsse:Security>
>>>>>> </soapenv:Header>
>>>>>> <soapenv:Body wsu:Id="id-5">
>>>>>> <ns5:validate xmlns:ns4="
>>>>>>
>>>>> http://msa.ebs.health.ontario.**ca/<http://msa.ebs.health.ontario.ca/>
>>>> "
>>>>
>>>>> xmlns:ns3="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:ns2="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:ns5="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> ">
>>>>>> <requests>
>>>>>> <hcvRequest>
>>>>>>
>>>>>> <healthNumber>2222211122</**healthNumber>
>>>>>> <versionCode>WW</versionCode>
>>>>>> </hcvRequest>
>>>>>> </requests>
>>>>>> <locale>en</locale>
>>>>>> </ns5:validate>
>>>>>> </soapenv:Body>
>>>>>> </soapenv:Envelope>
>>>>>>
>>>>>> -------------------
>>>>>> Sample Request (Built via SoapUI)
>>>>>>
>>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.**ontario.ca/<http://ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:hcv="http://hcv.health.**ontario.ca/<http://hcv.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:idp="http://idp.ebs.**health.ontario.ca/<http://idp.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:msa="http://msa.ebs.**health.ontario.ca/<http://msa.ebs.health.ontario.ca/>
>>>>>> "
>>>>>> xmlns:soapenv="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>> ">
>>>>>> <soapenv:Header>
>>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>>> xmlns:wsse="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>
>>>>>> "
>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> ">
>>>>>> <wsse:BinarySecurityToken
>>>>>> EncodingType="http://docs.**oasis-<http://docs.oasis->
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-soap-message-**security-<http://open.org/wss/2004/01/oasis-200401-wss-soap-message-security->
>>>>>> 1.0#Base64Binary"
>>>>>> ValueType="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-x509-token-profile-**
>>>>>> 1.0#X509v3<http://open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3>
>>>>>> "
>>>>>> wsu:Id="X509-
>>>>>> 9346053A98F2390F1A137460706920**025">
>>>>>>
>>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQ**EBBQUAMIGbMQswCQYDVQ
>>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJp**bzEQMA4G
>>>>>>
>>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECg**wISW5kaXZpY2ExFDASBgN
>>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDV**QQDDA9J
>>>>>>
>>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhk**iG9w0BCQEWFmVicy1hZG1pbk
>>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5**MTc0
>>>>>>
>>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQ**swCQYDVQQGEwJDQTEQ
>>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1**UEBxMHVG9y
>>>>>>
>>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2**ExFDASBgNVBAsTC0RldmVsb
>>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdml**jYSBF
>>>>>>
>>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w**0BAQEFAAOCAQ8AMIIBCgKCA
>>>>>> QEAu7/+**bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>>
>>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+**r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>>> WPPVMKpermHxniN+**kqjWiGDm10xVMph
>>>>>>
>>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/**1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>>
>>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT**4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGL**KfEE
>>>>>>
>>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4f**jouqkHHVMMiUvYgQIDAQA
>>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b**5yRECQU
>>>>>>
>>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56**TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+**FHb6
>>>>>>
>>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u**8cRtfPXXX+baL2NThYjMoNVFIt
>>>>>> OM0XL3xwzblWi++B
>>>>>> </wsse:BinarySecurityToken>
>>>>>> <ds:Signature Id="SIG-30"
>>>>>> xmlns:ds="http://www.w3.org/**2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig#>
>>>>>> ">
>>>>>> <ds:SignedInfo>
>>>>>> <ds:CanonicalizationMethod
>>>>>>
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>> <ec:InclusiveNamespaces
>>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:CanonicalizationMethod>
>>>>>> <ds:SignatureMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#rsa-sha1<http://www.w3.org/2000/09/xmldsig#rsa-sha1>"
>>>>>> />
>>>>>> <ds:Reference URI="#id-7">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>+sN2C+**GPI6Un7tmdzecuWW4obI8=</ds:**DigestVal
>>>>>> ue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-8">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>cStXQ+**Qf4MYZw7oZh3EwQnCO9kE=</ds:**DigestVal
>>>>>> ue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#TS-29">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa
>>>>>> soapenv"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>**7DpbdobjdxkQ3RGXjPQmx5EpCdU=</**ds:DigestVal
>>>>>> ue>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference
>>>>>> URI="#UsernameToken-28">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>**0CNaWbdkV2dE7Jm5oh15ztwUcaI=</**ds:DigestValu
>>>>>> e>
>>>>>> </ds:Reference>
>>>>>> <ds:Reference URI="#id-12">
>>>>>> <ds:Transforms>
>>>>>> <ds:Transform
>>>>>> Algorithm="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>
>>>>>> ">
>>>>>>
>>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>>
>>>>>> xmlns:ec="http://www.w3.org/**2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n#>"
>>>>>> />
>>>>>> </ds:Transform>
>>>>>> </ds:Transforms>
>>>>>> <ds:DigestMethod
>>>>>> Algorithm="http://www.w3.org/**2000/09/xmldsig#sha1<http://www.w3.org/2000/09/xmldsig#sha1>"
>>>>>> />
>>>>>>
>>>>>> <ds:DigestValue>**XoOxXE6R7JA29rMYCHf/X0II180=</**
>>>>>> ds:DigestValue
>>>>>> </ds:Reference>
>>>>>> </ds:SignedInfo>
>>>>>>
>>>>>> <ds:SignatureValue>**YQy9wqYYVw1x0CZcg6b2W0uO3g3Fur**UZ51zrXi3
>>>>>> jRMFGgCVGUwfu3W/**tDOAKB2IXHvIgFl7JWmzd
>>>>>>
>>>>>> lkh7O2u6ieACF5tGD32aSXvv6/**k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>>
>>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pO**RWOWvPhmHbT63b1BgFfLla
>>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>>
>>>>>> gANhvGvpNi2ALThvsPu+**pXKCx1c4Ng18PGpUEVmOdJOkZhiifR**336idp
>>>>>> 09lp8XaI+NzwENvdBskb
>>>>>>
>>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP**4wydOh8w==
>>>>>> </ds:SignatureValue>
>>>>>> <ds:KeyInfo Id="KI-
>>>>>> 9346053A98F2390F1A137460706920**026">
>>>>>> <wsse:SecurityTokenReference
>>>>>> wsu:Id="STR-
>>>>>> 9346053A98F2390F1A137460706920**027">
>>>>>> <wsse:Reference
>>>>>> URI="#X509-**9346053A98F2390F1A137460706920**025"
>>>>>>
>>>>>> ValueType="http://docs.oasis-**open.org/wss/2004/01/oasis-**
>>>>>> 200401- <http://docs.oasis-open.org/wss/2004/01/oasis-200401->
>>>>>> wss-x509-token-profile-1.0#**X509v3" />
>>>>>> </wsse:SecurityTokenReference>
>>>>>> </ds:KeyInfo>
>>>>>> </ds:Signature>
>>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>>> <wsu:Created>2013-07-
>>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>>> <wsu:Expires>2013-07-
>>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>>> </wsu:Timestamp>
>>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>>> 28">
>>>>>> <wsse:Username>abc</wsse:**Username>
>>>>>> <wsse:Password
>>>>>> Type="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-username-token-**profile-<http://open.org/wss/2004/01/oasis-200401-wss-username-token-profile->
>>>>>> 1.0#PasswordText">defg</wsse:**Password>
>>>>>> </wsse:UsernameToken>
>>>>>> </wsse:Security>
>>>>>> <idp:IDP wsu:Id="id-8"
>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> ">
>>>>>> <ServiceUserMUID>12345</**ServiceUserMUID>
>>>>>> </idp:IDP>
>>>>>> <ebs:EBS wsu:Id="id-7"
>>>>>> xmlns:wsu="http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-utility-**1.0.xsd<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>
>>>>>> ">
>>>>>>
>>>>>> <SoftwareConformanceKey>12345<**/SoftwareConformanceKey>
>>>>>> <AuditId>12345</AuditId>
>>>>>> </ebs:EBS>
>>>>>> </soapenv:Header>
>>>>>> <soapenv:Body wsu:Id="id-12"
>>>>>> xmlns:wsu="http://docs.oasis-**
>>>>>> open.org/wss/2004/01/oasis-<http://docs.oasis-open.org/wss/2004/01/oasis->
>>>>>> 200401-wss-wssecurity-utility-**1.0.xsd">
>>>>>> <hcv:validate>
>>>>>> <requests>
>>>>>> <hcvRequest>
>>>>>>
>>>>>> <healthNumber>9876543217</**healthNumber>
>>>>>> <versionCode>AB</versionCode>
>>>>>> </hcvRequest>
>>>>>> </requests>
>>>>>> </hcv:validate>
>>>>>> </soapenv:Body>
>>>>>> </soapenv:Envelope>
>>>>>>
>>>>>>
>>>>>> -----------------------
>>>>>> Response (In either case):
>>>>>>
>>>>>> <soap:Envelope
>>>>>> xmlns:soap="http://schemas.**xmlsoap.org/soap/envelope/<http://schemas.xmlsoap.org/soap/envelope/>
>>>>>> ">
>>>>>> <soap:Body>
>>>>>> <soap:Fault>
>>>>>> <faultcode>soap:**MustUnderstand</faultcode>
>>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>>>>>> open.org/wss/2004/01/oasis-**200401-wss-wssecurity-secext-<http://open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext->
>>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>>> </soap:Fault>
>>>>>> </soap:Body>
>>>>>> </soap:Envelope>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>>>>>>
>>>>> wrote:
>>>>
>>>>> Hi,
>>>>>>>
>>>>>>> It seems that your service doesn't use the same WS-Policy as client,
>>>>>>>
>>>>>> therefore appropriate interceptors are not activated on the service
>>>>>>
>>>>> side.
>>>>
>>>>> Could you double check that?
>>>>>>>
>>>>>>> Exact request and response will be also useful for further analyse.
>>>>>>>
>>>>>>> Regards,
>>>>>>> Andrei.
>>>>>>>
>>>>>>> -----Original Message-----
>>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>>> To: users@cxf.apache.org
>>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>>
>>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>>> WSDL-first service via Eclipse.
>>>>>>>>
>>>>>>>> I created a project from a WSDL file (I didn't create it) with the
>>>>>>>> intention of implementing the service that it describes. The WSDL
>>>>>>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
>>>>>>>> sample request that includes all of those components in the
>>>>>>>> WS-Security header I get a "must understand header is not
>>>>>>>> understood"
>>>>>>>> message, regarding the WS-Security header.
>>>>>>>>
>>>>>>>> I've read on the documentation of CXF that additional dependencies
>>>>>>>> must be included in the classpath to have WS-SecurityPolicy work,
>>>>>>>> but
>>>>>>>> I've used Eclipse's deployment method and given it the entire CXF
>>>>>>>> ZIP
>>>>>>>> file as downloaded from the project website as the CXF Runtime. Is
>>>>>>>> there anything that I'm missing? Or is there a better way for me to
>>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>>
>>>>>>>> Thanks for any help.
>>>>>>>> Jen
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Hi,
Thanks for your message. The WSDL file clearly contains a number of
errors and so I'm happy to change it. The owners of the service will
have to adjust it anyway. What should I change the namespaces to?
Thanks again
Jen
On 2013/07/26 23:16, Jason Pell wrote:
> https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
>
> This test case reproduces your issue I think. Changing the namespaces of
> the policy file will actually fix this, but probably not an option for you.
>
> public void testOldWspSpClient() throws Exception {
> ClassPathXmlApplicationContext clientContext = TestUtils.getContext(
> "/META-INF/oldWspSpClientContext.xml");
>
> OldSpWspSimpleService simpleService = clientContext.getBean(
> "OldSpWspSimpleServiceClient",
> OldSpWspSimpleService.class);
>
> WSS4JOutInterceptor wssOut = TestUtils.getWssOutInterceptor(
> simpleService);
> TestUtils.setPasswordProperties(wssOut, "alice", "password");
>
> try {
> simpleService.ping();
> } catch (SOAPFaultException e) {
> assertTrue(e.getMessage().contains("MustUnderstand"));
> }
> }
>
>
>
>
>
> On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> wrote:
>
>> Hi,
>>
>> I changed over my java first samples to use your namespaces, and I also
>> got the Must understand error.
>>
>> Since I can reproduce it, i will have a bit of a hunt around to see what
>> the problem is.
>>
>>
>> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <je...@indivica.com>wrote:
>>
>>> Hi,
>>>
>>> Thanks for your help.
>>>
>>> The project path did not export the appropriate jars to the WEB-INF/lib
>>> directory when being built, so I added them to the deployment assembly step
>>> in eclipse. I added all the dependencies as well.
>>>
>>> Unfortunately, I was still getting the same "mustunderstand headers are
>>> not understood" error message. But there's more. I'm also getting a strange
>>> message when Tomcat is deploying the application, from CXF:
>>> Jul 26, 2013 1:23:24 PM
>>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>>> handleNoRegisteredBuilder
>>> WARNING: No assertion builder for type {
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedSupportingTokensregistered.
>>> Jul 26, 2013 1:23:24 PM
>>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>>> handleNoRegisteredBuilder
>>> WARNING: No assertion builder for type {
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}RequiredPartsregistered.
>>> Jul 26, 2013 1:23:24 PM
>>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>>> handleNoRegisteredBuilder
>>> WARNING: No assertion builder for type {
>>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedPartsregistered.
>>>
>>> I thought that was weird because in all the examples I've seen the sp
>>> namespace is http://schemas.xmlsoap.org/ws/2005/07/securitypolicy. So I
>>> made the change in the WSDL and I got the following message upon restarting
>>> the server:
>>> Jul 26, 2013 1:25:16 PM
>>> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
>>> getElementPolicy
>>> WARNING: Failed to build the policy 'request-policy':{
>>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
>>> not a <wsp:Policy> element.
>>>
>>> The namespace for wsp is http://schemas.xmlsoap.org/ws/2004/09/policy,
>>> and I'm pretty sure that's correct. Although I feel like I'm pretty close,
>>> I'm lost at this point. Do you happen to have any further suggestions?
>>>
>>> Thanks
>>> Jen
>>>
>>>
>>>
>>>
>>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> "mustunderstand header is not understood" error is thrown by CXF
>>> MustUnderstandInterceptor.
>>>> MustUnderstandInterceptor checks if must understand headers in SOAP
>>> message can be processed by at least one CXF interceptor in chain.
>>>> For that CXF interceptors provide getUnderstoodHeaders() method to say
>>> which headers they are able to proceed.
>>>> Security headers can be processed either by AbstractTokenInterceptor
>>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>>>> (extended by PolicyBasedWSS4JInInterceptor.java,
>>> WSS4JInInterceptor.java).
>>>> In your case no any from these interceptors is in chain on the service
>>> side.
>>>> That could happens because:
>>>> a) service uses other ws-policy (or nor policy) that doesn't activate
>>> that interceptors
>>>> b) service uses no ws-policy way and not configured with security
>>> interceptor
>>>> c) appropriate CXF jars are not available:
>>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>>>> Can you please check how your service is configured?
>>>>
>>>> Regards,
>>>> Andrei.
>>>>
>>>>
>>>>> -----Original Message-----
>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>> Sent: Mittwoch, 24. Juli 2013 17:43
>>>>> To: users@cxf.apache.org
>>>>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>>>>
>>>>> Hi,
>>>>>
>>>>> Thanks for the reply. That's what I was thinking. There may be an
>>> issue with
>>>>> the WSDL file itself.
>>>>>
>>>>> My request matches the example provided by the author of the WSDL file,
>>>>> but neither of them work. They both cause the same "mustunderstand
>>>>> header is not understood" error.
>>>>> Disabling the security policy allows the request to complete properly.
>>>>>
>>>>> CXF is configured to read the security policy from the WSDL file, and
>>> I know
>>>>> that part is working because if I miss a required part (the timestamp,
>>> for
>>>>> example) in the header, CXF complains that not all of the required
>>> parts have
>>>>> been submitted. I guess this could be because of a signing issue,
>>> although I'm
>>>>> not sure.
>>>>>
>>>>> My reasons for building the service are because while there is a WSDL
>>>>> definition for the service, there's no way to access the service
>>> itself. I know
>>>>> exactly how the service is supposed to react to various inputs so I'm
>>> trying to
>>>>> build the same web service. It's for a health insurance card
>>> validation service
>>>>> in Ontario, Canada, and the service is provided by the government.
>>>>>
>>>>> Thanks.
>>>>> Jen
>>>>>
>>>>> ---------------------
>>>>> HCValidationService.wsdl
>>>>>
>>>>> <?xml version="1.0" encoding="UTF-8"?><definitions
>>>>> name="HCValidationService"
>>>>> targetNamespace="http://hcv.health.ontario.ca/"
>>>>> xmlns="http://schemas.xmlsoap.org/wsdl/"
>>>>> xmlns:ebs="http://ebs.health.ontario.ca/"
>>>>> xmlns:hcv="http://hcv.health.ontario.ca/"
>>>>> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>>>>> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>>>>> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>>>>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
>>>>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>>>>> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>>>>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>>>> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
>>>>>
>>>>> <types>
>>>>> <xsd:schema>
>>>>> <xsd:import
>>>>> namespace="http://ebs.health.ontario.ca/"
>>>>> schemaLocation="EBSFault_schema.xsd"/>
>>>>> <xsd:import
>>>>> namespace="http://hcv.health.ontario.ca/"
>>>>> schemaLocation="HCValidationService_schema.xsd"/>
>>>>> <xsd:import
>>>>> namespace="http://ebs.health.ontario.ca/"
>>>>> schemaLocation="EBS_schema.xsd"/>
>>>>> <xsd:import
>>>>> namespace="http://msa.ebs.health.ontario.ca/"
>>>>> schemaLocation="MSA_schema.xsd"/>
>>>>> <xsd:import
>>>>> namespace="http://idp.ebs.health.ontario.ca/"
>>>>> schemaLocation="IDP_schema.xsd"/>
>>>>> </xsd:schema>
>>>>> </types>
>>>>>
>>>>> <wsp:Policy wsu:Id="request-policy">
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <wsp:All>
>>>>> <sp:SignedSupportingTokens>
>>>>> <sp:UsernameToken>
>>>>> <wsp:Policy>
>>>>> <wsp:All>
>>>>>
>>>>> <sp:NoPassword/>
>>>>>
>>>>> <sp:WssUsernameToken10/>
>>>>> </wsp:All>
>>>>> </wsp:Policy>
>>>>> </sp:UsernameToken>
>>>>> </sp:SignedSupportingTokens>
>>>>> </wsp:All>
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="EBS"
>>>>> Namespace="http://ebs.health.ontario.ca/"/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="MSA"
>>>>> Namespace="http://msa.ebs.health.ontario.ca/"/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="AuditId"
>>>>> Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="UserID"
>>>>> Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>>>>> </sp:RequiredParts>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <sp:SignedParts>
>>>>> <sp:Header Name="EBS"
>>>>> Namespace="http://ebs.health.ontario.ca/"/>
>>>>> <sp:Header Name="MSA"
>>>>> Namespace="http://msa.ebs.health.ontario.ca/"/>
>>>>> <sp:Header
>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>>>>> <sp:Header
>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>>>>> <sp:Body/>
>>>>> </sp:SignedParts>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>> </wsp:All>
>>>>> <wsp:All>
>>>>> <wsp:All>
>>>>> <sp:SignedSupportingTokens>
>>>>> <sp:UsernameToken>
>>>>> <wsp:Policy>
>>>>> <wsp:All>
>>>>>
>>>>> <sp:WssUsernameToken10/>
>>>>> </wsp:All>
>>>>> </wsp:Policy>
>>>>> </sp:UsernameToken>
>>>>> </sp:SignedSupportingTokens>
>>>>> </wsp:All>
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <sp:SignedParts>
>>>>> <sp:Header Name="EBS"
>>>>> Namespace="http://ebs.health.ontario.ca/"/>
>>>>> <sp:Header Name="IDP"
>>>>> Namespace="http://idp.ebs.health.ontario.ca/"/>
>>>>> <sp:Header Name="Timestamp"
>>>>> Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>>>>> wssecurity-utility-1.0.xsd"/>
>>>>> <sp:Header
>>>>> Name="UsernameToken" Namespace="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>>>>> <sp:Body/>
>>>>> </sp:SignedParts>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>>
>>>>> <wsp:ExactlyOne>
>>>>> <wsp:All>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="EBS"
>>>>> Namespace="http://ebs.health.ontario.ca/"/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="IDP"
>>>>> Namespace="http://idp.ebs.health.ontario.ca/"/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="SoftwareConformanceKey" Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header Name="AuditId"
>>>>> Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="ServiceUserMUID" Namespace=""/>
>>>>> </sp:RequiredParts>
>>>>> <sp:RequiredParts>
>>>>> <sp:Header
>>>>> Name="Timestamp" Namespace="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>>>>> </sp:RequiredParts>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>> </wsp:All>
>>>>> </wsp:ExactlyOne>
>>>>> </wsp:Policy>
>>>>>
>>>>> <wsdl:message name="EBSHeader">
>>>>> <wsdl:part element="ebs:EBS"
>>>>> name="ebsrequest_header"/>
>>>>> </wsdl:message>
>>>>> <wsdl:message name="MSAHeader">
>>>>> <wsdl:part element="msa:MSA"
>>>>> name="msarequest_header"/>
>>>>> </wsdl:message>
>>>>> <wsdl:message name="IDPHeader">
>>>>> <wsdl:part element="idp:IDP"
>>>>> name="idprequest_header"/>
>>>>> </wsdl:message>
>>>>>
>>>>> <message name="validate">
>>>>> <wsdl:part element="hcv:validate" name="parameters"/>
>>>>> </message>
>>>>>
>>>>> <message name="validateResponse">
>>>>> <part element="hcv:validateResponse"
>>>>> name="parameters"/>
>>>>> </message>
>>>>>
>>>>> <message name="faultexception">
>>>>> <part element="ebs:EBSFault" name="Fault"/>
>>>>> </message>
>>>>>
>>>>> <portType name="HCValidation">
>>>>> <operation name="validate">
>>>>> <input message="hcv:validate"/>
>>>>> <output message="hcv:validateResponse"/>
>>>>> <fault message="hcv:faultexception"
>>>>> name="FaultException"/>
>>>>> </operation>
>>>>> </portType>
>>>>>
>>>>> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
>>>>> <soap:binding style="document"
>>>>> transport="http://schemas.xmlsoap.org/soap/http"/>
>>>>>
>>>>> <operation name="validate">
>>>>> <soap:operation soapAction=""/>
>>>>> <input>
>>>>> <wsp:PolicyReference URI="#request-policy"/>
>>>>> <wsdlsoap:header
>>>>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>>>>> <wsdlsoap:header
>>>>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>>>>> <wsdlsoap:header
>>>>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>>>>> <wsdlsoap:body parts="parameters"
>>>>> use="literal"/>
>>>>> </input>
>>>>> <output>
>>>>> <soap:body use="literal"/>
>>>>> </output>
>>>>> <fault name="FaultException">
>>>>> <soap:fault name="FaultException"
>>>>> use="literal"/>
>>>>> </fault>
>>>>> </operation>
>>>>> </binding>
>>>>>
>>>>> <service name="HCValidationService">
>>>>> <port binding="hcv:HCValidationPortBinding"
>>>>> name="HCValidationPort">
>>>>> <soap:address
>>>>> location="
>>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe
>>>>> rvice"/>
>>>>> </port>
>>>>> </service>
>>>>> </definitions>
>>>>>
>>>>> ---------------------
>>>>> Sample Request (provided by author of WSDL)
>>>>>
>>>>> <soapenv:Envelope xmlns:soap-
>>>>> sec="http://schemas.xmlsoap.org/security/2000-12"
>>>>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>>>>> wss-wssecurity-secext-1.0.xsd"
>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>>>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>>>>> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
>>>>> xmlns:xs="http://www.w3.org/2001/XMLSchema"
>>>>> xmlns:tns="http://hcv.health.ontario.ca/"
>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>>>>> wss-wssecurity-utility-1.0.xsd"
>>>>> xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03"
>>>>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>>>> <soapenv:Header>
>>>>> <ns2:EBS wsu:Id="id-1"
>>>>> xmlns:ns2="http://ebs.health.ontario.ca/">
>>>>> <SoftwareConformanceKey>444561ee-277f-77b2-
>>>>> c664-7a9923jfgh1b
>>>>> </SoftwareConformanceKey>
>>>>> <AuditId>73b7051e-6126-4b41-9ae0-
>>>>> 21b707ca8a53</AuditId>
>>>>> </ns2:EBS>
>>>>> <ns2:IDP wsu:Id="id-2"
>>>>> xmlns:ns2="http://idp.ebs.health.ontario.ca/">
>>>>> <ServiceUserMUID>4523394</ServiceUserMUID>
>>>>> </ns2:IDP>
>>>>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>>>>> <wsu:Timestamp wsu:Id="id-3">
>>>>> <wsu:Created>2012-06-
>>>>> 20T17:58:42.580Z</wsu:Created>
>>>>> <wsu:Expires>2012-06-
>>>>> 20T17:59:12.580Z</wsu:Expires>
>>>>> </wsu:Timestamp>
>>>>> <wsse:UsernameToken wsu:Id="id-4">
>>>>>
>>>>>
>>>>> <wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
>>>>> <wsse:Password
>>>>> Type="wsse:PasswordText">Password</wsse:Password>
>>>>> </wsse:UsernameToken>
>>>>> <wsse:BinarySecurityToken
>>>>> EncodingType="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>>>>> 1.0#Base64Binary"
>>>>> ValueType="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>>>> wsu:Id="X509-
>>>>> 02F859690D5C74E20913402151228211">
>>>>>
>>>>> MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQsw
>>>>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
>>>>>
>>>>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw
>>>>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDA
>>>>> wNTJaM
>>>>>
>>>>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwY
>>>>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAM
>>>>> TDj
>>>>>
>>>>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi
>>>>> QKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
>>>>>
>>>>> fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCo
>>>>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
>>>>>
>>>>> jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJ
>>>>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
>>>>>
>>>>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>>>>> PcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
>>>>> </wsse:BinarySecurityToken>
>>>>> <ds:Signature Id="SIG-6"
>>>>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>>>>> <ds:SignedInfo>
>>>>> <ds:CanonicalizationMethod
>>>>>
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>> <ec:InclusiveNamespaces
>>>>> PrefixList="SOAP-
>>>>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:CanonicalizationMethod>
>>>>> <ds:SignatureMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>>>>> <ds:Reference URI="#id-1">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces
>>>>>
>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>> wsu xs xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>>>>
>>>>> <ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9c
>>>>> Hs=
>>>>> </ds:DigestValue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-2">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces
>>>>>
>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>>>>> wsu xs xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>>>>
>>>>> <ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PE
>>>>> Oz3E=
>>>>> </ds:DigestValue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-3">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces
>>>>>
>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs
>>>>> xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>>>>
>>>>> <ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQM
>>>>> GGE=
>>>>> </ds:DigestValue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-4">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces
>>>>>
>>>>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
>>>>> xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>>
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>>>>
>>>>> <ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWc
>>>>> Gjo=
>>>>> </ds:DigestValue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-5">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces
>>>>>
>>>>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>>>>
>>>>> <ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl
>>>>> 9Y=
>>>>> </ds:DigestValue>
>>>>> </ds:Reference>
>>>>> </ds:SignedInfo>
>>>>> <ds:SignatureValue>
>>>>>
>>>>> Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fg
>>>>> X/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
>>>>>
>>>>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4Y
>>>>> LaD+S/j3QKc=
>>>>> </ds:SignatureValue>
>>>>> <ds:KeyInfo Id="KI-
>>>>> 02F859690D5C74E20913402151228312">
>>>>> <wsse:SecurityTokenReference
>>>>> wsu:Id="STR-02F859690D5C74E20913402151228413">
>>>>> <wsse:Reference
>>>>> URI="#X509-02F859690D5C74E20913402151228211"
>>>>>
>>>>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>>>>> wss-x509-token-profile-1.0#X509v3" />
>>>>> </wsse:SecurityTokenReference>
>>>>> </ds:KeyInfo>
>>>>> </ds:Signature>
>>>>> </wsse:Security>
>>>>> </soapenv:Header>
>>>>> <soapenv:Body wsu:Id="id-5">
>>>>> <ns5:validate xmlns:ns4="
>>> http://msa.ebs.health.ontario.ca/"
>>>>> xmlns:ns3="http://idp.ebs.health.ontario.ca/"
>>>>> xmlns:ns2="http://ebs.health.ontario.ca/"
>>>>> xmlns:ns5="http://hcv.health.ontario.ca/">
>>>>> <requests>
>>>>> <hcvRequest>
>>>>>
>>>>> <healthNumber>2222211122</healthNumber>
>>>>> <versionCode>WW</versionCode>
>>>>> </hcvRequest>
>>>>> </requests>
>>>>> <locale>en</locale>
>>>>> </ns5:validate>
>>>>> </soapenv:Body>
>>>>> </soapenv:Envelope>
>>>>>
>>>>> -------------------
>>>>> Sample Request (Built via SoapUI)
>>>>>
>>>>> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
>>>>> xmlns:hcv="http://hcv.health.ontario.ca/"
>>>>> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>>>>> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>>>> <soapenv:Header>
>>>>> <wsse:Security soapenv:mustUnderstand="1"
>>>>> xmlns:wsse="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>>>> xmlns:wsu="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>>>> <wsse:BinarySecurityToken
>>>>> EncodingType="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>>>>> 1.0#Base64Binary"
>>>>> ValueType="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>>>> wsu:Id="X509-
>>>>> 9346053A98F2390F1A137460706920025">
>>>>>
>>>>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQ
>>>>> QGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
>>>>>
>>>>> A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgN
>>>>> VBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
>>>>>
>>>>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbk
>>>>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
>>>>>
>>>>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQ
>>>>> MA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
>>>>>
>>>>> b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb
>>>>> 3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
>>>>>
>>>>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
>>>>> QEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>>>>
>>>>> GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>>>>> WPPVMKpermHxniN+kqjWiGDm10xVMph
>>>>>
>>>>> XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKEx
>>>>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>>>>
>>>>> tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT
>>>>> 1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
>>>>>
>>>>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQA
>>>>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
>>>>>
>>>>> ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>>>>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
>>>>>
>>>>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFIt
>>>>> OM0XL3xwzblWi++B
>>>>> </wsse:BinarySecurityToken>
>>>>> <ds:Signature Id="SIG-30"
>>>>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>>>>> <ds:SignedInfo>
>>>>> <ds:CanonicalizationMethod
>>>>>
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>> <ec:InclusiveNamespaces
>>>>> PrefixList="ebs hcv idp msa soapenv"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:CanonicalizationMethod>
>>>>> <ds:SignatureMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>>>>> <ds:Reference URI="#id-7">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>>
>>>>> <ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestVal
>>>>> ue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-8">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>>
>>>>> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestVal
>>>>> ue>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#TS-29">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>>
>>>>> <ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestVal
>>>>> ue>
>>>>> </ds:Reference>
>>>>> <ds:Reference
>>>>> URI="#UsernameToken-28">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>>
>>>>> <ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValu
>>>>> e>
>>>>> </ds:Reference>
>>>>> <ds:Reference URI="#id-12">
>>>>> <ds:Transforms>
>>>>> <ds:Transform
>>>>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>>>>
>>>>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>>>>
>>>>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>>>> </ds:Transform>
>>>>> </ds:Transforms>
>>>>> <ds:DigestMethod
>>>>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>>>>
>>>>> <ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue
>>>>> </ds:Reference>
>>>>> </ds:SignedInfo>
>>>>>
>>>>> <ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3
>>>>> jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
>>>>>
>>>>> lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>>>>> G8BmqFGHXcPiuuO+FIXr
>>>>>
>>>>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLla
>>>>> UftqeybM6t0i2cTuNxf8nbCS
>>>>>
>>>>> gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp
>>>>> 09lp8XaI+NzwENvdBskb
>>>>>
>>>>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
>>>>> </ds:SignatureValue>
>>>>> <ds:KeyInfo Id="KI-
>>>>> 9346053A98F2390F1A137460706920026">
>>>>> <wsse:SecurityTokenReference
>>>>> wsu:Id="STR-
>>>>> 9346053A98F2390F1A137460706920027">
>>>>> <wsse:Reference
>>>>> URI="#X509-9346053A98F2390F1A137460706920025"
>>>>>
>>>>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>>>>> wss-x509-token-profile-1.0#X509v3" />
>>>>> </wsse:SecurityTokenReference>
>>>>> </ds:KeyInfo>
>>>>> </ds:Signature>
>>>>> <wsu:Timestamp wsu:Id="TS-29">
>>>>> <wsu:Created>2013-07-
>>>>> 23T19:17:49.196Z</wsu:Created>
>>>>> <wsu:Expires>2013-07-
>>>>> 30T17:57:49.196Z</wsu:Expires>
>>>>> </wsu:Timestamp>
>>>>> <wsse:UsernameToken wsu:Id="UsernameToken-
>>>>> 28">
>>>>> <wsse:Username>abc</wsse:Username>
>>>>> <wsse:Password
>>>>> Type="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
>>>>> 1.0#PasswordText">defg</wsse:Password>
>>>>> </wsse:UsernameToken>
>>>>> </wsse:Security>
>>>>> <idp:IDP wsu:Id="id-8"
>>>>> xmlns:wsu="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>>>> <ServiceUserMUID>12345</ServiceUserMUID>
>>>>> </idp:IDP>
>>>>> <ebs:EBS wsu:Id="id-7"
>>>>> xmlns:wsu="http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>>>>
>>>>> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
>>>>> <AuditId>12345</AuditId>
>>>>> </ebs:EBS>
>>>>> </soapenv:Header>
>>>>> <soapenv:Body wsu:Id="id-12"
>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
>>>>> 200401-wss-wssecurity-utility-1.0.xsd">
>>>>> <hcv:validate>
>>>>> <requests>
>>>>> <hcvRequest>
>>>>>
>>>>> <healthNumber>9876543217</healthNumber>
>>>>> <versionCode>AB</versionCode>
>>>>> </hcvRequest>
>>>>> </requests>
>>>>> </hcv:validate>
>>>>> </soapenv:Body>
>>>>> </soapenv:Envelope>
>>>>>
>>>>>
>>>>> -----------------------
>>>>> Response (In either case):
>>>>>
>>>>> <soap:Envelope
>>>>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>>>>> <soap:Body>
>>>>> <soap:Fault>
>>>>> <faultcode>soap:MustUnderstand</faultcode>
>>>>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>>>>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
>>>>> 1.0.xsd}Security] are not understood.</faultstring>
>>>>> </soap:Fault>
>>>>> </soap:Body>
>>>>> </soap:Envelope>
>>>>>
>>>>>
>>>>>
>>>>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>>> wrote:
>>>>>> Hi,
>>>>>>
>>>>>> It seems that your service doesn't use the same WS-Policy as client,
>>>>> therefore appropriate interceptors are not activated on the service
>>> side.
>>>>>> Could you double check that?
>>>>>>
>>>>>> Exact request and response will be also useful for further analyse.
>>>>>>
>>>>>> Regards,
>>>>>> Andrei.
>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>>>>> To: users@cxf.apache.org
>>>>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>>>>
>>>>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>>>>> WSDL-first service via Eclipse.
>>>>>>>
>>>>>>> I created a project from a WSDL file (I didn't create it) with the
>>>>>>> intention of implementing the service that it describes. The WSDL
>>>>>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>>>>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
>>>>>>> sample request that includes all of those components in the
>>>>>>> WS-Security header I get a "must understand header is not understood"
>>>>>>> message, regarding the WS-Security header.
>>>>>>>
>>>>>>> I've read on the documentation of CXF that additional dependencies
>>>>>>> must be included in the classpath to have WS-SecurityPolicy work, but
>>>>>>> I've used Eclipse's deployment method and given it the entire CXF ZIP
>>>>>>> file as downloaded from the project website as the CXF Runtime. Is
>>>>>>> there anything that I'm missing? Or is there a better way for me to
>>>>>>> be working with CXF than to use Eclipse's automated tools?
>>>>>>>
>>>>>>> Thanks for any help.
>>>>>>> Jen
>>>>>>>
>>>>>>>
>>>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
https://github.com/pellcorp/cxf/blob/master/JavaFirst/src/test/java/com/pellcorp/server/PolicyServiceTest.java
This test case reproduces your issue I think. Changing the namespaces of
the policy file will actually fix this, but probably not an option for you.
public void testOldWspSpClient() throws Exception {
ClassPathXmlApplicationContext clientContext = TestUtils.getContext(
"/META-INF/oldWspSpClientContext.xml");
OldSpWspSimpleService simpleService = clientContext.getBean(
"OldSpWspSimpleServiceClient",
OldSpWspSimpleService.class);
WSS4JOutInterceptor wssOut = TestUtils.getWssOutInterceptor(
simpleService);
TestUtils.setPasswordProperties(wssOut, "alice", "password");
try {
simpleService.ping();
} catch (SOAPFaultException e) {
assertTrue(e.getMessage().contains("MustUnderstand"));
}
}
On Sat, Jul 27, 2013 at 11:22 AM, Jason Pell <ja...@pellcorp.com> wrote:
> Hi,
>
> I changed over my java first samples to use your namespaces, and I also
> got the Must understand error.
>
> Since I can reproduce it, i will have a bit of a hunt around to see what
> the problem is.
>
>
> On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <je...@indivica.com>wrote:
>
>> Hi,
>>
>> Thanks for your help.
>>
>> The project path did not export the appropriate jars to the WEB-INF/lib
>> directory when being built, so I added them to the deployment assembly step
>> in eclipse. I added all the dependencies as well.
>>
>> Unfortunately, I was still getting the same "mustunderstand headers are
>> not understood" error message. But there's more. I'm also getting a strange
>> message when Tomcat is deploying the application, from CXF:
>> Jul 26, 2013 1:23:24 PM
>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>> handleNoRegisteredBuilder
>> WARNING: No assertion builder for type {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedSupportingTokensregistered.
>> Jul 26, 2013 1:23:24 PM
>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>> handleNoRegisteredBuilder
>> WARNING: No assertion builder for type {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}RequiredPartsregistered.
>> Jul 26, 2013 1:23:24 PM
>> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
>> handleNoRegisteredBuilder
>> WARNING: No assertion builder for type {
>> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedPartsregistered.
>>
>> I thought that was weird because in all the examples I've seen the sp
>> namespace is http://schemas.xmlsoap.org/ws/2005/07/securitypolicy. So I
>> made the change in the WSDL and I got the following message upon restarting
>> the server:
>> Jul 26, 2013 1:25:16 PM
>> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
>> getElementPolicy
>> WARNING: Failed to build the policy 'request-policy':{
>> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is
>> not a <wsp:Policy> element.
>>
>> The namespace for wsp is http://schemas.xmlsoap.org/ws/2004/09/policy,
>> and I'm pretty sure that's correct. Although I feel like I'm pretty close,
>> I'm lost at this point. Do you happen to have any further suggestions?
>>
>> Thanks
>> Jen
>>
>>
>>
>>
>> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com> wrote:
>>
>> > Hi,
>> >
>> > "mustunderstand header is not understood" error is thrown by CXF
>> MustUnderstandInterceptor.
>> > MustUnderstandInterceptor checks if must understand headers in SOAP
>> message can be processed by at least one CXF interceptor in chain.
>> > For that CXF interceptors provide getUnderstoodHeaders() method to say
>> which headers they are able to proceed.
>> >
>> > Security headers can be processed either by AbstractTokenInterceptor
>> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
>> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
>> > (extended by PolicyBasedWSS4JInInterceptor.java,
>> WSS4JInInterceptor.java).
>> >
>> > In your case no any from these interceptors is in chain on the service
>> side.
>> > That could happens because:
>> > a) service uses other ws-policy (or nor policy) that doesn't activate
>> that interceptors
>> > b) service uses no ws-policy way and not configured with security
>> interceptor
>> > c) appropriate CXF jars are not available:
>> cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>> >
>> > Can you please check how your service is configured?
>> >
>> > Regards,
>> > Andrei.
>> >
>> >
>> >> -----Original Message-----
>> >> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >> Sent: Mittwoch, 24. Juli 2013 17:43
>> >> To: users@cxf.apache.org
>> >> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>> >>
>> >> Hi,
>> >>
>> >> Thanks for the reply. That's what I was thinking. There may be an
>> issue with
>> >> the WSDL file itself.
>> >>
>> >> My request matches the example provided by the author of the WSDL file,
>> >> but neither of them work. They both cause the same "mustunderstand
>> >> header is not understood" error.
>> >> Disabling the security policy allows the request to complete properly.
>> >>
>> >> CXF is configured to read the security policy from the WSDL file, and
>> I know
>> >> that part is working because if I miss a required part (the timestamp,
>> for
>> >> example) in the header, CXF complains that not all of the required
>> parts have
>> >> been submitted. I guess this could be because of a signing issue,
>> although I'm
>> >> not sure.
>> >>
>> >> My reasons for building the service are because while there is a WSDL
>> >> definition for the service, there's no way to access the service
>> itself. I know
>> >> exactly how the service is supposed to react to various inputs so I'm
>> trying to
>> >> build the same web service. It's for a health insurance card
>> validation service
>> >> in Ontario, Canada, and the service is provided by the government.
>> >>
>> >> Thanks.
>> >> Jen
>> >>
>> >> ---------------------
>> >> HCValidationService.wsdl
>> >>
>> >> <?xml version="1.0" encoding="UTF-8"?><definitions
>> >> name="HCValidationService"
>> >> targetNamespace="http://hcv.health.ontario.ca/"
>> >> xmlns="http://schemas.xmlsoap.org/wsdl/"
>> >> xmlns:ebs="http://ebs.health.ontario.ca/"
>> >> xmlns:hcv="http://hcv.health.ontario.ca/"
>> >> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>> >> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>> >> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
>> >> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>> >> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>> >> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
>> >>
>> >> <types>
>> >> <xsd:schema>
>> >> <xsd:import
>> >> namespace="http://ebs.health.ontario.ca/"
>> >> schemaLocation="EBSFault_schema.xsd"/>
>> >> <xsd:import
>> >> namespace="http://hcv.health.ontario.ca/"
>> >> schemaLocation="HCValidationService_schema.xsd"/>
>> >> <xsd:import
>> >> namespace="http://ebs.health.ontario.ca/"
>> >> schemaLocation="EBS_schema.xsd"/>
>> >> <xsd:import
>> >> namespace="http://msa.ebs.health.ontario.ca/"
>> >> schemaLocation="MSA_schema.xsd"/>
>> >> <xsd:import
>> >> namespace="http://idp.ebs.health.ontario.ca/"
>> >> schemaLocation="IDP_schema.xsd"/>
>> >> </xsd:schema>
>> >> </types>
>> >>
>> >> <wsp:Policy wsu:Id="request-policy">
>> >> <wsp:ExactlyOne>
>> >> <wsp:All>
>> >> <wsp:All>
>> >> <sp:SignedSupportingTokens>
>> >> <sp:UsernameToken>
>> >> <wsp:Policy>
>> >> <wsp:All>
>> >>
>> >> <sp:NoPassword/>
>> >>
>> >> <sp:WssUsernameToken10/>
>> >> </wsp:All>
>> >> </wsp:Policy>
>> >> </sp:UsernameToken>
>> >> </sp:SignedSupportingTokens>
>> >> </wsp:All>
>> >> <wsp:ExactlyOne>
>> >> <wsp:All>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="EBS"
>> >> Namespace="http://ebs.health.ontario.ca/"/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="MSA"
>> >> Namespace="http://msa.ebs.health.ontario.ca/"/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="SoftwareConformanceKey" Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="AuditId"
>> >> Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="ServiceUserMUID" Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="UserID"
>> >> Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="Timestamp" Namespace="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> >> </sp:RequiredParts>
>> >> </wsp:All>
>> >> </wsp:ExactlyOne>
>> >> <wsp:ExactlyOne>
>> >> <wsp:All>
>> >> <sp:SignedParts>
>> >> <sp:Header Name="EBS"
>> >> Namespace="http://ebs.health.ontario.ca/"/>
>> >> <sp:Header Name="MSA"
>> >> Namespace="http://msa.ebs.health.ontario.ca/"/>
>> >> <sp:Header
>> >> Name="Timestamp" Namespace="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> >> <sp:Header
>> >> Name="UsernameToken" Namespace="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>> >> <sp:Body/>
>> >> </sp:SignedParts>
>> >> </wsp:All>
>> >> </wsp:ExactlyOne>
>> >> </wsp:All>
>> >> <wsp:All>
>> >> <wsp:All>
>> >> <sp:SignedSupportingTokens>
>> >> <sp:UsernameToken>
>> >> <wsp:Policy>
>> >> <wsp:All>
>> >>
>> >> <sp:WssUsernameToken10/>
>> >> </wsp:All>
>> >> </wsp:Policy>
>> >> </sp:UsernameToken>
>> >> </sp:SignedSupportingTokens>
>> >> </wsp:All>
>> >> <wsp:ExactlyOne>
>> >> <wsp:All>
>> >> <sp:SignedParts>
>> >> <sp:Header Name="EBS"
>> >> Namespace="http://ebs.health.ontario.ca/"/>
>> >> <sp:Header Name="IDP"
>> >> Namespace="http://idp.ebs.health.ontario.ca/"/>
>> >> <sp:Header Name="Timestamp"
>> >> Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>> >> wssecurity-utility-1.0.xsd"/>
>> >> <sp:Header
>> >> Name="UsernameToken" Namespace="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>> >> <sp:Body/>
>> >> </sp:SignedParts>
>> >> </wsp:All>
>> >> </wsp:ExactlyOne>
>> >>
>> >> <wsp:ExactlyOne>
>> >> <wsp:All>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="EBS"
>> >> Namespace="http://ebs.health.ontario.ca/"/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="IDP"
>> >> Namespace="http://idp.ebs.health.ontario.ca/"/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="SoftwareConformanceKey" Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header Name="AuditId"
>> >> Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="ServiceUserMUID" Namespace=""/>
>> >> </sp:RequiredParts>
>> >> <sp:RequiredParts>
>> >> <sp:Header
>> >> Name="Timestamp" Namespace="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> >> </sp:RequiredParts>
>> >> </wsp:All>
>> >> </wsp:ExactlyOne>
>> >> </wsp:All>
>> >> </wsp:ExactlyOne>
>> >> </wsp:Policy>
>> >>
>> >> <wsdl:message name="EBSHeader">
>> >> <wsdl:part element="ebs:EBS"
>> >> name="ebsrequest_header"/>
>> >> </wsdl:message>
>> >> <wsdl:message name="MSAHeader">
>> >> <wsdl:part element="msa:MSA"
>> >> name="msarequest_header"/>
>> >> </wsdl:message>
>> >> <wsdl:message name="IDPHeader">
>> >> <wsdl:part element="idp:IDP"
>> >> name="idprequest_header"/>
>> >> </wsdl:message>
>> >>
>> >> <message name="validate">
>> >> <wsdl:part element="hcv:validate" name="parameters"/>
>> >> </message>
>> >>
>> >> <message name="validateResponse">
>> >> <part element="hcv:validateResponse"
>> >> name="parameters"/>
>> >> </message>
>> >>
>> >> <message name="faultexception">
>> >> <part element="ebs:EBSFault" name="Fault"/>
>> >> </message>
>> >>
>> >> <portType name="HCValidation">
>> >> <operation name="validate">
>> >> <input message="hcv:validate"/>
>> >> <output message="hcv:validateResponse"/>
>> >> <fault message="hcv:faultexception"
>> >> name="FaultException"/>
>> >> </operation>
>> >> </portType>
>> >>
>> >> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
>> >> <soap:binding style="document"
>> >> transport="http://schemas.xmlsoap.org/soap/http"/>
>> >>
>> >> <operation name="validate">
>> >> <soap:operation soapAction=""/>
>> >> <input>
>> >> <wsp:PolicyReference URI="#request-policy"/>
>> >> <wsdlsoap:header
>> >> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>> >> <wsdlsoap:header
>> >> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>> >> <wsdlsoap:header
>> >> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>> >> <wsdlsoap:body parts="parameters"
>> >> use="literal"/>
>> >> </input>
>> >> <output>
>> >> <soap:body use="literal"/>
>> >> </output>
>> >> <fault name="FaultException">
>> >> <soap:fault name="FaultException"
>> >> use="literal"/>
>> >> </fault>
>> >> </operation>
>> >> </binding>
>> >>
>> >> <service name="HCValidationService">
>> >> <port binding="hcv:HCValidationPortBinding"
>> >> name="HCValidationPort">
>> >> <soap:address
>> >> location="
>> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe
>> >> rvice"/>
>> >> </port>
>> >> </service>
>> >> </definitions>
>> >>
>> >> ---------------------
>> >> Sample Request (provided by author of WSDL)
>> >>
>> >> <soapenv:Envelope xmlns:soap-
>> >> sec="http://schemas.xmlsoap.org/security/2000-12"
>> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> >> wss-wssecurity-secext-1.0.xsd"
>> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>> >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
>> >> xmlns:xs="http://www.w3.org/2001/XMLSchema"
>> >> xmlns:tns="http://hcv.health.ontario.ca/"
>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> >> wss-wssecurity-utility-1.0.xsd"
>> >> xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03"
>> >> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> >> <soapenv:Header>
>> >> <ns2:EBS wsu:Id="id-1"
>> >> xmlns:ns2="http://ebs.health.ontario.ca/">
>> >> <SoftwareConformanceKey>444561ee-277f-77b2-
>> >> c664-7a9923jfgh1b
>> >> </SoftwareConformanceKey>
>> >> <AuditId>73b7051e-6126-4b41-9ae0-
>> >> 21b707ca8a53</AuditId>
>> >> </ns2:EBS>
>> >> <ns2:IDP wsu:Id="id-2"
>> >> xmlns:ns2="http://idp.ebs.health.ontario.ca/">
>> >> <ServiceUserMUID>4523394</ServiceUserMUID>
>> >> </ns2:IDP>
>> >> <wsse:Security SOAP-ENV:mustUnderstand="1">
>> >> <wsu:Timestamp wsu:Id="id-3">
>> >> <wsu:Created>2012-06-
>> >> 20T17:58:42.580Z</wsu:Created>
>> >> <wsu:Expires>2012-06-
>> >> 20T17:59:12.580Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <wsse:UsernameToken wsu:Id="id-4">
>> >>
>> >>
>> >> <wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
>> >> <wsse:Password
>> >> Type="wsse:PasswordText">Password</wsse:Password>
>> >> </wsse:UsernameToken>
>> >> <wsse:BinarySecurityToken
>> >> EncodingType="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>> >> 1.0#Base64Binary"
>> >> ValueType="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> >> wsu:Id="X509-
>> >> 02F859690D5C74E20913402151228211">
>> >>
>> >> MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQsw
>> >> CQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
>> >>
>> >> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw
>> >> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDA
>> >> wNTJaM
>> >>
>> >> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwY
>> >> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAM
>> >> TDj
>> >>
>> >> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi
>> >> QKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
>> >>
>> >> fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCo
>> >> EQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
>> >>
>> >> jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJ
>> >> Ma4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
>> >>
>> >> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>> >> PcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
>> >> </wsse:BinarySecurityToken>
>> >> <ds:Signature Id="SIG-6"
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >> <ec:InclusiveNamespaces
>> >> PrefixList="SOAP-
>> >> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:CanonicalizationMethod>
>> >> <ds:SignatureMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> >> <ds:Reference URI="#id-1">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces
>> >>
>> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>> >> wsu xs xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>> >>
>> >> <ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9c
>> >> Hs=
>> >> </ds:DigestValue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-2">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces
>> >>
>> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>> >> wsu xs xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>> >>
>> >> <ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PE
>> >> Oz3E=
>> >> </ds:DigestValue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-3">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces
>> >>
>> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs
>> >> xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>> >>
>> >> <ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQM
>> >> GGE=
>> >> </ds:DigestValue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-4">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces
>> >>
>> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
>> >> xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >>
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>> >>
>> >> <ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWc
>> >> Gjo=
>> >> </ds:DigestValue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-5">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces
>> >>
>> >> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>> >>
>> >> <ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl
>> >> 9Y=
>> >> </ds:DigestValue>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >> <ds:SignatureValue>
>> >>
>> >> Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fg
>> >> X/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
>> >>
>> >> zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4Y
>> >> LaD+S/j3QKc=
>> >> </ds:SignatureValue>
>> >> <ds:KeyInfo Id="KI-
>> >> 02F859690D5C74E20913402151228312">
>> >> <wsse:SecurityTokenReference
>> >> wsu:Id="STR-02F859690D5C74E20913402151228413">
>> >> <wsse:Reference
>> >> URI="#X509-02F859690D5C74E20913402151228211"
>> >>
>> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> >> wss-x509-token-profile-1.0#X509v3" />
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> </wsse:Security>
>> >> </soapenv:Header>
>> >> <soapenv:Body wsu:Id="id-5">
>> >> <ns5:validate xmlns:ns4="
>> http://msa.ebs.health.ontario.ca/"
>> >> xmlns:ns3="http://idp.ebs.health.ontario.ca/"
>> >> xmlns:ns2="http://ebs.health.ontario.ca/"
>> >> xmlns:ns5="http://hcv.health.ontario.ca/">
>> >> <requests>
>> >> <hcvRequest>
>> >>
>> >> <healthNumber>2222211122</healthNumber>
>> >> <versionCode>WW</versionCode>
>> >> </hcvRequest>
>> >> </requests>
>> >> <locale>en</locale>
>> >> </ns5:validate>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >> -------------------
>> >> Sample Request (Built via SoapUI)
>> >>
>> >> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
>> >> xmlns:hcv="http://hcv.health.ontario.ca/"
>> >> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>> >> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> >> <soapenv:Header>
>> >> <wsse:Security soapenv:mustUnderstand="1"
>> >> xmlns:wsse="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> >> xmlns:wsu="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>> >> <wsse:BinarySecurityToken
>> >> EncodingType="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>> >> 1.0#Base64Binary"
>> >> ValueType="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> >> wsu:Id="X509-
>> >> 9346053A98F2390F1A137460706920025">
>> >>
>> >> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQ
>> >> QGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
>> >>
>> >> A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgN
>> >> VBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
>> >>
>> >> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbk
>> >> BpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
>> >>
>> >> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQ
>> >> MA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
>> >>
>> >> b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb
>> >> 3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
>> >>
>> >> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
>> >> QEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
>> >>
>> >> GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>> >> WPPVMKpermHxniN+kqjWiGDm10xVMph
>> >>
>> >> XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKEx
>> >> vGArojkyveOewWkvKMobLB3d6gtrPJ
>> >>
>> >> tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT
>> >> 1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
>> >>
>> >> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQA
>> >> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
>> >>
>> >> ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>> >> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
>> >>
>> >> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFIt
>> >> OM0XL3xwzblWi++B
>> >> </wsse:BinarySecurityToken>
>> >> <ds:Signature Id="SIG-30"
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >> <ec:InclusiveNamespaces
>> >> PrefixList="ebs hcv idp msa soapenv"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:CanonicalizationMethod>
>> >> <ds:SignatureMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> >> <ds:Reference URI="#id-7">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>> >>
>> >> <ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestVal
>> >> ue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-8">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>> >>
>> >> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestVal
>> >> ue>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#TS-29">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>> >>
>> >> <ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestVal
>> >> ue>
>> >> </ds:Reference>
>> >> <ds:Reference
>> >> URI="#UsernameToken-28">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>> >>
>> >> <ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValu
>> >> e>
>> >> </ds:Reference>
>> >> <ds:Reference URI="#id-12">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> >>
>> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>> >>
>> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> >> </ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>> >>
>> >> <ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue
>> >>>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >>
>> >> <ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3
>> >> jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
>> >>
>> >> lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>> >> G8BmqFGHXcPiuuO+FIXr
>> >>
>> >> 93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLla
>> >> UftqeybM6t0i2cTuNxf8nbCS
>> >>
>> >> gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp
>> >> 09lp8XaI+NzwENvdBskb
>> >>
>> >> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
>> >> </ds:SignatureValue>
>> >> <ds:KeyInfo Id="KI-
>> >> 9346053A98F2390F1A137460706920026">
>> >> <wsse:SecurityTokenReference
>> >> wsu:Id="STR-
>> >> 9346053A98F2390F1A137460706920027">
>> >> <wsse:Reference
>> >> URI="#X509-9346053A98F2390F1A137460706920025"
>> >>
>> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> >> wss-x509-token-profile-1.0#X509v3" />
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> <wsu:Timestamp wsu:Id="TS-29">
>> >> <wsu:Created>2013-07-
>> >> 23T19:17:49.196Z</wsu:Created>
>> >> <wsu:Expires>2013-07-
>> >> 30T17:57:49.196Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <wsse:UsernameToken wsu:Id="UsernameToken-
>> >> 28">
>> >> <wsse:Username>abc</wsse:Username>
>> >> <wsse:Password
>> >> Type="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
>> >> 1.0#PasswordText">defg</wsse:Password>
>> >> </wsse:UsernameToken>
>> >> </wsse:Security>
>> >> <idp:IDP wsu:Id="id-8"
>> >> xmlns:wsu="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>> >> <ServiceUserMUID>12345</ServiceUserMUID>
>> >> </idp:IDP>
>> >> <ebs:EBS wsu:Id="id-7"
>> >> xmlns:wsu="http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>> >>
>> >> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
>> >> <AuditId>12345</AuditId>
>> >> </ebs:EBS>
>> >> </soapenv:Header>
>> >> <soapenv:Body wsu:Id="id-12"
>> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
>> >> 200401-wss-wssecurity-utility-1.0.xsd">
>> >> <hcv:validate>
>> >> <requests>
>> >> <hcvRequest>
>> >>
>> >> <healthNumber>9876543217</healthNumber>
>> >> <versionCode>AB</versionCode>
>> >> </hcvRequest>
>> >> </requests>
>> >> </hcv:validate>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >>
>> >> -----------------------
>> >> Response (In either case):
>> >>
>> >> <soap:Envelope
>> >> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>> >> <soap:Body>
>> >> <soap:Fault>
>> >> <faultcode>soap:MustUnderstand</faultcode>
>> >> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
>> >> 1.0.xsd}Security] are not understood.</faultstring>
>> >> </soap:Fault>
>> >> </soap:Body>
>> >> </soap:Envelope>
>> >>
>> >>
>> >>
>> >> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
>> wrote:
>> >>
>> >>> Hi,
>> >>>
>> >>> It seems that your service doesn't use the same WS-Policy as client,
>> >> therefore appropriate interceptors are not activated on the service
>> side.
>> >>> Could you double check that?
>> >>>
>> >>> Exact request and response will be also useful for further analyse.
>> >>>
>> >>> Regards,
>> >>> Andrei.
>> >>>
>> >>>> -----Original Message-----
>> >>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> >>>> Sent: Dienstag, 23. Juli 2013 21:35
>> >>>> To: users@cxf.apache.org
>> >>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>> >>>>
>> >>>> I have a question regarding WS-SecurityPolicy and deploying a
>> >>>> WSDL-first service via Eclipse.
>> >>>>
>> >>>> I created a project from a WSDL file (I didn't create it) with the
>> >>>> intention of implementing the service that it describes. The WSDL
>> >>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>> >>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
>> >>>> sample request that includes all of those components in the
>> >>>> WS-Security header I get a "must understand header is not understood"
>> >>>> message, regarding the WS-Security header.
>> >>>>
>> >>>> I've read on the documentation of CXF that additional dependencies
>> >>>> must be included in the classpath to have WS-SecurityPolicy work, but
>> >>>> I've used Eclipse's deployment method and given it the entire CXF ZIP
>> >>>> file as downloaded from the project website as the CXF Runtime. Is
>> >>>> there anything that I'm missing? Or is there a better way for me to
>> >>>> be working with CXF than to use Eclipse's automated tools?
>> >>>>
>> >>>> Thanks for any help.
>> >>>> Jen
>> >>>>
>> >>>>
>> >>>
>> >
>>
>>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jason Pell <ja...@pellcorp.com>.
Hi,
I changed over my java first samples to use your namespaces, and I also got
the Must understand error.
Since I can reproduce it, i will have a bit of a hunt around to see what
the problem is.
On Sat, Jul 27, 2013 at 3:42 AM, Jennifer Ruttan <je...@indivica.com>wrote:
> Hi,
>
> Thanks for your help.
>
> The project path did not export the appropriate jars to the WEB-INF/lib
> directory when being built, so I added them to the deployment assembly step
> in eclipse. I added all the dependencies as well.
>
> Unfortunately, I was still getting the same "mustunderstand headers are
> not understood" error message. But there's more. I'm also getting a strange
> message when Tomcat is deploying the application, from CXF:
> Jul 26, 2013 1:23:24 PM
> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> handleNoRegisteredBuilder
> WARNING: No assertion builder for type {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedSupportingTokensregistered.
> Jul 26, 2013 1:23:24 PM
> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> handleNoRegisteredBuilder
> WARNING: No assertion builder for type {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}RequiredPartsregistered.
> Jul 26, 2013 1:23:24 PM
> org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
> handleNoRegisteredBuilder
> WARNING: No assertion builder for type {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedPartsregistered.
>
> I thought that was weird because in all the examples I've seen the sp
> namespace is http://schemas.xmlsoap.org/ws/2005/07/securitypolicy. So I
> made the change in the WSDL and I got the following message upon restarting
> the server:
> Jul 26, 2013 1:25:16 PM
> org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider
> getElementPolicy
> WARNING: Failed to build the policy 'request-policy':{
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is not
> a <wsp:Policy> element.
>
> The namespace for wsp is http://schemas.xmlsoap.org/ws/2004/09/policy,
> and I'm pretty sure that's correct. Although I feel like I'm pretty close,
> I'm lost at this point. Do you happen to have any further suggestions?
>
> Thanks
> Jen
>
>
>
>
> On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com> wrote:
>
> > Hi,
> >
> > "mustunderstand header is not understood" error is thrown by CXF
> MustUnderstandInterceptor.
> > MustUnderstandInterceptor checks if must understand headers in SOAP
> message can be processed by at least one CXF interceptor in chain.
> > For that CXF interceptors provide getUnderstoodHeaders() method to say
> which headers they are able to proceed.
> >
> > Security headers can be processed either by AbstractTokenInterceptor
> (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java,
> KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
> > (extended by PolicyBasedWSS4JInInterceptor.java,
> WSS4JInInterceptor.java).
> >
> > In your case no any from these interceptors is in chain on the service
> side.
> > That could happens because:
> > a) service uses other ws-policy (or nor policy) that doesn't activate
> that interceptors
> > b) service uses no ws-policy way and not configured with security
> interceptor
> > c) appropriate CXF jars are not available: cxf-rt-ws-security-x.x.x.jar,
> cxf-rt-ws-policy-x.x.x.jar.
> >
> > Can you please check how your service is configured?
> >
> > Regards,
> > Andrei.
> >
> >
> >> -----Original Message-----
> >> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >> Sent: Mittwoch, 24. Juli 2013 17:43
> >> To: users@cxf.apache.org
> >> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
> >>
> >> Hi,
> >>
> >> Thanks for the reply. That's what I was thinking. There may be an issue
> with
> >> the WSDL file itself.
> >>
> >> My request matches the example provided by the author of the WSDL file,
> >> but neither of them work. They both cause the same "mustunderstand
> >> header is not understood" error.
> >> Disabling the security policy allows the request to complete properly.
> >>
> >> CXF is configured to read the security policy from the WSDL file, and I
> know
> >> that part is working because if I miss a required part (the timestamp,
> for
> >> example) in the header, CXF complains that not all of the required
> parts have
> >> been submitted. I guess this could be because of a signing issue,
> although I'm
> >> not sure.
> >>
> >> My reasons for building the service are because while there is a WSDL
> >> definition for the service, there's no way to access the service
> itself. I know
> >> exactly how the service is supposed to react to various inputs so I'm
> trying to
> >> build the same web service. It's for a health insurance card validation
> service
> >> in Ontario, Canada, and the service is provided by the government.
> >>
> >> Thanks.
> >> Jen
> >>
> >> ---------------------
> >> HCValidationService.wsdl
> >>
> >> <?xml version="1.0" encoding="UTF-8"?><definitions
> >> name="HCValidationService"
> >> targetNamespace="http://hcv.health.ontario.ca/"
> >> xmlns="http://schemas.xmlsoap.org/wsdl/"
> >> xmlns:ebs="http://ebs.health.ontario.ca/"
> >> xmlns:hcv="http://hcv.health.ontario.ca/"
> >> xmlns:idp="http://idp.ebs.health.ontario.ca/"
> >> xmlns:msa="http://msa.ebs.health.ontario.ca/"
> >> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
> >> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
> >> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
> >> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> >> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
> >>
> >> <types>
> >> <xsd:schema>
> >> <xsd:import
> >> namespace="http://ebs.health.ontario.ca/"
> >> schemaLocation="EBSFault_schema.xsd"/>
> >> <xsd:import
> >> namespace="http://hcv.health.ontario.ca/"
> >> schemaLocation="HCValidationService_schema.xsd"/>
> >> <xsd:import
> >> namespace="http://ebs.health.ontario.ca/"
> >> schemaLocation="EBS_schema.xsd"/>
> >> <xsd:import
> >> namespace="http://msa.ebs.health.ontario.ca/"
> >> schemaLocation="MSA_schema.xsd"/>
> >> <xsd:import
> >> namespace="http://idp.ebs.health.ontario.ca/"
> >> schemaLocation="IDP_schema.xsd"/>
> >> </xsd:schema>
> >> </types>
> >>
> >> <wsp:Policy wsu:Id="request-policy">
> >> <wsp:ExactlyOne>
> >> <wsp:All>
> >> <wsp:All>
> >> <sp:SignedSupportingTokens>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >>
> >> <sp:NoPassword/>
> >>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> </sp:SignedSupportingTokens>
> >> </wsp:All>
> >> <wsp:ExactlyOne>
> >> <wsp:All>
> >> <sp:RequiredParts>
> >> <sp:Header Name="EBS"
> >> Namespace="http://ebs.health.ontario.ca/"/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header Name="MSA"
> >> Namespace="http://msa.ebs.health.ontario.ca/"/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="SoftwareConformanceKey" Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header Name="AuditId"
> >> Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="ServiceUserMUID" Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header Name="UserID"
> >> Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="Timestamp" Namespace="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> >> </sp:RequiredParts>
> >> </wsp:All>
> >> </wsp:ExactlyOne>
> >> <wsp:ExactlyOne>
> >> <wsp:All>
> >> <sp:SignedParts>
> >> <sp:Header Name="EBS"
> >> Namespace="http://ebs.health.ontario.ca/"/>
> >> <sp:Header Name="MSA"
> >> Namespace="http://msa.ebs.health.ontario.ca/"/>
> >> <sp:Header
> >> Name="Timestamp" Namespace="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> >> <sp:Header
> >> Name="UsernameToken" Namespace="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> >> <sp:Body/>
> >> </sp:SignedParts>
> >> </wsp:All>
> >> </wsp:ExactlyOne>
> >> </wsp:All>
> >> <wsp:All>
> >> <wsp:All>
> >> <sp:SignedSupportingTokens>
> >> <sp:UsernameToken>
> >> <wsp:Policy>
> >> <wsp:All>
> >>
> >> <sp:WssUsernameToken10/>
> >> </wsp:All>
> >> </wsp:Policy>
> >> </sp:UsernameToken>
> >> </sp:SignedSupportingTokens>
> >> </wsp:All>
> >> <wsp:ExactlyOne>
> >> <wsp:All>
> >> <sp:SignedParts>
> >> <sp:Header Name="EBS"
> >> Namespace="http://ebs.health.ontario.ca/"/>
> >> <sp:Header Name="IDP"
> >> Namespace="http://idp.ebs.health.ontario.ca/"/>
> >> <sp:Header Name="Timestamp"
> >> Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> >> wssecurity-utility-1.0.xsd"/>
> >> <sp:Header
> >> Name="UsernameToken" Namespace="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> >> <sp:Body/>
> >> </sp:SignedParts>
> >> </wsp:All>
> >> </wsp:ExactlyOne>
> >>
> >> <wsp:ExactlyOne>
> >> <wsp:All>
> >> <sp:RequiredParts>
> >> <sp:Header Name="EBS"
> >> Namespace="http://ebs.health.ontario.ca/"/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header Name="IDP"
> >> Namespace="http://idp.ebs.health.ontario.ca/"/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="SoftwareConformanceKey" Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header Name="AuditId"
> >> Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="ServiceUserMUID" Namespace=""/>
> >> </sp:RequiredParts>
> >> <sp:RequiredParts>
> >> <sp:Header
> >> Name="Timestamp" Namespace="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> >> </sp:RequiredParts>
> >> </wsp:All>
> >> </wsp:ExactlyOne>
> >> </wsp:All>
> >> </wsp:ExactlyOne>
> >> </wsp:Policy>
> >>
> >> <wsdl:message name="EBSHeader">
> >> <wsdl:part element="ebs:EBS"
> >> name="ebsrequest_header"/>
> >> </wsdl:message>
> >> <wsdl:message name="MSAHeader">
> >> <wsdl:part element="msa:MSA"
> >> name="msarequest_header"/>
> >> </wsdl:message>
> >> <wsdl:message name="IDPHeader">
> >> <wsdl:part element="idp:IDP"
> >> name="idprequest_header"/>
> >> </wsdl:message>
> >>
> >> <message name="validate">
> >> <wsdl:part element="hcv:validate" name="parameters"/>
> >> </message>
> >>
> >> <message name="validateResponse">
> >> <part element="hcv:validateResponse"
> >> name="parameters"/>
> >> </message>
> >>
> >> <message name="faultexception">
> >> <part element="ebs:EBSFault" name="Fault"/>
> >> </message>
> >>
> >> <portType name="HCValidation">
> >> <operation name="validate">
> >> <input message="hcv:validate"/>
> >> <output message="hcv:validateResponse"/>
> >> <fault message="hcv:faultexception"
> >> name="FaultException"/>
> >> </operation>
> >> </portType>
> >>
> >> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
> >> <soap:binding style="document"
> >> transport="http://schemas.xmlsoap.org/soap/http"/>
> >>
> >> <operation name="validate">
> >> <soap:operation soapAction=""/>
> >> <input>
> >> <wsp:PolicyReference URI="#request-policy"/>
> >> <wsdlsoap:header
> >> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
> >> <wsdlsoap:header
> >> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
> >> <wsdlsoap:header
> >> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
> >> <wsdlsoap:body parts="parameters"
> >> use="literal"/>
> >> </input>
> >> <output>
> >> <soap:body use="literal"/>
> >> </output>
> >> <fault name="FaultException">
> >> <soap:fault name="FaultException"
> >> use="literal"/>
> >> </fault>
> >> </operation>
> >> </binding>
> >>
> >> <service name="HCValidationService">
> >> <port binding="hcv:HCValidationPortBinding"
> >> name="HCValidationPort">
> >> <soap:address
> >> location="
> https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe
> >> rvice"/>
> >> </port>
> >> </service>
> >> </definitions>
> >>
> >> ---------------------
> >> Sample Request (provided by author of WSDL)
> >>
> >> <soapenv:Envelope xmlns:soap-
> >> sec="http://schemas.xmlsoap.org/security/2000-12"
> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> >> wss-wssecurity-secext-1.0.xsd"
> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> >> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
> >> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> >> xmlns:xs="http://www.w3.org/2001/XMLSchema"
> >> xmlns:tns="http://hcv.health.ontario.ca/"
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> >> wss-wssecurity-utility-1.0.xsd"
> >> xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03"
> >> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
> >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> >> <soapenv:Header>
> >> <ns2:EBS wsu:Id="id-1"
> >> xmlns:ns2="http://ebs.health.ontario.ca/">
> >> <SoftwareConformanceKey>444561ee-277f-77b2-
> >> c664-7a9923jfgh1b
> >> </SoftwareConformanceKey>
> >> <AuditId>73b7051e-6126-4b41-9ae0-
> >> 21b707ca8a53</AuditId>
> >> </ns2:EBS>
> >> <ns2:IDP wsu:Id="id-2"
> >> xmlns:ns2="http://idp.ebs.health.ontario.ca/">
> >> <ServiceUserMUID>4523394</ServiceUserMUID>
> >> </ns2:IDP>
> >> <wsse:Security SOAP-ENV:mustUnderstand="1">
> >> <wsu:Timestamp wsu:Id="id-3">
> >> <wsu:Created>2012-06-
> >> 20T17:58:42.580Z</wsu:Created>
> >> <wsu:Expires>2012-06-
> >> 20T17:59:12.580Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <wsse:UsernameToken wsu:Id="id-4">
> >>
> >>
> >> <wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
> >> <wsse:Password
> >> Type="wsse:PasswordText">Password</wsse:Password>
> >> </wsse:UsernameToken>
> >> <wsse:BinarySecurityToken
> >> EncodingType="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
> >> 1.0#Base64Binary"
> >> ValueType="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> >> wsu:Id="X509-
> >> 02F859690D5C74E20913402151228211">
> >>
> >> MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQsw
> >> CQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
> >>
> >> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw
> >> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDA
> >> wNTJaM
> >>
> >> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwY
> >> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAM
> >> TDj
> >>
> >> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi
> >> QKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
> >>
> >> fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCo
> >> EQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
> >>
> >> jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJ
> >> Ma4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
> >>
> >> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8F
> >> PcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
> >> </wsse:BinarySecurityToken>
> >> <ds:Signature Id="SIG-6"
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> >> <ds:SignedInfo>
> >> <ds:CanonicalizationMethod
> >>
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >> <ec:InclusiveNamespaces
> >> PrefixList="SOAP-
> >> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:CanonicalizationMethod>
> >> <ds:SignatureMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> >> <ds:Reference URI="#id-1">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces
> >>
> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
> >> wsu xs xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
> >>
> >> <ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9c
> >> Hs=
> >> </ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-2">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces
> >>
> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
> >> wsu xs xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
> >>
> >> <ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PE
> >> Oz3E=
> >> </ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-3">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces
> >>
> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs
> >> xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
> >>
> >> <ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQM
> >> GGE=
> >> </ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-4">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces
> >>
> >> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
> >> xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >>
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
> >>
> >> <ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWc
> >> Gjo=
> >> </ds:DigestValue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-5">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces
> >>
> >> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
> >>
> >> <ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl
> >> 9Y=
> >> </ds:DigestValue>
> >> </ds:Reference>
> >> </ds:SignedInfo>
> >> <ds:SignatureValue>
> >>
> >> Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fg
> >> X/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
> >>
> >> zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4Y
> >> LaD+S/j3QKc=
> >> </ds:SignatureValue>
> >> <ds:KeyInfo Id="KI-
> >> 02F859690D5C74E20913402151228312">
> >> <wsse:SecurityTokenReference
> >> wsu:Id="STR-02F859690D5C74E20913402151228413">
> >> <wsse:Reference
> >> URI="#X509-02F859690D5C74E20913402151228211"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> >> wss-x509-token-profile-1.0#X509v3" />
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> </ds:Signature>
> >> </wsse:Security>
> >> </soapenv:Header>
> >> <soapenv:Body wsu:Id="id-5">
> >> <ns5:validate xmlns:ns4="http://msa.ebs.health.ontario.ca/
> "
> >> xmlns:ns3="http://idp.ebs.health.ontario.ca/"
> >> xmlns:ns2="http://ebs.health.ontario.ca/"
> >> xmlns:ns5="http://hcv.health.ontario.ca/">
> >> <requests>
> >> <hcvRequest>
> >>
> >> <healthNumber>2222211122</healthNumber>
> >> <versionCode>WW</versionCode>
> >> </hcvRequest>
> >> </requests>
> >> <locale>en</locale>
> >> </ns5:validate>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >> -------------------
> >> Sample Request (Built via SoapUI)
> >>
> >> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
> >> xmlns:hcv="http://hcv.health.ontario.ca/"
> >> xmlns:idp="http://idp.ebs.health.ontario.ca/"
> >> xmlns:msa="http://msa.ebs.health.ontario.ca/"
> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> >> <soapenv:Header>
> >> <wsse:Security soapenv:mustUnderstand="1"
> >> xmlns:wsse="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> >> xmlns:wsu="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> >> <wsse:BinarySecurityToken
> >> EncodingType="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
> >> 1.0#Base64Binary"
> >> ValueType="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> >> wsu:Id="X509-
> >> 9346053A98F2390F1A137460706920025">
> >>
> >> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQ
> >> QGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
> >>
> >> A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgN
> >> VBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
> >>
> >> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbk
> >> BpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
> >>
> >> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQ
> >> MA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
> >>
> >> b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb
> >> 3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
> >>
> >> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
> >> QEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
> >>
> >> GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
> >> WPPVMKpermHxniN+kqjWiGDm10xVMph
> >>
> >> XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKEx
> >> vGArojkyveOewWkvKMobLB3d6gtrPJ
> >>
> >> tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT
> >> 1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
> >>
> >> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQA
> >> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
> >>
> >> ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
> >> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
> >>
> >> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFIt
> >> OM0XL3xwzblWi++B
> >> </wsse:BinarySecurityToken>
> >> <ds:Signature Id="SIG-30"
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> >> <ds:SignedInfo>
> >> <ds:CanonicalizationMethod
> >>
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >> <ec:InclusiveNamespaces
> >> PrefixList="ebs hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:CanonicalizationMethod>
> >> <ds:SignatureMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> >> <ds:Reference URI="#id-7">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestVal
> >> ue>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-8">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestVal
> >> ue>
> >> </ds:Reference>
> >> <ds:Reference URI="#TS-29">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestVal
> >> ue>
> >> </ds:Reference>
> >> <ds:Reference
> >> URI="#UsernameToken-28">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValu
> >> e>
> >> </ds:Reference>
> >> <ds:Reference URI="#id-12">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> >>
> >> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
> >>
> >> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> >> </ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >>
> >> <ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue
> >>>
> >> </ds:Reference>
> >> </ds:SignedInfo>
> >>
> >> <ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3
> >> jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
> >>
> >> lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hh
> >> G8BmqFGHXcPiuuO+FIXr
> >>
> >> 93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLla
> >> UftqeybM6t0i2cTuNxf8nbCS
> >>
> >> gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp
> >> 09lp8XaI+NzwENvdBskb
> >>
> >> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
> >> </ds:SignatureValue>
> >> <ds:KeyInfo Id="KI-
> >> 9346053A98F2390F1A137460706920026">
> >> <wsse:SecurityTokenReference
> >> wsu:Id="STR-
> >> 9346053A98F2390F1A137460706920027">
> >> <wsse:Reference
> >> URI="#X509-9346053A98F2390F1A137460706920025"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> >> wss-x509-token-profile-1.0#X509v3" />
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> </ds:Signature>
> >> <wsu:Timestamp wsu:Id="TS-29">
> >> <wsu:Created>2013-07-
> >> 23T19:17:49.196Z</wsu:Created>
> >> <wsu:Expires>2013-07-
> >> 30T17:57:49.196Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <wsse:UsernameToken wsu:Id="UsernameToken-
> >> 28">
> >> <wsse:Username>abc</wsse:Username>
> >> <wsse:Password
> >> Type="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
> >> 1.0#PasswordText">defg</wsse:Password>
> >> </wsse:UsernameToken>
> >> </wsse:Security>
> >> <idp:IDP wsu:Id="id-8"
> >> xmlns:wsu="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> >> <ServiceUserMUID>12345</ServiceUserMUID>
> >> </idp:IDP>
> >> <ebs:EBS wsu:Id="id-7"
> >> xmlns:wsu="http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> >>
> >> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
> >> <AuditId>12345</AuditId>
> >> </ebs:EBS>
> >> </soapenv:Header>
> >> <soapenv:Body wsu:Id="id-12"
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
> >> 200401-wss-wssecurity-utility-1.0.xsd">
> >> <hcv:validate>
> >> <requests>
> >> <hcvRequest>
> >>
> >> <healthNumber>9876543217</healthNumber>
> >> <versionCode>AB</versionCode>
> >> </hcvRequest>
> >> </requests>
> >> </hcv:validate>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >>
> >> -----------------------
> >> Response (In either case):
> >>
> >> <soap:Envelope
> >> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> >> <soap:Body>
> >> <soap:Fault>
> >> <faultcode>soap:MustUnderstand</faultcode>
> >> <faultstring>MustUnderstand headers: [{http://docs.oasis-
> >> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
> >> 1.0.xsd}Security] are not understood.</faultstring>
> >> </soap:Fault>
> >> </soap:Body>
> >> </soap:Envelope>
> >>
> >>
> >>
> >> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com>
> wrote:
> >>
> >>> Hi,
> >>>
> >>> It seems that your service doesn't use the same WS-Policy as client,
> >> therefore appropriate interceptors are not activated on the service
> side.
> >>> Could you double check that?
> >>>
> >>> Exact request and response will be also useful for further analyse.
> >>>
> >>> Regards,
> >>> Andrei.
> >>>
> >>>> -----Original Message-----
> >>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >>>> Sent: Dienstag, 23. Juli 2013 21:35
> >>>> To: users@cxf.apache.org
> >>>> Subject: Eclipse, CXF and WS-SecurityPolicy
> >>>>
> >>>> I have a question regarding WS-SecurityPolicy and deploying a
> >>>> WSDL-first service via Eclipse.
> >>>>
> >>>> I created a project from a WSDL file (I didn't create it) with the
> >>>> intention of implementing the service that it describes. The WSDL
> >>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
> >>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
> >>>> sample request that includes all of those components in the
> >>>> WS-Security header I get a "must understand header is not understood"
> >>>> message, regarding the WS-Security header.
> >>>>
> >>>> I've read on the documentation of CXF that additional dependencies
> >>>> must be included in the classpath to have WS-SecurityPolicy work, but
> >>>> I've used Eclipse's deployment method and given it the entire CXF ZIP
> >>>> file as downloaded from the project website as the CXF Runtime. Is
> >>>> there anything that I'm missing? Or is there a better way for me to
> >>>> be working with CXF than to use Eclipse's automated tools?
> >>>>
> >>>> Thanks for any help.
> >>>> Jen
> >>>>
> >>>>
> >>>
> >
>
>
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Hi,
Thanks for your help.
The project path did not export the appropriate jars to the WEB-INF/lib directory when being built, so I added them to the deployment assembly step in eclipse. I added all the dependencies as well.
Unfortunately, I was still getting the same "mustunderstand headers are not understood" error message. But there's more. I'm also getting a strange message when Tomcat is deploying the application, from CXF:
Jul 26, 2013 1:23:24 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedSupportingTokens registered.
Jul 26, 2013 1:23:24 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}RequiredParts registered.
Jul 26, 2013 1:23:24 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl handleNoRegisteredBuilder
WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512}SignedParts registered.
I thought that was weird because in all the examples I've seen the sp namespace is http://schemas.xmlsoap.org/ws/2005/07/securitypolicy. So I made the change in the WSDL and I got the following message upon restarting the server:
Jul 26, 2013 1:25:16 PM org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyProvider getElementPolicy
WARNING: Failed to build the policy 'request-policy':{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}UsernameToken is not a <wsp:Policy> element.
The namespace for wsp is http://schemas.xmlsoap.org/ws/2004/09/policy, and I'm pretty sure that's correct. Although I feel like I'm pretty close, I'm lost at this point. Do you happen to have any further suggestions?
Thanks
Jen
On 2013-07-26, at 10:28 AM, Andrei Shakirin <as...@talend.com> wrote:
> Hi,
>
> "mustunderstand header is not understood" error is thrown by CXF MustUnderstandInterceptor.
> MustUnderstandInterceptor checks if must understand headers in SOAP message can be processed by at least one CXF interceptor in chain.
> For that CXF interceptors provide getUnderstoodHeaders() method to say which headers they are able to proceed.
>
> Security headers can be processed either by AbstractTokenInterceptor (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java, KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
> (extended by PolicyBasedWSS4JInInterceptor.java, WSS4JInInterceptor.java).
>
> In your case no any from these interceptors is in chain on the service side.
> That could happens because:
> a) service uses other ws-policy (or nor policy) that doesn't activate that interceptors
> b) service uses no ws-policy way and not configured with security interceptor
> c) appropriate CXF jars are not available: cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
>
> Can you please check how your service is configured?
>
> Regards,
> Andrei.
>
>
>> -----Original Message-----
>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> Sent: Mittwoch, 24. Juli 2013 17:43
>> To: users@cxf.apache.org
>> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>>
>> Hi,
>>
>> Thanks for the reply. That's what I was thinking. There may be an issue with
>> the WSDL file itself.
>>
>> My request matches the example provided by the author of the WSDL file,
>> but neither of them work. They both cause the same "mustunderstand
>> header is not understood" error.
>> Disabling the security policy allows the request to complete properly.
>>
>> CXF is configured to read the security policy from the WSDL file, and I know
>> that part is working because if I miss a required part (the timestamp, for
>> example) in the header, CXF complains that not all of the required parts have
>> been submitted. I guess this could be because of a signing issue, although I'm
>> not sure.
>>
>> My reasons for building the service are because while there is a WSDL
>> definition for the service, there's no way to access the service itself. I know
>> exactly how the service is supposed to react to various inputs so I'm trying to
>> build the same web service. It's for a health insurance card validation service
>> in Ontario, Canada, and the service is provided by the government.
>>
>> Thanks.
>> Jen
>>
>> ---------------------
>> HCValidationService.wsdl
>>
>> <?xml version="1.0" encoding="UTF-8"?><definitions
>> name="HCValidationService"
>> targetNamespace="http://hcv.health.ontario.ca/"
>> xmlns="http://schemas.xmlsoap.org/wsdl/"
>> xmlns:ebs="http://ebs.health.ontario.ca/"
>> xmlns:hcv="http://hcv.health.ontario.ca/"
>> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
>>
>> <types>
>> <xsd:schema>
>> <xsd:import
>> namespace="http://ebs.health.ontario.ca/"
>> schemaLocation="EBSFault_schema.xsd"/>
>> <xsd:import
>> namespace="http://hcv.health.ontario.ca/"
>> schemaLocation="HCValidationService_schema.xsd"/>
>> <xsd:import
>> namespace="http://ebs.health.ontario.ca/"
>> schemaLocation="EBS_schema.xsd"/>
>> <xsd:import
>> namespace="http://msa.ebs.health.ontario.ca/"
>> schemaLocation="MSA_schema.xsd"/>
>> <xsd:import
>> namespace="http://idp.ebs.health.ontario.ca/"
>> schemaLocation="IDP_schema.xsd"/>
>> </xsd:schema>
>> </types>
>>
>> <wsp:Policy wsu:Id="request-policy">
>> <wsp:ExactlyOne>
>> <wsp:All>
>> <wsp:All>
>> <sp:SignedSupportingTokens>
>> <sp:UsernameToken>
>> <wsp:Policy>
>> <wsp:All>
>>
>> <sp:NoPassword/>
>>
>> <sp:WssUsernameToken10/>
>> </wsp:All>
>> </wsp:Policy>
>> </sp:UsernameToken>
>> </sp:SignedSupportingTokens>
>> </wsp:All>
>> <wsp:ExactlyOne>
>> <wsp:All>
>> <sp:RequiredParts>
>> <sp:Header Name="EBS"
>> Namespace="http://ebs.health.ontario.ca/"/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header Name="MSA"
>> Namespace="http://msa.ebs.health.ontario.ca/"/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="SoftwareConformanceKey" Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header Name="AuditId"
>> Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="ServiceUserMUID" Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header Name="UserID"
>> Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="Timestamp" Namespace="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> </sp:RequiredParts>
>> </wsp:All>
>> </wsp:ExactlyOne>
>> <wsp:ExactlyOne>
>> <wsp:All>
>> <sp:SignedParts>
>> <sp:Header Name="EBS"
>> Namespace="http://ebs.health.ontario.ca/"/>
>> <sp:Header Name="MSA"
>> Namespace="http://msa.ebs.health.ontario.ca/"/>
>> <sp:Header
>> Name="Timestamp" Namespace="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> <sp:Header
>> Name="UsernameToken" Namespace="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>> <sp:Body/>
>> </sp:SignedParts>
>> </wsp:All>
>> </wsp:ExactlyOne>
>> </wsp:All>
>> <wsp:All>
>> <wsp:All>
>> <sp:SignedSupportingTokens>
>> <sp:UsernameToken>
>> <wsp:Policy>
>> <wsp:All>
>>
>> <sp:WssUsernameToken10/>
>> </wsp:All>
>> </wsp:Policy>
>> </sp:UsernameToken>
>> </sp:SignedSupportingTokens>
>> </wsp:All>
>> <wsp:ExactlyOne>
>> <wsp:All>
>> <sp:SignedParts>
>> <sp:Header Name="EBS"
>> Namespace="http://ebs.health.ontario.ca/"/>
>> <sp:Header Name="IDP"
>> Namespace="http://idp.ebs.health.ontario.ca/"/>
>> <sp:Header Name="Timestamp"
>> Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
>> wssecurity-utility-1.0.xsd"/>
>> <sp:Header
>> Name="UsernameToken" Namespace="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
>> <sp:Body/>
>> </sp:SignedParts>
>> </wsp:All>
>> </wsp:ExactlyOne>
>>
>> <wsp:ExactlyOne>
>> <wsp:All>
>> <sp:RequiredParts>
>> <sp:Header Name="EBS"
>> Namespace="http://ebs.health.ontario.ca/"/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header Name="IDP"
>> Namespace="http://idp.ebs.health.ontario.ca/"/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="SoftwareConformanceKey" Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header Name="AuditId"
>> Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="ServiceUserMUID" Namespace=""/>
>> </sp:RequiredParts>
>> <sp:RequiredParts>
>> <sp:Header
>> Name="Timestamp" Namespace="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
>> </sp:RequiredParts>
>> </wsp:All>
>> </wsp:ExactlyOne>
>> </wsp:All>
>> </wsp:ExactlyOne>
>> </wsp:Policy>
>>
>> <wsdl:message name="EBSHeader">
>> <wsdl:part element="ebs:EBS"
>> name="ebsrequest_header"/>
>> </wsdl:message>
>> <wsdl:message name="MSAHeader">
>> <wsdl:part element="msa:MSA"
>> name="msarequest_header"/>
>> </wsdl:message>
>> <wsdl:message name="IDPHeader">
>> <wsdl:part element="idp:IDP"
>> name="idprequest_header"/>
>> </wsdl:message>
>>
>> <message name="validate">
>> <wsdl:part element="hcv:validate" name="parameters"/>
>> </message>
>>
>> <message name="validateResponse">
>> <part element="hcv:validateResponse"
>> name="parameters"/>
>> </message>
>>
>> <message name="faultexception">
>> <part element="ebs:EBSFault" name="Fault"/>
>> </message>
>>
>> <portType name="HCValidation">
>> <operation name="validate">
>> <input message="hcv:validate"/>
>> <output message="hcv:validateResponse"/>
>> <fault message="hcv:faultexception"
>> name="FaultException"/>
>> </operation>
>> </portType>
>>
>> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
>> <soap:binding style="document"
>> transport="http://schemas.xmlsoap.org/soap/http"/>
>>
>> <operation name="validate">
>> <soap:operation soapAction=""/>
>> <input>
>> <wsp:PolicyReference URI="#request-policy"/>
>> <wsdlsoap:header
>> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
>> <wsdlsoap:header
>> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
>> <wsdlsoap:header
>> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
>> <wsdlsoap:body parts="parameters"
>> use="literal"/>
>> </input>
>> <output>
>> <soap:body use="literal"/>
>> </output>
>> <fault name="FaultException">
>> <soap:fault name="FaultException"
>> use="literal"/>
>> </fault>
>> </operation>
>> </binding>
>>
>> <service name="HCValidationService">
>> <port binding="hcv:HCValidationPortBinding"
>> name="HCValidationPort">
>> <soap:address
>> location="https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe
>> rvice"/>
>> </port>
>> </service>
>> </definitions>
>>
>> ---------------------
>> Sample Request (provided by author of WSDL)
>>
>> <soapenv:Envelope xmlns:soap-
>> sec="http://schemas.xmlsoap.org/security/2000-12"
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> wss-wssecurity-secext-1.0.xsd"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
>> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xs="http://www.w3.org/2001/XMLSchema"
>> xmlns:tns="http://hcv.health.ontario.ca/"
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> wss-wssecurity-utility-1.0.xsd"
>> xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03"
>> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header>
>> <ns2:EBS wsu:Id="id-1"
>> xmlns:ns2="http://ebs.health.ontario.ca/">
>> <SoftwareConformanceKey>444561ee-277f-77b2-
>> c664-7a9923jfgh1b
>> </SoftwareConformanceKey>
>> <AuditId>73b7051e-6126-4b41-9ae0-
>> 21b707ca8a53</AuditId>
>> </ns2:EBS>
>> <ns2:IDP wsu:Id="id-2"
>> xmlns:ns2="http://idp.ebs.health.ontario.ca/">
>> <ServiceUserMUID>4523394</ServiceUserMUID>
>> </ns2:IDP>
>> <wsse:Security SOAP-ENV:mustUnderstand="1">
>> <wsu:Timestamp wsu:Id="id-3">
>> <wsu:Created>2012-06-
>> 20T17:58:42.580Z</wsu:Created>
>> <wsu:Expires>2012-06-
>> 20T17:59:12.580Z</wsu:Expires>
>> </wsu:Timestamp>
>> <wsse:UsernameToken wsu:Id="id-4">
>>
>>
>> <wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
>> <wsse:Password
>> Type="wsse:PasswordText">Password</wsse:Password>
>> </wsse:UsernameToken>
>> <wsse:BinarySecurityToken
>> EncodingType="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>> 1.0#Base64Binary"
>> ValueType="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> wsu:Id="X509-
>> 02F859690D5C74E20913402151228211">
>>
>> MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQsw
>> CQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
>>
>> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw
>> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDA
>> wNTJaM
>>
>> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwY
>> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAM
>> TDj
>>
>> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi
>> QKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
>>
>> fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCo
>> EQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
>>
>> jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJ
>> Ma4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
>>
>> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8F
>> PcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
>> </wsse:BinarySecurityToken>
>> <ds:Signature Id="SIG-6"
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> <ec:InclusiveNamespaces
>> PrefixList="SOAP-
>> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:CanonicalizationMethod>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> <ds:Reference URI="#id-1">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces
>>
>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>> wsu xs xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>
>> <ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9c
>> Hs=
>> </ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-2">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces
>>
>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
>> wsu xs xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>
>> <ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PE
>> Oz3E=
>> </ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-3">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces
>>
>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs
>> xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>
>> <ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQM
>> GGE=
>> </ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-4">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces
>>
>> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
>> xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>>
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>
>> <ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWc
>> Gjo=
>> </ds:DigestValue>
>> </ds:Reference>
>> <ds:Reference URI="#id-5">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces
>>
>> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>>
>> <ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl
>> 9Y=
>> </ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>> <ds:SignatureValue>
>>
>> Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fg
>> X/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
>>
>> zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4Y
>> LaD+S/j3QKc=
>> </ds:SignatureValue>
>> <ds:KeyInfo Id="KI-
>> 02F859690D5C74E20913402151228312">
>> <wsse:SecurityTokenReference
>> wsu:Id="STR-02F859690D5C74E20913402151228413">
>> <wsse:Reference
>> URI="#X509-02F859690D5C74E20913402151228211"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> wss-x509-token-profile-1.0#X509v3" />
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body wsu:Id="id-5">
>> <ns5:validate xmlns:ns4="http://msa.ebs.health.ontario.ca/"
>> xmlns:ns3="http://idp.ebs.health.ontario.ca/"
>> xmlns:ns2="http://ebs.health.ontario.ca/"
>> xmlns:ns5="http://hcv.health.ontario.ca/">
>> <requests>
>> <hcvRequest>
>>
>> <healthNumber>2222211122</healthNumber>
>> <versionCode>WW</versionCode>
>> </hcvRequest>
>> </requests>
>> <locale>en</locale>
>> </ns5:validate>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> -------------------
>> Sample Request (Built via SoapUI)
>>
>> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
>> xmlns:hcv="http://hcv.health.ontario.ca/"
>> xmlns:idp="http://idp.ebs.health.ontario.ca/"
>> xmlns:msa="http://msa.ebs.health.ontario.ca/"
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header>
>> <wsse:Security soapenv:mustUnderstand="1"
>> xmlns:wsse="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> xmlns:wsu="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>> <wsse:BinarySecurityToken
>> EncodingType="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
>> 1.0#Base64Binary"
>> ValueType="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>> wsu:Id="X509-
>> 9346053A98F2390F1A137460706920025">
>>
>> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQ
>> QGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
>>
>> A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgN
>> VBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
>>
>> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbk
>> BpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
>>
>> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQ
>> MA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
>>
>> b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb
>> 3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
>>
>> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
>> QEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
>>
>> GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
>> WPPVMKpermHxniN+kqjWiGDm10xVMph
>>
>> XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKEx
>> vGArojkyveOewWkvKMobLB3d6gtrPJ
>>
>> tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT
>> 1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
>>
>> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQA
>> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
>>
>> ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
>> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
>>
>> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFIt
>> OM0XL3xwzblWi++B
>> </wsse:BinarySecurityToken>
>> <ds:Signature Id="SIG-30"
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>> <ec:InclusiveNamespaces
>> PrefixList="ebs hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:CanonicalizationMethod>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
>> <ds:Reference URI="#id-7">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestVal
>> ue>
>> </ds:Reference>
>> <ds:Reference URI="#id-8">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestVal
>> ue>
>> </ds:Reference>
>> <ds:Reference URI="#TS-29">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestVal
>> ue>
>> </ds:Reference>
>> <ds:Reference
>> URI="#UsernameToken-28">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValu
>> e>
>> </ds:Reference>
>> <ds:Reference URI="#id-12">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>>
>> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>>
>> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>> </ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>>
>> <ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue
>>>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3
>> jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
>>
>> lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hh
>> G8BmqFGHXcPiuuO+FIXr
>>
>> 93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLla
>> UftqeybM6t0i2cTuNxf8nbCS
>>
>> gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp
>> 09lp8XaI+NzwENvdBskb
>>
>> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
>> </ds:SignatureValue>
>> <ds:KeyInfo Id="KI-
>> 9346053A98F2390F1A137460706920026">
>> <wsse:SecurityTokenReference
>> wsu:Id="STR-
>> 9346053A98F2390F1A137460706920027">
>> <wsse:Reference
>> URI="#X509-9346053A98F2390F1A137460706920025"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
>> wss-x509-token-profile-1.0#X509v3" />
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> <wsu:Timestamp wsu:Id="TS-29">
>> <wsu:Created>2013-07-
>> 23T19:17:49.196Z</wsu:Created>
>> <wsu:Expires>2013-07-
>> 30T17:57:49.196Z</wsu:Expires>
>> </wsu:Timestamp>
>> <wsse:UsernameToken wsu:Id="UsernameToken-
>> 28">
>> <wsse:Username>abc</wsse:Username>
>> <wsse:Password
>> Type="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
>> 1.0#PasswordText">defg</wsse:Password>
>> </wsse:UsernameToken>
>> </wsse:Security>
>> <idp:IDP wsu:Id="id-8"
>> xmlns:wsu="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>> <ServiceUserMUID>12345</ServiceUserMUID>
>> </idp:IDP>
>> <ebs:EBS wsu:Id="id-7"
>> xmlns:wsu="http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>
>> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
>> <AuditId>12345</AuditId>
>> </ebs:EBS>
>> </soapenv:Header>
>> <soapenv:Body wsu:Id="id-12"
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
>> 200401-wss-wssecurity-utility-1.0.xsd">
>> <hcv:validate>
>> <requests>
>> <hcvRequest>
>>
>> <healthNumber>9876543217</healthNumber>
>> <versionCode>AB</versionCode>
>> </hcvRequest>
>> </requests>
>> </hcv:validate>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>> -----------------------
>> Response (In either case):
>>
>> <soap:Envelope
>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>> <soap:Body>
>> <soap:Fault>
>> <faultcode>soap:MustUnderstand</faultcode>
>> <faultstring>MustUnderstand headers: [{http://docs.oasis-
>> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
>> 1.0.xsd}Security] are not understood.</faultstring>
>> </soap:Fault>
>> </soap:Body>
>> </soap:Envelope>
>>
>>
>>
>> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com> wrote:
>>
>>> Hi,
>>>
>>> It seems that your service doesn't use the same WS-Policy as client,
>> therefore appropriate interceptors are not activated on the service side.
>>> Could you double check that?
>>>
>>> Exact request and response will be also useful for further analyse.
>>>
>>> Regards,
>>> Andrei.
>>>
>>>> -----Original Message-----
>>>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>>>> Sent: Dienstag, 23. Juli 2013 21:35
>>>> To: users@cxf.apache.org
>>>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>>>
>>>> I have a question regarding WS-SecurityPolicy and deploying a
>>>> WSDL-first service via Eclipse.
>>>>
>>>> I created a project from a WSDL file (I didn't create it) with the
>>>> intention of implementing the service that it describes. The WSDL
>>>> file describes a WS- SecurityPolicy that includes a UsernameToken,
>>>> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
>>>> sample request that includes all of those components in the
>>>> WS-Security header I get a "must understand header is not understood"
>>>> message, regarding the WS-Security header.
>>>>
>>>> I've read on the documentation of CXF that additional dependencies
>>>> must be included in the classpath to have WS-SecurityPolicy work, but
>>>> I've used Eclipse's deployment method and given it the entire CXF ZIP
>>>> file as downloaded from the project website as the CXF Runtime. Is
>>>> there anything that I'm missing? Or is there a better way for me to
>>>> be working with CXF than to use Eclipse's automated tools?
>>>>
>>>> Thanks for any help.
>>>> Jen
>>>>
>>>>
>>>
>
RE: Eclipse, CXF and WS-SecurityPolicy
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
"mustunderstand header is not understood" error is thrown by CXF MustUnderstandInterceptor.
MustUnderstandInterceptor checks if must understand headers in SOAP message can be processed by at least one CXF interceptor in chain.
For that CXF interceptors provide getUnderstoodHeaders() method to say which headers they are able to proceed.
Security headers can be processed either by AbstractTokenInterceptor (extended by UsernameTokenInterceptor, SamlTokenInterceptor.java, KerberosTokenInterceptor.java) or AbstractWSS4JInterceptor.java
(extended by PolicyBasedWSS4JInInterceptor.java, WSS4JInInterceptor.java).
In your case no any from these interceptors is in chain on the service side.
That could happens because:
a) service uses other ws-policy (or nor policy) that doesn't activate that interceptors
b) service uses no ws-policy way and not configured with security interceptor
c) appropriate CXF jars are not available: cxf-rt-ws-security-x.x.x.jar, cxf-rt-ws-policy-x.x.x.jar.
Can you please check how your service is configured?
Regards,
Andrei.
> -----Original Message-----
> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> Sent: Mittwoch, 24. Juli 2013 17:43
> To: users@cxf.apache.org
> Subject: Re: Eclipse, CXF and WS-SecurityPolicy
>
> Hi,
>
> Thanks for the reply. That's what I was thinking. There may be an issue with
> the WSDL file itself.
>
> My request matches the example provided by the author of the WSDL file,
> but neither of them work. They both cause the same "mustunderstand
> header is not understood" error.
> Disabling the security policy allows the request to complete properly.
>
> CXF is configured to read the security policy from the WSDL file, and I know
> that part is working because if I miss a required part (the timestamp, for
> example) in the header, CXF complains that not all of the required parts have
> been submitted. I guess this could be because of a signing issue, although I'm
> not sure.
>
> My reasons for building the service are because while there is a WSDL
> definition for the service, there's no way to access the service itself. I know
> exactly how the service is supposed to react to various inputs so I'm trying to
> build the same web service. It's for a health insurance card validation service
> in Ontario, Canada, and the service is provided by the government.
>
> Thanks.
> Jen
>
> ---------------------
> HCValidationService.wsdl
>
> <?xml version="1.0" encoding="UTF-8"?><definitions
> name="HCValidationService"
> targetNamespace="http://hcv.health.ontario.ca/"
> xmlns="http://schemas.xmlsoap.org/wsdl/"
> xmlns:ebs="http://ebs.health.ontario.ca/"
> xmlns:hcv="http://hcv.health.ontario.ca/"
> xmlns:idp="http://idp.ebs.health.ontario.ca/"
> xmlns:msa="http://msa.ebs.health.ontario.ca/"
> xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512"
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
> xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
>
> <types>
> <xsd:schema>
> <xsd:import
> namespace="http://ebs.health.ontario.ca/"
> schemaLocation="EBSFault_schema.xsd"/>
> <xsd:import
> namespace="http://hcv.health.ontario.ca/"
> schemaLocation="HCValidationService_schema.xsd"/>
> <xsd:import
> namespace="http://ebs.health.ontario.ca/"
> schemaLocation="EBS_schema.xsd"/>
> <xsd:import
> namespace="http://msa.ebs.health.ontario.ca/"
> schemaLocation="MSA_schema.xsd"/>
> <xsd:import
> namespace="http://idp.ebs.health.ontario.ca/"
> schemaLocation="IDP_schema.xsd"/>
> </xsd:schema>
> </types>
>
> <wsp:Policy wsu:Id="request-policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <wsp:All>
> <sp:SignedSupportingTokens>
> <sp:UsernameToken>
> <wsp:Policy>
> <wsp:All>
>
> <sp:NoPassword/>
>
> <sp:WssUsernameToken10/>
> </wsp:All>
> </wsp:Policy>
> </sp:UsernameToken>
> </sp:SignedSupportingTokens>
> </wsp:All>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:RequiredParts>
> <sp:Header Name="EBS"
> Namespace="http://ebs.health.ontario.ca/"/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header Name="MSA"
> Namespace="http://msa.ebs.health.ontario.ca/"/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="SoftwareConformanceKey" Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header Name="AuditId"
> Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="ServiceUserMUID" Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header Name="UserID"
> Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="Timestamp" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> </sp:RequiredParts>
> </wsp:All>
> </wsp:ExactlyOne>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts>
> <sp:Header Name="EBS"
> Namespace="http://ebs.health.ontario.ca/"/>
> <sp:Header Name="MSA"
> Namespace="http://msa.ebs.health.ontario.ca/"/>
> <sp:Header
> Name="Timestamp" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> <sp:Header
> Name="UsernameToken" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> <sp:Body/>
> </sp:SignedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:All>
> <wsp:All>
> <wsp:All>
> <sp:SignedSupportingTokens>
> <sp:UsernameToken>
> <wsp:Policy>
> <wsp:All>
>
> <sp:WssUsernameToken10/>
> </wsp:All>
> </wsp:Policy>
> </sp:UsernameToken>
> </sp:SignedSupportingTokens>
> </wsp:All>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SignedParts>
> <sp:Header Name="EBS"
> Namespace="http://ebs.health.ontario.ca/"/>
> <sp:Header Name="IDP"
> Namespace="http://idp.ebs.health.ontario.ca/"/>
> <sp:Header Name="Timestamp"
> Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
> wssecurity-utility-1.0.xsd"/>
> <sp:Header
> Name="UsernameToken" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> <sp:Body/>
> </sp:SignedParts>
> </wsp:All>
> </wsp:ExactlyOne>
>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:RequiredParts>
> <sp:Header Name="EBS"
> Namespace="http://ebs.health.ontario.ca/"/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header Name="IDP"
> Namespace="http://idp.ebs.health.ontario.ca/"/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="SoftwareConformanceKey" Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header Name="AuditId"
> Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="ServiceUserMUID" Namespace=""/>
> </sp:RequiredParts>
> <sp:RequiredParts>
> <sp:Header
> Name="Timestamp" Namespace="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
> </sp:RequiredParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
> <wsdl:message name="EBSHeader">
> <wsdl:part element="ebs:EBS"
> name="ebsrequest_header"/>
> </wsdl:message>
> <wsdl:message name="MSAHeader">
> <wsdl:part element="msa:MSA"
> name="msarequest_header"/>
> </wsdl:message>
> <wsdl:message name="IDPHeader">
> <wsdl:part element="idp:IDP"
> name="idprequest_header"/>
> </wsdl:message>
>
> <message name="validate">
> <wsdl:part element="hcv:validate" name="parameters"/>
> </message>
>
> <message name="validateResponse">
> <part element="hcv:validateResponse"
> name="parameters"/>
> </message>
>
> <message name="faultexception">
> <part element="ebs:EBSFault" name="Fault"/>
> </message>
>
> <portType name="HCValidation">
> <operation name="validate">
> <input message="hcv:validate"/>
> <output message="hcv:validateResponse"/>
> <fault message="hcv:faultexception"
> name="FaultException"/>
> </operation>
> </portType>
>
> <binding name="HCValidationPortBinding" type="hcv:HCValidation">
> <soap:binding style="document"
> transport="http://schemas.xmlsoap.org/soap/http"/>
>
> <operation name="validate">
> <soap:operation soapAction=""/>
> <input>
> <wsp:PolicyReference URI="#request-policy"/>
> <wsdlsoap:header
> message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
> <wsdlsoap:header
> message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
> <wsdlsoap:header
> message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
> <wsdlsoap:body parts="parameters"
> use="literal"/>
> </input>
> <output>
> <soap:body use="literal"/>
> </output>
> <fault name="FaultException">
> <soap:fault name="FaultException"
> use="literal"/>
> </fault>
> </operation>
> </binding>
>
> <service name="HCValidationService">
> <port binding="hcv:HCValidationPortBinding"
> name="HCValidationPort">
> <soap:address
> location="https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationSe
> rvice"/>
> </port>
> </service>
> </definitions>
>
> ---------------------
> Sample Request (provided by author of WSDL)
>
> <soapenv:Envelope xmlns:soap-
> sec="http://schemas.xmlsoap.org/security/2000-12"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-wssecurity-secext-1.0.xsd"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
> xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xs="http://www.w3.org/2001/XMLSchema"
> xmlns:tns="http://hcv.health.ontario.ca/"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-wssecurity-utility-1.0.xsd"
> xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03"
> xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <ns2:EBS wsu:Id="id-1"
> xmlns:ns2="http://ebs.health.ontario.ca/">
> <SoftwareConformanceKey>444561ee-277f-77b2-
> c664-7a9923jfgh1b
> </SoftwareConformanceKey>
> <AuditId>73b7051e-6126-4b41-9ae0-
> 21b707ca8a53</AuditId>
> </ns2:EBS>
> <ns2:IDP wsu:Id="id-2"
> xmlns:ns2="http://idp.ebs.health.ontario.ca/">
> <ServiceUserMUID>4523394</ServiceUserMUID>
> </ns2:IDP>
> <wsse:Security SOAP-ENV:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="id-3">
> <wsu:Created>2012-06-
> 20T17:58:42.580Z</wsu:Created>
> <wsu:Expires>2012-06-
> 20T17:59:12.580Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken wsu:Id="id-4">
>
>
> <wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
> <wsse:Password
> Type="wsse:PasswordText">Password</wsse:Password>
> </wsse:UsernameToken>
> <wsse:BinarySecurityToken
> EncodingType="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
> 1.0#Base64Binary"
> ValueType="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> wsu:Id="X509-
> 02F859690D5C74E20913402151228211">
>
> MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQsw
> CQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
>
> UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw
> 4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDA
> wNTJaM
>
> F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwY
> DVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAM
> TDj
>
> E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi
> QKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
>
> fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCo
> EQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
>
> jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJ
> Ma4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
>
> c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8F
> PcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
> </wsse:BinarySecurityToken>
> <ds:Signature Id="SIG-6"
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
>
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces
> PrefixList="SOAP-
> ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:CanonicalizationMethod>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#id-1">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces
>
> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
> wsu xs xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>
> <ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9c
> Hs=
> </ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-2">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces
>
> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse
> wsu xs xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>
> <ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PE
> Oz3E=
> </ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-3">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces
>
> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs
> xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>
> <ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQM
> GGE=
> </ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-4">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces
>
> PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs
> xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
>
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>
> <ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWc
> Gjo=
> </ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#id-5">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces
>
> PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
>
> <ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl
> 9Y=
> </ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
>
> Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fg
> X/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
>
> zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4Y
> LaD+S/j3QKc=
> </ds:SignatureValue>
> <ds:KeyInfo Id="KI-
> 02F859690D5C74E20913402151228312">
> <wsse:SecurityTokenReference
> wsu:Id="STR-02F859690D5C74E20913402151228413">
> <wsse:Reference
> URI="#X509-02F859690D5C74E20913402151228211"
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-x509-token-profile-1.0#X509v3" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body wsu:Id="id-5">
> <ns5:validate xmlns:ns4="http://msa.ebs.health.ontario.ca/"
> xmlns:ns3="http://idp.ebs.health.ontario.ca/"
> xmlns:ns2="http://ebs.health.ontario.ca/"
> xmlns:ns5="http://hcv.health.ontario.ca/">
> <requests>
> <hcvRequest>
>
> <healthNumber>2222211122</healthNumber>
> <versionCode>WW</versionCode>
> </hcvRequest>
> </requests>
> <locale>en</locale>
> </ns5:validate>
> </soapenv:Body>
> </soapenv:Envelope>
>
> -------------------
> Sample Request (Built via SoapUI)
>
> <soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
> xmlns:hcv="http://hcv.health.ontario.ca/"
> xmlns:idp="http://idp.ebs.health.ontario.ca/"
> xmlns:msa="http://msa.ebs.health.ontario.ca/"
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
> xmlns:wsse="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <wsse:BinarySecurityToken
> EncodingType="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-soap-message-security-
> 1.0#Base64Binary"
> ValueType="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> wsu:Id="X509-
> 9346053A98F2390F1A137460706920025">
>
> MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQ
> QGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
>
> A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgN
> VBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
>
> bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbk
> BpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
>
> NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQ
> MA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
>
> b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb
> 3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
>
> QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCA
> QEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
>
> GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcK
> WPPVMKpermHxniN+kqjWiGDm10xVMph
>
> XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKEx
> vGArojkyveOewWkvKMobLB3d6gtrPJ
>
> tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT
> 1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
>
> 4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQA
> BMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
>
> ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf
> 3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
>
> 4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFIt
> OM0XL3xwzblWi++B
> </wsse:BinarySecurityToken>
> <ds:Signature Id="SIG-30"
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
>
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
> <ec:InclusiveNamespaces
> PrefixList="ebs hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:CanonicalizationMethod>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#id-7">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestVal
> ue>
> </ds:Reference>
> <ds:Reference URI="#id-8">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestVal
> ue>
> </ds:Reference>
> <ds:Reference URI="#TS-29">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestVal
> ue>
> </ds:Reference>
> <ds:Reference
> URI="#UsernameToken-28">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValu
> e>
> </ds:Reference>
> <ds:Reference URI="#id-12">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
>
> <ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
>
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue
> >
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3
> jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
>
> lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hh
> G8BmqFGHXcPiuuO+FIXr
>
> 93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLla
> UftqeybM6t0i2cTuNxf8nbCS
>
> gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp
> 09lp8XaI+NzwENvdBskb
>
> ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
> </ds:SignatureValue>
> <ds:KeyInfo Id="KI-
> 9346053A98F2390F1A137460706920026">
> <wsse:SecurityTokenReference
> wsu:Id="STR-
> 9346053A98F2390F1A137460706920027">
> <wsse:Reference
> URI="#X509-9346053A98F2390F1A137460706920025"
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> wss-x509-token-profile-1.0#X509v3" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> <wsu:Timestamp wsu:Id="TS-29">
> <wsu:Created>2013-07-
> 23T19:17:49.196Z</wsu:Created>
> <wsu:Expires>2013-07-
> 30T17:57:49.196Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken wsu:Id="UsernameToken-
> 28">
> <wsse:Username>abc</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
> 1.0#PasswordText">defg</wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> <idp:IDP wsu:Id="id-8"
> xmlns:wsu="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <ServiceUserMUID>12345</ServiceUserMUID>
> </idp:IDP>
> <ebs:EBS wsu:Id="id-7"
> xmlns:wsu="http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>
> <SoftwareConformanceKey>12345</SoftwareConformanceKey>
> <AuditId>12345</AuditId>
> </ebs:EBS>
> </soapenv:Header>
> <soapenv:Body wsu:Id="id-12"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-
> 200401-wss-wssecurity-utility-1.0.xsd">
> <hcv:validate>
> <requests>
> <hcvRequest>
>
> <healthNumber>9876543217</healthNumber>
> <versionCode>AB</versionCode>
> </hcvRequest>
> </requests>
> </hcv:validate>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
> -----------------------
> Response (In either case):
>
> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> <soap:Body>
> <soap:Fault>
> <faultcode>soap:MustUnderstand</faultcode>
> <faultstring>MustUnderstand headers: [{http://docs.oasis-
> open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
> 1.0.xsd}Security] are not understood.</faultstring>
> </soap:Fault>
> </soap:Body>
> </soap:Envelope>
>
>
>
> On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com> wrote:
>
> > Hi,
> >
> > It seems that your service doesn't use the same WS-Policy as client,
> therefore appropriate interceptors are not activated on the service side.
> > Could you double check that?
> >
> > Exact request and response will be also useful for further analyse.
> >
> > Regards,
> > Andrei.
> >
> >> -----Original Message-----
> >> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> >> Sent: Dienstag, 23. Juli 2013 21:35
> >> To: users@cxf.apache.org
> >> Subject: Eclipse, CXF and WS-SecurityPolicy
> >>
> >> I have a question regarding WS-SecurityPolicy and deploying a
> >> WSDL-first service via Eclipse.
> >>
> >> I created a project from a WSDL file (I didn't create it) with the
> >> intention of implementing the service that it describes. The WSDL
> >> file describes a WS- SecurityPolicy that includes a UsernameToken,
> >> Timestamp, BinarySecurityToken, and a Signature. Every time I run a
> >> sample request that includes all of those components in the
> >> WS-Security header I get a "must understand header is not understood"
> >> message, regarding the WS-Security header.
> >>
> >> I've read on the documentation of CXF that additional dependencies
> >> must be included in the classpath to have WS-SecurityPolicy work, but
> >> I've used Eclipse's deployment method and given it the entire CXF ZIP
> >> file as downloaded from the project website as the CXF Runtime. Is
> >> there anything that I'm missing? Or is there a better way for me to
> >> be working with CXF than to use Eclipse's automated tools?
> >>
> >> Thanks for any help.
> >> Jen
> >>
> >>
> >
Re: Eclipse, CXF and WS-SecurityPolicy
Posted by Jennifer Ruttan <je...@indivica.com>.
Hi,
Thanks for the reply. That's what I was thinking. There may be an issue with the WSDL file itself.
My request matches the example provided by the author of the WSDL file, but neither of them work. They both cause the same "mustunderstand header is not understood" error.
Disabling the security policy allows the request to complete properly.
CXF is configured to read the security policy from the WSDL file, and I know that part is working because if I miss a required part (the timestamp, for example) in the header, CXF complains that not all of the required parts have been submitted. I guess this could be because of a signing issue, although I'm not sure.
My reasons for building the service are because while there is a WSDL definition for the service, there's no way to access the service itself. I know exactly how the service is supposed to react to various inputs so I'm trying to build the same web service. It's for a health insurance card validation service in Ontario, Canada, and the service is provided by the government.
Thanks.
Jen
---------------------
HCValidationService.wsdl
<?xml version="1.0" encoding="UTF-8"?><definitions name="HCValidationService" targetNamespace="http://hcv.health.ontario.ca/" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:ebs="http://ebs.health.ontario.ca/" xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="http://idp.ebs.health.ontario.ca/" xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<types>
<xsd:schema>
<xsd:import namespace="http://ebs.health.ontario.ca/" schemaLocation="EBSFault_schema.xsd"/>
<xsd:import namespace="http://hcv.health.ontario.ca/" schemaLocation="HCValidationService_schema.xsd"/>
<xsd:import namespace="http://ebs.health.ontario.ca/" schemaLocation="EBS_schema.xsd"/>
<xsd:import namespace="http://msa.ebs.health.ontario.ca/" schemaLocation="MSA_schema.xsd"/>
<xsd:import namespace="http://idp.ebs.health.ontario.ca/" schemaLocation="IDP_schema.xsd"/>
</xsd:schema>
</types>
<wsp:Policy wsu:Id="request-policy">
<wsp:ExactlyOne>
<wsp:All>
<wsp:All>
<sp:SignedSupportingTokens>
<sp:UsernameToken>
<wsp:Policy>
<wsp:All>
<sp:NoPassword/>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:Policy>
</sp:UsernameToken>
</sp:SignedSupportingTokens>
</wsp:All>
<wsp:ExactlyOne>
<wsp:All>
<sp:RequiredParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/"/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="MSA" Namespace="http://msa.ebs.health.ontario.ca/"/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="SoftwareConformanceKey" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="AuditId" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="ServiceUserMUID" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="UserID" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="Timestamp" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
</sp:RequiredParts>
</wsp:All>
</wsp:ExactlyOne>
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/"/>
<sp:Header Name="MSA" Namespace="http://msa.ebs.health.ontario.ca/"/>
<sp:Header Name="Timestamp" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
<sp:Header Name="UsernameToken" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:All>
<wsp:All>
<wsp:All>
<sp:SignedSupportingTokens>
<sp:UsernameToken>
<wsp:Policy>
<wsp:All>
<sp:WssUsernameToken10/>
</wsp:All>
</wsp:Policy>
</sp:UsernameToken>
</sp:SignedSupportingTokens>
</wsp:All>
<wsp:ExactlyOne>
<wsp:All>
<sp:SignedParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/"/>
<sp:Header Name="IDP" Namespace="http://idp.ebs.health.ontario.ca/"/>
<sp:Header Name="Timestamp" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
<sp:Header Name="UsernameToken" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
<wsp:ExactlyOne>
<wsp:All>
<sp:RequiredParts>
<sp:Header Name="EBS" Namespace="http://ebs.health.ontario.ca/"/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="IDP" Namespace="http://idp.ebs.health.ontario.ca/"/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="SoftwareConformanceKey" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="AuditId" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="ServiceUserMUID" Namespace=""/>
</sp:RequiredParts>
<sp:RequiredParts>
<sp:Header Name="Timestamp" Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
</sp:RequiredParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:message name="EBSHeader">
<wsdl:part element="ebs:EBS" name="ebsrequest_header"/>
</wsdl:message>
<wsdl:message name="MSAHeader">
<wsdl:part element="msa:MSA" name="msarequest_header"/>
</wsdl:message>
<wsdl:message name="IDPHeader">
<wsdl:part element="idp:IDP" name="idprequest_header"/>
</wsdl:message>
<message name="validate">
<wsdl:part element="hcv:validate" name="parameters"/>
</message>
<message name="validateResponse">
<part element="hcv:validateResponse" name="parameters"/>
</message>
<message name="faultexception">
<part element="ebs:EBSFault" name="Fault"/>
</message>
<portType name="HCValidation">
<operation name="validate">
<input message="hcv:validate"/>
<output message="hcv:validateResponse"/>
<fault message="hcv:faultexception" name="FaultException"/>
</operation>
</portType>
<binding name="HCValidationPortBinding" type="hcv:HCValidation">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="validate">
<soap:operation soapAction=""/>
<input>
<wsp:PolicyReference URI="#request-policy"/>
<wsdlsoap:header message="hcv:EBSHeader" part="ebsrequest_header" use="literal"/>
<wsdlsoap:header message="hcv:MSAHeader" part="msarequest_header" use="literal"/>
<wsdlsoap:header message="hcv:IDPHeader" part="idprequest_header" use="literal"/>
<wsdlsoap:body parts="parameters" use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
<fault name="FaultException">
<soap:fault name="FaultException" use="literal"/>
</fault>
</operation>
</binding>
<service name="HCValidationService">
<port binding="hcv:HCValidationPortBinding" name="HCValidationPort">
<soap:address location="https://ws.ebs.health.gov.on.ca:1440/HCVService/HCValidationService"/>
</port>
</service>
</definitions>
---------------------
Sample Request (provided by author of WSDL)
<soapenv:Envelope xmlns:soap-sec="http://schemas.xmlsoap.org/security/2000-12"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="http://hcv.health.ontario.ca/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:ebs="http://ebs.health.ontario.ca/security/2012-03" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<ns2:EBS wsu:Id="id-1" xmlns:ns2="http://ebs.health.ontario.ca/">
<SoftwareConformanceKey>444561ee-277f-77b2-c664-7a9923jfgh1b
</SoftwareConformanceKey>
<AuditId>73b7051e-6126-4b41-9ae0-21b707ca8a53</AuditId>
</ns2:EBS>
<ns2:IDP wsu:Id="id-2" xmlns:ns2="http://idp.ebs.health.ontario.ca/">
<ServiceUserMUID>4523394</ServiceUserMUID>
</ns2:IDP>
<wsse:Security SOAP-ENV:mustUnderstand="1">
<wsu:Timestamp wsu:Id="id-3">
<wsu:Created>2012-06-20T17:58:42.580Z</wsu:Created>
<wsu:Expires>2012-06-20T17:59:12.580Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="id-4">
<wsse:Username>JOHNDOE@YAHOO.CA</wsse:Username>
<wsse:Password Type="wsse:PasswordText">Password</wsse:Password>
</wsse:UsernameToken>
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="X509-02F859690D5C74E20913402151228211">
MIICMzCCAZygAwIBAgIET1e+dDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzENMAsGA1UEChMET0hJ
UDEVMBMGA1UECxMMUmVnaXN0cmF0aW9uMRcwFQYDVQQDEw4xNDIuMTQ1LjcwLjE3NzAeFw0xMjAzMDcyMDAwNTJaFw0xMzAzMDcyMDAwNTJaM
F4xCzAJBgNVBAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMQ0wCwYDVQQKEwRPSElQMRUwEwYDVQQLEwxSZWdpc3RyYXRpb24xFzAVBgNVBAMTDj
E0Mi4xNDUuNzAuMTc3MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCs/JIP6CE5IkfTnD/c56K+QAYqETdLvW1xXJ6ipkVhjjC2ASKuuH4
fvhbyxo2B4VugsL9r4E5jHEKoi+GDKOLlLZRfSy0cB8IcpXonAuGqMzhCoEQ1CdxNb9etMyvQGRKEBgniKKxTvpTyZdpYDi92up5E+FYL3jEe
jhp+1iDFJQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAHn8VZS169BJMa4E6SNLnY7u80zSh90mbrTUWjM1dEicv3jQMMsrWHfoCt+nRSqfNLUTL
c8U0LqiB3jnnNJgJt1T7Sp8eUZPdH0gY3i83ZXA8HDFKMZF3qL8I8ncu8FPcZGYBNhYrGjXXsuqXimiTIjxgm06ErRa/51szOFFxWrB
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-6" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#id-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>gpejbitTQxuMOhUirdbGNtHjsGhAArhAp3ByFuG9cHs=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse wsu xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>ZWKvgN+eB0NFmQHPGYN5RoSZzbuboqKLzLcV6PEOz3E=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsse xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>1AvUG2EE6+bgpJBe1TB4teUkKD4lRsw69BozDFQMGGE=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec soapenv sp tns wsdl wsp wsu xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>Lw6C0//TpU0uuta+9pjDPfD0aOokdgbVOEM9eaWcGjo=
</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-5">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
PrefixList="SOAP-ENV ebs soap-sec sp tns wsdl wsp wsse wsu xs xsi"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>lGKOfXxmbsLds9+tD4eaCObTCdGNXDF/PY9LjDUPl9Y=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
Yn5iRnjs/T2+nNgW8pArIgqc445RwL2wYPHZaydVJk0oUXV5B4nzU4fgX/sQTcY0O5vuReP8th4QZoGG6tSnxuBfqiDd2rkRZDrdgotJT++W
zhMLdt1J0Kah0aZVCWabQrxeGY2N3QDuMWr5PSlm1RWbkA3W5B4YLaD+S/j3QKc=
</ds:SignatureValue>
<ds:KeyInfo Id="KI-02F859690D5C74E20913402151228312">
<wsse:SecurityTokenReference wsu:Id="STR-02F859690D5C74E20913402151228413">
<wsse:Reference URI="#X509-02F859690D5C74E20913402151228211"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-5">
<ns5:validate xmlns:ns4="http://msa.ebs.health.ontario.ca/"
xmlns:ns3="http://idp.ebs.health.ontario.ca/" xmlns:ns2="http://ebs.health.ontario.ca/"
xmlns:ns5="http://hcv.health.ontario.ca/">
<requests>
<hcvRequest>
<healthNumber>2222211122</healthNumber>
<versionCode>WW</versionCode>
</hcvRequest>
</requests>
<locale>en</locale>
</ns5:validate>
</soapenv:Body>
</soapenv:Envelope>
-------------------
Sample Request (Built via SoapUI)
<soapenv:Envelope xmlns:ebs="http://ebs.health.ontario.ca/"
xmlns:hcv="http://hcv.health.ontario.ca/" xmlns:idp="http://idp.ebs.health.ontario.ca/"
xmlns:msa="http://msa.ebs.health.ontario.ca/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="X509-9346053A98F2390F1A137460706920025">
MIIDCDCCAnECAhI2MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJDQTEQMA4GA1UECAwHT250YXJpbzEQMA4G
A1UEBwwHVG9yb250bzERMA8GA1UECgwISW5kaXZpY2ExFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA9J
bmRpdmljYSBFQlMgQ0ExJTAjBgkqhkiG9w0BCQEWFmVicy1hZG1pbkBpbmRpdmljYS5jb20wHhcNMTMwNzE5MTc0
NDI1WhcNMTQwNzE5MTc0NDI1WjB4MQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEQMA4GA1UEBxMHVG9y
b250bzERMA8GA1UEChMISW5kaXZpY2ExFDASBgNVBAsTC0RldmVsb3BtZW50MRwwGgYDVQQDExNJbmRpdmljYSBF
QlMgQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7/+bc5QgW43UuaMoUOpbsQy8Kc32jrB
GA0lrxZkqH/PnfdbtRhRypxkc6+r3O17ATi0Cuo/MByJwYS6Y9bIviWcKWPPVMKpermHxniN+kqjWiGDm10xVMph
XryR01LSItgRoi5V54oTFgeJxsdA/1J3kf/QE2YmswZwLH6+PwvZfExKExvGArojkyveOewWkvKMobLB3d6gtrPJ
tUxjb18UJugEHyNSiVYFymbgAyvanT4pmNPaqHW1ZlmQ0WBiDI7oeT1pZzgEwzikcvEHilJye0PcB4PkkrGLKfEE
4HoWG4ZVLgyWNRgTURHzKeQPhsQn4fjouqkHHVMMiUvYgQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAA83b5yRECQU
ppIEIbDOh4E5OsR0wesm4czfNDnh56TUwmjRDzI+tVVEj+fxk0FMSMf3NPoUGonb3bfyO20bpGbUBsMR8P4+FHb6
4zgr0PESUEsSPoO2OFLgeDXoD5VH5u8cRtfPXXX+baL2NThYjMoNVFItOM0XL3xwzblWi++B
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-30" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#id-7">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>+sN2C+GPI6Un7tmdzecuWW4obI8=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>cStXQ+Qf4MYZw7oZh3EwQnCO9kE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#TS-29">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>7DpbdobjdxkQ3RGXjPQmx5EpCdU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#UsernameToken-28">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>0CNaWbdkV2dE7Jm5oh15ztwUcaI=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-12">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="ebs hcv idp msa"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>XoOxXE6R7JA29rMYCHf/X0II180=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>YQy9wqYYVw1x0CZcg6b2W0uO3g3FurUZ51zrXi3jRMFGgCVGUwfu3W/tDOAKB2IXHvIgFl7JWmzd
lkh7O2u6ieACF5tGD32aSXvv6/k7OUVH4outF1NHgJOq9WKIKtUYT/hhG8BmqFGHXcPiuuO+FIXr
93oOGvPMzdsX6EM7wbkSgudyjDa9pORWOWvPhmHbT63b1BgFfLlaUftqeybM6t0i2cTuNxf8nbCS
gANhvGvpNi2ALThvsPu+pXKCx1c4Ng18PGpUEVmOdJOkZhiifR336idp09lp8XaI+NzwENvdBskb
ZIrRA61PTXXIkqRLpfY4KFJRSgj4qP4wydOh8w==
</ds:SignatureValue>
<ds:KeyInfo Id="KI-9346053A98F2390F1A137460706920026">
<wsse:SecurityTokenReference
wsu:Id="STR-9346053A98F2390F1A137460706920027">
<wsse:Reference URI="#X509-9346053A98F2390F1A137460706920025"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-29">
<wsu:Created>2013-07-23T19:17:49.196Z</wsu:Created>
<wsu:Expires>2013-07-30T17:57:49.196Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-28">
<wsse:Username>abc</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">defg</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<idp:IDP wsu:Id="id-8"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ServiceUserMUID>12345</ServiceUserMUID>
</idp:IDP>
<ebs:EBS wsu:Id="id-7"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<SoftwareConformanceKey>12345</SoftwareConformanceKey>
<AuditId>12345</AuditId>
</ebs:EBS>
</soapenv:Header>
<soapenv:Body wsu:Id="id-12"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<hcv:validate>
<requests>
<hcvRequest>
<healthNumber>9876543217</healthNumber>
<versionCode>AB</versionCode>
</hcvRequest>
</requests>
</hcv:validate>
</soapenv:Body>
</soapenv:Envelope>
-----------------------
Response (In either case):
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:MustUnderstand</faultcode>
<faultstring>MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
On 2013-07-24, at 11:02 AM, Andrei Shakirin <as...@talend.com> wrote:
> Hi,
>
> It seems that your service doesn't use the same WS-Policy as client, therefore appropriate interceptors are not activated on the service side.
> Could you double check that?
>
> Exact request and response will be also useful for further analyse.
>
> Regards,
> Andrei.
>
>> -----Original Message-----
>> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
>> Sent: Dienstag, 23. Juli 2013 21:35
>> To: users@cxf.apache.org
>> Subject: Eclipse, CXF and WS-SecurityPolicy
>>
>> I have a question regarding WS-SecurityPolicy and deploying a WSDL-first
>> service via Eclipse.
>>
>> I created a project from a WSDL file (I didn't create it) with the intention of
>> implementing the service that it describes. The WSDL file describes a WS-
>> SecurityPolicy that includes a UsernameToken, Timestamp,
>> BinarySecurityToken, and a Signature. Every time I run a sample request that
>> includes all of those components in the WS-Security header I get a "must
>> understand header is not understood" message, regarding the WS-Security
>> header.
>>
>> I've read on the documentation of CXF that additional dependencies must be
>> included in the classpath to have WS-SecurityPolicy work, but I've used
>> Eclipse's deployment method and given it the entire CXF ZIP file as
>> downloaded from the project website as the CXF Runtime. Is there anything
>> that I'm missing? Or is there a better way for me to be working with CXF than
>> to use Eclipse's automated tools?
>>
>> Thanks for any help.
>> Jen
>>
>>
>
RE: Eclipse, CXF and WS-SecurityPolicy
Posted by Andrei Shakirin <as...@talend.com>.
Hi,
It seems that your service doesn't use the same WS-Policy as client, therefore appropriate interceptors are not activated on the service side.
Could you double check that?
Exact request and response will be also useful for further analyse.
Regards,
Andrei.
> -----Original Message-----
> From: Jennifer Ruttan [mailto:jennifer@indivica.com]
> Sent: Dienstag, 23. Juli 2013 21:35
> To: users@cxf.apache.org
> Subject: Eclipse, CXF and WS-SecurityPolicy
>
> I have a question regarding WS-SecurityPolicy and deploying a WSDL-first
> service via Eclipse.
>
> I created a project from a WSDL file (I didn't create it) with the intention of
> implementing the service that it describes. The WSDL file describes a WS-
> SecurityPolicy that includes a UsernameToken, Timestamp,
> BinarySecurityToken, and a Signature. Every time I run a sample request that
> includes all of those components in the WS-Security header I get a "must
> understand header is not understood" message, regarding the WS-Security
> header.
>
> I've read on the documentation of CXF that additional dependencies must be
> included in the classpath to have WS-SecurityPolicy work, but I've used
> Eclipse's deployment method and given it the entire CXF ZIP file as
> downloaded from the project website as the CXF Runtime. Is there anything
> that I'm missing? Or is there a better way for me to be working with CXF than
> to use Eclipse's automated tools?
>
> Thanks for any help.
> Jen
>
>