Missing wsse:Security header in request

Tania Marinova picture Tania Marinova · Apr 4, 2013 · Viewed 18.3k times · Source

I try to add rampart security to my axis 2 project using this tutorial page 19- 22

SO everything seems fine but when I switch to soapUI perspective to try to test the service the request which I'm proposed is :

soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
 <soapenv:Header/>
   <soapenv:Body>
      <axis:testws>
         <!--Optional:-->
         <axis:x>5</axis:x>
      </axis:testws>
   </soapenv:Body>
</soapenv:Envelope>

and it gives me as a response:

faultstring>Missing wsse:Security header in request</fau

SO I add the security header and my request becomes the same as the one written in the tutorial

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
 <soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="123">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-username-token-profile-1.0#PasswordText">pass</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
   <soapenv:Body>
      <axis:testws>
         <!--Optional:-->
         <axis:x>5</axis:x>
      </axis:testws>
   </soapenv:Body>
</soapenv:Envelope>

but the response is the same

soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <soapenv:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <faultcode>wsse:InvalidSecurity</faultcode>
         <faultstring>Missing wsse:Security header in request</faultstring>
         <detail/>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>

Answer

Sebi picture Sebi · Apr 5, 2013

Don't add the security header directly to your request!

Click on Aut at the bottom left. Then you can enter your username/password there. For more information see: http://www.soapui.org/SOAP-and-WSDL/authenticating-soap-requests.html

As Authorisation type choose Preemptive. (Only in soapUI 4.5.1 as far as I know)