Hi everyone,
I've a policy based service that returns the UsernameToken information
of an authenticated user. This service is based on the latest Rampart
and Axis2 SNAPSHOT version as suggested in the forum. However, when I
tried to call this service with a client, I got the following exception:
Exception in thread "main" org.apache.axis2.AxisFault: Expected
transport is "https" but incoming transport found : "http"
So I proceeded to put the service behind https. Now however, I get a new
exception:
Exception in thread "main" org.apache.axis2.AxisFault: Missing
wsse:Security header in request
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:9
2)
at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
at
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:132)
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(Out
InAxisOperation.java:336)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOper
ation.java:389)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInA
xisOperation.java:211)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163
)
at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528
)
at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508
)
at
org.apache.rampart.policy.CommandLineClient.main(CommandLineClient.java:
69)
Caused by: org.apache.rampart.RampartException: Missing wsse:Security
header in request
at
org.apache.rampart.RampartEngine.process(RampartEngine.java:106)
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:8
5)
... 10 more
I don't get these errors when I use the rampart-1.3 distribution. My
client can successfully call the service via http or https. Both my
client and service installation is exactly the same as the
rampart-snapshot distribution (i.e. my services.xml and policy.xml are
exactly the same). And does Rampart-SNAPSHOT insist upon the service
being behind https?
Do I have to edit anything else to the services.xml or policy.xml to get
it working for the rampart-snapshot distro? Both my services.xml and
policy.xml are given below for reference. Cheers.
Regards
Sanjay
policy.xml:
<wsp:Policy wsu:Id="UTOverTransport"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken
RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/AlwaysToRecipient" />
</wsp:Policy>
</sp:SignedSupportingTokens>
<ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
<ramp:user>bob</ramp:user>
<ramp:passwordCallbackClass>org.apache.rampart.policy.PWHandlerClient</r
amp:passwordCallbackClass>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
services.xml:
<service>
<operation name="echo">
<messageReceiver
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>
<parameter name="ServiceClass"
locked="false">org.apache.rampart.policy.PolicyEchoService</parameter>
<module ref="rampart" />
<module ref="addressing" />
<wsp:Policy wsu:Id="UTOverTransport"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken
RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/AlwaysToRecipient" />
</wsp:Policy>
</sp:SignedSupportingTokens>
<ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
<ramp:passwordCallbackClass>org.apache.rampart.policy.PWHandlerServer</r
amp:passwordCallbackClass>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</service>
