Hi Brian,
If you get "the request does not contain the required Security
headers" then it seems like the security module is not deployed at the
client side OR the configured axis2.xml file is not picked up by the
client. You MUST provide this configured axis2.xml file along with a
repository containing the security.mar in the 'modules' directory. [1]
- Are you providing the repository location to the ServiceClient?
- If NOT, please provide an axis2 repository with the 'modules'
directory as as sub directory and make sure you have security
configured [2] axis2.xml file in the repo directory (if you are using
the SVN HEAD axis2.xml file should be in the 'conf' directory in the
repo direcotry).
- If YES, the please check whether you have the security.mar file in
the 'modules' directory of the repo.
Thanks,
Ruchith
Notes:
[1] Creating a ServiceClient with a custom repository:
ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("/path/to/axis2/repo",
"path/to/configured/axis2.xml");
ServiceClient serviceClient = new ServiceClient(ctx, null);
[2] Security configured mean that you must have the <module
ref="security" /> entry in axis2.xml along with the required
inflow/outflow parameters. But if you don't have the <module
ref="security" /> entry in the axis2.xml you can engage the security
module using the ServiceClient object as shown beow:
serviceClient.engageModule(new QName("security"));
[3] Make sure you include the commons-codec.jar in the client's and
server's classpath (in WEB-INF/lib directory in the case of Tomcat)
On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote:
> Thanks for the reply Ruchith,
> What do you mean by the axis2.xml file of the client? Is this the same
> axis2.xml file as that of the server if one is calling a service from
> localhost? I am using 2 deployments of axis2 on two different machines,
> one of which i have the two parameters below included in the axis2. This
> is my server. My client machine on the other hand has the same
> configurations all down to the axis2.xml file where i have only the
> OutflowSecurity parameter included.
> When calling the service i get an error saying that the request does not
> contain the required Security headers!! I have used tcpmon and the
> message is being sent successfully, without the security header! Is it
> possible that the client is ignoring the axis2.xml configurations when
> calling the service? I presume the axis2.xml replaces the
> client_deploy.wsdd file!
> Thanks,
> Brian.
>
> Ruchith Fernando wrote:
>
> >Hi Brian,
> >
> >Please see my comments below:
> >
> >On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote:
> >
> >
> >>Hello,
> >>I am deploying security handlers in axis2. My question may be very
> >>simple, apologies if the answer is staring me in the face!!
> >>Where is the best place to include security tokens in the client? I have
> >>altered the axis2.xml file to include a parameters in the inflow and
> >>outflow..
> >><parameter name="InflowSecurity">
> >> <action>
> >> <items>Timestamp</items>
> >> </action>
> >> </parameter>
> >>
> >> <parameter name="OutflowSecurity">
> >> <action>
> >> <items>Timestamp</items>
> >> </action>
> >> </parameter>
> >> From what i can make out, the outflowsecurity parmeter refers to any
> >>security tokens which will be added in the outflow of a service request
> >>and the inflowsecurity parameters are parameters which are expected for
> >>the service to be invoked?!?
> >>
> >>
> >
> >Correct !!!
> >
> >The above configuration will ensure that a Timestamp is added to the
> >outgoing message and it will require all incoming messages to contain
> >a Timestamp header.
> >
> >
> >
> >>Where then are they applied to the client? Using the Options parameters?
> >>
> >>
> >
> >With the Axis2-0.94 release we support setting the client parameters
> >in the axis2.xml of the client. And from the next release you will be
> >able to set the configuration via Options parameters (Using
> >org.apache.axis2.security.handler.config.InflowConfiguration and
> >org.apache.axis2.security.handler.config.OutflowConfiguration). This
> >feature is already available in the SVN HEAD.
> >
> >Thanks,
> >Ruchith
> >
> >
> >
> >>Thanks,
> >>Brian.
> >>
> >>--
> >>Brian Shields BSc. MSc.,
> >>PhD Candidate,
> >>Department of Information Technology,
> >>National University of Ireland,
> >>Galway,
> >>Ireland.
> >>
> >>
> >>
> >
> >
> >
> >
>
> --
> Brian Shields BSc. MSc.,
> PhD Candidate,
> Department of Information Technology,
> National University of Ireland,
> Galway,
> Ireland.
>
