[jboss-user] [JBossWS] - [WSSecurityHandler] Cannot obtain security configuration

thomasrynne do-not-reply at jboss.com
Tue Oct 10 13:08:24 EDT 2006

I get the following in the jboss log when trying to use a jbossws webservice with a security domain. i.e. @SecurityDomain("mydomain"):

     [java] 17:58:11,224 WARN  [WSSecurityHandler] Cannot obtain security configuration
     [java] 17:58:11,240 ERROR [SOAPFaultExceptionHelper] SOAP request exception
     [java] javax.xml.rpc.soap.SOAPFaultException: Unprocessed 'mustUnderstand' header element: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
     [java] at org.jboss.ws.handler.HandlerChainBaseImpl.checkMustUnderstand(HandlerChainBaseImpl.java:505)
     [java] at org.jboss.ws.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:229)

Btw, I am using annotations and the class files are in a sar.

Here are my questions, answers to any of these would be greatly appreciated.

-Do I get the error because the security configuration can not be found?
-Does 'security configuration' mean jboss-wsse-server.xml?
-Where should jboss-wsse-server.xml go in a .sar? I've tried the root and META-INF directories.
-Will I find things easier if I don't use annotations?
-Once I have this working will jbossws automatially hook into the existing jboss JAAS authentication?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3977311#3977311

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3977311

More information about the jboss-user mailing list