[jboss-user] [JBoss Web Services] - Problem implementing ws-security service (and client) in AS7.1.1

[Dimitris Keramidas]

Dimitris Keramidas [https://community.jboss.org/people/varkon] created the discussion

"Problem implementing ws-security service (and client) in AS7.1.1"

To view the discussion, visit: https://community.jboss.org/message/735080#735080

--------------------------------------------------------------
Hello,

I have been trying to migrate a secure web service deployed in JBoss AS 5.1 to AS7.1. Having realized that the process is quite different now, I decided to start small and follow the  https://docs.jboss.org/author/display/AS71/WS-Security WS-Security for AS7.1 documentation.Unfortunately, I did not manage to get the service working as expected (sign & encrypt). I keep getting errors like this:


WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding" was evaluated as "UNKNOWN".
WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss10" was evaluated as "UNKNOWN".
WARNING: WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN".
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
    at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)
    at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:111)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
    at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:129)
    at $Proxy22.sayHello(Unknown Source)
    at Test.main(Test.java:22)

or this (with a slightly altered WSDL):


WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding" was evaluated as "UNKNOWN".
WARNING: WSP0075: Policy assertion "{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}Wss10" was evaluated as "UNKNOWN".
WARNING: WSP0019: Suboptimal policy alternative selected on the client side with fitness "UNKNOWN".
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp: Received Timestamp does not match the requirements
    at com.sun.xml.internal.ws.fault.SOAP11Fault.getProtocolException(SOAP11Fault.java:178)
    at com.sun.xml.internal.ws.fault.SOAPFaultBuilder.createException(SOAPFaultBuilder.java:111)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:108)
    at com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
    at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:129)
    at $Proxy22.sayHello(Unknown Source)
    at Test.main(Test.java:22)



I have tried changing the ws-securitypolicy configuration in my WSDL - as described in the  http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/ws-securitypolicy.html WS-SecurityPolicy standard - but to no avail.
Are the sample web services described in the above  https://docs.jboss.org/author/display/AS71/WS-Security WS-Security link located anywhere? I would very much like to download them, and try to deploy them as they are. Perhaps I might get a better idea of what I might be doing wrong.

Regards,

Dimitris
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/735080#735080]

Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120511/fcadf536/attachment.html