The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: CXF-3240 URL: https://issues.apache.org/jira/browse/CXF-3240 Project: CXF Issue Type: Bug Components: WS-* Components Affects Versions: 2.2.9 Environment: JDK 1.6, Eclipse Ganymede Reporter: Asif Ali Mohammed Priority: Blocker Fix For: 2.2.9 Hi, I have written a webservice client for a secured webservice. Im able to build the request along with signed header which takes security information from a .jks file. But in the response Im gettng the following error. ###################################################### Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding. at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146) at $Proxy61.getAccountBalancesByUser(Unknown Source) at IAccountsService_Client.main(Unknown Source) Caused by: org.apache.cxf.binding.soap.SoapFault: The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding. at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:99) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:700) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2261) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2134) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1988) at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47) at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:639) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:487) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) ... 2 more ######################################################## The client program is : public final class IAccountsService_Client { public static void main(String args[]) throws Exception { IAccountsService accountsService = getServicePortType(); org.apache.cxf.endpoint.Client client = org.apache.cxf.frontend.ClientProxy.getClient(accountsService); org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint(); Map<String,Object> outProps = getOutInterceptorProps(); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); cxfEndpoint.getOutInterceptors().add(wssOut); java.lang.String userGuid = "f9f24f385d1b8cba373ad33eb015f98Z"; ArrayOfstring accountNumbers = new ArrayOfstring(); accountNumbers.getString().add("18630464"); accountNumbers.getString().add("10003314"); accountNumbers.getString().add("18602340"); UserAccountBalances _return = accountsService.getAccountBalancesByUser(userGuid, accountNumbers, SourceType.ALL); } private static IAccountsService getServicePortType(){ JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean(); //enable logging of outbound(request) and inbound(response) soap messages factory.getInInterceptors().add(new LoggingInInterceptor()); factory.getOutInterceptors().add(new LoggingOutInterceptor()); factory.setServiceClass(IAccountsService.class); factory.setAddress("http://uss1udp001ampvb.ampf.com:29039/tr/iWealthAcctService"); return (IAccountsService) factory.create(); } private static Map<String, Object> getOutInterceptorProps(){ Map<String,Object> outProps = new HashMap<String,Object>(); // how to configure the properties is outlined below; outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE); outProps.put(WSHandlerConstants.USER, "clientPortal_e3"); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, KeystorePasswordCallback.class.getName()); outProps.put(WSHandlerConstants.SIG_PROP_FILE, "crypto.properties"); return outProps; } ######################################################## Request XML : INFO: Outbound Message --------------------------- ID: 1 Address: http://uss1udp001ampvb.ampf.com:29039/tr/iWealthAcctService Encoding: UTF-8 Content-Type: text/xml Headers: {SOAPAction=["https://iWealth.thomson.com/Services/2010/03/IAccountsService/GetAccountBalancesByUser"], Accept=[*/*]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-1"> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:CanonicalizationMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod> <ds:SignatureMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod> <ds:Reference xmlns:ds="http://www.w3.org/2000/09/xmldsig#" URI="#id-2"> <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:Transform xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform> </ds:Transforms> <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">oCglj+hmoQBUz+yqCDDg6FmPXzc=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> CjPQCsoPsyfiiACZdkqx+LBeGkz1teu52Rf/BoTVBWTieh12fo7X0qznSN1AHEYiZCgXvuwdQkcn ewUl2vFTj3g/btkHUX8Epgp5X/u2X5Aunk7ZdliGTxZ0Fyv2LAduzDiJim15ti3UBitRqU39iBWk inx1jBpbgTeBI33acng= </ds:SignatureValue> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="KeyId-E8E2BE415B08955AA412947515791042"> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-E8E2BE415B08955AA412947515791043"><ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509IssuerSerial xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509IssuerName xmlns:ds="http://www.w3.org/2000/09/xmldsig#">OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign,OU=VeriSign International Server CA - Class 3,OU=VeriSign\, Inc.,O=VeriSign Trust Network</ds:X509IssuerName> <ds:X509SerialNumber xmlns:ds="http://www.w3.org/2000/09/xmldsig#">169372247684920926775018956902222426627</ds:X509SerialNumber> </ds:X509IssuerSerial> </ds:X509Data></wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature></wsse:Security></soap:Header><soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-2"><GetAccountBalancesByUser xmlns="https://iWealth.thomson.com/Services/2010/03" xmlns:ns2="http://schemas.datacontract.org/2004/07/TFOnline.Services.Accounts.DataContracts" xmlns:ns3="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:ns4="http://schemas.datacontract.org/2004/07/Microsoft.Practices.EnterpriseLibrary.Validation.Integration.WCF" xmlns:ns5="http://www.microsoft.com/practices/EnterpriseLibrary/2007/01/wcf/validation" xmlns:ns6="http://schemas.microsoft.com/2003/10/Serialization/"><userGuid>f9f24f385d1b8cba373ad33eb015f98Z</userGuid><accountNumbers><ns3:string>18630464</ns3:string><ns3:string>10003314</ns3:string><ns3:string>28827094</ns3:string><ns3:string>18692571</ns3:string><ns3:string>10020272</ns3:string><ns3:string>79136285</ns3:string><ns3:string>38920300</ns3:string><ns3:string>16605981</ns3:string><ns3:string>18602340</ns3:string><ns3:string>10033541</ns3:string><ns3:string>10867300</ns3:string><ns3:string>18602340</ns3:string></accountNumbers><sourceType>All</sourceType></GetAccountBalancesByUser></soap:Body></soap:Envelope> ################################################################ Response XML: INFO: Inbound Message ---------------------------- ID: 1 Response-Code: 500 Encoding: ISO-8859-1 Content-Type: text/xml Headers: {content-type=[text/xml], X-AspNet-Version=[2.0.50727], connection=[Keep-Alive], X-Backside-Transport=[FAIL FAIL], transfer-encoding=[chunked], Date=[Tue, 11 Jan 2011 13:13:00 GMT], Warning=[214 TR_AccountsService_XMLFW DataPower Transformation Applied], Via=[1.1 TR_AccountsService_XMLFW], X-Client-IP=[159.202.161.253], Server=[Microsoft-IIS/6.0], X-Powered-By=[ASP.NET], Cache-Control=[private]} Payload: <?xml version="1.0" encoding="UTF-8"?> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><s:Fault><faultcode>s:MustUnderstand</faultcode><faultstring xml:lang="en-US">The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding. </faultstring></s:Fault></s:Body></s:Envelope> ############################################################### Please help me as this has become a blocking issue for my project. Thanks in advance, Asif ali Mohammed. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.