Explanation | The WS-Security policy loader could not be registered with the CXF framework during server startup. Because of the error, the WS-Security runtime will not be invoked for any SOAP message and WS-Security constraints will not be added. |
Action | Address the error described in the message. |
Explanation | The wsSecurity-1.1 feature is enabled but the WS-Security component cannot find the wsSecurityClient element in server.xml. |
Action | If WS-Security constraints are required for a client web service application, add the required wsSecurityClient configuration element to server.xml. |
Explanation | The wsSecurity-1.1 feature is enabled but the WS-Security component cannot find the wsSecurityProvider element in server.xml. |
Action | If WS-Security constraints are required for a provider web service application, add the required wsSecurityProvider configuration element to server.xml. |
Explanation | The name specified for the callerToken element in the wsSecurityProvider configuration in server.xml is not valid. |
Action | Check the server.xml file to make sure that a supported value is specified for the callerToken element. The valid values are displayed in the error message. |
Explanation | The callerToken in server.xml is set to UsernameToken and the Security header in the inbound SOAP message contains more than one UsernameToken. Because of this, the WS-Security runtime cannot determine which UsernameToken to use for the caller token. |
Action | Do one of the following: 1) Change the client configuration to send only one UsernameToken 2) Remove the callerToken configuration in server.xml |
Explanation | The callerToken configured in server.xml is not present in the SOAP Security header. |
Action | Do one of the following: 1) Change the client configuration to send the correct caller token 2) Remove the callerToken configuration in server.xml |
Explanation | A security subject for the caller token retrieved from the SOAP Security header could not be created. The reason for the error is described in the message. |
Action | Address the error described in the message. |
Explanation | The callerToken in server.xml is set to X509Token, endorsingSupportingToken is set to true (the default), and there is more than one EndorsingSupportingTokens in the inbound SOAP Security header. Since a single caller token must exist in the message for a caller token to be successfully selected, having multiple EndorsingSupportingTokens is not allowed. |
Action | Do one of the following: 1) Change the policy so that only one endorsingSupportingToken will be included in the message, 2) Remove the callerToken configuration in server.xml, 3) Set endorsingSupportingToken to false in the callerToken configuration in server.xml |
Explanation | The callerToken in server.xml is set to X509Token, endorsingSupportingToken is set to false, and there is more than one Asymmetric signature token in the inbound SOAP Security header. Since a single caller token must exist in the message for a caller token to be successfully selected, having multiple Asymmetric signature tokens is not allowed. |
Action | Do one of the following: 1) Change the policy so that only one Asymmetric signature token will be included in the message, 2) Remove the callerToken configuration in server.xml |