Friday, November 30, 2007

javax.xml.ws.soap.SOAPFaultException: ERROR: No security header found


Here using Netbeans 6.0rc2 and Glassfish 2 (Sun Java System Application Server 9.1 (build b58g-fcs)) that came bundled in Netbeans download, using java version 1.6.0_03 on Ubuntu 7.10 gusty.

The SecureCalculatorApp and SecureCalculatorClientApp sample applications (New Project->Samples->Web Services->Secure Calculator) work perfect. However, if you try to develop and run a Java destkop application client to consume the CalculatorWS web service in SecureCalculatorApp you obtain

javax.xml.ws.soap.SOAPFaultException: ERROR: No security header found in the message

There are some posts with comments and solutions, but sometimes they don't apply exactly to these software versions, or even worst, sometimes it's not completely clear which versions they are related to. To avoid confusion, the versions I've been testing are clearly stated before.

You can download the full example from [here]. Then Build and Run.

Don't replace or update the certificates in Glassfish because it's not necessary, at least in the scope of this example.

Open the project properties and under lib
  1. Remove JAX-WS 2.1
  2. Add from Glassfish lib directories
  • webservices-rt.jar
  • appserv-rt.jar
  • javaee.jar
  • webservices-tools.jar
  • endorsed/activation.jar
  • endorsed/webservices-api.jar


Rebuild the project, and hopefully everything will work fine. Obviously, SecureCalculatorApp must be deployed for this example to work.

Troubleshooting
If something goes wrong, for example you are receiving an exception like this

Nov 30, 2007 2:32:20 PM [com.sun.xml.ws.policy.jaxws.PolicyConfigParser] parse
INFO: WSP1049: Loaded WSIT configuration from file: file:/home/diego/tmp/NetBeansProjects/SecureCalculatorGUI/build/classes/META-INF/wsit-client.xml
Nov 30, 2007 2:32:21 PM com.sun.xml.wss.jaxws.impl.SecurityPipeBase populateTruststoreProps
SEVERE: WSSPIPE0016: TrustStore URL was obtained as NULL from ConfigAssertion.


You may need to verify your Security settings in the Web Service Reference.
Right click on CalculatorWSService and open Edit Web Serice Attributes and verify these settings.



and clicking Truststore..., verify that Location points to /SecureCalculatorGUI/src/securecalculatorgui/resources/client-truststore.jks as showed in this screenshot


As usual, the password is changeit.

Hope this helps and saves you time looking into the wrong direction.
Comments, suggestions, fixes, etc. are gladly welcome.

4 comments:

Antti Ropponen said...

Fisrt I'd like to thank you for this posted issue, but I'd like to ask you, what are the deafult alias' in glassfish v2? I only found 's1as' but not eg. 'xws-security-server' or 'xws-security-client'. Should crete those or what, because I can't get rid of those exceptions..

Tim said...

you need to update the glassfish certs: https://wsit-docs.dev.java.net/releases/m5/SecurityProfiles5.html#wp138685

-tim

Tim said...

Thanks much for this post. In my Java 6, non-JSR-109 client, I kept getting the error "javax.xml.ws.soap.SOAPFaultException: ERROR: No security header found in the message". After dissecting your example I found that I needed to add glassfish's webservices-rt.jar to my client's runtime classpath. In Java 6, that is the only external library needed.

-tim

jplistero said...

Some known how to do if the security police is not define in the WSDL ?

the security options not show in the netbeans,

thanks