Hi Paul, You've found the right list.
Could you please tell us, which OpenCMIS version you are using? Can you provide a stack trace? The WebLogic SOAP stack seems to jump in before the response reaches OpenCMIS. That could be a configuration issue.
- Florian
My apologies if this is going to the wrong list. I couldn't find a users list.
I am new to OpenCMIS. I have run a number of tests inside of JUnit and all have
contacted the server, returned a proper response in the form of meta data or a
document; however, when I move this same code, unchanged, into WebLogic 10.3, I
get an exception:
javax.xml.ws.soap.SOAPFaultException: MustUnderstand
headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security]
are not understood
The failure happens during the call to the SessionFactory createSession method.
I've read quite a bit about this on various forums, but have yet to find a solution. It
appears, if I understand things correctly, that the server is replying with a
mustUnderstand="1", as referenced by the response, but that my client is unable
to process the header and, per security rules, must fail.
What do I need to do to make this work properly inside of WebLogic? Am I
missing a configuration file somewhere?
Thank you!
Paul
SOAP request
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/";>
<S:Header>
<Security
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<Timestamp
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<Created>2013-07-03T13:55:29Z</Created>
<Expires>2013-07-04T13:55:29Z</Expires>
</Timestamp>
<UsernameToken>
<Username>some_user</Username>
<Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>somepassword</Password>
<Created
xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2013-07-03T13:55:29Z</Created>
</UsernameToken>
</Security>
</S:Header>
<S:Body>
<ns2:getRepositoryInfo
xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/";
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/";>
<ns2:repositoryId>ECMSFITDEV</ns2:repositoryId>
</ns2:getRepositoryInfo>
</S:Body>
</S:Envelope>
SOAP response
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xs="http://www.w3.org/2001/XMLSchema";>
<S:Header>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp
xmlns:ns15="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";
xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
xmlns:ns13="http://www.w3.org/2003/05/soap-envelope"; wsu:Id="XWSSGID-1372296452640-685270172">
<wsu:Created>2013-07-03T13:55:29Z</wsu:Created>
<wsu:Expires>2013-07-03T14:00:29Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:getRepositoryInfoResponse
xmlns:ns2="http://docs.oasis-open.org/ns/cmis/messaging/200908/";
xmlns="http://docs.oasis-open.org/ns/cmis/core/200908/";>
<ns2:repositoryInfo>
<repositoryId>ECMSFITDEV</repositoryId>
<repositoryName>ECMSFITDEV</repositoryName>
<repositoryDescription>ECMSFITDEV</repositoryDescription>
<vendorName>EMC</vendorName>
<productName>Documentum</productName>
<productVersion>6.7.1000.0038</productVersion>
<rootFolderId>root</rootFolderId>
<capabilities>
<capabilityACL>manage</capabilityACL>
<capabilityAllVersionsSearchable>true</capabilityAllVersionsSearchable>
<capabilityChanges>none</capabilityChanges>
<capabilityContentStreamUpdatability>anytime</capabilityContentStreamUpdatability>
<capabilityGetDescendants>true</capabilityGetDescendants>
<capabilityGetFolderTree>true</capabilityGetFolderTree>
<capabilityMultifiling>true</capabilityMultifiling>
<capabilityPWCSearchable>false</capabilityPWCSearchable>
<capabilityPWCUpdatable>false</capabilityPWCUpdatable>
<capabilityQuery>bothcombined</capabilityQuery>
<capabilityRenditions>read</capabilityRenditions>
<capabilityUnfiling>false</capabilityUnfiling>
<capabilityVersionSpecificFiling>false</capabilityVersionSpecificFiling>
<capabilityJoin>inneronly</capabilityJoin>
</capabilities>
<aclCapability>
<supportedPermissions>both</supportedPermissions>
<propagation>repositorydetermined</propagation>
<permissions>
<permission>none</permission>
<description>No access is permitted.</description>
</permissions>
<permissions>
<permission>browse</permission>
<description>The user can look at property values but not at associated
content.</description>
</permissions>
<permissions>
<permission>cmis:read</permission>
<description>The user can read content but not update. It includes browse
permission.</description>
</permissions>
<permissions>
<permission>relate</permission>
<description>The user can attach an annotation to the object. It includes browse and
read permissions.</description>
</permissions>
<permissions>
<permission>version</permission>
<description>The user can version the object. It includes browse, read and relate
permissions.</description>
</permissions>
<permissions>
<permission>cmis:write</permission>
<description>The user can write and update the object. It includes browse, read,
relate and version permissions.</description>
</permissions>
<permissions>
<permission>delete</permission>
<description>The user can delete the object. It includes browse, read, relate,
version and write permissions.</description>
</permissions>
<permissions>
<permission>change_location</permission>
<description>In conjunction with the appropriate base permission level, allows the
user to move an object from one folder to another.</description>
</permissions>
<permissions>
<permission>change_owner</permission>
<description>The user can change the owner of the object.</description>
</permissions>
<permissions>
<permission>change_permit</permission>
<description>The user can change the basic permissions of the
object.</description>
</permissions>
<permissions>
<permission>change_state</permission>
<description>The user can change the document lifecycle state of the
object.</description>
</permissions>
<permissions>
<permission>change_folder_links</permission>
<description>Allows a user to link an object to a folder or unlink an object from a
folder.</description>
</permissions>
<permissions>
<permission>delete_object</permission>
<description>The user can delete the object. The delete object extended permission is
not equivalent to the base delete permission. Delete Object extended permission does not
grant browse, read, relate, version, or write permission.</description>
</permissions>
<permissions>
<permission>execute_proc</permission>
<description>The user can run the external procedure associated with the
object.</description>
</permissions>
<permissions>
<permission>cmis:all</permission>
<description>The user has all basic and extended permissions.</description>
</permissions>
<mapping>
<key>canGetDescendents.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetChildren.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetParents.Folder</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetFolderParent.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canCreateDocument.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCreateFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCreateRelationship.Source</key>
<permission>relate</permission>
</mapping>
<mapping>
<key>canCreateRelationship.Target</key>
<permission>relate</permission>
</mapping>
<mapping>
<key>canGetProperties.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canViewContent.Object</key>
<permission>cmis:read</permission>
</mapping>
<mapping>
<key>canUpdateProperties.Object</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canMove.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canMove.Target</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canMove.Source</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canDelete.Object</key>
<permission>delete</permission>
</mapping>
<mapping>
<key>canDeleteTree.Folder</key>
<permission>delete</permission>
</mapping>
<mapping>
<key>canSetContent.Document</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canDeleteContent.Document</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canAddToFolder.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canAddToFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canRemoveFromFolder.Object</key>
<permission>cmis:write</permission>
<permission>change_location</permission>
</mapping>
<mapping>
<key>canRemoveFromFolder.Folder</key>
<permission>cmis:write</permission>
</mapping>
<mapping>
<key>canCheckout.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canCancelCheckout.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canCheckin.Document</key>
<permission>version</permission>
</mapping>
<mapping>
<key>canGetAllVersions.VersionSeries</key>
<permission>cmis:read</permission>
</mapping>
<mapping>
<key>canGetObjectRelationships.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canGetACL.Object</key>
<permission>browse</permission>
</mapping>
<mapping>
<key>canApplyACL.Object</key>
<permission>change_permit</permission>
</mapping>
</aclCapability>
<cmisVersionSupported>1.0</cmisVersionSupported>
</ns2:repositoryInfo>
</ns2:getRepositoryInfoResponse>
</S:Body>
</S:Envelope>
----------------------------------------------------------------------
This message, and any attachments, is for the intended recipient(s) only, may
contain information that is privileged, confidential and/or proprietary and
subject to important terms and conditions available at
http://www.bankofamerica.com/emaildisclaimer. If you are not the intended
recipient, please delete this message.
