Hi, First of all I would emphasize that WSS4J falls into two parts
- one part that is (should be) independent of Axis or any other SOAP implementation. This part handles all the necessary signing, encryption, certificate stuff. This part makes heavy use of the Apache XML security lib (xmlsec), also quite some DOM is involved because WSS4J needs to re-create the SOAP message that was created by Axis (or another SOAP implementation) firsthand. - the second part consists of Axis (also a JAX-RPC) handlers that plugin into the message path both on the client and the server side. These handlers use the functions of the independent part of WSS4J to get the sign/encyrption done. Thus the message flow is as follows (client part): Axis kernel --> WSS4J specific Axis handler --> WSS4J security modules --> wire Between the Axis kernel and the WSS4J Axis handler there may be some other handlers. It is however necessary that the WSS4J handler is the last one in the chain because after WSS handling the message _must_ not be altered if the message was signed (at least those parts which were signed must not be chanaged). Also it is somewhat difficult to modify the message after it was encrypted. The message flow at the receiver is mirrored (WSS4J shall be the first handler in the chain). The use of handlers is part of the overall Axis concept and is not specific to WSS4J. WSS4J just uses this concept. Thus if you use Axis and WSS4J to sign/encrypt SOAP message then you should be familiar with the Axis concepts how to use handlers and their deployment. I'm not a specialist for this topic. Maybe you can ask at the Axis user list how to set up an Axis client fully dynamically without static deployment files if specific handlers are required. Again, this is not a WSS4J topic but an Axis topic. Regards, Werner > -----Urspr�ngliche Nachricht----- > Von: Ashok Shah [mailto:[EMAIL PROTECTED] > Gesendet: Dienstag, 24. Mai 2005 15:58 > An: Emanuel Haisiuc; [email protected] > Betreff: Re: Setting the username token dynamically at runtime > > > It looks like the WSDoAllReciever got the SOAP request and tried to > process the security header, but the request didnt have any security > header. > > Make sure you deploy client side so that the WSDoAllSender is > called to > add the security header. Also you didnt specify the action property. > > Cheers, > > --as > > > On Tue, 24 May 2005 15:56:05 +0300, Emanuel Haisiuc > <[EMAIL PROTECTED]> wrote: > > > Hello! > > > > I'm a newbie with WSS4J. I'm going through the first > tutorial, and I'm > > trying to set the username token at runtime. > > > > I've generated the stubs with WSDL2Java. Attached are the 2 > classes I've > > made, beside the generated classes and interfaces. I'm > trying to connect > > to the StockQuoteService web service. Running the example > with external > > config file works fine. But running the client using the dynamical > > setting of the username return the following message: > > > > Exception in thread "main" AxisFault > > faultCode: > > {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException > > faultSubcode: > > faultString: WSDoAllReceiver: Request does not contain required > > Security header > > faultActor: > > faultNode: > > faultDetail: > > {http://xml.apache.org/axis/}hostname:manu.rogrid.pub.ro > > > > WSDoAllReceiver: Request does not contain required Security header > > at > > > org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFault > Builder.java:221) > > at > > > org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultB > uilder.java:128) > > at > > > org.apache.axis.encoding.DeserializationContext.endElement(Des > erializationContext.java:1087) > > at > > > org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source) > > at > > > org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown > > Source) > > at > > > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$Fragment > ContentDispatcher.dispatch(Unknown > > Source) > > at > > > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocu > ment(Unknown > > Source) > > at > org.apache.xerces.parsers.XML11Configuration.parse(Unknown > > Source) > > at > org.apache.xerces.parsers.XML11Configuration.parse(Unknown > > Source) > > at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) > > at > org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown > > Source) > > at javax.xml.parsers.SAXParser.parse(SAXParser.java:375) > > at > > > org.apache.axis.encoding.DeserializationContext.parse(Deserial > izationContext.java:227) > > at > org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) > > at org.apache.axis.Message.getSOAPEnvelope(Message.java:424) > > at > > > org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(Mus > tUnderstandChecker.java:62) > > at > org.apache.axis.client.AxisClient.invoke(AxisClient.java:206) > > at org.apache.axis.client.Call.invokeEngine(Call.java:2765) > > at org.apache.axis.client.Call.invoke(Call.java:2748) > > at org.apache.axis.client.Call.invoke(Call.java:2424) > > at org.apache.axis.client.Call.invoke(Call.java:2347) > > at org.apache.axis.client.Call.invoke(Call.java:1804) > > at > > > samples.stock.client.StockWss01SoapBindingStub.getQuote(StockW > ss01SoapBindingStub.java:106) > > at > > > samples.stock.client.StockServiceClient.main(StockServiceClien > t.java:61) > > > > Can anyone help me? > > > > Thank you a lot! > > > > Best regards, > > Emanuel Haisiuc > > > > > > -- > Using Opera's revolutionary e-mail client: http://www.opera.com/m2/ >
