question on consuming service with lopsided security

Wed, 20 Oct 2010 11:26:42 -0700 

I'm trying to consume a web service using Axis2 1.4.1 and Rampart 1.4.
The service requires WS-Security in the form of a signed request (no 
encryption), using x.509 tokens. 

I generated the client code from a WSDL file provided by the service.
Unfortunately, it did not contain any security anotations.

I am able to send a valid request to the service but I'm having a 
problem with the response.

The response from the web service is NOT signed or encrypted.  However, 
my attempts at configuring a policy file where the security is one-way,
have been unsuccessful. 

With my current policy, I receive an AxisFault while processing the 
response:

  org.apache.axis2.AxisFault: Missing wsse:Security header in request
    at 
org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
    at 
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
    at 
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
    at 
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
    at 
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
    at ...

I've tried removing the "Security" phase from InFlow and InFaultFlow 
in my axis2.xml file, but it seems that Rampart is still invoked.

Can anyone suggest how I can consume this lopsided (security-wise) 
service?

-- 
Thomas J. Pinkl


This communication, including any attachments, may contain information that is 
confidential and may be privileged and exempt from disclosure under applicable 
law. It is intended solely for the use of the individual or entity to which it 
is addressed. If you are not the intended recipient, you are hereby notified 
that any use, disclosure, dissemination, or copying of this communication is 
strictly prohibited. If you have received this communication in error, please 
notify the sender. Thank you for your cooperation.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to