JBoss Community

Problem implementing ws-security service (and client) in AS7.1.1

created by Dimitris Keramidas in JBoss Web Services - View the full discussion

Hello,

 

I have been trying to migrate a secure web service deployed in JBoss AS 5.1 to AS7.1. Having realized that the process is quite different now, I decided to start small and follow the WS-Security for AS7.1 documentation.Unfortunately, I did not manage to get the service working as expected (sign & encrypt). I keep getting errors like this:

 


WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding" was evaluated as "UNKNOWN".
WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss10" was evaluated as "UNKNOWN".
WARNING: WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN".
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
    at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)
    at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:111)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
    at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:129)
    at $Proxy22.sayHello(Unknown Source)
    at Test.main(Test.java:22)

 

or this (with a slightly altered WSDL):

 


WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding" was evaluated as "UNKNOWN".
WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss10" was evaluated as "UNKNOWN".
WARNING: WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN".
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp: Received Timestamp does not match the requirements
    at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)
    at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:111)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
    at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:129)
    at $Proxy22.sayHello(Unknown Source)
    at Test.main(Test.java:22)

 

 

I have tried changing the ws-securitypolicy configuration in my WSDL - as described in the WS-SecurityPolicy standard - but to no avail.

Are the sample web services described in the above WS-Security link located anywhere? I would very much like to download them, and try to deploy them as they are. Perhaps I might get a better idea of what I might be doing wrong.

 

Regards,

 

Dimitris

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community