Web services 如何使用对称密钥获取用户名?
我有一个web服务,它包装了一个使用roleallowed注释和jdbc领域的ejb层。 为了从我的swing客户端进行客户端身份验证,我启用了带有对称密钥的用户名身份验证(客户端+服务器),并设置了回调处理程序(客户端)。 当我运行客户端并尝试访问受保护的方法时,会出现以下异常:Web services 如何使用对称密钥获取用户名?,web-services,security,jakarta-ee,glassfish,jax-ws,Web Services,Security,Jakarta Ee,Glassfish,Jax Ws,我有一个web服务,它包装了一个使用roleallowed注释和jdbc领域的ejb层。 为了从我的swing客户端进行客户端身份验证,我启用了带有对称密钥的用户名身份验证(客户端+服务器),并设置了回调处理程序(客户端)。 当我运行客户端并尝试访问受保护的方法时,会出现以下异常: Grave: WSSTUBE0025: Error in Verifying Security in the Inbound Message. com.sun.xml.wss.impl.PolicyViolation
Grave: WSSTUBE0025: Error in Verifying Security in the Inbound Message.
com.sun.xml.wss.impl.PolicyViolationException: ERROR: No security header found in the message
at com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.verifyPolicy(MessagePolicyVerifier.java:138)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.createMessage(SecurityRecipient.java:1003)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:248)
Key used to decrypt EncryptedKey cannot be null
com.sun.xml.wss.logging.impl.opt.crypto Error occured while decrypting EncryptedKey
WSITPVD0035: Error in Verifying Security in Inbound Message. com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header at
com.sun.xml.ws.security.opt.impl.util.SOAPUtil.newSOAPFaultException(SOAPUtil.java:159)位于
com.sun.xml.ws.security.opt.impl.incoming.EncryptedKey.getKey(EncryptedKey.java:354)位于
com.sun.xml.ws.security.opt.impl.incoming.KeySelectorImpl.resolveDirectReference(KeySelectorImpl.java:540)位于
com.sun.xml.ws.security.opt.impl.incoming.processor.SecurityTokenProcessor.processDirectReference(SecurityTokenProcessor.java:267)位于
com.sun.xml.ws.security.opt.impl.incoming.processor.SecurityTokenProcessor.resolveReference(SecurityTokenProcessor.java:143)位于
com.sun.xml.ws.security.opt.impl.incoming.processor.KeyInfoProcessor.processKeyInfo(KeyInfoProcessor.java:152)位于
com.sun.xml.ws.security.opt.impl.incoming.processor.KeyInfoProcessor.getKey(KeyInfoProcessor.java:132)位于
com.sun.xml.ws.security.opt.impl.incoming.EncryptedData.process(EncryptedData.java:156)位于
com.sun.xml.ws.security.opt.impl.incoming.EncryptedData.(EncryptedData.java:113)位于
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:458)位于
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:291)位于
com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:241)位于
com.sun.xml.wss.provider.wsit.WSITServerAuthContext.verifyInboundMessage(WSITServerAuthContext.java:588)位于
com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:361)位于
com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:264)位于
com.sun.enterprise.security.webservices.commonServerSecurityType.processRequest(commonServerSecurityType.java:173)位于
com.sun.enterprise.security.webservices.commonServerSecurityType.process(commonServerSecurityType.java:144)位于
com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)位于
com.sun.xml.ws.api.pipe.Fiber.\uu doRun(Fiber.java:961)位于
com.sun.xml.ws.api.pipe.Fiber.\u doRun(Fiber.java:910)位于
com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)位于
com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)位于
com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:386)位于
com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)位于
com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:263)位于
com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)位于
org.glassfish.webservices.Ejb3MessageDispatcher.handlePost(Ejb3MessageDispatcher.java:120)位于
org.glassfish.webservices.Ejb3MessageDispatcher.invoke(Ejb3MessageDispatcher.java:91)位于
org.glassfish.webservices.EjbWebServiceServlet.dispatchToEjbEndpoint(EjbWebServiceServlet.java:200)位于
org.glassfish.webservices.EjbWebServiceServlet.service(EjbWebServiceServlet.java:131)位于
http.HttpServlet.service(HttpServlet.java:770)位于
com.sun.grizzly.http.servlet.ServletAdapter$FilterChainImpl.doFilter(ServletAdapter.java:1059)位于
com.sun.grizzly.http.servlet.ServletAdapter$FilterChainImpl.invokeFilterChain(ServletAdapter.java:999)位于
com.sun.grizzly.http.servlet.ServletAdapter.doService(ServletAdapter.java:434)位于
com.sun.grizzly.http.servlet.ServletAdapter.service(ServletAdapter.java:384)位于
com.sun.grizzly.tcp.http11.GrizzlyAdapter.service(GrizzlyAdapter.java:179)位于
com.sun.enterprise.v3.server.HK2Dispatcher.dispatcher(HK2Dispatcher.java:117)位于
com.sun.enterprise.v3.services.impl.ContainerMapper$Hk2DispatcherCallable.call(ContainerMapper.java:354)位于
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)位于
com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)位于
com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)位于
com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)位于
com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)位于
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)位于
<?xml version="1.0" encoding="UTF-8"?>
<definitions
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="custom_ws" targetNamespace="http://ejb/" xmlns:tns="http://ejb/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:sc="http://schemas.sun.com/2006/03/wss/server" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
>
<message name="hmd"/>
<message name="hmdResponse"/>
<portType name="custom_ws">
<operation name="hmd">
<input message="tns:hmd"/>
<output message="tns:hmdResponse"/>
</operation>
</portType>
<binding name="custom_wsPortBinding" type="tns:custom_ws">
<wsp:PolicyReference URI="#custom_wsPortBindingPolicy"/>
<operation name="hmd">
<input>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Input_Policy"/>
</input>
<output>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Output_Policy"/>
</output>
</operation>
</binding>
<service name="custom_ws">
<port name="custom_wsPort" binding="tns:custom_wsPortBinding"/>
</service>
<wsp:Policy wsu:Id="custom_wsPortBindingPolicy">
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false"/>
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
<sp:RequireIssuerSerialReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sc:KeyStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\keystore.jks" type="JKS" storepass="changeit" alias="xws-security-server"/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Input_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Output_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>
<?xml version="1.0" encoding="UTF-8"?>
<definitions
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="custom_ws" targetNamespace="http://ejb/" xmlns:tns="http://ejb/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:sc="http://schemas.sun.com/2006/03/wss/server" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy"
>
<message name="hmd"/>
<message name="hmdResponse"/>
<portType name="custom_ws">
<operation name="hmd">
<input message="tns:hmd"/>
<output message="tns:hmdResponse"/>
</operation>
</portType>
<binding name="custom_wsPortBinding" type="tns:custom_ws">
<wsp:PolicyReference URI="#custom_wsPortBindingPolicy"/>
<operation name="hmd">
<input>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Input_Policy"/>
</input>
<output>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Output_Policy"/>
</output>
</operation>
</binding>
<service name="custom_ws">
<port name="custom_wsPort" binding="tns:custom_wsPortBinding"/>
</service>
<wsp:Policy wsu:Id="custom_wsPortBindingPolicy">
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false"/>
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
<sp:RequireIssuerSerialReference/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sc:KeyStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\keystore.jks" type="JKS" storepass="changeit" alias="xws-security-server"/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Input_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Output_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body/>
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702"/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>
<?xml version='1.0' encoding='UTF-8'?><!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Metro/2.2-b13 (branches/2.2-6964; 2012-01-09T18:04:18+0000) JAXWS-RI/2.2.6-promoted-b20 JAXWS/2.2 svn-revision#unknown. --><!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Metro/2.2-b13 (branches/2.2-6964; 2012-01-09T18:04:18+0000) JAXWS-RI/2.2.6-promoted-b20 JAXWS/2.2 svn-revision#unknown. -->
<definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://ejb/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://ejb/" name="custom_ws" xmlns:sc="http://schemas.sun.com/2006/03/wss/client" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy">
<types>
<xsd:schema>
<xsd:import namespace="http://ejb/" schemaLocation="http://myurl.net:8080/custom_ws/custom_ws?xsd=1"/>
</xsd:schema>
</types>
<message name="hmd">
<part name="parameters" element="tns:hmd"/>
</message>
<message name="hmdResponse">
<part name="parameters" element="tns:hmdResponse"/>
</message>
<portType name="custom_ws">
<operation name="hmd">
<input wsam:Action="http://ejb/custom_ws/hmdRequest" message="tns:hmd"/>
<output wsam:Action="http://ejb/custom_ws/hmdResponse" message="tns:hmdResponse"/>
</operation>
</portType>
<binding name="custom_wsPortBinding" type="tns:custom_ws">
<wsp:PolicyReference URI="#custom_wsPortBindingPolicy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
<operation name="hmd">
<soap:operation soapAction=""/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="custom_ws">
<port name="custom_wsPort" binding="tns:custom_wsPortBinding">
<soap:address location="http://my_url.net:8080/custom_ws/custom_ws"/>
</port>
</service>
<wsp:Policy wsu:Id="custom_wsPortBindingPolicy">
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false"/>
<wsp:SymmetricBinding>
<wsp:Policy>
<wsp:ProtectionToken>
<wsp:Policy>
<wsp:X509Token wsp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<wsp:WssX509V3Token10/>
<wsp:RequireIssuerSerialReference/>
</wsp:Policy>
</wsp:X509Token>
</wsp:Policy>
</wsp:ProtectionToken>
<wsp:Layout>
<wsp:Policy>
<wsp:Strict/>
</wsp:Policy>
</wsp:Layout>
<wsp:IncludeTimestamp/>
<wsp:OnlySignEntireHeadersAndBody/>
<wsp:AlgorithmSuite>
<wsp:Policy>
<wsp:Basic128/>
</wsp:Policy>
</wsp:AlgorithmSuite>
</wsp:Policy>
</wsp:SymmetricBinding>
<wsp:Wss11>
<wsp:Policy>
<wsp:MustSupportRefIssuerSerial/>
<wsp:MustSupportRefThumbprint/>
<wsp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</wsp:Wss11>
<wsp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<wsp:UsernameToken wsp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<wsp:WssUsernameToken10/>
</wsp:Policy>
</wsp:UsernameToken>
</wsp:Policy>
</wsp:SignedEncryptedSupportingTokens>
<sc:TrustStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\cacerts.jks" type="JKS" storepass="changeit" peeralias="xws-security-server"/>
<sc:CallbackHandlerConfiguration wspp:visibility="private">
<sc:CallbackHandler name="usernameHandler" classname="Gui.ociCallBackHandler"/>
<sc:CallbackHandler name="passwordHandler" classname="Gui.ociCallBackHandler"/>
</sc:CallbackHandlerConfiguration>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>
<?xml version='1.0' encoding='UTF-8'?><!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Metro/2.2-b13 (branches/2.2-6964; 2012-01-09T18:04:18+0000) JAXWS-RI/2.2.6-promoted-b20 JAXWS/2.2 svn-revision#unknown. --><!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Metro/2.2-b13 (branches/2.2-6964; 2012-01-09T18:04:18+0000) JAXWS-RI/2.2.6-promoted-b20 JAXWS/2.2 svn-revision#unknown. -->
<definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://ejb/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://ejb/" name="custom_ws" xmlns:sc="http://schemas.sun.com/2006/03/wss/client" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy">
<types>
<xsd:schema>
<xsd:import namespace="http://ejb/" schemaLocation="http://my_url.net:8080/custom_ws/custom_ws?xsd=1"/>
</xsd:schema>
</types>
<message name="hmd" />
<message name="hmdResponse" />
<portType name="custom_ws">
<operation name="hmd">
<input message="tns:hmd" />
<output message="tns:hmdResponse" />
</operation>
</portType>
<binding name="custom_wsPortBinding" type="tns:custom_ws">
<wsp:PolicyReference URI="#custom_wsPortBindingPolicy" />
<operation name="hmd">
<input>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Input_Policy" />
</input>
<output>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Output_Policy" />
</output>
</operation>
</binding>
<service name="custom_ws">
<port name="custom_wsPort" binding="tns:custom_wsPortBinding" />
</service>
<wsp:Policy wsu:Id="custom_wsPortBindingPolicy">
<wsp:All>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sc:TrustStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\cacerts.jks" type="JKS" storepass="changeit" peeralias="xws-security-server" />
<sc:CallbackHandlerConfiguration wspp:visibility="private">
<sc:CallbackHandler name="usernameHandler" classname="Gui.ociCallBackHandler" />
<sc:CallbackHandler name="passwordHandler" classname="Gui.ociCallBackHandler" />
</sc:CallbackHandlerConfiguration>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false" />
<wsp:SymmetricBinding>
<wsp:Policy>
<wsp:ProtectionToken>
<wsp:Policy>
<wsp:X509Token wsp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<wsp:WssX509V3Token10 />
<wsp:RequireIssuerSerialReference />
</wsp:Policy>
</wsp:X509Token>
</wsp:Policy>
</wsp:ProtectionToken>
<wsp:Layout>
<wsp:Policy>
<wsp:Strict />
</wsp:Policy>
</wsp:Layout>
<wsp:IncludeTimestamp />
<wsp:OnlySignEntireHeadersAndBody />
<wsp:AlgorithmSuite>
<wsp:Policy>
<wsp:Basic128 />
</wsp:Policy>
</wsp:AlgorithmSuite>
</wsp:Policy>
</wsp:SymmetricBinding>
<wsp:Wss11>
<wsp:Policy>
<wsp:MustSupportRefIssuerSerial />
<wsp:MustSupportRefThumbprint />
<wsp:MustSupportRefEncryptedKey />
</wsp:Policy>
</wsp:Wss11>
<wsp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<wsp:UsernameToken wsp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<wsp:WssUsernameToken10 />
</wsp:Policy>
</wsp:UsernameToken>
</wsp:Policy>
</wsp:SignedEncryptedSupportingTokens>
<sc:KeyStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\keystore.jks" type="JKS" storepass="changeit" alias="xws-security-server" />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsp:All>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Input_Policy">
<wsp:ExactlyOne>
<wsp:All>
<wsp:EncryptedParts>
<wsp:Body />
</wsp:EncryptedParts>
<wsp:SignedParts>
<wsp:Body />
<wsp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
</wsp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Output_Policy">
<wsp:ExactlyOne>
<wsp:All>
<wsp:EncryptedParts>
<wsp:Body />
</wsp:EncryptedParts>
<wsp:SignedParts>
<wsp:Body />
<wsp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
<wsp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<wsp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
</wsp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>
<?xml version="1.0" encoding="UTF-8"?>
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="custom_ws" targetNamespace="http://ejb/" xmlns:tns="http://ejb/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:sc="http://schemas.sun.com/2006/03/wss/server" xmlns:wspp="http://java.sun.com/xml/ns/wsit/policy">
<message name="hmd" />
<message name="hmdResponse" />
<portType name="custom_ws">
<operation name="hmd">
<input message="tns:hmd" />
<output message="tns:hmdResponse" />
</operation>
</portType>
<binding name="custom_wsPortBinding" type="tns:custom_ws">
<wsp:PolicyReference URI="#custom_wsPortBindingPolicy" />
<operation name="hmd">
<input>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Input_Policy" />
</input>
<output>
<wsp:PolicyReference URI="#custom_wsPortBinding_hmd_Output_Policy" />
</output>
</operation>
</binding>
<service name="custom_ws">
<port name="custom_wsPort" binding="tns:custom_wsPortBinding" />
</service>
<wsp:Policy wsu:Id="custom_wsPortBindingPolicy">
<wsp:All>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sc:TrustStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\cacerts.jks" type="JKS" storepass="changeit" peeralias="xws-security-server" />
<sc:CallbackHandlerConfiguration wspp:visibility="private">
<sc:CallbackHandler name="usernameHandler" classname="Gui.ociCallBackHandler" />
<sc:CallbackHandler name="passwordHandler" classname="Gui.ociCallBackHandler" />
</sc:CallbackHandlerConfiguration>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<wsam:Addressing wsp:Optional="false" />
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10 />
<sp:RequireIssuerSerialReference />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:OnlySignEntireHeadersAndBody />
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11>
<wsp:Policy>
<sp:MustSupportRefIssuerSerial />
<sp:MustSupportRefThumbprint />
<sp:MustSupportRefEncryptedKey />
</wsp:Policy>
</sp:Wss11>
<sp:SignedEncryptedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedEncryptedSupportingTokens>
<sc:KeyStore wspp:visibility="private" location="C:\glassfish312\glassfish\domains\domain1\config\keystore.jks" type="JKS" storepass="changeit" alias="xws-security-server" />
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsp:All>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Input_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body />
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body />
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="custom_wsPortBinding_hmd_Output_Policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:EncryptedParts>
<sp:Body />
</sp:EncryptedParts>
<sp:SignedParts>
<sp:Body />
<sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
<sp:Header Name="AckRequested" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="SequenceAcknowledgement" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="Sequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
<sp:Header Name="CreateSequence" Namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" />
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>