sreedhar y [
https://community.jboss.org/people/sreedhar_45] created the discussion
"Web service client user token authentication problem"
To view the discussion, visit:
https://community.jboss.org/message/774844#774844
--------------------------------------------------------------
Hi,
We have got a webservice with the following security policy from the client.
<wsp:Policy orawsp:provides="{
http://docs.oasis-open.org/ns/opencsa/sca/200903
http://docs.oasis-open.org/ns/opencsa/sca/200903}authentication, {
http://docs.oasis-open.org/ns/opencsa/sca/200903
http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication, {
http://docs.oasis-open.org/ns/opencsa/sca/200903
http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication.mes..., {
http://schemas.oracle.com/ws/2006/01/policy
http://schemas.oracle.com/ws/2006/01/policy}token.usernamePassword"
wsu:Id="wss_username_token_service_policy" xmlns:wsp="
http://schemas.xmlsoap.org/ws/2004/09/policy
http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns="
http://schemas.xmlsoap.org/ws/2004/09/policy
http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:orawsp="
http://schemas.oracle.com/ws/2006/01/policy
http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...
xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance
http://www.w3.org/2001/XMLSchema-instance">
<sp:SupportingTokens xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysT...
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysT...
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>
We generated client classes using the Java JAX-WS tool from the wsdl(used the wsimport
command).Afer that used the SecurityHandler class( attached the file) which incorporates
the securtiy information in the handleMessage() method.
When i called the web service method from a standlone client class ,security
authentication is done and got the webservice response.
But when accessing the webservice from the application deployed from JBoss7.1.0,Security
Handler's handleMessage() method is not invoked due to this i am getting the excetion
as
org.apache.cxf.ws.policy.PolicyException: No username available
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.policyNotAsserted(UsernameTokenInterceptor.java:398)
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:341)
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:267)
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:112)
at
org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:76)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:461)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:364)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:317)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
00:05:21,350 ERROR [stderr] (http--192.168.172.142-8080-1) Caused by:
org.apache.cxf.ws.policy.PolicyException: No username available
Please let me know where is the issue?
Thanks in advance,
Sridhar
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/774844#774844]
Start a new discussion in JBoss Web Services Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]