org.apache.axis2.AxisFault: Missing wsse:Security header in request

Apache's JIRA Issue Tracker | Edem Alipui | 8 years ago
  1. 0

    Hi, I'm working with Axis2 and Rampart to create secure web services, and I have the following issue: Whenever an Axis fault is generated on the server's side, the SOAP fault message send back to the client is not signed. It results in an error since the client is expecting a signed SOAP enveloppe. I'm working with AXIS2 1.4 and Rampart 1.4. I've tried to find out in the Issue Tracking section of Rampart web site. According to the following reports (http://issues.apache.org/jira/browse/RAMPART-18 and http://issues.apache.org/jira/browse/RAMPART-90 ) the issue is said to have been fixed in version 1.4 of Rampart so I'm wondering if I'm doing something wrong or if somehow the issue persists. Any clue will be very welcome. Thanks for the help. This is a normal message when there is no faults: [INFO] Deploying module: addressing-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/addressing-1.4.mar [INFO] Deploying module: rahas-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/rahas-1.4.mar [INFO] Deploying module: rampart-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/rampart-1.4.mar [INFO] Deploying module: metadataExchange - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/lib/mex- 1.4-impl.jar [INFO] Verification successful for URI "#Id-30303804" [INFO] Verification successful for URI "#id-20457766" [INFO] Verification successful for URI "#id-1412294" [INFO] Verification successful for URI "#Timestamp-2746929" Voici le resultat de l'appel: 1721 ========================================================== This is the message I'm getting when a fault is generated. ========================================================== [INFO] Deploying module: addressing-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/addressing-1.4.mar [INFO] Deploying module: rahas-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/rahas-1.4.mar [INFO] Deploying module: rampart-1.4 - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/ressources/modules/rampart-1.4.mar [INFO] Deploying module: metadataExchange - file:/C:/Data/projets/WebServices20080613/code/espaceDeTravail_20080709/essaisDeploiementWS14Client_1/lib/mex- 1.4-impl.jar [ERROR] Missing wsse:Security header in request org.apache.axis2.AxisFault: Missing wsse:Security header in request at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:172) ============================================== This is the soap enveloppe sent to the Client. ============================================== <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> <soapenv:Body> <soapenv:Fault> <soapenv:Code> <soapenv:Value>soapenv:Receiver</soapenv:Value> </soapenv:Code> <soapenv:Reason> <soapenv:Text xml:lang="en-US">ERREUR TEST ----- ERREUR TEST ----- ERREUR TEST</soapenv:Text> </soapenv:Reason> <soapenv:Detail/> </soapenv:Fault> </soapenv:Body> </soapenv:Envelope> =================================================================================================================================== This is the Policy file I'm using. Besides the locations of the Keystore, it is the same policy on both ends (service and client). =================================================================================================================================== <wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:ExactlyOne> <wsp:All> <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:InitiatorToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:InitiatorToken> <sp:RecipientToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> <wsp:Policy> <sp:RequireThumbprintReference /> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:RecipientToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:TripleDesRsa15 /> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax /> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp /> <sp:OnlySignEntireHeadersAndBody /> </wsp:Policy> </sp:AsymmetricBinding> <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <sp:Body /> <sp:Header Namespace="http://www.w3.org/2005/08/addressing" /> </sp:SignedParts> <!-- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <sp:Body /> </sp:EncryptedParts> --> <sp:Wss11> <wsp:Policy> <sp:MustSupportRefKeyIdentifier /> <sp:MustSupportRefIssuerSerial /> <sp:MustSupportRefThumbprint /> <sp:MustSupportRefEncryptedKey /> <sp:MustSupportSignatureConfirmation /> </wsp:Policy> </sp:Wss11> <sp:Trust10> <wsp:Policy> <sp:MustSupportIssuedTokens /> <sp:RequireClientEntropy /> <sp:RequireServerEntropy /> </wsp:Policy> </sp:Trust10> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> <ramp:user>test</ramp:user> <ramp:encryptionUser>test</ramp:encryptionUser> <ramp:passwordCallbackClass> org.example.www.essaisdeploiementwebservice2.PWCBHandler </ramp:passwordCallbackClass> <ramp:signatureCrypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file"> ressources\keys\ws.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeit</ramp:property> </ramp:crypto> </ramp:signatureCrypto> <ramp:encryptionCypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file">ressources\keys\ws.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeit</ramp:property> </ramp:crypto> </ramp:encryptionCypto> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> =================================================================================== This is the parts of axis2.xml where the security is enabled in the OutFaultFlow: =================================================================================== <phaseOrder type="OutFaultFlow"> <!-- user can add his own phases to this area --> <phase name="soapmonitorPhase"/> <phase name="OperationOutFaultPhase"/> <phase name="MessageOut"/> <phase name="RMPhase"/> <phase name="PolicyDetermination"/> <phase name="Security"/> </phaseOrder>

    Apache's JIRA Issue Tracker | 8 years ago | Edem Alipui
    org.apache.axis2.AxisFault: Missing wsse:Security header in request
  2. 0

    [jira] Commented: (RAMPART-155) Rampart throws error if it does not find password field in Username Token

    ws-rampart-dev | 8 years ago | James Robson (JIRA)
    org.apache.axis2.AxisFault: The security token could not be authenticated or authorized
  3. 0

    Securing STS (Security Token Service) with Kerberos | WSO2 Inc

    wso2.com | 7 months ago
    org.apache.axis2.AxisFault: Version of the SAML token does not match with the required version
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Charitha Kankanamge's blog: How to add a custom SOAP header to the request using AXIOM

    blogspot.com | 3 months ago
    org.apache.axis2.AxisFault: Missing wsse:Security header in request

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.apache.axis2.AxisFault

      Missing wsse:Security header in request

      at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault()
    2. Rampart - Core
      RampartReceiver.setFaultCodeAndThrowAxisFault
      1. org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:172)
      1 frame