Login/Register
Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault
Asked Answered
Solved javaspring-bootsoapspring-ws
S

2

5

I went through links like: SOAPFaultException "MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood", but still struggling.

I'm using Spring Boot v2.2.2..RELEASE and SOAP project.

I am loading two different WSDL file into my project. One URL Generates to http://localhost:8080/employee/employee-soap which works fine. But http://localhost:8080/student/student-soap this gives below error.

2020-02-17 15:31:00.241 WARN 20236 --- [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher : Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault

JavaCode:

@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter {

    @SuppressWarnings({ "rawtypes", "unchecked" })
    @Bean
    public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
        MessageDispatcherServlet servlet = new MessageDispatcherServlet();
        servlet.setApplicationContext(applicationContext);
        servlet.setTransformWsdlLocations(true);
        return new ServletRegistrationBean(servlet, "/*");
    }

    @Bean
    public SaajSoapMessageFactory messageFactory() {
        SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
        messageFactory.setSoapVersion(SoapVersion.SOAP_11);
        messageFactory.afterPropertiesSet();
        return messageFactory;
    }

    @Bean("empXSD")
    public XsdSchema organizationSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
    }


    @Bean(name = "employee")
    public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("employee");
        wsdl11Definition.setLocationUri("employee/employee-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }

    @Bean
    @Qualifier(value="stuXSD")
    public XsdSchema stuSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
    }

    @Bean(name = "student")
    public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("student");
        wsdl11Definition.setLocationUri("student-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }


    @Override
    public void addInterceptors(List<EndpointInterceptor> interceptors) {
        interceptors.add(new Interceptor(endpoints, req));
    }
}

Code:

@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{
    private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

    @Override
    public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {

    }

    @Override
    public boolean understands(SoapHeaderElement header) {
        if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {
            return true;
        }
        return false;
    }

}

Per observation, looks like even this SoapEndpointInterceptor is not calling, before to that only its giving error.

During calling SOAP endpoint, below header information is going and its giving Fault as I mentioned above. Any pointers ?

<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- 
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- 
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken- 
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username> 
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- 
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- 
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce>

2020-02-18T12:15:52.271Z

Salomone answered 17/2, 2020 at 10:19 Comment(0)
S
1

I was able to find the solution looking at https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/.

I simply used below bean and its started working fine.

@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
  security.setSecurementActions("NoSecurity");
  security.setSecurementPasswordType(WSConstants.PW_TEXT);
  return security;
}
Salomone answered 27/2, 2020 at 15:9 Comment(0)
S
4

You can try below config that would solve the issue.

@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
    Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
    security.setValidationActions("NoSecurity");
    security.setValidateRequest(false);
    security.setValidateResponse(true);
    return security;
}

@Override
public void addInterceptors(List<EndpointInterceptor> interceptors) {
    interceptors.add(securityInterceptor());
}
Shortly answered 18/3, 2021 at 2:6 Comment(1)
It works pretty good! Thanks!Reeves
S
1

I was able to find the solution looking at https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/.

I simply used below bean and its started working fine.

@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
  security.setSecurementActions("NoSecurity");
  security.setSecurementPasswordType(WSConstants.PW_TEXT);
  return security;
}
Salomone answered 27/2, 2020 at 15:9 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.