How to make make the password optional duinrg setting os username token

Fri, 18 Apr 2008 11:37:42 -0700 

Hello Folks,
     I am using Axis2 client for creating my client side SOAP message. I
am trying to add a scurity token to the SOAP message. I am using RAMpart
1.3 for doing the same. I am using Policy.xml file and here is my client
code :

ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("C:
/WID/CustomTAI/AClient/repository",
"C:/WID/CustomTAI/AClient/repository/axis2.xml");
 
NameInterfaceExport1_NameInterfaceHttpServiceStub stub = new
NameInterfaceExport1_NameInterfaceHttpServiceStub(ctx,"
http://168.109.121.155:8080/SampleServiceWeb/sca/NameInterfaceExport1
<http://168.109.121.155:8080/SampleServiceWeb/sca/NameInterfaceExport1>
");
                       
                        ServiceClient sc = stub._getServiceClient();
                       
                        Options options = sc.getOptions();
                        StAXOMBuilder builder = new
StAXOMBuilder("C:/WID/CustomTAI/AClient/repository/policy.xml");
                        Policy policy =
PolicyEngine.getPolicy(builder.getDocumentElement());
                       
 
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
                        sc.engageModule("rampart");
                options.setUserName("admin");
                options.setPassword("admin");
                       
                        Operation1 op = new Operation1();
                        Name param = new Name();
                        param.setFirstName("Citigroup");
                        op.setReq(param);
                        Operation1Response res = stub.operation1(op);
                        String response = res.getRes();
                        System.out.println("Response from Service :: "+
response);
                        
                       
                } catch (AxisFault e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                } catch (RemoteException e1) {
                        // TODO Auto-generated catch block
                        e1.printStackTrace();
                }


The above code works fine. But, I don't want to set password in my
token. How do I do so ?
 
As per Ws-securoity specification, the <wsse:password> is an optional
field in <wsse:UsernameToken>. But, when I tried to comment
options.setPassword("admin")  I get the following error :
 
org.apache.axis2.AxisFault: No password supplied by the callback handler
for the user : "admin"

at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)

at org.apache.axis2.engine.Phase.invoke(Phase.java:292)

at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)

at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)

at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOper
ation.java:374)

at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInA
xisOperation.java:211)

at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163
)

at
sampleservice.nameinterface.NameInterfaceExport1_NameInterfaceHttpServic
eStub.operation1(NameInterfaceExport1_NameInterfaceHttpServiceStub.java:
143)

at
sampleservice.nameinterface.SampleServiceClient.main(SampleServiceClient
.java:46)

Caused by: org.apache.rampart.RampartException: No password supplied by
the callback handler for the user : "admin"

at
org.apache.rampart.builder.BindingBuilder.addUsernameToken(BindingBuilde
r.java:169)

at
org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindin
gBuilder.java:96)

at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:124)

at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)

... 8 more

 

I am attaching my policy.xml file here

Can somebody please help me here ?


Abhay Srivastava
Reference Architecture
Shared Services and Architecture | Smith Barney Technology | CitiGroup
GWM
(212)  657 - 4617



<?xml version="1.0" encoding="UTF-8"?>
<!--
 !
 ! Copyright 2006 The Apache Software Foundation.
 !
 ! Licensed under the Apache License, Version 2.0 (the "License");
 ! you may not use this file except in compliance with the License.
 ! You may obtain a copy of the License at
 !
 !      http://www.apache.org/licenses/LICENSE-2.0
 !
 ! Unless required by applicable law or agreed to in writing, software
 ! distributed under the License is distributed on an "AS IS" BASIS,
 ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 ! See the License for the specific language governing permissions and
 ! limitations under the License.
 !-->
<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
	<wsp:ExactlyOne>
	  <wsp:All>
		<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
		  <wsp:Policy>
			<sp:TransportToken>
			  <wsp:Policy>
				<sp:HttpsToken RequireClientCertificate="false"/>
			  </wsp:Policy>
			</sp:TransportToken>
		
		  </wsp:Policy>
		</sp:TransportBinding>
		<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
			<wsp:Policy>
				<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"; />
		  </wsp:Policy>
		</sp:SignedSupportingTokens>
		
	  </wsp:All>
	</wsp:ExactlyOne>
</wsp:Policy>

Reply via email to