4 Replies Latest reply on Feb 3, 2011 8:01 AM by ssroy73

    Security Requirements not met - No Security header in messag

    aalissa

      hi all

      i manged to write service with username token, but when when i write the client i got this error

      Security Requirements not met - No Security header in message

      i tryied adding this to my code but it did not work

      
      QName serviceName = new QName("http://elm.com/", "TestDocService");
      URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
      Service service = Service.create(wsdlURL, serviceName);
      
      
      
      com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
      Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
      requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
      requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");
      
      


      also i put the wsit-client.xml in my class path under META-INF but also did not work.

      i am using standalone application so you please help me in this issue

      regards,
      aalissa

        • 1. Re: Security Requirements not met - No Security header in me
          aalissa

          can you please help me out.

          • 2. Re: Security Requirements not met - No Security header in me
            asoldano

            Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?

            • 3. Re: Security Requirements not met - No Security header in me
              aalissa

              first of all thank you very much for your replay :)


              Did you try looking at the username token profile example in the org.jboss.test.ws.jaxws.samples.wsse package (source distribution, modules/testsuite/metro-tests) ?


              yes i did
              here is what i have done:

              1- I install Jbossws-metro on freash jboss 4.2.2

              2- My Webservice is
              package com.elm;
              
              import javax.ejb.Stateless;
              import javax.jws.WebMethod;
              import javax.jws.WebParam;
              import javax.jws.WebResult;
              import javax.jws.WebService;
              import javax.xml.ws.soap.Addressing;
              
              @Stateless
              @Addressing(enabled=true)
              @WebService
              public class TestDoc {
              
               @WebMethod
               public @WebResult(name="nresult") String hi(@WebParam(name="name") String name){
               System.out.println("hi "+name);
               return "hi "+name;
              
               }
              }
              


              3- wsit file :(wsit-com.elm.TestDoc.xml)
              <?xml version="1.0" encoding="UTF-8" ?>
              <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
              -->
              <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.1.3-b02-.
              -->
              <definitions
               xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
               xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
               xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
               xmlns:sc="http://schemas.sun.com/2006/03/wss/server"
               xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
               xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
               xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
               xmlns:tns="http://elm.com/"
               xmlns:xsd="http://www.w3.org/2001/XMLSchema"
               xmlns="http://schemas.xmlsoap.org/wsdl/"
               targetNamespace="http://elm.com/" name="TestDocService">
               <ns1:Policy xmlns:ns1="http://www.w3.org/ns/ws-policy"
               wsu:Id="TestDocPortBinding_Addressing_Policy">
               <ns1:ExactlyOne>
               <ns1:All>
               <wsaw:UsingAddressing />
               </ns1:All>
               </ns1:ExactlyOne>
               </ns1:Policy>
               <ns2:Policy xmlns:ns2="http://www.w3.org/ns/ws-policy"
               wsu:Id="TestDocPortBinding_hi_WSAT_Policy">
               <ns2:ExactlyOne>
               <ns2:All>
               <ns3:ATAlwaysCapability
               xmlns:ns3="http://schemas.xmlsoap.org/ws/2004/10/wsat" />
               <ns4:ATAssertion
               xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/12/policy"
               xmlns:ns4="http://schemas.xmlsoap.org/ws/2004/10/wsat"
               ns5:Optional="true" />
               </ns2:All>
               </ns2:ExactlyOne>
               </ns2:Policy>
               <message name="hi" />
               <message name="hiResponse"/>
              
               <portType name="TestDoc">
               <operation name="hi">
              
               <input wsaw:Action="http://elm.com/TestDoc/hiRequest"
               message="tns:hi" />
               <output message="tns:hiResponse" />
               </operation>
               </portType>
               <binding name="TestDocPortBinding" type="tns:TestDoc">
               <wsaw:UsingAddressing />
               <soap:binding transport="http://schemas.xmlsoap.org/soap/http"
               style="document" />
               <wsp:PolicyReference URI="#TestDocPortBindingPolicy"/>
               <operation name="hi">
               <soap:operation soapAction="" />
               <input>
               <soap:body use="literal" />
               <wsp:PolicyReference URI="#SecurityServicePortBinding_sayHello_Policy"/>
               </input>
               <output>
               <soap:body use="literal" />
               </output>
               </operation>
               </binding>
               <service name="TestDocService">
               <port name="TestDocPort" binding="tns:TestDocPortBinding">
               <soap:address
               location="http://127.0.0.1:8080/aalissa/TestDoc" />
               </port>
               </service>
               <!-- Policy definitions -->
               <wsp:Policy wsu:Id="TestDocPortBindingPolicy">
               <wsp:ExactlyOne>
               <wsp:All>
               <sp:Wss10>
               <wsp:Policy>
               <sp:MustSupportRefKeyIdentifier/>
               <sp:MustSupportRefIssuerSerial/>
               </wsp:Policy>
               </sp:Wss10>
               <sp:TransportBinding>
               <wsp:Policy>
               <sp:TransportToken>
               <wsp:Policy>
               <sp:HttpsToken RequireClientCertificate="false"/>
               </wsp:Policy>
               </sp:TransportToken>
               <sp:Layout>
               <wsp:Policy>
               <sp:Lax/>
               </wsp:Policy>
               </sp:Layout>
               <sp:IncludeTimestamp/>
               <sp:AlgorithmSuite>
               <wsp:Policy>
               <sp:Basic128/>
               </wsp:Policy>
               </sp:AlgorithmSuite>
               </wsp:Policy>
               </sp:TransportBinding>
               </wsp:All>
               </wsp:ExactlyOne>
               </wsp:Policy>
               <wsp:Policy wsu:Id="SecurityServicePortBinding_sayHello_Policy">
               <wsp:ExactlyOne>
               <wsp:All>
               <sp:SignedSupportingTokens>
               <wsp:Policy>
               <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
               <wsp:Policy>
               <sp:WssUsernameToken10/>
               </wsp:Policy>
               </sp:UsernameToken>
               </wsp:Policy>
               </sp:SignedSupportingTokens>
               </wsp:All>
               </wsp:ExactlyOne>
               </wsp:Policy>
              </definitions>
              


              4- I configre RealmAuthenticator

              5- on the client side
              QName serviceName = new QName("http://elm.com/", "TestDocService");
              URL wsdlURL = new URL("https://localhost:8443/aalissa/TestDoc?wsdl");
              Service service = Service.create(wsdlURL, serviceName);
              
              
              
              com.elm.TestDoc impl = service.getPort(com.elm.TestDoc.class);
              Map<String, Object> requestContext = ((BindingProvider)impl).getRequestContext();
              requestContext.put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "yyyyuy");
              requestContext.put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "1233");
              



              when i deploy my service here is the log
              15:07:06,796 INFO [SunJaxwsDeploymentAspect] Add Endpoint
               name=TestDoc
               implementation=com.elm.TestDoc
               url-pattern=/TestDoc
               enable-mtom=false
              15:07:06,796 INFO [DefaultEndpointRegistry] register: jboss.ws:context=aalissa,endpoint=TestDoc
              15:07:06,968 INFO [TomcatDeployer] deploy, ctxPath=/aalissa, warUrl=.../tmp/deploy/aalissa.jar62991.war/
              15:07:07,343 WARN [DeploymentDescriptorParserExt] bypass collectDocs(), it doesnt work for EJB endpoints
              15:07:09,906 ERROR [STDERR] Note: ap round: 1
              15:07:10,125 INFO [STDOUT] [ProcessedMethods Class: com.elm.TestDoc]
              15:07:10,125 INFO [STDOUT] [should process method: hi hasWebMethods: true ]
              15:07:10,125 INFO [STDOUT] [endpointReferencesInterface: false]
              15:07:10,125 INFO [STDOUT] [declaring class has WebSevice: true]
              15:07:10,125 INFO [STDOUT] [returning: true]
              15:07:10,125 INFO [STDOUT] [WrapperGen - method: hi(java.lang.String)]
              15:07:10,125 INFO [STDOUT] [method.getDeclaringType(): com.elm.TestDoc]
              15:07:10,125 INFO [STDOUT] [requestWrapper: com.elm.jaxws.Hi]
              15:07:10,203 INFO [STDOUT] [ProcessedMethods Class: java.lang.Object]
              15:07:10,234 INFO [STDOUT] com\elm\jaxws\Hi.java
              15:07:10,265 INFO [STDOUT] com\elm\jaxws\HiResponse.java
              15:07:10,437 ERROR [STDERR] Note: ap round: 2
              15:07:11,437 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.ResourceLoader
              15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#SecurityServicePortBinding_sayHello_Policy
              15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBindingPolicy
              15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_hi_WSAT_Policy
              15:07:12,171 ERROR [wspolicy] Illegal character in opaque part at index 24: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml#TestDocPortBinding_Addressing_Policy
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://schemas.microsoft.com/ws/2005/07/securitypolicy'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SecurityPolicyAssertionCreator', supported namespace='http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2004/08/addressing'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.addressing.impl.policy.AddressingPolicyAssertionCreator', supported namespace='http://www.w3.org/2005/08/addressing'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustPolicyAssertionCreator', supported namespace='http://schemas.xmlsoap.org/ws/2005/02/trust'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/client'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.WSSServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/2006/03/wss/server'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/client'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.TrustServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/trust/server'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCClientConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/client'
              15:07:12,265 INFO [wspolicy] WSP0078: Policy assertion creator discovered: class='com.sun.xml.ws.security.impl.policy.SCServerConfigAssertionCreator', supported namespace='http://schemas.sun.com/ws/2006/05/sc/server'
              15:07:12,359 INFO [wspolicy] WSP1049: Loaded WSIT configuration from file: jar:file:/C:/Application Server/test/jboss-4.2.2.GA/server/default/tmp/deploy/tmp62990aalissa.jar!/META-INF/wsit-com.elm.TestDoc.xml
              15:07:13,359 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.api.pipe.TubelineAssemblerFactory
              15:07:13,562 WARN [RuntimeModelDeploymentAspect] Unable to resolve SPI for type: class com.sun.xml.ws.assembler.ServerPipelineHook
              


              when i call the service this is console
              javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
               at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(Unknown Source)
               at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(Unknown Source)
               at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
               at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(Unknown Source)
               at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(Unknown Source)
               at $Proxy24.hi(Unknown Source)
               at WSGUIClient.doTheJob(WSGUIClient.java:163)
               at WSGUIClient$1.actionPerformed(WSGUIClient.java:105)
               at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
               at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
               at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
               at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
               at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
               at java.awt.Component.processMouseEvent(Unknown Source)
               at javax.swing.JComponent.processMouseEvent(Unknown Source)
               at java.awt.Component.processEvent(Unknown Source)
               at java.awt.Container.processEvent(Unknown Source)
               at java.awt.Component.dispatchEventImpl(Unknown Source)
               at java.awt.Container.dispatchEventImpl(Unknown Source)
               at java.awt.Component.dispatchEvent(Unknown Source)
               at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
               at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
               at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
               at java.awt.Container.dispatchEventImpl(Unknown Source)
               at java.awt.Window.dispatchEventImpl(Unknown Source)
               at java.awt.Component.dispatchEvent(Unknown Source)
               at java.awt.EventQueue.dispatchEvent(Unknown Source)
               at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
               at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
               at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
               at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
               at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
               at java.awt.EventDispatchThread.run(Unknown Source)
              Caused by: javax.xml.ws.soap.SOAPFaultException: Security Requirements not met - No Security header in message
               at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.getSOAPFaultException(SOAPUtil.java:171)
               at com.sun.xml.wss.jaxws.impl.SecurityServerPipe.process(SecurityServerPipe.java:195)
               at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
               at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
               at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
               at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
               at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
               at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
               at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
               at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
               at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
               at org.jboss.wsf.stack.metro.RequestHandlerImpl.doPost(RequestHandlerImpl.java:225)
               at org.jboss.wsf.stack.metro.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:82)
               at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:109)
               at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
               at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
               at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
               at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
               at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
               at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
               at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
               at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
               at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
               at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
               at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
               at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
               at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
               at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
               at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
               at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
               at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
               at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
               at java.lang.Thread.run(Thread.java:619)
              
              


              thanks alot for your help

              • 4. Security Requirements not met - No Security header in messag
                ssroy73

                Hi Ab,

                 

                I am having similar issue. Can you please let me know how you have sorted out your issue.

                 

                Thanks.

                 

                 

                Rgds - Sidd