Skip to main content

>MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-2004

3 replies [Last post]
dtauzell
Offline
Joined: 2006-05-05
Points: 0

I created a web service with a UsernameToken policy but that does not require encryption. Because of that I am using metro 1.5.

I send my service a request with the following SOAP headers:

test
test

when I do that, I get the following error:

MustUnderstand headers:[{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood

I'm running this under JBoss using JDK 1.6. I wonder if there are certain jar files and/or configuration I need to do?

Any advice is appreciated.

-DAve

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
lindemannralf
Offline
Joined: 2008-08-20
Points: 0

What namespace do you use for "S" (S:mustUnderstand). There are changes between the versions of "http://schemas.xmlsoap.org/soap/envelope/" and "http://www.w3.org/2003/05/soap-envelope" especially with the mustUnderstand attribute.

kumarjayanti
Offline
Joined: 2003-12-10
Points: 0

This error generally happens if the server is not Security Enabled (no security policy in server WSDL) but the client is secure somehow (perhaps using a local WSDL). Do you see the policies in the service WSDL when accessed from a Browser (using ?wsdl)

Thanks.

jfingram
Offline
Joined: 2008-09-18
Points: 0

Hello, this error also appeared to me to use JAX-WS XWSS in using the Glassfish container, this is because Glassfish has not enabled the provider of message security ...

There are two ways to enable them:

* Admin Console
http://localhost:4848/
->Configuration->Security->Message Security->SOAP
Seleccionar:
XWS_ServerProvider in Provider
XWS_ClientProvider in Client Provider
click SAVE button.

* Tool asadmin

asadmin set --user adminuser
server-config.security-service.message-security-config.SOAP.default_provider=XWS_ServerProvider
asadmin set --user adminuser
server-config.security-service.message-security-config.SOAP.default_client_provider=XWS_ClientProvider