WSO2 Identity Server and Metro client issue..
WSO2 Identity Server and Metro client issue..
January 26, 2012 - 03:48
Hi,
We have deployed a WSO2 Identity Server to provide security token service for our web service clients in our organization. I have prepared a client code to invoke a test web service including sts configuration to retrieve token from identity server. But as a result, i am getting this exception : "javax.xml.ws.soap.SOAPFaultException: Missing wsse:Security header in request". According to my client code, the security header must be in request. My test server wsdl and client code are below
Has anyone worked with WSO2 server and metro client both ? What can be the solution of my problem ? How can i add the security header to my soap call ?
Thanks..
---- Client Code Start ----
package org.apache.ws.axis2;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.WebServiceFeature;
import com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration;
import com.sun.xml.ws.security.trust.STSIssuedTokenFeature;
import com.sun.xml.ws.security.trust.impl.client.DefaultSTSIssuedTokenConfiguration;
public class TestClient {
private static TestPortType port;
public static void main(String args[]){
System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", "true");
mediate();
}
public static void mediate() {
try {
getPort().mediate();
} catch (Exception ex) {
ex.printStackTrace();
}
}
private static TestPortType getPort() {
if (port == null) {
getWebService();
}
return port;
}
private static TestPortType getWebService() {
DefaultSTSIssuedTokenConfiguration config = new DefaultSTSIssuedTokenConfiguration();
config.setSTSInfo(STSIssuedTokenConfiguration.PROTOCOL_13, "https://esbdev:9453/services/wso2carbon-sts", "https://esbdev:9453/services/wso2carbon-sts?wsdl", "wso2carbon-sts", "wso2carbon-stsHttpsSoap11Endpoint", "http://ws.apache.org/axis2");
config.getOtherOptions().put(com.sun.xml.wss.XWSSConstants.USERNAME_PROPERTY, "admin");
config.getOtherOptions().put(com.sun.xml.wss.XWSSConstants.PASSWORD_PROPERTY, "admin");
config.getOtherOptions().put(STSIssuedTokenConfiguration.SHARE_TOKEN, "true");
config.getOtherOptions().put(STSIssuedTokenConfiguration.LIFE_TIME, Integer.valueOf(36000));
config.getOtherOptions().put(STSIssuedTokenConfiguration.RENEW_EXPIRED_TOKEN, "true");
STSIssuedTokenFeature feature = new STSIssuedTokenFeature(config);
Test service = new Test();
port = service.getTestHttpsSoap11Endpoint(new WebServiceFeature[]{feature});
((BindingProvider)port).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://esbdev:8253/services/test.testHttpSoap11Endpoint");
return port;
}
}
---- Client Code End ----
---- Test Wsdl Start ----
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SigEncr">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireThumbprintReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:SupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:IssuedToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<sp:RequestSecurityTokenTemplate
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<t:TokenType>
urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
<t:KeyType>
http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
</t:KeyType>
<t:KeySize>256</t:KeySize>
<t:Claims Dialect="http://wso2.org/claims"
xmlns:ic="http://schemas.xmlsoap.org/ws/2005/05/identity">
<ic:ClaimType Uri="http://wso2.org/claims/givenname" />
</t:Claims>
</sp:RequestSecurityTokenTemplate>
<wsp:Policy>
<sp:RequireInternalReference />
</wsp:Policy>
</sp:IssuedToken>
</wsp:Policy>
</sp:SupportingTokens>
<wsp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Policy>
<sp:MustSupportRefKeyIdentifier />
<sp:MustSupportRefIssuerSerial />
<sp:MustSupportRefThumbprint />
<sp:RequireSignatureConfirmation />
</sp:Policy>
</wsp:Wss11>
<wsp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Policy>
<sp:MustSupportRefKeyIdentifier />
<sp:MustSupportRefIssuerSerial />
</sp:Policy>
</wsp:Wss10>
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body />
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types />
<wsdl:message name="in" />
<wsdl:message name="out" />
<wsdl:portType xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" name="testPortType" wsp:PolicyURIs="#SigEncr">
<wsdl:operation name="mediate">
<wsdl:input message="tns:in" wsaw:Action="urn:mediate" />
<wsdl:output message="tns:out" wsaw:Action="urn:mediateResponse" />
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="testSoap11Binding" type="tns:testPortType">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
<wsdl:operation name="mediate">
<soap:operation soapAction="urn:mediate" style="document" />
<wsdl:input>
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="testSoap12Binding" type="tns:testPortType">
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
<wsdl:operation name="mediate">
<soap12:operation soapAction="urn:mediate" style="document" />
<wsdl:input>
<soap12:body use="literal" />
</wsdl:input>
<wsdl:output>
<soap12:body use="literal" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:binding name="testHttpBinding" type="tns:testPortType">
<http:binding verb="POST" />
<wsdl:operation name="mediate">
<http:operation location="mediate" />
<wsdl:input>
<mime:content type="text/xml" part="parameters" />
</wsdl:input>
<wsdl:output>
<mime:content type="text/xml" part="parameters" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="test">
<wsdl:port name="testHttpsSoap11Endpoint" binding="tns:testSoap11Binding">
<soap:address location="https://esbdev:8253/services/test.testHttpsSoap11Endpoint" />
</wsdl:port>
<wsdl:port name="testHttpSoap11Endpoint" binding="tns:testSoap11Binding">
<soap:address location="http://esbdev:8290/services/test.testHttpSoap11Endpoint" />
</wsdl:port>
<wsdl:port name="testHttpSoap12Endpoint" binding="tns:testSoap12Binding">
<soap12:address location="http://esbdev:8290/services/test.testHttpSoap12Endpoint" />
</wsdl:port>
<wsdl:port name="testHttpsSoap12Endpoint" binding="tns:testSoap12Binding">
<soap12:address location="https://esbdev:8253/services/test.testHttpsSoap12Endpoint" />
</wsdl:port>
<wsdl:port name="testHttpEndpoint" binding="tns:testHttpBinding">
<http:address location="http://esbdev:8290/services/test.testHttpEndpoint" />
</wsdl:port>
<wsdl:port name="testHttpsEndpoint" binding="tns:testHttpBinding">
<http:address location="https://esbdev:8253/services/test.testHttpsEndpoint" />
</wsdl:port>
</wsdl:service>
---- Test Wsdl End ----
---- Request XML Start ----
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<S:Header>
<To xmlns="http://www.w3.org/2005/08/addressing">
https://esbdev:9453/services/wso2carbon-sts</To>
<Action xmlns="http://www.w3.org/2005/08/addressing">
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</Action>
<ReplyTo xmlns="http://www.w3.org/2005/08/addressing">
<Address>
http://www.w3.org/2005/08/addressing/anonymous</Address>
</ReplyTo>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">
uuid:9f036b78-a2cf-4a6e-b821-d354a355305b</MessageID>
</S:Header>
<S:Body>
<trust:RequestSecurityToken xmlns:ns10="http://www.w3.org/2000/09/xmldsig#"
xmlns:ns13="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns:ns4="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
xmlns:ns5="http://docs.oasis-open.org/ws-sx/ws-trust/200512/"
xmlns:ns9="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"
xmlns:sc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512"
xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<trust:RequestType>
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>
http://esbdev:8253/services/test.testHttpSoap11Endpoint</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<trust:Lifetime>
<wsu:Created>2012-01-26T09:34:03.377Z</wsu:Created>
<wsu:Expires>2012-01-26T09:34:39.377Z</wsu:Expires>
</trust:Lifetime>
<trust:TokenType>
urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
<trust:KeyType>
http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</trust:KeyType>
<trust:KeySize>256</trust:KeySize>
<trust:Claims Dialect="http://wso2.org/claims">
<ns1:ClaimType xmlns:ns1="http://schemas.xmlsoap.org/ws/2005/05/identity"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
Uri="http://wso2.org/claims/givenname" />
</trust:Claims>
</trust:RequestSecurityToken>
</S:Body>
</S:Envelope>
---- Request XML End ----
