Hi All,
I tried engaging Rampart module globally and since I am writing JAX-WS -
thought it might be the way to enable security. But now I am wondering where
should I put policy.xml fil.
I am getting following exception:
2009-06-04 11:56:04,420 [HttpConnection-8888-2] ERROR
org.apache.axis2.engine.AxisEngine - Must Understand check failed for
headers: {
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
org.apache.axis2.AxisFault: Must Understand check failed for headers: {
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
at
org.apache.axis2.jaxws.handler.HandlerUtils.checkMustUnderstand(HandlerUtils.java:157)
at
org.apache.axis2.jaxws.server.EndpointController.handleRequest(EndpointController.java:261)
at
org.apache.axis2.jaxws.server.EndpointController.invoke(EndpointController.java:98)
at
org.apache.axis2.jaxws.server.JAXWSMessageReceiver.receive(JAXWSMessageReceiver.java:159)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:176)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at
org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:278)
at
org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
at
org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
at
org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1061)
at
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:575)
at java.lang.Thread.run(Thread.java:619)
2009-06-04 11:56:04,436 [HttpConnection-8888-2] WARN
org.apache.axis2.transport.http.server.HttpServiceProcessor - Error in
extracting message properties
org.apache.axis2.AxisFault: Error in extracting message properties
at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
I am using SOAP UI to create WS-Security request (Username / Password basic)
and monitoring via tcpmon - it does create WS_Security request - But I think
its failing on server side because server does not know how to process this
security header. I have to tell how to parse. Traditionally we can do via
service.xml file but not in this. Hence I thought if I put pocily.xml in
/conf (where axis2.xml) directory - it would load/ But it does not.
Any thoughts - thanks a lot,
rishi
On Wed, Jun 3, 2009 at 7:16 PM, Kapur, Rajneesh <[email protected]>wrote:
> Hi,
>
> I got Axis2 1.5 build but did not find any samples or docs as how to engage
> Rampart in JAX-WS style. Since we don't have service.xml in JAX-WS, what
> options do we have? Paul, if you or someone please have samples or explain
> the procedure - that would be very nice.
>
> Another option posted by Sagar (as link) was to implement
> org.apache.axis2.service.
> Lifecycle interface and in the init method I will get ServiceContext - from
> where I can get AxisService and engage it like that.
> But for me this "init" method is never invoked by Axis framework.
>
> Here is what I have:
>
> @WebService(serviceName = "PIXQueryResponseService")
> public class SampleJAXWSService implements Lifecycle {
>
> @WebMethod
> public String myMethod(String msg){
>
> }
>
> @Override
> public void destroy(ServiceContext arg0) {
> log.debug("******************** destroy
> called.***********************");
> }
>
> @Override
> public void init(ServiceContext arg0) throws AxisFault {
> log.debug("******************** init
> called.***********************");
> AxisService service = arg0.getAxisService();
> log.debug("******************** inside init: " +
> service.getName());
> }
> }
>
> Please let me know where I am making mistake, and guide. Thanks a lot,
> rishi
>
> ------------------------------
> IMPORTANT WARNING: Information contained in this email is intended for the
> use of the individual to whom it is addressed, and may contain information
> that is privileged, confidential, and exempt from disclosure under
> applicable law. If you are not the intended recipient, or the employee or
> agent responsible for delivering the message to the intended recipient, you
> are hereby notified that any dissemination, distribution, or copying of this
> communication is STRICTLY FORBIDDEN. If you have received this communication
> in error, please notify us immediately by return email and delete this
> document. Thank you.
>
