2 Replies Latest reply on Nov 30, 2012 2:21 AM by marcin.motyka

    Policy not supported problem

    marcin.motyka Newbie

      Hello everyone.

       

      I'm facing a strange problem while developing a web service client secured with WS Security Username Token Profile 1.0.

      I've created a maven project and developed client out of wsdl file. The secured webservice was created by another company, not by me.

      We need to put this client to our regular JAX-WS webservice.

      The client is working fine while I test it from my local machine. The problem is when I run it on another webservice. Then I got an exception in JBoss console:

      Policy not supported! #wss_username_token_service_policy

      I'm running JBoss 5.1.0.GA

       

      Exception:

      ERROR [SOAPFaultHelperJAXWS] SOAP request exception 
      java.lang.RuntimeException: javax.xml.ws.WebServiceException 
      : org.jboss.ws.WSException: Policy not supported! #wss_username_token_service_policy 
              at com.comarch.comarchgis.ws.wss.WSSClient.getService(WSSClient.java:46) 
      
              at com.comarch.comarchgis.ws.wss.WSSClient.uwierzytelnij(WSSClient.java: 
      54) 
              at com.comarch.comarchgis.ws.auth.service.WsService.authUser(WsService.j 
      ava:89) 
              at com.comarch.comarchgis.ws.auth.AuthWebServiceImpl.uwierzytelnijG2(Aut 
      hWebServiceImpl.java:42) 
              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. 
      java:39) 
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces 
      sorImpl.java:25) 
              at java.lang.reflect.Method.invoke(Method.java:597) 
              at org.jboss.wsf.common.invocation.AbstractInvocationHandlerJSE.invoke(A 
      bstractInvocationHandlerJSE.java:129) 
              at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpoin 
      tInvoker.java:240) 
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHan 
      dlerImpl.java:505) 
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHand 
      lerImpl.java:300) 
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl 
      .java:207) 
              at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(Request 
      HandlerImpl.java:132) 
              at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(Abstract 
      EndpointServlet.java:87) 
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) 
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl 
      icationFilterChain.java:290) 
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF 
      ilterChain.java:206) 
              at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi 
      lter.java:96) 
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl 
      icationFilterChain.java:235) 
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF 
      ilterChain.java:206) 
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV 
      alve.java:235) 
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV 
      alve.java:191) 
              at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit 
      yAssociationValve.java:190) 
              at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv 
      e.java:92) 
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce 
      ss(SecurityContextEstablishmentValve.java:126) 
              at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok 
      e(SecurityContextEstablishmentValve.java:70) 
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j 
      ava:127) 
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j 
      ava:102) 
              at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC 
      onnectionValve.java:158) 
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal 
      ve.java:109) 
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav 
      a:330) 
              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java 
      :829) 
              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce 
      ss(Http11Protocol.java:598) 
              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44 
      7) 
              at java.lang.Thread.run(Thread.java:662) 
      

       

      Is there a way to get it running on that JBoss ?

        • 1. Re: Policy not supported problem
          marcin.motyka Newbie

          I give additional information.

          Policy section in WSDL file:

           

          <wsp:Policy orawsp:provides="{http://docs.oasis-open.org/ns/opencsa/sca/200903}authentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication.message, {http://schemas.oracle.com/ws/2006/01/policy}token.usernamePassword" wsu:Id="wss_username_token_service_policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
          <wsp:Policy>
          <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
          <wsp:Policy>
          <sp:WssUsernameToken10/>
          </wsp:Policy>
          </sp:UsernameToken>
          </wsp:Policy>
          </sp:SupportingTokens>
          </wsp:Policy>
          

           

          I create SOAP header programatically with this code:

           

          final SOAPElement security = header.addChildElement("Security", "wsse",
                                      "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
          final SOAPElement userToken = security.addChildElement("UsernameToken", "wsse");
          userToken.addChildElement("Username", "wsse").addTextNode(userName);
          userToken.addChildElement("Password", "wsse").addAttribute(envelope.createName("Type"), "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText")
          .addTextNode(userPass);
          
          • 2. Re: Policy not supported problem
            marcin.motyka Newbie

            I've managed to fix this issue by creating client with axis2. I also tried to use CXF, but I couldn't install it on our jboss because other webserwices stopped working.

            So creating an axis2 clinet and using it in regular JAX-WS webserwice was a solution.