WSIT/Metro doesn't understand Security SOAP header

Question

I'm using WSIT/Metro to create a simple web-service. I'm getting the following error on the server when a client tries to connect with a simple username/passowrd authentication scheme:

2010.03.31. 19:10:33 com.sun.xml.ws.protocol.soap.MUTube getMisUnderstoodHeaders
INFO: Element not understood={http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security

I have no idea how to make WSIT understand the Security block.

The request I get from the client:

<?xml version="1.0" encoding="http://www.w3.org/2003/05/soap-envelope" standalone="no"?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
            soapenv:mustUnderstand="true">
            <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
                wsu:Id="UsernameToken-1">
                <wsse:Username>admin</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">admin</wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
        <wsa:To>http://localhost:11122/services/TopJtapiRemoteMethods</wsa:To>
        <wsa:MessageID>urn:uuid:D5C576F83D74F761311270055433217</wsa:MessageID>
        <wsa:Action>urn:hasCallPolling</wsa:Action>
    </soapenv:Header>
    <soapenv:Body />
</soapenv:Envelope>

The server's WSDL:

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions
    targetNamespace="http://soapserver.topjtapi.cti.topdesk.com"
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:ns="http://soapserver.topjtapi.cti.topdesk.com"
    xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
    xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
    xmlns:xs="http://www.w3.org/2001/XMLSchema"
    xmlns:wsoap12="http://schemas.xmlsoap.org/wsdl/soap12/">
    <wsp:Policy wsu:Id="PasswordAuthPolicy">
        <wsp:All>
            <sp:SupportingTokens>
                <wsp:Policy>
                    <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssUsernameToken10 />
                        </wsp:Policy>
                    </sp:UsernameToken>
                </wsp:Policy>
            </sp:SupportingTokens>
        </wsp:All>
    </wsp:Policy>

    <wsdl:types>
        <!-- ... -->
    </wsdl:types>
    <wsdl:message name="incomingCallRequest">
        <!-- ... -->
    </wsdl:message>
    <wsdl:portType name="TopJtapiRemoteMethodsPortType">
        <!-- ... -->
    </wsdl:portType>
    <wsdl:binding name="TopJtapiRemoteMethodsSoap12Binding" type="ns:TopJtapiRemoteMethodsPortType">
        <wsp:PolicyReference URI="#PasswordAuthPolicy"/>
        <wsoap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
        <wsdl:operation name="hasCallPolling">
            <!-- ... -->
        </wsdl:operation>
    </wsdl:binding>
    <wsdl:service name="TopJtapiRemoteMethods">
        <wsdl:port name="TopJtapiRemoteMethodsHttpSoap12Endpoint" binding="ns:TopJtapiRemoteMethodsSoap12Binding">
        </wsdl:port>
    </wsdl:service>
</wsdl:definitions>

My code, setting up the server:

import java.io.InputStream;
import java.util.Collections;

import javax.jws.WebService;
import javax.xml.transform.Source;
import javax.xml.transform.stream.StreamSource;
import javax.xml.ws.Endpoint;
import javax.xml.ws.Holder;

import com.topdesk.cti.topjtapi.soapserver2.HasCallPollingResponse;
import com.topdesk.cti.topjtapi.soapserver2.TopJtapiRemoteMethodsPortType;

public class EndpointTester {

    @WebService(endpointInterface = "com.topdesk.cti.topjtapi.soapserver2.TopJtapiRemoteMethodsPortType")
    private static final class MockImplementation implements TopJtapiRemoteMethodsPortType {
        @Override
        public HasCallPollingResponse hasCallPolling() {
            return null;
        }
    }

    /**
     * @see javax.xml.ws.soap.SOAPBinding#SOAP12HTTP_BINDING
     * @see https://jax-ws.dev.java.net/2.1.7/docs/soap12.html
     */
    private static final String SOAP12_BINDING_ID = "http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/";

    public static void main(String[] args) throws Exception {
        Endpoint endpoint = Endpoint.create(SOAP12_BINDING_ID, new MockImplementation());
        InputStream wsdlStream = EndpointTester.class.getResourceAsStream("/topjtapi-webapp/wsdl/TopJtapiRemoteMethods.wsdl");
        endpoint.setMetadata(Collections.<Source> singletonList(new StreamSource(wsdlStream, "http://soapserver.topjtapi.cti.topdesk.com")));
        endpoint.publish("http://localhost/services/TopJtapiRemoteMethods");

        System.in.read();
    }
}

Answer 1

I just had the same problem, I solved by updating mi project to METRO 2.0. on Netbeans, Project Properties -> import Library -> MEtro 2.0.

On glassfish just update the same library by command line.

Answer 2

I am not sure about the error, but I assume the server doesn't know about this namespace: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd.

You don't wrote about the client. Metro also I assume. - With same version? - Did you use wsimport to create it?

If don't create a new client, use some IDE wizard to create it, also to configure the security. This should work if it was human error..