XwsSecurityInterceptor on Client side does not populate header

**kkrikor** · Sep 30th, 2009, 03:39 PM

Hey guys ,

I am trying to apply security to my client web services. but for some reason it seems that the header is always staying empty. Here's what i get when i execute

Code:

09/30 15:53:53.272 [http-8080-1] TRACE o.s.ws.server.MessageTracing.sent:175 - Sent response [<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>SOAP-ENV:Client</faultcode><faultstring xml:lang="en">com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ AuthenticationTokenPolicy(S) ]:  No Security Header found; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ AuthenticationTokenPolicy(S) ]:  No Security Header found</faultstring></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>] for request [<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/><SOAP-ENV:Body>...</SOAP-ENV:Body>

Here's my application context xml configuration file.

Code:

     <bean id="soapStudySubject" class="x.ws.client.SoapStudySubject">
        <property name="webServiceTemplate" ref="webServiceTemplate"/>
    </bean>
     
    <bean id="messageFactory" class="org.springframework.ws.soap.saaj.SaajSoapMessageFactory"/>
    
    <bean id="xwss"
        class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
        <property name="policyConfiguration" value="classpath:client-securityPolicy.xml" /> 
        <property name="callbackHandler">
            <bean class="org.springframework.ws.soap.security.xwss.callback.MockValidationCallbackHandler" />
        </property>
    </bean>
    
    <bean id="webServiceTemplate" class="org.springframework.ws.client.core.WebServiceTemplate">
        <constructor-arg ref="messageFactory"/>
        <property name="defaultUri" value="http://localhost:8080/x/ws/studySubject/v1"/>
        <property name="interceptors">
            <list><ref bean="xwss"/></list>
        </property>
    </bean>

this is my client-securityPolicy.xml

Code:

<xwss:SecurityConfiguration dumpMessages="true" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">  
<xwss:UsernameToken name="cafe" password="babe" useNonce="false" digestPassword="false"/>  
</xwss:SecurityConfiguration>

Here's my java client code

Code:

public class SoapStudySubject extends WebServiceGatewaySupport {


    private static final String NAMESPACE_URI = "http://x/ws/studySubject/v1";

    public String createSubject(SubjectBean subjectBean, StudyBean studyBean, StudySubjectBean studySubject) {
        Element requestElement = prepareRequest(subjectBean, studyBean, studySubject);
        DOMSource source = new DOMSource(requestElement);
        DOMResult result = new DOMResult();
        getWebServiceTemplate().sendSourceAndReceiveToResult(source, result);
        return processResponse(result.getNode());
    }
...
}

Anything I am doing wrong here ?

Thread: XwsSecurityInterceptor on Client side does not populate header

Thread Tools

Display

Hybrid View

XwsSecurityInterceptor on Client side does not populate header

Posting Permissions