You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Mahesh Narke (JIRA)" <ji...@apache.org> on 2013/12/23 09:44:51 UTC

[jira] [Commented] (CXF-5474) The message has expired

    [ https://issues.apache.org/jira/browse/CXF-5474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13855500#comment-13855500 ] 

Mahesh Narke commented on CXF-5474:
-----------------------------------

I am giving new nonce value for each request and time within five min diff

> The message has expired
> -----------------------
>
>                 Key: CXF-5474
>                 URL: https://issues.apache.org/jira/browse/CXF-5474
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime, WS-* Components
>    Affects Versions: 2.7.9
>         Environment: Environment :
> Apache CXF 2.7.8
> Jboss EAP 6
> SoapUI for testing client Side
>            Reporter: Mahesh Narke
>              Labels: cxf, soap, soapui
>             Fix For: 2.7.9
>
>   Original Estimate: 10h
>  Remaining Estimate: 10h
>
> I tried to implement for simple authentication i.e with password simple text type, it is working but when i tried to implement for password digest type ,then giving me exception:
> unwinding now: org.apache.cxf.binding.soap.SoapFault: The message has expired org.apache.ws.security.WSSecurityException: The message has expired
> I am giving new nonce value for each request and time within five min diff
> WSS4JInInterceptor Bean class defination:
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans"
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>     xmlns:jaxws="http://cxf.apache.org/jaxws"
>     xsi:schemaLocation="
> http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
> http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
>     <import resource="classpath:META-INF/cxf/cxf.xml" /> 
>     <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
>     <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> 
>     <jaxws:endpoint id="orderProcess" implementor="demo.order.OrderProcessImpl" address="/OrderProcess" >
>       <jaxws:inInterceptors>
>          <bean
>             class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>             <constructor-arg>
>                 <map>
>                   <entry key="action" value="UsernameToken"/>
>                   <entry key="passwordType" value="PasswordDigest"/>
>                   <entry key="passwordCallbackRef" value-ref="myPasswordCallback"/>
>                </map> 
>             </constructor-arg>
>          </bean>
>       </jaxws:inInterceptors>
>       </jaxws:endpoint>
>       <bean id="myPasswordCallback" class="service.ServerPasswordCallback" />  
> </beans>
> Client xml request Code:
>   <soapenv:Envelope 
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
> xmlns:ord="http://order.demo/" 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>  <soapenv:Header>
> <wsse:Security>
>            <wsse:UsernameToken>
>                                 <wsse:Username>joe</wsse:Username>
>                                 <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">PE7F51/oyWFVMsiZURuUwjoZVPY=</wsse:Password>
>                          <!--<wsu:Created>2013-12-17T13:12:00.429Z</wsu:Created>-->
>                            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">efPSkfHXTM6NFDDD1CJHsw==</wsse:Nonce>
>                               <wsu:Created>2013-12-23T12:17:15Z</wsu:Created>
>                </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
>    <soapenv:Body>
>       <ord:processOrder>
>          <!--Optional:-->
>          <arg0>
>             <!--Optional:-->
>             <customerID>234</customerID>
>             <!--Optional:-->
>             <itemID>0908923</itemID>
>             <price>23423</price>
>             <qty>1000</qty>
>          </arg0>
>       </ord:processOrder>
>    </soapenv:Body>
> </soapenv:Envelope>
> When i tried to call the service i am getting exception as
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>    <soap:Body>
>       <soap:Fault>
>          <faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:MessageExpired</faultcode>
>          <faultstring>The message has expired</faultstring>
>       </soap:Fault>
>    </soap:Body>
> </soap:Envelope>
> Can any one tell me where i am making mistake?



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)