what is the axis2 version you use? thanks, Amila.
On Tue, Oct 20, 2009 at 7:10 PM, Jaime Hablutzel Egoavil < hablutz...@gmail.com> wrote: > Hi, I'm a newbie in web services and security, I'm using wso2 as an axis2 > wrapper for making working with Spring easier, well > > I have published a service that requires user token authentication and SSL > transport using this policy: > > <wsp:Policy wsu:Id="UsernameTokenOverHTTPS" > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:TransportBinding > xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken RequireClientCertificate="false" > /> > </wsp:Policy> > </sp:TransportToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256 /> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Lax /> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp /> > </wsp:Policy> > </sp:TransportBinding> > <sp:SignedSupportingTokens > xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" > /> > </wsp:Policy> > </sp:SignedSupportingTokens> > <ramp:RampartConfig xmlns:ramp=" > http://ws.apache.org/rampart/policy"> > > <ramp:passwordCallbackClass>pe.gob.hndac.ldap.PasswordCallbackHandler</ramp:passwordCallbackClass> > </ramp:RampartConfig> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > If i send this request (sniffed with TCPmon) > > POST > http://172.17.0.24:8080/emrws/services/emrAuthWs.emrAuthWsHttpSoap12Endpoint/HTTP/1.1 > User-Agent: Axis2C/1.5.0 > Content-Type: application/soap+xml;charset=UTF-8 > ;action="urn:getPatientDetails" > Host: 172.17.0.24:8080 > Content-Length: 310 > > <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" > xmlns:ws="http://ws.hndac.gob.pe"> > <soap:Header/> > <soap:Body> > <ws:getPatientDetails> > <!--Optional:--> > <ws:identificador>12</ws:identificador> > </ws:getPatientDetails> > </soap:Body> > </soap:Envelope> > > I receive this answer: > > <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> > <soapenv:Body> > <soapenv:Fault xmlns:axis2ns19=" > http://www.w3.org/2003/05/soap-envelope"> > <soapenv:Code> > <soapenv:Value>axis2ns19:Sender</soapenv:Value> > <soapenv:Subcode> > <soapenv:Value xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > ">wsse:InvalidSecurity</soapenv:Value> > </soapenv:Subcode> > </soapenv:Code> > <soapenv:Reason> > <soapenv:Text xml:lang="en-US">Missing wsse:Security header in > request</soapenv:Text> > </soapenv:Reason> > <soapenv:Detail/> > </soapenv:Fault> > </soapenv:Body> > </soapenv:Envelope> > > > Ok, this is an axis fault, it is ok, but if I send: > > POST > http://172.17.0.24:8080/emrws/services/emrAuthWs.emrAuthWsHttpSoap12Endpoint/HTTP/1.1 > User-Agent: Axis2C/1.5.0 > Content-Length: 294 > Content-Type: application/soap+xml;charset=UTF-8 > Host: 172.17.0.24:8080 > > <soapenv:Envelope > xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Header/><soapenv:Body><ws:getPatientDetails > xmlns:ws="http://ws.hndac.gob.pe"> > <!--Optional:--> > <ws:identificador>12</ws:identificador> > </ws:getPatientDetails></soapenv:Body></soapenv:Envelope> > > Note the missing action attribute in the http content-type header, I > receive this answer: > > HTTP/1.1 200 OK > Server: Apache-Coyote/1.1 > Content-Type: application/soap+xml; > action="urn:getPatientDetailsResponse";charset=UTF-8 > Transfer-Encoding: chunked > Date: Tue, 20 Oct 2009 13:30:41 GMT > > 641 > <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv=" > http://www.w3.org/2003/05/soap-envelope"><soapenv:Header> > <wsse:Security xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" > soapenv:mustUnderstand="true"><wsu:Timestamp xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" > wsu:Id="Timestamp-16078681"><wsu:Created>2009-10-20T13:30:41.184Z</wsu:Created><wsu:Expires>2009-10-20T13:35:41.184Z</wsu:Expires></wsu:Timestamp></wsse:Security></soapenv:Header><soapenv:Body><ns:getPatientDetailsResponse > xmlns:ns="http://ws.hndac.gob.pe"><ns:return xmlns:ax23="http://model/xsd" > type="model.Paciente"><ax23:apellidoMaterno>ALFARO</ax23:apellidoMaterno><ax23:apellidoPaterno>SAENZ</ax23:apellidoPaterno><ax23:direccion > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" > /><ax23:documentoIdentidad xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" > /><ax23:fechaAdmision xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:nil="true" > /><ax23:fechaNacimiento>1957-08-16T05:00:00.000Z</ax23:fechaNacimiento><ax23:identificador>12</ax23:identificador><ax23:nombres>CARMEN > ROSA</ax23:nombres><ax23:sexo>F</ax23:sexo><ax23:telefono xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" > /><ax23:ubigeoNacimiento xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" > /><ax23:ubigeoResidencia xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" > /></ns:return></ns:getPatientDetailsResponse></soapenv:Body></soapenv:Envelope> > 0 > > > Auchh, without user authentication neither SSL transport :S > > -- > Jaime Hablutzel > > (tildes omitidas intencionalmente) 9 8964 0369 > -- Amila Suriarachchi WSO2 Inc. blog: http://amilachinthaka.blogspot.com/