I found that the SOAP Monitor phase is the last one called in inflow messages and the first one called in outflow messages. So I used tcpmon to see the exchanged SOAP messages and are OK.
Thanks for your interest On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote:
I tried with the minimum configuration and I don't get any error but the SOAP message is as follows: <?xml version='1.0' encoding='utf-8'?> <soapenv:Envelope xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; xmlns:wsa="http://www.w3.org/2005/08/addressing"; xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";> <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soapenv:mustUnderstand="true"> <xenc:EncryptedKey Id="EncKeyId-32486590"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <wsse:SecurityTokenReference> <ds:X509Data> <ds:X509IssuerSerial> <ds:X509IssuerName>CN=Authentication Server,OU=Edu,O=AIT,L=Athens,ST=Peania,C=GR</ds:X509IssuerName> <ds:X509SerialNumber>1173638140</ds:X509SerialNumber> </ds:X509IssuerSerial> </ds:X509Data> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>KnhinK1pV33fTV5ahejZbG7FEBVN7I2detR3Tr2g/D+ifniNcyw1gRdW/Kj0fu2YL0s6EQp5GPPAZwmaNNrosKlb55alXflJ9LgLLHG3wR7Be/VsZ/kkOtexcJg1OuZy895ZjOBPc4ijeAyfgawP9B+EViMlWgZxGDxvQiJipE21U/8/EWbYvQuUI7/YkpHJFxUZyOly5oXlNX9O6gDxQkgEAUn3MwjeBqqfQzDaI5+FmazNZc7mj1bj+shXCVXA9XCf11N/FCzyCpCNMOYrU15iy/u5t8lRP58MI5OkoICNWw29M6oz0NtXOmDk7/BLkJG9W+H2tsjWf4jYx2w7Lg==</xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI="#EncDataId-30303902" /> </xenc:ReferenceList> </xenc:EncryptedKey> </wsse:Security> <wsa:To>http://localhost:8080/axis2/services/ClientServices</wsa:To> <wsa:ReplyTo> <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address> </wsa:ReplyTo> <wsa:MessageID>urn:uuid:97213E266FA84B68CC1174331962751</wsa:MessageID> <wsa:Action>urn:grantAccess</wsa:Action> </soapenv:Header> <soapenv:Body> <ns1:grantAccess xmlns:ns1="http://thesis/xsd";> <clntReq xmlns="http://thesis/xsd";> <appServerIdentity>appserveridentity</appServerIdentity> <password>109</password> <password>121</password> <password>116</password> <password>101</password> <password>115</password> <password>116</password> <username>mytest</username> </clntReq> </ns1:grantAccess> </soapenv:Body> </soapenv:Envelope> The SOAP body is in clear text!!! Any suggestions? On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote: > Hi Ruchith, > > I just use an Axis2.xml file to configure the client and a Service.xml > file to configure the server. I did some tests with only action > Encrypt and they failed with the Generic error X509Data invalid length > of data to encrypt or something like that. So I suppose that no > encryption was taking place due to an error and the error message > wasn't displayed. Any clue on this error? > > On 3/19/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > > Hi, > > > > Did you use the axis2.xml file of the service to configure the service? > > > > This can happen is if you have a different configuration in the > > service.xml file which does only signature. In this case the > > configuration of the axis2.xml will be overridden (unless you use the > > locked="true" attribute of the parameters). > > > > Thanks, > > Ruchith > > > > p.s. Please use rampart-dev@ws.apache.org for rampart related posts. > > > > On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote: > > > Hi, I am relatively new in web services and security and I am facing a > > > problem. I have set up Axis2 1.1.1 and Rampart 1.1 and configure it (I > > > followed the configuration instructions for Rampart 1.0 that are still > > > supported). I use the actions Timestamp Sign Encrypt to sign the body > > > and then encrypt it. The messages are generated fine and I get the > > > response from the server but I only see from SOAP monitor the > > > signature of the body. The actual data are still there unencrypted and > > > the response is also in plain text. > > > > > > Client configuration: > > > > > > <parameter name = "OutflowSecurity"> > > > <action> > > > <items>Timestamp Encrypt Signature</items> > > > <user>client</user> > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > <signaturePropFile>client.properties</signaturePropFile> > > > <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> > > > <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> > > > <encryptionUser>srv_cert</encryptionUser> > > > </action> > > > </parameter> > > > <parameter name = "InflowSecurity"> > > > <action> > > > <items>Timestamp Encrypt Signature</items> > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > <signaturePropFile>client.properties</signaturePropFile> > > > </action> > > > </parameter> > > > > > > > > > Server configuration: > > > > > > <parameter name = "InflowSecurity"> > > > <action> > > > <items>Timestamp Encrypt Signature</items> > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > <signaturePropFile>service.properties</signaturePropFile> > > > </action> > > > </parameter> > > > <parameter name = "OutflowSecurity"> > > > <action> > > > <items>Timestamp Encrypt Signature</items> > > > <user>authsrv</user> > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > <signaturePropFile>service.properties</signaturePropFile> > > > <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> > > > <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> > > > <encryptionUser>useReqSigCert</encryptionUser> > > > </action> > > > </parameter> > > > > > > Please help! > > > Thanks in advance > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > -- > > www.ruchith.org > > www.wso2.org > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
