on 02-08-2005 9:56 AM
I have configured ssl on the WAS server which also has ABAP stack. and now I am trying to call a webservice on this server it gives me following error.
javax.xml.rpc.soap.SOAPFaultException: 000E7F30E8EB00630000006900000B2C0003EF96E913B03D : An error occurred during processing the timestamp. The error was: com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the policy configuration..
at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:478)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
at Client.StoreFileVi_Document_Stub.saveFile(StoreFileVi_Document_Stub.java:70)
at MainClass.sendFile(MainClass.java:188)
at MainClass.simpleGui(MainClass.java:205)
at MainClass.main(MainClass.java:164)
same web service was working fine on other server with only java stack.
Looks like an configuration issue. There are two way for doing security for SOAP: either based on the transport (i.e. HTTP over SSL) or by protecting the document itself using XML Signature and XML Encryption (see http://help.sap.com/saphelp_nw04/helpdata/en/50/a5d13f83a14d21e10000000a1550b0/frameset.htm)
For me it looks like your ws is expecting an wsse:Security header, but the client does not send one. What kind of authentication did you configure for the ws? Transport or document security?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The error is not related to the transport protocol.
The difference between transport and document security is that in the first case you are using SSL for transport. So regardless of what you send, it is encrypted by the SSL socket and decrypted by the receiving server socket.
Document security is protecting the message on the SOAP level by applying XML Signature and XML encryption to the message. Document security relies on things like a keystore and secure store, so it only supported for deployable proxies. So for document security it does not matter if you are using http or https.
What is happening in you scenario is that the service is expecting document security with an wsse:Security header, and the standalone proxy is not able to send such a header. The solution would be
1) to switch to a deployable proxy and configure document security for that one
2) use the standalone proxy and switch to transport security.
This problem is seen in the WAS servers greater than 2.0.4
can any body can tell what should be done about it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.