Integrating with TERYT – Polish Government web service

I am trying to connect (without success) to the following WS using Java:

  • Service address – https://uslugaterytws1test.stat.gov.pl/terytws1.svc
  • WSDL address –
    https://uslugaterytws1test.stat.gov.pl/wsdl/terytws1.wsdl
  • User – TestPubliczny
  • Password – 1234abcd

I tried to use soapui without success. Tried Basic and NTLM authentication, and I always get the following error:

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
   <s:Header>
      <a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
   </s:Header>
   <s:Body>
      <s:Fault>
         <faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</faultcode>
         <faultstring xml:lang="en-US">An error occurred when verifying security for the message.</faultstring>
      </s:Fault>
   </s:Body>
</s:Envelope>

The official instructions for this web service shows following example to connect using C#. I havn’t tested this, but I assume it works correctly.

try { 
  var proxy = new ChannelFactory<ServiceReferenceWCF.ITerytWs1>("custom");
  proxy.Credentials.UserName.UserName = login;
  proxy.Credentials.UserName.Password = haslo;
  var result = proxy.CreateChannel(); 
  var test = result.CzyZalogowany(); // should return true if connected correctly
} catch (Exception ex) { }

And below setting:

   <client>
      <endpoint address="https://uslugaterytws1.stat.gov.pl/TerytWs1.svc" binding="customBinding" bindingConfiguration="custom" contract="ServiceReference1.ITerytWs1" name="custom" />
   </client>
   <bindings>
      <customBinding>
         <binding name="custom">
            <security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport" requireDerivedKeys="true" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
               <localClientSettings detectReplays="false" />
               <localServiceSettings detectReplays="false" />
            </security>
            <textMessageEncoding messageVersion="Soap11WSAddressing10" />
            <httpsTransport maxReceivedMessageSize="2147483647" maxBufferPoolSize="2147483647" />
         </binding>
      </customBinding>
   </bindings>

So I tried to connect using Java following way:

public static void main(String[] args) {
    try {
        final String wsdlResourcePath = "wsdl/jaxb/teryt/terytws1.wsdl";
        final String url = "https://uslugaterytws1test.stat.gov.pl/TerytWs1.svc";
        ITerytWs1 teryt = createSoapEndpoint((wsdlLocation) -> new TerytWs1(wsdlLocation).getCustom(), wsdlResourcePath, url);
        System.out.println(teryt.czyZalogowany());
    } catch (Exception e) { }
}

private static <SOAP> SOAP createSoapEndpoint(SoapCreator<SOAP> soapCreator, String wsdlResourcePath, String url) {
    ClassLoader cl = Thread.currentThread().getContextClassLoader();
    URL wsdlLocation = cl.getResource(wsdlResourcePath);
    SOAP soap = soapCreator.create(wsdlLocation);

    BindingProvider provider = (BindingProvider) soap;

    Map<String, Object> context = provider.getRequestContext();
    context.put(BindingProvider.USERNAME_PROPERTY, "TestPubliczny");
    context.put(BindingProvider.PASSWORD_PROPERTY, "1234abcd");
    context.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
    return soap;
}

Unfortunately the code freezes during call “teryt.czyZalogowany()”. Gives no timeout – anything, just processing this line for ever, or is being blocked at it.

My Java code produces following warning messages:

WARNING: WSP0075: Policy assertion
“{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}SignedSupportingTokens”
was evaluated as “UNKNOWN”. lip 27, 2017 11:58:35 AM
[com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]
selectAlternatives WARNING: WSP0075: Policy assertion
“{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}TransportBinding”
was evaluated as “UNKNOWN”. lip 27, 2017 11:58:35 AM
[com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]
selectAlternatives WARNING: WSP0075: Policy assertion
“{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}Trust10” was
evaluated as “UNKNOWN”. lip 27, 2017 11:58:35 AM
[com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]
selectAlternatives WARNING: WSP0075: Policy assertion
“{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}Wss11” was
evaluated as “UNKNOWN”. lip 27, 2017 11:58:35 AM
[com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]
selectAlternatives WARNING: WSP0075: Policy assertion
“{http://www.w3.org/2006/05/addressing/wsdl}UsingAddressing” was
evaluated as “UNKNOWN”. lip 27, 2017 11:58:35 AM
[com.sun.xml.internal.ws.policy.EffectiveAlternativeSelector]
selectAlternatives WARNING: WSP0019: Suboptimal policy alternative
selected on the client side with fitness “UNKNOWN”.

Perhaps someone knows more about this kind of problem, or will be able to connect to this WS straight away with his own config – at the moment I don’t have a single clue what could be the issue, and I see a “time-wasting” perspective in front of me… so please help.

please enable addressing feature:

TerytWs1 teryt = new TerytWs1();
//teryt.setHandlerResolver(new HeaderHandlerResolver());
WebServiceFeature wsAddressing = new AddressingFeature(true);
ITerytWs1 client = teryt.getCustom(wsAddressing);