Hi,
For reliable messaging (RM) we need to add some additional headers to the
SOAP message. So there is no way that we encrypt the SOAP message and then
use RM. The intended use of RM and Security is to use Security to encrypt
messages after RM. Of course we can customize both handlers (RM and
Security) according to the way you want by modifying the handlers.
Here is the way how you can configure Sandesha and WSS4J according to the
specifications.
In the client side WSDoAllSender should be present in the
"sandesha.properties" file not in the client-config.wsdd as shown in the
sandesha.properties.
# If there are additional handlers that needs to be included in the Client
side Senders OUT path
# then use the following configuration.
#ClientOUTHandler1 = org.apache.ws.axis.security.WSDoAllSender
#ClientOUTHandler1Param1 = name:value
#ClientOUTHandler1Param2 = name:value
WSDoAllReceiver should be configured the same way for client side listner's
IN path.
# These are the handlers for the Listener's IN path. Listener's IN path is
used to
# retrieve asynchronous responses and other RM protocol messages and hence
the handlers we put here
# should be the RESPONSE handlers with respect to normal invocation.
#ListenerINHandler1 = org.apache.ws.axis.security.WSDoAllReceiver
#ListenerINHandler1Param1 = name:value
#ListenerINHandler1Param2 = name:value
In the server side we need WSDoAllReceiver present in the server-config.wsdd
as you have specified below. In addition we need WSDoAllSender to be
configured for server side sender using the sandesha.properties file.
#Configure handlers for the OUT path of the server side sender.
#ServerOUTHandler1 = org.apache.ws.axis.security.WSDoAllSender
#ServerOUTHandler1Param1 = param1:BBBB
#ServerOUTHandler1Param2 = param2:CCCC
That is it and it should work. We have tested this for interops as well.
The simple rule is Security handler's should be present after all the other
handlers and that is why we need to configure them using special mechanism.
Thanks,
Jaliya
----- Original Message -----
From: "Benjamin Schmeling" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Saturday, May 20, 2006 5:12 AM
Subject: WSS4J+ Sandesha1.0
Hi,
I have a target Web Service that has a security and a reliable messaging
handler:
<service name="SimpleFlightServiceRS" provider="Handler">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Encrypt" />
<parameter name="decryptionPropFile" value="crypto.properties"
/>
<parameter name="passwordCallbackClass"
value="de.tud.ao4bpel.services.security.wss4jhandler.WSS4JPasswordCallbackHandler"
/>
</handler>
<handler
type="java:org.apache.sandesha.ws.rm.handlers.RMServerRequestHandler"/>
<handler
type="java:org.apache.axis.message.addressing.handler.AddressingHandler"/>
</requestFlow>
My client processes a given encrypted SOAP message and sends it with
Sandesha. The sequence message containing the application data has
security headers and encrypted content. When Sandesha sends the
CreateSequence message it has no Security Headers, so the WSDoAllReceiver
does not accept this message. I think it is not necessary to encrypt the
CreateSequence, CreateSequenceResponse, Acknowledge and TerminateSequence
message. Is it possible to get this working, so the WSDoAllReceiver
accepts the messages without security headers and how should I configure
my target service and client?
Thanks,
Benjamin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
