4 Replies Latest reply on Feb 3, 2011 8:01 AM by ssroy73

Security Requirements not met - No Security header in messag

aalissa Nov 24, 2008 3:27 PM

hi all

i manged to write service with username token, but when when i write the client i got this error

Security Requirements not met - No Security header in message

i tryied adding this to my code but it did not work


QName serviceName = new QName("http://elm.com/", "TestDocService");
URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
Service service = Service.create(wsdlURL, serviceName);



com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");

also i put the wsit-client.xml in my class path under META-INF but also did not work.

i am using standalone application so you please help me in this issue

regards,
aalissa

1. Re: Security Requirements not met - No Security header in me

aalissa Nov 29, 2008 8:44 AM (in response to aalissa)

can you please help me out.
Actions
2. Re: Security Requirements not met - No Security header in me

asoldano Dec 1, 2008 4:29 AM (in response to aalissa)

Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?
Actions

3. Re: Security Requirements not met - No Security header in me

aalissa Dec 1, 2008 7:10 AM (in response to aalissa)

first of all thank you very much for your replay :)

Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?

yes i did
here is what i have done:

1- I install Jbossws-metro on freash jboss 4.2.2

2- My Webservice is

package com.elm;

import javax.ejb.Stateless;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.xml.ws.soap.Addressing;

@Stateless
@Addressing(enabled=true)
@WebService
public class TestDoc {

 @WebMethod
 public @WebResult(name="nresult") String hi(@WebParam(name="name") String name){
 System.out.println("hi "+name);
 return "hi "+name;

 }
}

3- wsit file :(wsit-com.elm.TestDoc.xml)

<?xml version="1.0" encoding="UTF-8" ?>
<!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
-->
<!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
-->
<definitions
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
 xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
 xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
 xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
 xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
 xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
 xmlns:tns="http://elm.com/"
 xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 xmlns="http://schemas.xmlsoap.org/wsdl/"
 targetNamespace="http://elm.com/" name="TestDocService">
 <ns1:Policy xmlns:ns1="http://www.w3.org/ns/ws-policy"
 wsu:Id="TestDocPortBinding_Addressing_Policy">
 <ns1:ExactlyOne>
 <ns1:All>
 <wsaw:UsingAddressing />
 </ns1:All>
 </ns1:ExactlyOne>
 </ns1:Policy>
 <ns2:Policy xmlns:ns2="http://www.w3.org/ns/ws-policy"
 wsu:Id="TestDocPortBinding_hi_WSAT_Policy">
 <ns2:ExactlyOne>
 <ns2:All>
 <ns3:ATAlwaysCapability
 xmlns:ns3="http://schemas.xmlsoap.org/ws/2004/10/wsat" />
 <ns4:ATAssertion
 xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/12/policy"
 xmlns:ns4="http://schemas.xmlsoap.org/ws/2004/10/wsat"
 ns5:Optional="true" />
 </ns2:All>
 </ns2:ExactlyOne>
 </ns2:Policy>
 <message name="hi" />
 <message name="hiResponse"/>

 <portType name="TestDoc">
 <operation name="hi">

 <input wsaw:Action="http://elm.com/TestDoc/hiRequest"
 message="tns:hi" />
 <output message="tns:hiResponse" />
 </operation>
 </portType>
 <binding name="TestDocPortBinding" type="tns:TestDoc">
 <wsaw:UsingAddressing />
 <soap:binding transport="http://schemas.xmlsoap.org/soap/http"
 style="document" />
 <wsp:PolicyReference URI="#TestDocPortBindingPolicy"/>
 <operation name="hi">
 <soap:operation soapAction="" />
 <input>
 <soap:body use="literal" />
 <wsp:PolicyReference URI="#SecurityServicePortBinding_sayHello_Policy"/>
 </input>
 <output>
 <soap:body use="literal" />
 </output>
 </operation>
 </binding>
 <service name="TestDocService">
 <port name="TestDocPort" binding="tns:TestDocPortBinding">
 <soap:address
 location="http://127.0.0.1:8080/aalissa/TestDoc" />
 </port>
 </service>
 <!-- Policy definitions -->
 <wsp:Policy wsu:Id="TestDocPortBindingPolicy">
 <wsp:ExactlyOne>
 <wsp:All>
 <sp:Wss10>
 <wsp:Policy>
 <sp:MustSupportRefKeyIdentifier/>
 <sp:MustSupportRefIssuerSerial/>
 </wsp:Policy>
 </sp:Wss10>
 <sp:TransportBinding>
 <wsp:Policy>
 <sp:TransportToken>
 <wsp:Policy>
 <sp:HttpsToken RequireClientCertificate="false"/>
 </wsp:Policy>
 </sp:TransportToken>
 <sp:Layout>
 <wsp:Policy>
 <sp:Lax/>
 </wsp:Policy>
 </sp:Layout>
 <sp:IncludeTimestamp/>
 <sp:AlgorithmSuite>
 <wsp:Policy>
 <sp:Basic128/>
 </wsp:Policy>
 </sp:AlgorithmSuite>
 </wsp:Policy>
 </sp:TransportBinding>
 </wsp:All>
 </wsp:ExactlyOne>
 </wsp:Policy>
 <wsp:Policy wsu:Id="SecurityServicePortBinding_sayHello_Policy">
 <wsp:ExactlyOne>
 <wsp:All>
 <sp:SignedSupportingTokens>
 <wsp:Policy>
 <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
 <wsp:Policy>
 <sp:WssUsernameToken10/>
 </wsp:Policy>
 </sp:UsernameToken>
 </wsp:Policy>
 </sp:SignedSupportingTokens>
 </wsp:All>
 </wsp:ExactlyOne>
 </wsp:Policy>
</definitions>

4- I configre RealmAuthenticator

5- on the client side

QName serviceName = new QName("http://elm.com/", "TestDocService");
URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
Service service = Service.create(wsdlURL, serviceName);



com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");

when i deploy my service here is the log

15:07:06,796 INFO [SunJaxwsDeploymentAspect] Add Endpoint
 name=TestDoc
 implementation=com.elm.TestDoc
 url-pattern=/TestDoc
 enable-mtom=false
15:07:06,796 INFO [DefaultEndpointRegistry] register: jboss.ws:context=aalissa,endpoint=TestDoc
15:07:06,968 INFO [TomcatDeployer] deploy, ctxPath=/aalissa, warUrl=.../tmp/deploy/aalissa.jar62991.war/
15:07:07,343 WARN [DeploymentDescriptorParserExt] bypass collectDocs(), it doesnt work for EJB endpoints
15:07:09,906 ERROR [STDERR] Note: ap round: 1
15:07:10,125 INFO [STDOUT] [ProcessedMethods Class: com.elm.TestDoc]
15:07:10,125 INFO [STDOUT] [should process method: hi hasWebMethods: true ]
15:07:10,125 INFO [STDOUT] [endpointReferencesInterface: false]
15:07:10,125 INFO [STDOUT] [declaring class has WebSevice: true]
15:07:10,125 INFO [STDOUT] [returning: true]
15:07:10,125 INFO [STDOUT] [WrapperGen - method: hi(java.lang.String)]
15:07:10,125 INFO [STDOUT] [method.getDeclaringType(): com.elm.TestDoc]
15:07:10,125 INFO [STDOUT] [requestWrapper: com.elm.jaxws.Hi]
15:07:10,203 INFO [STDOUT] [ProcessedMethods Class: java.lang.Object]
15:07:10,234 INFO [STDOUT] com\elm\jaxws\Hi.java
15:07:10,265 INFO [STDOUT] com\elm\jaxws\HiResponse.java
15:07:10,437 ERROR [STDERR] Note: ap round: 2
15:07:11,437 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.ResourceLoader
15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#SecurityServicePortBinding_sayHello_Policy
15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBindingPolicy
15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_hi_WSAT_Policy
15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_Addressing_Policy
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.microsoft.com/ws/2005/07/securitypolicy'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2004/08/addressing'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://www.w3.org/2005/08/addressing'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/02/trust'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/client'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/server'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/client'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/server'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/client'
15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/server'
15:07:12,359 INFO [wspolicy] WSP1049: Loaded WSIT configuration from file: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml
15:07:13,359 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.pipe.TubelineAssemblerFactory
15:07:13,562 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.assembler.ServerPipelineHook

when i call the service this is console

javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
 at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(Unknown Source)
 at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(Unknown Source)
 at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
 at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
 at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown Source)
 at $Proxy24.hi(Unknown Source)
 at WSGUIClient.doTheJob(WSGUIClient.java:163)
 at WSGUIClient$1.actionPerformed(WSGUIClient.java:105)
 at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
 at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
 at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
 at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
 at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
 at java.awt.Component.processMouseEvent(Unknown Source)
 at javax.swing.JComponent.processMouseEvent(Unknown Source)
 at java.awt.Component.processEvent(Unknown Source)
 at java.awt.Container.processEvent(Unknown Source)
 at java.awt.Component.dispatchEventImpl(Unknown Source)
 at java.awt.Container.dispatchEventImpl(Unknown Source)
 at java.awt.Component.dispatchEvent(Unknown Source)
 at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
 at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
 at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
 at java.awt.Container.dispatchEventImpl(Unknown Source)
 at java.awt.Window.dispatchEventImpl(Unknown Source)
 at java.awt.Component.dispatchEvent(Unknown Source)
 at java.awt.EventQueue.dispatchEvent(Unknown Source)
 at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
 at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
 at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
 at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
 at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
 at java.awt.EventDispatchThread.run(Unknown Source)
Caused by: javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
 at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.getSOAPFaultException(SOAPUtil.java:171)
 at com.sun.xml.wss.jaxws.impl.SecurityServerPipe.process(SecurityServerPipe.java:195)
 at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
 at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
 at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
 at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
 at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
 at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
 at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
 at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
 at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
 at org.jboss.wsf.stack.metro.RequestHandlerImpl.doPost(RequestHandlerImpl.java:225)
 at org.jboss.wsf.stack.metro.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:82)
 at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:109)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
 at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
 at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
 at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
 at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
 at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
 at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
 at java.lang.Thread.run(Thread.java:619)

thanks alot for your help

4. Security Requirements not met - No Security header in messag

ssroy73 Feb 3, 2011 8:01 AM (in response to aalissa)

Hi Ab,

I am having similar issue. Can you please let me know how you have sorted out your issue.

Thanks.

Rgds - Sidd
Actions

Go to original post