4 Replies Latest reply: Feb 3, 2011 8:01 AM by ssroy73 RSS

Security Requirements not met - No Security header in messag

ab alissa Newbie

hi all

i manged to write service with username token, but when when i write the client i got this error

Security Requirements not met - No Security header in message

i tryied adding this to my code but it did not work


QName serviceName = new QName("http://elm.com/", "TestDocService");
URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
Service service = Service.create(wsdlURL, serviceName);



com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");



also i put the wsit-client.xml in my class path under META-INF but also did not work.

i am using standalone application so you please help me in this issue

regards,
aalissa

  • 1. Re: Security Requirements not met - No Security header in me
    ab alissa Newbie

    can you please help me out.

  • 2. Re: Security Requirements not met - No Security header in me
    Alessio Soldano Master

    Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?

  • 3. Re: Security Requirements not met - No Security header in me
    ab alissa Newbie

    first of all thank you very much for your replay :)


    Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?


    yes i did
    here is what i have done:

    1- I install Jbossws-metro on freash jboss 4.2.2

    2- My Webservice is
    package com.elm;
    
    import javax.ejb.Stateless;
    import javax.jws.WebMethod;
    import javax.jws.WebParam;
    import javax.jws.WebResult;
    import javax.jws.WebService;
    import javax.xml.ws.soap.Addressing;
    
    @Stateless
    @Addressing(enabled=true)
    @WebService
    public class TestDoc {
    
     @WebMethod
     public @WebResult(name="nresult") String hi(@WebParam(name="name") String name){
     System.out.println("hi "+name);
     return "hi "+name;
    
     }
    }
    


    3- wsit file :(wsit-com.elm.TestDoc.xml)
    <?xml version="1.0" encoding="UTF-8" ?>
    <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
    -->
    <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
    -->
    <definitions
     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
     xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
     xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
     xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
     xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
     xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
     xmlns:tns="http://elm.com/"
     xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     xmlns="http://schemas.xmlsoap.org/wsdl/"
     targetNamespace="http://elm.com/" name="TestDocService">
     <ns1:Policy xmlns:ns1="http://www.w3.org/ns/ws-policy"
     wsu:Id="TestDocPortBinding_Addressing_Policy">
     <ns1:ExactlyOne>
     <ns1:All>
     <wsaw:UsingAddressing />
     </ns1:All>
     </ns1:ExactlyOne>
     </ns1:Policy>
     <ns2:Policy xmlns:ns2="http://www.w3.org/ns/ws-policy"
     wsu:Id="TestDocPortBinding_hi_WSAT_Policy">
     <ns2:ExactlyOne>
     <ns2:All>
     <ns3:ATAlwaysCapability
     xmlns:ns3="http://schemas.xmlsoap.org/ws/2004/10/wsat" />
     <ns4:ATAssertion
     xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/12/policy"
     xmlns:ns4="http://schemas.xmlsoap.org/ws/2004/10/wsat"
     ns5:Optional="true" />
     </ns2:All>
     </ns2:ExactlyOne>
     </ns2:Policy>
     <message name="hi" />
     <message name="hiResponse"/>
    
     <portType name="TestDoc">
     <operation name="hi">
    
     <input wsaw:Action="http://elm.com/TestDoc/hiRequest"
     message="tns:hi" />
     <output message="tns:hiResponse" />
     </operation>
     </portType>
     <binding name="TestDocPortBinding" type="tns:TestDoc">
     <wsaw:UsingAddressing />
     <soap:binding transport="http://schemas.xmlsoap.org/soap/http"
     style="document" />
     <wsp:PolicyReference URI="#TestDocPortBindingPolicy"/>
     <operation name="hi">
     <soap:operation soapAction="" />
     <input>
     <soap:body use="literal" />
     <wsp:PolicyReference URI="#SecurityServicePortBinding_sayHello_Policy"/>
     </input>
     <output>
     <soap:body use="literal" />
     </output>
     </operation>
     </binding>
     <service name="TestDocService">
     <port name="TestDocPort" binding="tns:TestDocPortBinding">
     <soap:address
     location="http://127.0.0.1:8080/aalissa/TestDoc" />
     </port>
     </service>
     <!-- Policy definitions -->
     <wsp:Policy wsu:Id="TestDocPortBindingPolicy">
     <wsp:ExactlyOne>
     <wsp:All>
     <sp:Wss10>
     <wsp:Policy>
     <sp:MustSupportRefKeyIdentifier/>
     <sp:MustSupportRefIssuerSerial/>
     </wsp:Policy>
     </sp:Wss10>
     <sp:TransportBinding>
     <wsp:Policy>
     <sp:TransportToken>
     <wsp:Policy>
     <sp:HttpsToken RequireClientCertificate="false"/>
     </wsp:Policy>
     </sp:TransportToken>
     <sp:Layout>
     <wsp:Policy>
     <sp:Lax/>
     </wsp:Policy>
     </sp:Layout>
     <sp:IncludeTimestamp/>
     <sp:AlgorithmSuite>
     <wsp:Policy>
     <sp:Basic128/>
     </wsp:Policy>
     </sp:AlgorithmSuite>
     </wsp:Policy>
     </sp:TransportBinding>
     </wsp:All>
     </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy wsu:Id="SecurityServicePortBinding_sayHello_Policy">
     <wsp:ExactlyOne>
     <wsp:All>
     <sp:SignedSupportingTokens>
     <wsp:Policy>
     <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
     <wsp:Policy>
     <sp:WssUsernameToken10/>
     </wsp:Policy>
     </sp:UsernameToken>
     </wsp:Policy>
     </sp:SignedSupportingTokens>
     </wsp:All>
     </wsp:ExactlyOne>
     </wsp:Policy>
    </definitions>
    


    4- I configre RealmAuthenticator

    5- on the client side
    QName serviceName = new QName("http://elm.com/", "TestDocService");
    URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
    Service service = Service.create(wsdlURL, serviceName);
    
    
    
    com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
    Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
    requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
    requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");
    



    when i deploy my service here is the log
    15:07:06,796 INFO [SunJaxwsDeploymentAspect] Add Endpoint
     name=TestDoc
     implementation=com.elm.TestDoc
     url-pattern=/TestDoc
     enable-mtom=false
    15:07:06,796 INFO [DefaultEndpointRegistry] register: jboss.ws:context=aalissa,endpoint=TestDoc
    15:07:06,968 INFO [TomcatDeployer] deploy, ctxPath=/aalissa, warUrl=.../tmp/deploy/aalissa.jar62991.war/
    15:07:07,343 WARN [DeploymentDescriptorParserExt] bypass collectDocs(), it doesnt work for EJB endpoints
    15:07:09,906 ERROR [STDERR] Note: ap round: 1
    15:07:10,125 INFO [STDOUT] [ProcessedMethods Class: com.elm.TestDoc]
    15:07:10,125 INFO [STDOUT] [should process method: hi hasWebMethods: true ]
    15:07:10,125 INFO [STDOUT] [endpointReferencesInterface: false]
    15:07:10,125 INFO [STDOUT] [declaring class has WebSevice: true]
    15:07:10,125 INFO [STDOUT] [returning: true]
    15:07:10,125 INFO [STDOUT] [WrapperGen - method: hi(java.lang.String)]
    15:07:10,125 INFO [STDOUT] [method.getDeclaringType(): com.elm.TestDoc]
    15:07:10,125 INFO [STDOUT] [requestWrapper: com.elm.jaxws.Hi]
    15:07:10,203 INFO [STDOUT] [ProcessedMethods Class: java.lang.Object]
    15:07:10,234 INFO [STDOUT] com\elm\jaxws\Hi.java
    15:07:10,265 INFO [STDOUT] com\elm\jaxws\HiResponse.java
    15:07:10,437 ERROR [STDERR] Note: ap round: 2
    15:07:11,437 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.ResourceLoader
    15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#SecurityServicePortBinding_sayHello_Policy
    15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBindingPolicy
    15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_hi_WSAT_Policy
    15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_Addressing_Policy
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.microsoft.com/ws/2005/07/securitypolicy'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2004/08/addressing'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://www.w3.org/2005/08/addressing'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/02/trust'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/client'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/server'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/client'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/server'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/client'
    15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/server'
    15:07:12,359 INFO [wspolicy] WSP1049: Loaded WSIT configuration from file: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml
    15:07:13,359 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.pipe.TubelineAssemblerFactory
    15:07:13,562 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.assembler.ServerPipelineHook
    


    when i call the service this is console
    javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
     at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(Unknown Source)
     at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(Unknown Source)
     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
     at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
     at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown Source)
     at $Proxy24.hi(Unknown Source)
     at WSGUIClient.doTheJob(WSGUIClient.java:163)
     at WSGUIClient$1.actionPerformed(WSGUIClient.java:105)
     at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
     at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
     at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
     at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
     at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
     at java.awt.Component.processMouseEvent(Unknown Source)
     at javax.swing.JComponent.processMouseEvent(Unknown Source)
     at java.awt.Component.processEvent(Unknown Source)
     at java.awt.Container.processEvent(Unknown Source)
     at java.awt.Component.dispatchEventImpl(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
     at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
     at java.awt.Container.dispatchEventImpl(Unknown Source)
     at java.awt.Window.dispatchEventImpl(Unknown Source)
     at java.awt.Component.dispatchEvent(Unknown Source)
     at java.awt.EventQueue.dispatchEvent(Unknown Source)
     at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
     at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
     at java.awt.EventDispatchThread.run(Unknown Source)
    Caused by: javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
     at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.getSOAPFaultException(SOAPUtil.java:171)
     at com.sun.xml.wss.jaxws.impl.SecurityServerPipe.process(SecurityServerPipe.java:195)
     at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
     at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
     at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
     at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
     at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
     at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
     at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
     at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
     at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
     at org.jboss.wsf.stack.metro.RequestHandlerImpl.doPost(RequestHandlerImpl.java:225)
     at org.jboss.wsf.stack.metro.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:82)
     at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:109)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
     at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
     at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
     at java.lang.Thread.run(Thread.java:619)
    
    


    thanks alot for your help

  • 4. Security Requirements not met - No Security header in messag
    ssroy73 Newbie

    Hi Ab,

     

    I am having similar issue. Can you please let me know how you have sorted out your issue.

     

    Thanks.

     

     

    Rgds - Sidd