javax.xml.ws.soap.SOAPFaultException: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Key: CXF-3309 URL: https://issues.apache.org/jira/browse/CXF-3309 Project: CXF Issue Type: Bug Components: WS-* Components Affects Versions: 2.2.9 Environment: JDK 1.6, Windows XP Professional Reporter: Asif Ali Mohammed Priority: Critical Hi, I'm trying to invoke a webservice with security. In this attempt I'm signing the request with the JKS file and posting the request, but I'm getting the following exception : javax.xml.ws.soap.SOAPFaultException: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required. Below is the following trace : INFO: Creating Service {http://service.ofm.ameriprise.com}OFMServiceImplService from class com.ameriprise.ofm.service.OFMServiceImpl Invoking documentList... log4j:WARN No appenders could be found for logger (org.apache.xml.security.Init). log4j:WARN Please initialize the log4j system properly. Feb 4, 2011 1:01:18 PM org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose INFO: Outbound Message --------------------------- ID: 1 Address: http://159.202.149.94/OFMGenericService/services/OFMServiceImpl Encoding: UTF-8 Content-Type: text/xml Headers: {SOAPAction=[""], Accept=[*/*]} Payload: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-1"> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:CanonicalizationMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod> <ds:SignatureMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod> <ds:Reference xmlns:ds="http://www.w3.org/2000/09/xmldsig#" URI="#id-2"> <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:Transform xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform> </ds:Transforms> <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">7gfxq0nIHVkq++bLSer/rVlXtao=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> ln57zrUweYMuHDM+0ROIyMXZpehnh86jI/PhKBb1w8J81Z4e6anqqSNozB1CQfvii1zbc6m4OlC9 ffGw34GEsFPL/kaTQDdbBmVuyi0PyRocXbcY0eZ9e2a24hNregM2ppJ1bRdwmHCYnl7ZVhhW/8tb ouw+TRPCeAe6J1GPn6o= </ds:SignatureValue> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="KeyId-E9BD058757E546EB9512968244784812"> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-E9BD058757E546EB9512968244784833"><ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509IssuerSerial xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509IssuerName xmlns:ds="http://www.w3.org/2000/09/xmldsig#">CN=VeriSign Class 3 International Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US</ds:X509IssuerName> <ds:X509SerialNumber xmlns:ds="http://www.w3.org/2000/09/xmldsig#">139599931415386803972390598321435572148</ds:X509SerialNumber> </ds:X509IssuerSerial> </ds:X509Data></wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature></wsse:Security></soap:Header><soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-2"><ns2:DocumentList xmlns:ns2="http://service.ofm.ameriprise.com"><consumer_application>FA</consumer_application><response_document_properties><property_name>client_id</property_name><property_name>group_id</property_name></response_document_properties><search_parameters><document_category>STMTS</document_category><document_type>CONSOLIDATED STATEMENTS</document_type></search_parameters></ns2:DocumentList></soap:Body></soap:Envelope> -------------------------------------- Feb 4, 2011 1:01:19 PM org.apache.cxf.interceptor.LoggingInInterceptor logging INFO: Inbound Message ---------------------------- ID: 1 Response-Code: 500 Encoding: UTF-8 Content-Type: text/xml; charset=utf-8 Headers: {content-type=[text/xml; charset=utf-8], connection=[close], Content-Language=[en], Date=[Fri, 04 Feb 2011 13:01:18 GMT], Content-Length=[625], Server=[IBM_HTTP_Server]} Payload: <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Header/><soapenv:Body><soapenv:Fault><faultcode>soapenv:Server.securityException</faultcode><faultstring>com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required.</faultstring><detail encodingStyle=""/></soapenv:Fault></soapenv:Body></soapenv:Envelope> -------------------------------------- Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required. at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146) at $Proxy49.documentList(Unknown Source) at OFMServiceImpl_Client.main(OFMServiceImpl_Client.java:57) Caused by: org.apache.cxf.binding.soap.SoapFault: com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E: One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Reference" element is required. at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:75) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:46) at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:35) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:99) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69) at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:700) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2261) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2134) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1988) at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47) at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188) at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:639) at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:487) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) ... 2 more -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira