Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault

I went through links like: SOAPFaultException “MustUnderstand headers (oasis-200401-wss-wssecurity-secext-1.0.xsd) are not understood”, but still struggling.

I’m using Spring Boot v2.2.2..RELEASE and SOAP project.

I am loading two different WSDL file into my project. One URL Generates to http://localhost:8080/employee/employee-soap which works fine. But http://localhost:8080/student/student-soap this gives below error.

2020-02-17 15:31:00.241 WARN 20236 — [nio-8080-exec-5] o.s.w.soap.server.SoapMessageDispatcher : Could not handle mustUnderstand headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. Returning fault

JavaCode:

@EnableWs
@Configuration
public class AppConfig extends WsConfigurerAdapter {

    @SuppressWarnings({ "rawtypes", "unchecked" })
    @Bean
    public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {
        MessageDispatcherServlet servlet = new MessageDispatcherServlet();
        servlet.setApplicationContext(applicationContext);
        servlet.setTransformWsdlLocations(true);
        return new ServletRegistrationBean(servlet, "/*");
    }

    @Bean
    public SaajSoapMessageFactory messageFactory() {
        SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();
        messageFactory.setSoapVersion(SoapVersion.SOAP_11);
        messageFactory.afterPropertiesSet();
        return messageFactory;
    }

    @Bean("empXSD")
    public XsdSchema organizationSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));
    }


    @Bean(name = "employee")
    public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("employee");
        wsdl11Definition.setLocationUri("employee/employee-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }

    @Bean
    @Qualifier(value="stuXSD")
    public XsdSchema stuSchema() {
        return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));
    }

    @Bean(name = "student")
    public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {
        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();
        wsdl11Definition.setPortTypeName("student");
        wsdl11Definition.setLocationUri("student-soap");
        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");
        wsdl11Definition.setSchema(schema);
        wsdl11Definition.setCreateSoap11Binding(true);
        return wsdl11Definition;
    }


    @Override
    public void addInterceptors(List<EndpointInterceptor> interceptors) {
        interceptors.add(new Interceptor(endpoints, req));
    }
}

JavaScript
​x
 
@EnableWs@Configurationpublic class AppConfig extends WsConfigurerAdapter {​    @SuppressWarnings({ "rawtypes", "unchecked" })    @Bean    public ServletRegistrationBean messageDispatcherServlet(ApplicationContext applicationContext) {        MessageDispatcherServlet servlet = new MessageDispatcherServlet();        servlet.setApplicationContext(applicationContext);        servlet.setTransformWsdlLocations(true);        return new ServletRegistrationBean(servlet, "/*");    }​    @Bean    public SaajSoapMessageFactory messageFactory() {        SaajSoapMessageFactory messageFactory = new SaajSoapMessageFactory();        messageFactory.setSoapVersion(SoapVersion.SOAP_11);        messageFactory.afterPropertiesSet();        return messageFactory;    }​    @Bean("empXSD")    public XsdSchema organizationSchema() {        return new SimpleXsdSchema(new ClassPathResource("/xsd/employee.xsd"));    }​​    @Bean(name = "employee")    public DefaultWsdl11Definition defaultWsdl11Definition(@Qualifier("empXSD") XsdSchema schema) {        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();        wsdl11Definition.setPortTypeName("employee");        wsdl11Definition.setLocationUri("employee/employee-soap");        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:employee");        wsdl11Definition.setSchema(schema);        wsdl11Definition.setCreateSoap11Binding(true);        return wsdl11Definition;    }​    @Bean    @Qualifier(value="stuXSD")    public XsdSchema stuSchema() {        return new SimpleXsdSchema(new ClassPathResource("/xsd/student.xsd"));    }​    @Bean(name = "student")    public DefaultWsdl11Definition geographyWsdl11Definition(@Qualifier("stuXSD") XsdSchema schema) {        DefaultWsdl11Definition wsdl11Definition = new DefaultWsdl11Definition();        wsdl11Definition.setPortTypeName("student");        wsdl11Definition.setLocationUri("student-soap");        wsdl11Definition.setTargetNamespace("urn:example.com:dms:wsdls:student");        wsdl11Definition.setSchema(schema);        wsdl11Definition.setCreateSoap11Binding(true);        return wsdl11Definition;    }​​    @Override    public void addInterceptors(List<EndpointInterceptor> interceptors) {        interceptors.add(new Interceptor(endpoints, req));    }}​

Code:

@Configuration
public class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{
    private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

    @Override
    public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {
        return true;
    }

    @Override
    public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {

    }

    @Override
    public boolean understands(SoapHeaderElement header) {
        if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {
            return true;
        }
        return false;
    }

}

JavaScript
 
@Configurationpublic class SimpleMustUnderstandEndpointInterceptor implements SoapEndpointInterceptor{    private final String SAMPLE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";​    @Override    public boolean handleRequest(MessageContext messageContext, Object endpoint) throws Exception {        return true;    }​    @Override    public boolean handleResponse(MessageContext messageContext, Object endpoint) throws Exception {        return true;    }​    @Override    public boolean handleFault(MessageContext messageContext, Object endpoint) throws Exception {        return true;    }​    @Override    public void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex) throws Exception {​    }​    @Override    public boolean understands(SoapHeaderElement header) {        if(header.getName().getNamespaceURI().equalsIgnoreCase(SAMPLE_NS)) {            return true;        }        return false;    }​}​

Per observation, looks like even this SoapEndpointInterceptor is not calling, before to that only its giving error.

During calling SOAP endpoint, below header information is going and its giving Fault as I mentioned above. Any pointers ?

<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- 
secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- 
wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken- 
518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username> 
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- 
username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- 
message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce>

JavaScript
 
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401- wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken- 518482F2CDC2F635FF158202815227129"><wsse:Username>aispoc_usr1</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- username-token-profile-1.0#PasswordText">aispoc_usr1</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap- message-security-1.0#Base64Binary">/fdGCEilz/dkVeZE05b7LQ==</wsse:Nonce> ​

2020-02-18T12:15:52.271Z

Answer

I was able to find the solution looking at https://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html and https://memorynotfound.com/spring-ws-username-password-authentication-wss4j/.

I simply used below bean and its started working fine.

@Bean
public Wss4jSecurityInterceptor securityInterceptor() {
  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();
  security.setSecurementActions("NoSecurity");
  security.setSecurementPasswordType(WSConstants.PW_TEXT);
  return security;
}

JavaScript
 
@Beanpublic Wss4jSecurityInterceptor securityInterceptor() {  Wss4jSecurityInterceptor security = new Wss4jSecurityInterceptor();  security.setSecurementActions("NoSecurity");  security.setSecurementPasswordType(WSConstants.PW_TEXT);  return security;}​

Advertisement

Answer