Hi Mark; You may find the answer here[1].
Thanks & regards. -Prabath [1]:http://wso2.org/forum/thread/4340#comment-7247 Maik Hassel wrote: > Hello everyone, > > I have a web service using the security policy below (signed and > encrypted message body), which works fine, except that my fault messages > do not get encrypted. I get the "missing security header" exception at > the client - using TCPMon I can see that indeed the fault message is > send without any security related info and in plain text. > > Am I missing something? Do I have to add additional configuration > parameters for the signing and encryption of fault messages? > > > Thanks for any hints, > Maik > > ---- snip --- > > <serviceGroup> > <service name="SearchServices"> > <messageReceivers> > <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out"; > class="ca.bc.xyz.SearchServicesMessageReceiverInOut"/> > </messageReceivers> > <parameter name="ServiceClass" > locked="false">ca.bc.xyz.SearchServiceImplementation</parameter> > <!-- > <parameter name="useOriginalwsdl">true</parameter> > <parameter name="modifyUserWSDLPortAddress">true</parameter> > --> > <operation name="SSearch" mep="http://www.w3.org/ns/wsdl/in-out"; > namespace="...."> > <actionMapping>SyncSearch</actionMapping> > <outputActionMapping>....</outputActionMapping> > <faultActionMapping > faultName="DPSearchFault">...</faultActionMapping> > <faultActionMapping > faultName="XYZFault">urn:....</faultActionMapping> > </operation> > > > <module ref="rampart" /> > > > <wsp:Policy > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"; > > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; > > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > > wsu:Id="mypolicy"> > <sp:AsymmetricBinding> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> > > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> > > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:TripleDesRsa15 /> > </wsp:Policy> > </sp:AlgorithmSuite> > </wsp:Policy> > </sp:AsymmetricBinding> > > <sp:Wss10> > <wsp:Policy> > <sp:MustSupportRefEmbeddedToken /> > <sp:MustSupportRefIssuerSerial /> > </wsp:Policy> > </sp:Wss10> > > <sp:SignedParts> > <sp:Body /> > </sp:SignedParts> > > <sp:EncryptedParts> > <sp:Body /> > </sp:EncryptedParts> > > <RampartConfig xmlns="http://ws.apache.org/rampart/policy";> > <user>s1</user> > <encryptionUser>useReqSigCert</encryptionUser> > <passwordCallbackClass> > ca.....webservice.server.search.PasswordCallbackHandler > </passwordCallbackClass> > > <signatureCrypto> > <crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <property > name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS </property> > <property > name="org.apache.ws.security.crypto.merlin.file"> keystore.ks > </property> > <property > name="org.apache.ws.security.crypto.merlin.keystore.password"> .... > </property> > </crypto> > </signatureCrypto> > > <encryptionCrypto> > <crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <property > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS > </property> > <property > name="org.apache.ws.security.crypto.merlin.file"> keystore.ks </property> > <property > name="org.apache.ws.security.crypto.merlin.keystore.password">....</property> > > </crypto> > </encryptionCrypto> > </RampartConfig> > > </wsp:Policy> > > </service> > </serviceGroup> > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
