4 Replies Latest reply on Feb 3, 2011 8:01 AM by ssroy73

    Security Requirements not met - No Security header in messag

    ab alissa Newbie

      hi all

      i manged to write service with username token, but when when i write the client i got this error

      Security Requirements not met - No Security header in message

      i tryied adding this to my code but it did not work

      
      QName serviceName = new QName("http://elm.com/", "TestDocService");
      URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
      Service service = Service.create(wsdlURL, serviceName);
      
      
      
      com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
      Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
      requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
      requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");
      
      


      also i put the wsit-client.xml in my class path under META-INF but also did not work.

      i am using standalone application so you please help me in this issue

      regards,
      aalissa

        • 2. Re: Security Requirements not met - No Security header in me
          Alessio Soldano Master

          Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?

          • 3. Re: Security Requirements not met - No Security header in me
            ab alissa Newbie

            first of all thank you very much for your replay :)


            Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?


            yes i did
            here is what i have done:

            1- I install Jbossws-metro on freash jboss 4.2.2

            2- My Webservice is
            package com.elm;
            
            import javax.ejb.Stateless;
            import javax.jws.WebMethod;
            import javax.jws.WebParam;
            import javax.jws.WebResult;
            import javax.jws.WebService;
            import javax.xml.ws.soap.Addressing;
            
            @Stateless
            @Addressing(enabled=true)
            @WebService
            public class TestDoc {
            
             @WebMethod
             public @WebResult(name="nresult") String hi(@WebParam(name="name") String name){
             System.out.println("hi "+name);
             return "hi "+name;
            
             }
            }
            


            3- wsit file :(wsit-com.elm.TestDoc.xml)
            <?xml version="1.0" encoding="UTF-8" ?>
            <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
            -->
            <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
            -->
            <definitions
             xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
             xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
             xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
             xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
             xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
             xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
             xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
             xmlns:tns="http://elm.com/"
             xmlns:xsd="http://www.w3.org/2001/XMLSchema"
             xmlns="http://schemas.xmlsoap.org/wsdl/"
             targetNamespace="http://elm.com/" name="TestDocService">
             <ns1:Policy xmlns:ns1="http://www.w3.org/ns/ws-policy"
             wsu:Id="TestDocPortBinding_Addressing_Policy">
             <ns1:ExactlyOne>
             <ns1:All>
             <wsaw:UsingAddressing />
             </ns1:All>
             </ns1:ExactlyOne>
             </ns1:Policy>
             <ns2:Policy xmlns:ns2="http://www.w3.org/ns/ws-policy"
             wsu:Id="TestDocPortBinding_hi_WSAT_Policy">
             <ns2:ExactlyOne>
             <ns2:All>
             <ns3:ATAlwaysCapability
             xmlns:ns3="http://schemas.xmlsoap.org/ws/2004/10/wsat" />
             <ns4:ATAssertion
             xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/12/policy"
             xmlns:ns4="http://schemas.xmlsoap.org/ws/2004/10/wsat"
             ns5:Optional="true" />
             </ns2:All>
             </ns2:ExactlyOne>
             </ns2:Policy>
             <message name="hi" />
             <message name="hiResponse"/>
            
             <portType name="TestDoc">
             <operation name="hi">
            
             <input wsaw:Action="http://elm.com/TestDoc/hiRequest"
             message="tns:hi" />
             <output message="tns:hiResponse" />
             </operation>
             </portType>
             <binding name="TestDocPortBinding" type="tns:TestDoc">
             <wsaw:UsingAddressing />
             <soap:binding transport="http://schemas.xmlsoap.org/soap/http"
             style="document" />
             <wsp:PolicyReference URI="#TestDocPortBindingPolicy"/>
             <operation name="hi">
             <soap:operation soapAction="" />
             <input>
             <soap:body use="literal" />
             <wsp:PolicyReference URI="#SecurityServicePortBinding_sayHello_Policy"/>
             </input>
             <output>
             <soap:body use="literal" />
             </output>
             </operation>
             </binding>
             <service name="TestDocService">
             <port name="TestDocPort" binding="tns:TestDocPortBinding">
             <soap:address
             location="http://127.0.0.1:8080/aalissa/TestDoc" />
             </port>
             </service>
             <!-- Policy definitions -->
             <wsp:Policy wsu:Id="TestDocPortBindingPolicy">
             <wsp:ExactlyOne>
             <wsp:All>
             <sp:Wss10>
             <wsp:Policy>
             <sp:MustSupportRefKeyIdentifier/>
             <sp:MustSupportRefIssuerSerial/>
             </wsp:Policy>
             </sp:Wss10>
             <sp:TransportBinding>
             <wsp:Policy>
             <sp:TransportToken>
             <wsp:Policy>
             <sp:HttpsToken RequireClientCertificate="false"/>
             </wsp:Policy>
             </sp:TransportToken>
             <sp:Layout>
             <wsp:Policy>
             <sp:Lax/>
             </wsp:Policy>
             </sp:Layout>
             <sp:IncludeTimestamp/>
             <sp:AlgorithmSuite>
             <wsp:Policy>
             <sp:Basic128/>
             </wsp:Policy>
             </sp:AlgorithmSuite>
             </wsp:Policy>
             </sp:TransportBinding>
             </wsp:All>
             </wsp:ExactlyOne>
             </wsp:Policy>
             <wsp:Policy wsu:Id="SecurityServicePortBinding_sayHello_Policy">
             <wsp:ExactlyOne>
             <wsp:All>
             <sp:SignedSupportingTokens>
             <wsp:Policy>
             <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
             <wsp:Policy>
             <sp:WssUsernameToken10/>
             </wsp:Policy>
             </sp:UsernameToken>
             </wsp:Policy>
             </sp:SignedSupportingTokens>
             </wsp:All>
             </wsp:ExactlyOne>
             </wsp:Policy>
            </definitions>
            


            4- I configre RealmAuthenticator

            5- on the client side
            QName serviceName = new QName("http://elm.com/", "TestDocService");
            URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
            Service service = Service.create(wsdlURL, serviceName);
            
            
            
            com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
            Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
            requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
            requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");
            



            when i deploy my service here is the log
            15:07:06,796 INFO [SunJaxwsDeploymentAspect] Add Endpoint
             name=TestDoc
             implementation=com.elm.TestDoc
             url-pattern=/TestDoc
             enable-mtom=false
            15:07:06,796 INFO [DefaultEndpointRegistry] register: jboss.ws:context=aalissa,endpoint=TestDoc
            15:07:06,968 INFO [TomcatDeployer] deploy, ctxPath=/aalissa, warUrl=.../tmp/deploy/aalissa.jar62991.war/
            15:07:07,343 WARN [DeploymentDescriptorParserExt] bypass collectDocs(), it doesnt work for EJB endpoints
            15:07:09,906 ERROR [STDERR] Note: ap round: 1
            15:07:10,125 INFO [STDOUT] [ProcessedMethods Class: com.elm.TestDoc]
            15:07:10,125 INFO [STDOUT] [should process method: hi hasWebMethods: true ]
            15:07:10,125 INFO [STDOUT] [endpointReferencesInterface: false]
            15:07:10,125 INFO [STDOUT] [declaring class has WebSevice: true]
            15:07:10,125 INFO [STDOUT] [returning: true]
            15:07:10,125 INFO [STDOUT] [WrapperGen - method: hi(java.lang.String)]
            15:07:10,125 INFO [STDOUT] [method.getDeclaringType(): com.elm.TestDoc]
            15:07:10,125 INFO [STDOUT] [requestWrapper: com.elm.jaxws.Hi]
            15:07:10,203 INFO [STDOUT] [ProcessedMethods Class: java.lang.Object]
            15:07:10,234 INFO [STDOUT] com\elm\jaxws\Hi.java
            15:07:10,265 INFO [STDOUT] com\elm\jaxws\HiResponse.java
            15:07:10,437 ERROR [STDERR] Note: ap round: 2
            15:07:11,437 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.ResourceLoader
            15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#SecurityServicePortBinding_sayHello_Policy
            15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBindingPolicy
            15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_hi_WSAT_Policy
            15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_Addressing_Policy
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.microsoft.com/ws/2005/07/securitypolicy'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2004/08/addressing'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://www.w3.org/2005/08/addressing'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/02/trust'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/client'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/server'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/client'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/server'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/client'
            15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/server'
            15:07:12,359 INFO [wspolicy] WSP1049: Loaded WSIT configuration from file: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml
            15:07:13,359 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.pipe.TubelineAssemblerFactory
            15:07:13,562 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.assembler.ServerPipelineHook
            


            when i call the service this is console
            javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
             at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(Unknown Source)
             at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(Unknown Source)
             at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
             at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
             at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown Source)
             at $Proxy24.hi(Unknown Source)
             at WSGUIClient.doTheJob(WSGUIClient.java:163)
             at WSGUIClient$1.actionPerformed(WSGUIClient.java:105)
             at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
             at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
             at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
             at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
             at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
             at java.awt.Component.processMouseEvent(Unknown Source)
             at javax.swing.JComponent.processMouseEvent(Unknown Source)
             at java.awt.Component.processEvent(Unknown Source)
             at java.awt.Container.processEvent(Unknown Source)
             at java.awt.Component.dispatchEventImpl(Unknown Source)
             at java.awt.Container.dispatchEventImpl(Unknown Source)
             at java.awt.Component.dispatchEvent(Unknown Source)
             at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
             at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
             at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
             at java.awt.Container.dispatchEventImpl(Unknown Source)
             at java.awt.Window.dispatchEventImpl(Unknown Source)
             at java.awt.Component.dispatchEvent(Unknown Source)
             at java.awt.EventQueue.dispatchEvent(Unknown Source)
             at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
             at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
             at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
             at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
             at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
             at java.awt.EventDispatchThread.run(Unknown Source)
            Caused by: javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
             at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.getSOAPFaultException(SOAPUtil.java:171)
             at com.sun.xml.wss.jaxws.impl.SecurityServerPipe.process(SecurityServerPipe.java:195)
             at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
             at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
             at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
             at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
             at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
             at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
             at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
             at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
             at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
             at org.jboss.wsf.stack.metro.RequestHandlerImpl.doPost(RequestHandlerImpl.java:225)
             at org.jboss.wsf.stack.metro.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:82)
             at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:109)
             at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
             at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
             at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
             at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
             at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
             at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
             at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
             at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
             at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
             at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
             at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
             at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
             at java.lang.Thread.run(Thread.java:619)
            
            


            thanks alot for your help

            • 4. Security Requirements not met - No Security header in messag
              ssroy73 Newbie

              Hi Ab,

               

              I am having similar issue. Can you please let me know how you have sorted out your issue.

               

              Thanks.

               

               

              Rgds - Sidd