Reputation: 2119
WS-Security: HttpsToken could not be asserted
I've got following ws policy inside my WSDL :
<wsp:Policy wssutil:Id="Wssp1.2-2007-Https-UsernameToken-Plain.xml">
<ns1:TransportBinding xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<ns1:TransportToken>
<wsp:Policy>
<ns1:HttpsToken/>
</wsp:Policy>
</ns1:TransportToken>
<ns1:AlgorithmSuite>
<wsp:Policy>
<ns1:Basic256/>
</wsp:Policy>
</ns1:AlgorithmSuite>
<ns1:Layout>
<wsp:Policy>
<ns1:Lax/>
</wsp:Policy>
</ns1:Layout>
<ns1:IncludeTimestamp/>
</wsp:Policy>
</ns1:TransportBinding>
<ns2:SupportingTokens xmlns:ns2="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<ns2:UsernameToken
ns2:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<ns2:WssUsernameToken10/>
<ns2:HashPassword/>
</wsp:Policy>
</ns2:UsernameToken>
</wsp:Policy>
</ns2:SupportingTokens>
</wsp:Policy>
To supporut WS security inside my client I've implemented:
((BindingProvider) port ).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, this.URL);
AddressingProperties maps = new AddressingPropertiesImpl();
((BindingProvider) port).getRequestContext().put("javax.xml.ws.addressing.context", maps);
Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
ctx.put("ws-security.callback-handler", UsernamePasswordCallback.class.getName());
UsernamePasswordCallback.user = this.USER;
UsernamePasswordCallback.pass = this.PASS;
ctx.put("ws-security.username", UsernamePasswordCallback.user);
ctx.put("ws-security.callback-handler", UsernamePasswordCallback.class.getName());
Client client = ClientProxy.getClient(port);
client.getOutInterceptors().add(new LoggingOutInterceptor());
client.getInInterceptors().add(new LoggingInInterceptor());
As far as I understand, that's how you usually do it when you have WssUsernameToken10 and HashPassword. The problems seems to be with TransportBinding:
HttpsToken could not be asserted: HttpURLConnection is not a HttpsURLConnection
Some people have faced this problem in the past, unfortunately, there seems to be no solution, no single reply.
I'd appreciate any thoughts.
Upvotes: 1
Views: 3180
Answers (2)
Reputation: 44432
If you are using <ns1:HttpsToken/> with http:// url (for example you are in development environment not using https) you will most likely have en error message complaining about HttpsToken issue with Http connection
If you are using HTTP connection replace HttpsToken to HttpToken.
Upvotes: 0
Reputation: 2119
If anyone faces similar issue I recommend to look at cxf library version: different versions on the server side and the client side might be causing this problem.
Upvotes: 1
Related Questions
- Consuming SOAP WS returns Error 401 unauthorized
- Caused by: org.apache.wss4j.common.ext.WSSecurityException: No certificates for user server were found for encryption
- getting an WS-security error while trying to send SOAP request toweb service
- Https web service call failure
- Trouble connecting java soap client to Ws-Security enabled .NET webservice
- sun.security.validator.ValidatorException when use web service methods by java
- WSSecurityException: The security token could not be authenticated or authorized
- Secure web service calls using WSS4J return "An error was discovered processing the <wsse:Security> header"
- Web service authentication using https giving error
- Calling a secured Web Service in Java