dev@glassfish.java.net

Re: Glassfish v3 + Metro issue

From: Lukas Jungmann <lukas.jungmann_at_oracle.com>
Date: Mon, 15 Oct 2012 17:10:37 +0200

Hi,

    I'm not sure about the issue you're seeing - leaving that for others
but metro sources in svn repository at:
https://svn.java.net/svn/wsit~svn/trunk/wsit/

--lukas

On 15.10.2012 16:56, Munaf Sahaf wrote:
> Hello All,
>
> I am running into an issue with Metro in Glassfish v3. I have a ejb which
> we exposed as secure web service (Message Authentication over SSL), works
> great in Glassfish v2 but when we deploy on Glassfish v3 it is throwing
> following exception:
>
> "com.sun.xml.wss.impl.XWSSecurityRuntimeException: WSS1601: Security
> Requirements not met - Transport binding configured in policy but incoming
> message was not SSL enabled
> at
> com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.verifyPolicy(MessagePolicyVerifier.java:125)"
>
> WS Policy used is *TransportBinding + SignedSupportingTokens/usernametoken*
>
> The whole communication is over HTTPS but not sure why it say "incoming
> message was not SSL enabled".
>
> *com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.java*
> public void [More ...] verifyPolicy(SecurityPolicy ip, SecurityPolicy ap)
> throws PolicyViolationException {
>
> MessagePolicy actualPolicy = (MessagePolicy)ap;
> MessagePolicy inferredSecurityPolicy = (MessagePolicy)ip;
> JAXBFilterProcessingContext context = null;
> if (ctx instanceof JAXBFilterProcessingContext) {
> context = (JAXBFilterProcessingContext)ctx;
> }
> //this code has been moved from SecurityRecipient.
> //because in the presence of alternatives this check has to be done
> //with a specific actualpolicy only.
> if (actualPolicy != null) {
> if (actualPolicy.isSSL() && context != null &&
> !context.isSecure()) {
> log.log(Level.SEVERE,
> LogStringsMessages.WSS_1601_SSL_NOT_ENABLED());
> throw new
> XWSSecurityRuntimeException(LogStringsMessages.WSS_1601_SSL_NOT_ENABLED());
> }
> }
>
> ----
>
> I don't understand why context.isSecure() will return false .. all
> communication is made over HTTPS.
>
>
> Any insight into this issue would be helpful. Also is there a public
> repository of metro where i can download the source code.
>
> Thanks,
> Munaf
>
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.