wood burning stoves 2.0*
The moose likes Web Services and the fly likes WSE security authentication problem. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "WSE security authentication problem." Watch "WSE security authentication problem." New topic
Author

WSE security authentication problem.

K.K
Greenhorn

Joined: Oct 15, 2008
Posts: 1
Hi,

There is a web service that is hosted on a server. (a .net smart client architecture).

I did the following:

1. Created java stubs via wsdl2java axis tool.
2. Compiled and put them in a jar.
3. Used that jar and axis jars to invoke the web services.
4. Got the following error:

faultDetail:
{http://xml.apache.org/axis/}stackTrace:Message did not meet security requirements.
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source)


Then I searched the internet and did the following:

1. Created a WSDD file as :

<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http" pivot="java rg.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java rg.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameToken"/>
<parameter name="passwordType" value="PasswordText"/>
<parameter name="user" value="username"/>
<parameter name="passwordCallbackClass" value="PWCallBack"/>
</handler>
</requestFlow >
</globalConfiguration >
</deployment>

2. Also created a callback class as :

public class PWCallBack implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
// set the password given a username
if ("username".equals(pc.getIdentifer())) {
pc.setPassword("");
}
} else {
throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
}
}
}
}


3. Changed the web service invocation code as :

FileInputStream wsSecurity = new FileInputStream("XYZ.wsdd");
EngineConfiguration config = new FileProvider(wsSecurity);

com.XYZ.www.webservices.XYZWebService service =
new com.XYZ.www.webservices.XYZWebServiceLocator(config);

4. Then I used this service object to invoke the service.

5. I get the following error:

faultString: An invalid security token was provided ---> The incoming Username token must contain password if the password option is set to be SendPlainText.
faultActor: http://192.120.14.69:4491/te/XYZWebService.asmx
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:An invalid security token was provided ---> The incoming User
name token must contain password if the password option is set to be SendPlainText.
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source)

The main problem is that the username that I have to use does not require a password. When I send null or empty password, I get this error.

Please help.

Thanks in advance.

[ October 15, 2008: Message edited by: K.K ]
[ October 15, 2008: Message edited by: K.K ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: WSE security authentication problem.
 
Similar Threads
IOException: Keystore was tampered with, or password was incorrect
problem in configure wss4j in axis 1.4 with JBoss application server
What is this error without any useful error information?
Configuring the SOAP Header in client
digest authentication on client side implementation.