JBoss Community

Web service client user token authentication problem

created by sreedhar y in JBoss Web Services Development - View the full discussion

Hi,

 

We have got a  webservice with the following security policy from the client.

 

<wsp:Policy orawsp:provides="{http://docs.oasis-open.org/ns/opencsa/sca/200903}authentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication.message, {http://schemas.oracle.com/ws/2006/01/policy}token.usernamePassword" wsu:Id="wss_username_token_service_policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">

<wsp:Policy>

<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">

<wsp:Policy>

<sp:WssUsernameToken10/>

</wsp:Policy>

</sp:UsernameToken>

</wsp:Policy>

</sp:SupportingTokens>

</wsp:Policy>

 

We generated client classes using the Java JAX-WS tool from the wsdl(used the wsimport command).Afer that used the SecurityHandler  class( attached the file)  which incorporates the securtiy information in the handleMessage() method.

 

When i called the web service method from a standlone client class ,security authentication is done and got the webservice response.

But when accessing the webservice from the application deployed from JBoss7.1.0,Security Handler's handleMessage() method is not invoked due to this i am getting the excetion as

 

org.apache.cxf.ws.policy.PolicyException: No username available
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.policyNotAsserted(UsernameTokenInterceptor.java:398)
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:341)
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:267)
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:112)
at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:76)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:461)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:364)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:317)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)

00:05:21,350 ERROR [stderr] (http--192.168.172.142-8080-1) Caused by: org.apache.cxf.ws.policy.PolicyException: No username available

 

 

Please let me know where is the issue?

 

 

Thanks in advance,

Sridhar

Reply to this message by going to Community

Start a new discussion in JBoss Web Services Development at Community