What is the version of the WSS4J jar you are using ? It seems you are using a older on than 1.5.4. You can find all the dependencies needed for Rampart 1.4 in the Rampart 1.4 binary distribution under "/rampart-1.4/lib/" which can downloaded form here [1]. Adding the wss4j 1.5.4 jar to your Axis2 lib will solve this problem. You can also post your password callback handler class for the server side and the services.xml, so we can verify whether they are correct.
thanks, nandana [1] - http://ws.apache.org/rampart/download/1.4/download.cgi Just to verify how this policy would work... > So if I use this policy, I can just tell soapUI to add a User Name Token > with username "alice" and password "bobPW", and I should receive an echo > back (using the service in the samples) in the response? However, when I do > this, for some reason I receive and error. The RAW messages are reprinted > below: > > > REQUEST: > Host: 192.168.1.247:8080 > Content-Length: 803 > User-Agent: Jakarta Commons-HttpClient/3.0.1 > Content-Type: application/soap+xml;charset=UTF-8;action="urn:echo" > > <soap:Envelope xmlns:sam=" > http://sample01.policy.samples.rampart.apache.org"; xmlns:soap=" > http://www.w3.org/2003/05/soap-envelope";> > <soap:Header> > <wsse:Security soap:mustUnderstand="true" xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "> > <wsse:UsernameToken wsu:Id="UsernameToken-10518016" xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "> > <wsse:Username>alice</wsse:Username> > <wsse:Password Type=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText > ">bobPW</wsse:Password> > </wsse:UsernameToken> > </wsse:Security> > </soap:Header> > <soap:Body> > <sam:echo> > <!--Optional:--> > <sam:param0>?</sam:param0> > </sam:echo> > </soap:Body> > </soap:Envelope> > > > RESPONSE: > HTTP/1.1 500 Internal Server Error > Date: Tue, 15 Jul 2008 18:05:24 GMT > Transfer-Encoding: chunked > Connection: close > Content-Type: application/soap+xml; action=" > http://www.w3.org/2005/08/addressing/soap/fault";charset=UTF-8 > Server: Apache-Coyote/1.1 > > <?xml version='1.0' encoding='UTF-8'?> > <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope > "> > <soapenv:Body> > <soapenv:Fault> > <soapenv:Code> > <soapenv:Value>soapenv:Receiver</soapenv:Value> > </soapenv:Code> > <soapenv:Reason> > <soapenv:Text xml:lang="en-US">java.lang.NoSuchMethodError: > org.apache.ws.security.message.WSSecHeader.isEmpty(Lorg/w3c/dom/Document;)Z</soapenv:Text> > </soapenv:Reason> > <soapenv:Detail /> > </soapenv:Fault> > </soapenv:Body> > </soapenv:Envelope> > > > Thanks. > > =>RY > > -----Original Message----- > From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] > Sent: Mon 7/14/2008 8:01 AM > To: [email protected] > Subject: Re: Newbie Basics: Security Policy > > Hi Roxane, > > This is the policy to be used. Hope you know how to attach this policy to > services.xml and to a client. Please go through the Rampart policy samples > and you will be able to see how that is done. If you have further > questions, > please feel free to throw them in. > > regards, > nandana > > <wsp:Policy wsu:Id="UT" xmlns:wsu=" > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsp:ExactlyOne> > <wsp:All> > <sp:SupportingTokens xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:UsernameToken sp:IncludeToken=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > " > /> > </wsp:Policy> > </sp:SupportingTokens> > > <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy > "> > > <ramp:user>username</ramp:user> > > > <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample01.PWCBHandler</ramp:passwordCallbackClass> > </ramp:RampartConfig> > > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > On Mon, Jul 14, 2008 at 11:53 PM, Roxanne Yee <[EMAIL PROTECTED]> wrote: > > > If I simply wanted to implement a web service that used a User Name Token > > authentication system with a Username and Password in Plaintext (no SSL > for > > now, cause I'm a little sketchy on how to actually set that up), what > would > > I need to do if using the Policy handler configuration? > > > > Thanks. > > > > => RY > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/
