Hi, The reason for this is due to the implementation logic. In Rampart 1.3, rampart processes the empty security header and set it as processed. But in Rampart 1.4, before going to the processing, Rampart evaluates the policy and check whether it is expecting a security header. And if it is not expecting a security header it, just returns. So in the latter case , the security header is not flagged as process. This causes AxisEngine to cough as there are must understand headers not processed. We will fix this issue [1], so this no longer be a problem. thanks, nandana
[1] - http://issues.apache.org/jira/browse/RAMPART-197 On Wed, Oct 15, 2008 at 12:21 PM, Taariq Levack <[EMAIL PROTECTED]>wrote: > In my case it still says mustUnderstand=1, but it tolerates the empty > header which 1.4 does not. > > -----Original Message----- > From: RonnieMJ [mailto:[EMAIL PROTECTED] > Sent: 15 October 2008 01:30 > To: axis-user@ws.apache.org > Subject: RE: Rampart 1.4 mustUnderstand > > > I switched back to axis 1.3 with rampart 1.3. Still getting > mustUnderstand=1. I see others with the issue when using their own > axis2.xml, but I'm using the default axis2.xml that comes with axis. I > simply load the client policy (attached). Is it something in my policy > that > causes mustUnderstand=1? I wouldn't think so. > > > > Taariq Levack wrote: > > > > Had the same issue recently, the security header coming back from the > > service was empty in my case. > > > > For now I'm using 1.3 until the issue I raised is resolved. > > Try the same code with Axis 1.3 and Rampart 1.3 and see if that works > > for you. > > > > Taariq > > > > -----Original Message----- > > From: RonnieMJ [mailto:[EMAIL PROTECTED] > > Sent: 10 October 2008 23:32 > > To: axis-user@ws.apache.org > > Subject: Rampart 1.4 mustUnderstand > > > > > > Does rampart version 1.4 default mustUnderstand to 1? I'm getting the > > famous > > error, and am using a policy to set my configurations in code (client > > side > > ONLY). > > > > My wsse:security tag ends up as mustunderstand="1". > > <wsse:Security > > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse > > curity-secext-1.0.xsd" > > soapenv:mustUnderstand="1"> > > > > The security isn't set in the WSDL. I am using axis2 1.4.1. > > > > I've seen the WSDL2Constants flag, but I'm not using WSDL2Constants. > > > > Just the plain old: > > > > options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, > > loadPolicy(confDir + "/clientSecurityPolicy.xml")); > > > > stub._getServiceClient().setOptions(options); > > > > > > stub._getServiceClient().engageModule("rampart"); > > > > > > I also don't have access to or control over what is used on the > service > > side > > (external). > > > > -- > > View this message in context: > > > http://www.nabble.com/Rampart-1.4-mustUnderstand-tp19926442p19926442.htm > > l > > Sent from the Axis - User mailing list archive at Nabble.com. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > http://www.nabble.com/file/p19984135/clientSecurityPolicyExternal.xml > clientSecurityPolicyExternal.xml > -- > View this message in context: > http://www.nabble.com/Rampart-1.4-mustUnderstand-tp19926442p19984135.htm > l > Sent from the Axis - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org
