WS-Security trouble: {http://www.w3.org/2005/08/addressing}A
timeagentess Jun 26, 2008 5:48 AMHello all,
I am trying to use WS-Security and have a client and web service exchange signed messages.
However, I have run into some trouble -- can't get rid of this error (seen on both server and client consoles):
ERROR [SOAPFaultHelperJAXWS] SOAP request exception
javax.xml.ws.addressing.AddressingException: Required element {http://www.w3.org/2005/08/addressing}Action is missing
at org.jboss.ws.extensions.addressing.soap.SOAPAddressingPropertiesImpl.getRequiredHeaderContent(SOAPAddressingPropertiesImpl.java:71)
at org.jboss.ws.extensions.addressing.soap.SOAPAddressingPropertiesImpl.readHeaders(SOAPAddressingPropertiesImpl.java:141)
at org.jboss.ws.extensions.addressing.jaxws.WSAddressingServerHandler.handleInbound(WSAddressingServerHandler.java:82)
[...]
My configuration is JBoss 4.0.5 & JBossWS 2.0.0, and the files as described below.
I. Web service, deployed as SLSB in ear archive:
|-ejb.jar (contains Endpoint implementation WSTwoServiceBean.java)
|-META-INF
|---server.keystore
|---server.truststore
|---application.xml
|---jboss-wsse-server.xml
|---standard-jaxws-endpoint-config.xml
Service endpoint implementation: WSTwoServiceBean.java
//EJB3 annotations @javax.ejb.Stateless @org.jboss.annotation.ejb.RemoteBinding(jndiBinding = "WebServices/WSTwoServiceBeanInterface") @javax.ejb.Remote({com.atb.webservices.wstwo.WSTwoServiceBeanInterface.class}) // WS annotations @javax.jws.WebService(endpointInterface = "com.atb.webservices.wstwo.WSTwoRemoteInterface", targetNamespace = "http://localhost:8080/atb") @org.jboss.wsf.spi.annotation.WebContext(contextRoot = "/webservices-ws", urlPattern="/services/WSTwo/*") @javax.jws.soap.SOAPBinding(style = javax.jws.soap.SOAPBinding.Style.DOCUMENT, use = javax.jws.soap.SOAPBinding.Use.LITERAL, parameterStyle = javax.jws.soap.SOAPBinding.ParameterStyle.WRAPPED) @HandlerChain(file="resource://META-INF/standard-jaxws-endpoint-config.xml") @EndpointConfig(configName = "Standard WSSecurity Endpoint") @SecurityDomain("JBossWS") public class WSTwoServiceBean implements WSTwoServiceBeanInterface { @WebMethod public String hello(String s){ return "Hello, " + s + "!"; } }
jboss-wsse-server.xml:
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>META-INF/server.keystore</key-store-file> <key-store-password>server</key-store-password> <trust-store-file>META-INF/server.truststore</trust-store-file> <trust-store-password>server</trust-store-password> <config> <sign type="jks" alias="server"/> <requires> <signature/> </requires> </config> </jboss-ws-security>
standard-jaxws-endpoint-config.xml:
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Standard WSSecurity Endpoint</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurity Handler</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </endpoint-config> </jaxws-config>
II. Client, standalone application:
|-TestWS.java
|-META-INF
|---jboss-wsse-client.xml
|---standard-jaxws-client-config.xml
|---client.keystore
|---client.truststore
(Even though, being a standalone client, I suspect placing the files in a folder other than META-INF wouldn't make any difference)
TestWS.java:
WSTwoServiceBeanService wstwoService = new WSTwoServiceBeanService(); WSTwo wstwo = wstwoService.getPort(WSTwo.class); URL securityURL = null; URL securityConfig = null; try { securityURL = new File("META-INF/jboss-wsse-client.xml").toURL(); securityConfig = new File("META-INF/standard-jaxws-client-config.xml").toURL(); } catch (MalformedURLException e) { System.out.println(e); } ((StubExt)wstwo).setSecurityConfig(securityURL.toExternalForm()); ((StubExt)wstwo).setConfigName("Standard WSSecurity Client", securityConfig.toExternalForm()); String response = wstwo.hello("world"); System.out.println("Web service answered with: " + response);
jboss-wsse-client.xml:
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>d:/workspace/wsclient/META-INF/client.keystore</key-store-file> <key-store-password>client</key-store-password> <key-store-type>jks</key-store-type> <trust-store-file>d:/workspace/wsclient/META-INF/client.truststore</trust-store-file> <trust-store-password>client</trust-store-password> <trust-store-type>jks</trust-store-type> <config> <sign type="jks" alias="client"/> <requires> <signature/> </requires> </config> </jboss-ws-security>
standard-jaxws-client-config.xml:
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd"> <client-config> <config-name>Standard WSSecurity Client</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </client-config> </jaxws-config>
Thank you!