[jboss-dev-forums] [JBoss Web Services Development] - Web service client user token authentication problem

[sreedhar y]

sreedhar y [https://community.jboss.org/people/sreedhar_45] created the discussion

"Web service client user token authentication problem"

To view the discussion, visit: https://community.jboss.org/message/774844#774844

--------------------------------------------------------------
Hi,

We have got a  webservice with the following security policy from the client.

<wsp:Policy orawsp:provides="{ http://docs.oasis-open.org/ns/opencsa/sca/200903 http://docs.oasis-open.org/ns/opencsa/sca/200903}authentication, { http://docs.oasis-open.org/ns/opencsa/sca/200903 http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication, { http://docs.oasis-open.org/ns/opencsa/sca/200903 http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication.message, { http://schemas.oracle.com/ws/2006/01/policy http://schemas.oracle.com/ws/2006/01/policy}token.usernamePassword" wsu:Id="wss_username_token_service_policy" xmlns:wsp=" http://schemas.xmlsoap.org/ws/2004/09/policy http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns=" http://schemas.xmlsoap.org/ws/2004/09/policy http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:orawsp=" http://schemas.oracle.com/ws/2006/01/policy http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance">
<sp:SupportingTokens xmlns:sp=" http://schemas.xmlsoap.org/ws/2005/07/securitypolicy http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken=" http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>

We generated client classes using the Java JAX-WS tool from the wsdl(used the wsimport command).Afer that used the SecurityHandler  class( attached the file)  which incorporates the securtiy information in the handleMessage() method.

When i called the web service method from a standlone client class ,security authentication is done and got the webservice response.
But when accessing the webservice from the application deployed from JBoss7.1.0,Security Handler's handleMessage() method is not invoked due to this i am getting the excetion as 

org.apache.cxf.ws.policy.PolicyException: No username available
 at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.policyNotAsserted(UsernameTokenInterceptor.java:398)
 at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:341)
 at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.addUsernameToken(UsernameTokenInterceptor.java:267)
 at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:112)
 at org.apache.cxf.ws.security.wss4j.UsernameTokenInterceptor.handleMessage(UsernameTokenInterceptor.java:76)
 at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
 at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:531)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:461)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:364)
 at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:317)
 at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
00:05:21,350 ERROR [stderr] (http--192.168.172.142-8080-1) Caused by: org.apache.cxf.ws.policy.PolicyException: No username available


Please let me know where is the issue?


Thanks in advance,
Sridhar
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/774844#774844]

Start a new discussion in JBoss Web Services Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2047]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20121105/3171cd8a/attachment.html