Hi Paul, Thanks for the constructive idea :).anyway,I can't confirm that these services will be invoked only by my client code. Consider some third party client - i cannot force himm to call first the login operation, though it is obvious that the rest of the operations will deny to be executed first.
Maybe i am stick with the Ws Secure conv implemented in rampart, does someone has tested it with username token sent only the first time? thanks, Nencho 2007/4/27, Paul Fremantle <[EMAIL PROTECTED]>:
Nencho You can specify different policies per operation with Axis2. So you need to identify a specific operation that is the "login" operation - i.e. the one that users call first (and only first), and statically specify a different policy for this one. I'm not suggesting changing the policy at runtime. That won't work - certainly not at the server side. Paul On 4/27/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote: > Hi Paul, > > Having different policies includes ex-changing them runtime. > > 1. Is that posible with axis2 without redeploying the service? > 2. How this correlates to the session, because i expect different clients to > connect to this > service and i cannot just change the policiy since one of the will be at the > login state and another will > be already loged in. > 3. does WS secure conversation way overcome those problems? > > thanks, > Nencho > > > 2007/4/27, Paul Fremantle <[EMAIL PROTECTED]>: > > Nencho > > > > If you want to do this, you need to have two different policies. > > > > One for the "login" operation/service, which uses UT, and the other > > for the rest of the operations, which has encryption (if needed) but > > no UT. Obviously you need to write your own logic to ensure that you > > check the session is available for those other operations. > > > > Paul > > > > On 4/27/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote: > > > Hi Deepal, > > > > > > I have yet another question/issue about the sessions. > > > I am using UsernameToken in a ws security policy handled by rampart. > > > I want to use axis2 sessions so i pass the user/pass only once and then > rely > > > on the > > > session to recognize me on a subsequent call.the point is that the > rampart > > > policy > > > is alredy there and will expect a username token in every request. > > > Is there any way to overcome this? > > > > > > thanks, > > > Nencho > > > > > > > > > 2007/4/26, Deepal Jayasinghe <[EMAIL PROTECTED]>: > > > > Hi Nencho, > > > > Yes we found that issue and we have fixed that in the 1.2 branch and > the > > > > fixes will be available in 1.2 release. > > > > > > > > Thanks > > > > Deepal > > > > > > > > > Hi Deepal, > > > > > > > > > > I checked the test and yes i was able to run it successfull. > > > > > anyway, when i try to put this in my running enviroment i get this > > > > > strange error: > > > > > > > > > > [java] Exception in thread "main" org.apache.axis2.AxisFault: > > > > > Unable to fin > > > > > d corresponding context for the serviceGroupId: > > > > > urn:uuid:97198317A8B28D4CDF11775 > > > > > 98325288 > > > > > > > > > > In services.xml on the server side i have the > > > > > > > > > > scope > > > > > > > > > > ="soapsession" attribute > > > > > > > > > > At the client side I have the following code > > > > > > > > > > *options.setManageSession (true); * > > > > > > > > > > *...* > > > > > > > > > > client.engageModule(new QName("addressing")); > > > > > > > > > > Is there anything else to configure? > > > > > > > > > > Thanks, > > > > > > > > > > Nencho > > > > > > > > > > > > > > > > > > > > 2007/4/26, Deepal Jayasinghe <[EMAIL PROTECTED] > > > > > <mailto:[EMAIL PROTECTED] >>: > > > > > > > > > > Hi Nencho , > > > > > > > > > > Axis2 soap session to be work , you need to engage addressing in > > > both > > > > > the side. > > > > > > > > > > It is working , there is a test case in the build so we are > > > > > testing that > > > > > daily. > > > > > org.apache.axis2.engine.ServiceGroupContextTest > > > > > > > > > > Thanks > > > > > Deepal > > > > > > > > > > > Hi All, > > > > > > > > > > > > I read this axis2 session management article: > > > > > > > > > http://www.developer.com/java/web/article.php/3620661 > > > > > > > > > > > > Basically, it says that i can define my services being of a > soap > > > > > > session scope, > > > > > > then i have to put this option on my client: > > > > > > *options.setManageSession(true);* > > > > > > > > > > > > Therefore it is expected for the service to include > > > > > > <wsa:ReferenceParameters> > > > > > > element as an session identifier in the soap envelope. > > > > > > > > > > > > I tested this and it does not work - axis2 does not put that > > > > > element, > > > > > > in order > > > > > > to be used as session identifier.Am i missing something or > this > > > > > is a bug? > > > > > > > > > > > > Thanks, > > > > > > Nencho > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Thanks, > > > > > Deepal > > > > > > > > > ................................................................ > > > > > "The highest tower is built one brick at a time" > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > > > <mailto:[EMAIL PROTECTED]> > > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > <mailto:[EMAIL PROTECTED]> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > > > [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > -- > > Paul Fremantle > > VP/Technology, WSO2 and OASIS WS-RX TC Co-chair > > > > http://bloglines.com/blog/paulfremantle > > [EMAIL PROTECTED] > > > > "Oxygenating the Web Service Platform", www.wso2.com > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > -- Paul Fremantle VP/Technology, WSO2 and OASIS WS-RX TC Co-chair http://bloglines.com/blog/paulfremantle [EMAIL PROTECTED] "Oxygenating the Web Service Platform", www.wso2.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]