Yes, I agree, I will look in to that and see whether we can handle this more gracefully. There was an issue [1] and it is now fixed in the trunk.
thanks, nandana [1] - http://issues.apache.org/jira/browse/RAMPART-176 On Mon, Mar 16, 2009 at 12:37 PM, Dennis Sosnoski <d...@sosnoski.com> wrote: > Yes, you're right that the WSDL I attached to the last email is invalid > according to the specification. It still needs to be handled in a better way > than just throwing an exception with the "can't serialize the policy" > message, though. > > The same serialize problem happens with the attached version of the WSDL, > which does contain the required <sp:TransportToken>, but does not contain an > <sp:HttpsToken>. As far as I can see from the WSDL documentation, this is > allowed. It's also essentially the same as the sample01/policy.xml in the > Rampart distribution, which hopefully has been checked for validity. > > - Dennis > > > Nandana Mihindukulasooriya wrote: > >> Hi Dennis, >> If you look at the WS - SecurityPolicy specification, 8.3 >> TransportBinding Assertion definition, TransportToken is a mandatory element >> in the TransportBinding. So I don't think this is really a bug, the policy >> in the WSDL seem to be invalid. >> >> thanks, >> Nandana >> >> [1] - >> http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf >> >> >> On Mon, Mar 16, 2009 at 9:30 AM, Dennis Sosnoski <d...@sosnoski.com<mailto: >> d...@sosnoski.com>> wrote: >> >> Hi Nandana, >> >> Yes, I understand that the Transport assertion is not contributing >> anything useful in this case. AFAIK it's still valid, though, and >> needs to be supported. >> >> Is the error fixed in the current (and 1.5 branch) codebase? If >> not, should I create a Jira? >> >> Thanks, >> >> - Dennis >> >> >> Nandana Mihindukulasooriya wrote: >> >> Hi Dennis, >> >> I think the problem is with the serialization of Transport >> binding assertion without a transport token. What are your >> security requirements ? If you only need to have the username >> token , you can remove the Transport binding assertion >> completely and have only the SupportingTokens assertion in the >> policy. If you also need to enforce https transport, you can >> add a HttpsToken as a transport token. >> >> thanks, >> Nandana >> >> On Mon, Mar 16, 2009 at 4:12 AM, Dennis Sosnoski >> <d...@sosnoski.com <mailto:d...@sosnoski.com> >> <mailto:d...@sosnoski.com <mailto:d...@sosnoski.com>>> wrote: >> >> Hi Nandana, >> >> I've attached one of several variations I've tried which >> results >> in this error. I did find that if I take out the >> TransportBinding >> part I don't get the error. >> >> Thanks for taking a look! >> >> - Dennis >> >> >> Nandana Mihindukulasooriya wrote: >> >> Hi Dennis, >> Can you post the WSDL you are code generating >> against ? >> >> thanks, >> nandana >> >> On Fri, Mar 13, 2009 at 3:09 AM, Dennis Sosnoski >> <d...@sosnoski.com <mailto:d...@sosnoski.com> >> <mailto:d...@sosnoski.com <mailto:d...@sosnoski.com>> >> <mailto:d...@sosnoski.com <mailto:d...@sosnoski.com> >> <mailto:d...@sosnoski.com <mailto:d...@sosnoski.com>>>> wrote: >> >> I've been trying to use the client-side code generation >> support for >> WS-SecurityPolicy in WSDL, with Axis2 1.4.1 and Rampart >> 1.4. I've >> tried >> several variations of where I place the policy in >> the WSDL, >> including >> using reference and embedding it directly in the >> <wsdl:binding>, but >> each time I get: >> >> [java] Exception in thread "main" >> org.apache.axis2.wsdl.codegen.CodeGenerationException: >> org.apache.axis2.wsdl.codegen.CodeGenerationException: >> java.lang.RuntimeException: can't serialize the policy >> .. >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.CodeGenerationEngine.generate(CodeGenerationEngine.java:271) >> >> >> [java] at >> org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35) >> [java] at >> org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24) >> [java] Caused by: >> org.apache.axis2.wsdl.codegen.CodeGenerationException: >> java.lang.RuntimeException: can't serialize the policy >> .. >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.emitStub(AxisServiceBasedMultiLanguageEmitter.java:534) >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.CodeGenerationEngine.generate(CodeGenerationEngine.java:260) >> >> >> [java] ... 2 >> more >> [java] Caused by: java.lang.RuntimeException: can't >> serialize the >> policy .. >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.getInputElement(AxisServiceBasedMultiLanguageEmitter.java:2732) >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.generateMethodElement(AxisServiceBasedMultiLanguageEmitter.java:2261) >> >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.loadOperations(AxisServiceBasedMultiLanguageEmitter.java:2151) >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.createDOMDocumentForInterface(AxisServiceBasedMultiLanguageEmitter.java:1207) >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.writeInterface(AxisServiceBasedMultiLanguageEmitter.java:1163) >> >> >> [java] at >> >> >> org.apache.axis2.wsdl.codegen.emitter.AxisServiceBasedMultiLanguageEmitter.emitStub(AxisServiceBasedMultiLanguageEmitter.java:492) >> >> >> [java] ... 3 >> more >> [java] Java Result: 1 >> >> Has anyone been able to get the client-side >> generation for >> WS-SecurityPolicy in WSDL to work? If so, can you >> supply an >> example WSDL? >> >> Thanks, >> >> - Dennis >> >> -- Dennis M. Sosnoski >> SOA and Web Services in Java >> Axis2 Training and Consulting >> http://www.sosnoski.com - http://www.sosnoski.co.nz >> Seattle, WA +1-425-939-0576 - Wellington, NZ >> +64-4-298-6117 >> >> >> >> >> >> >> -- >> Nandana Mihindukulasooriya WSO2 inc. >> >> http://nandana83.blogspot.com/ >> http://www.wso2.org >> > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org
