Announcement Announcement Module
Collapse
No announcement yet.
"No WS-Security header found" Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • "No WS-Security header found"

    Hi,
    I am relatively new to Spring-WS and security.
    I am getting the following response when trying to processing a message:

    13 Dec 2011 12:09:33,515 DEBUG Wss4jSecurityInterceptor - Validating message [AxiomSoapMessage {http://www.website.ie/ras/webservices}doAuthenticateRetrieve] with actions [UsernameToken]
    13 Dec 2011 12:09:33,515 WARN Wss4jSecurityInterceptor - Could not validate request: No WS-Security header found


    The message is as follows:

    <soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://www.revenue.ie/ras/webservices">
    <soapenv:Header>
    <ns1:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" soapenv:mustUnderstand="0" xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <ns1:UsernameToken>
    <ns1:Username xsi:type="xsd:string">registration</ns1:Username>
    <ns1:Password xsi:type="xsd:string">weblogic</ns1:Password>
    </ns1:UsernameToken>
    </ns1:Security>
    </soapenv:Header>
    <soapenv:Body>
    <web:doAuthenticateRetrieve soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><string xsi:type="xsd:string" xs:type="type:string" xmlns:xs="http://www.w3.org/2000/XMLSchema-instance">?</string></web:doAuthenticateRetrieve>
    </soapenv:Body>
    </soapenv:Envelope>



    As far as I can tell the WS-security header is present but perhaps you notice something I don't.

    The following is how my spring servlet is configured
    _______________________________________
    <bean class="org.springframework.ws.server.endpoint.mapp ing.PayloadRootQNameEndpointMapping">
    <property name="mappings">
    <props>
    <prop key="{http://www.website/webservices}doAuthenticateRetrieve">authenticateRe trieveEndpoint</prop>
    </props>
    </property>
    <property name="interceptors">
    <array>
    <bean class="org.springframework.ws.server.endpoint.inte rceptor.PayloadLoggingInterceptor" />
    <bean class="org.springframework.ws.soap.security.wss4j. Wss4jSecurityInterceptor">
    <property name="validationActions" value="UsernameToken" />
    <property name="validationCallbackHandler" ref="passwordCallbackHandler" />
    </bean>
    </array>
    </property>
    </bean>

    <bean id="passwordCallbackHandler"
    class="org.springframework.ws.soap.security.wss4j. callback.SimplePasswordValidationCallbackHandler">
    <property name="users">
    <props>
    <prop key="AR{incoming.username}">AR{incoming.password}</prop>
    </props>
    </property>
    </bean>
    _______________________________________



    Any clues?

    Thanks,
    Peter.
Working...
X