RE: WS-Security
Title: Message I mean wsdl2java instead of wsdl2ws. pat -Original Message-From: Patrick Heffernan [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 11:29 AMTo: 'Apache AXIS C User List'Subject: RE: WS-Security Could I use JNI and call the java classes/methods generated by wsdl2ws from my C++ application? Thoughts on this approach? pat -Original Message-From: Patrick Heffernan [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 11:12 AMTo: 'Apache AXIS C User List'Subject: RE: WS-Security Hi Samisa, Dinesh, and John, Thanks for taking on my WS-Security question. I've got a Linux C++ application that I'm modifying to send web services requests to a Microsoft WS server that is implementing the Web Services Enhancements (WSE) package that includes WS-Security. I have no choice in the server as we are a third party developer that is integrating our product into an existing system (and we're not a Microsoft shop to boot -- so not taking on a MS WS client!). I've had them turn off the security stuff on the dev system we're testing against so I can continue my application dev/testing but the WS-Security obviously needs to be in place for us to go to production. This is the format of soap messages I am required to support: http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId http://iwslib/cox.web.services.profile/ServiceCustomer.asmx uuid:0c58b657-0242-4e43-9bf7-68904b9e6294 2005-05-11T14:41:07Z 2005-05-11T14:46:07Z webserviceuser aa xmOrtuc7SgN2QoFJgBk8uw== 2005-05-11T14:41:07Z qRU8kf9YQDtevGGRLqbJ7k5biuc= FMEJoIBD7T0uXY3eizSz0oiwzRE= wdST6LxVV+0XOZ7xqhVe9zIJ2G4= 2MJUGSiUzDLBFyDAH0OrJP46R6k= cqRYyBRHatKNRvAQM01OrvBERyw= j6AxeTlBcpfKuVJHD1TvoMuEaes= IwEDjgV/jC/HjyXPxyzaF738eZc= 0 It sounds like you guys have done alot of good work on this. What are the chances of getting it completed in the near future? Other than me trying to hack something to make it work, do I have any other options? Thanks again, pat -Original Message-From: John Hawkins [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 AMTo: Apache AXIS C User ListSubject: Re: WS-SecuritySo, it doesn't sound like we're that far off - if we just implement the getSOAPBodyAsString() method then we would be able to have ws-security on client-side (at least)? Din%$h <[EMAIL PROTECTED]> 12/05/2005 10:21 Please respond to"Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the
RE: WS-Security
Title: Message Could I use JNI and call the java classes/methods generated by wsdl2ws from my C++ application? Thoughts on this approach? pat -Original Message-From: Patrick Heffernan [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 11:12 AMTo: 'Apache AXIS C User List'Subject: RE: WS-Security Hi Samisa, Dinesh, and John, Thanks for taking on my WS-Security question. I've got a Linux C++ application that I'm modifying to send web services requests to a Microsoft WS server that is implementing the Web Services Enhancements (WSE) package that includes WS-Security. I have no choice in the server as we are a third party developer that is integrating our product into an existing system (and we're not a Microsoft shop to boot -- so not taking on a MS WS client!). I've had them turn off the security stuff on the dev system we're testing against so I can continue my application dev/testing but the WS-Security obviously needs to be in place for us to go to production. This is the format of soap messages I am required to support: http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId http://iwslib/cox.web.services.profile/ServiceCustomer.asmx uuid:0c58b657-0242-4e43-9bf7-68904b9e6294 2005-05-11T14:41:07Z 2005-05-11T14:46:07Z webserviceuser aa xmOrtuc7SgN2QoFJgBk8uw== 2005-05-11T14:41:07Z qRU8kf9YQDtevGGRLqbJ7k5biuc= FMEJoIBD7T0uXY3eizSz0oiwzRE= wdST6LxVV+0XOZ7xqhVe9zIJ2G4= 2MJUGSiUzDLBFyDAH0OrJP46R6k= cqRYyBRHatKNRvAQM01OrvBERyw= j6AxeTlBcpfKuVJHD1TvoMuEaes= IwEDjgV/jC/HjyXPxyzaF738eZc= 0 It sounds like you guys have done alot of good work on this. What are the chances of getting it completed in the near future? Other than me trying to hack something to make it work, do I have any other options? Thanks again, pat -Original Message-From: John Hawkins [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 AMTo: Apache AXIS C User ListSubject: Re: WS-SecuritySo, it doesn't sound like we're that far off - if we just implement the getSOAPBodyAsString() method then we would be able to have ws-security on client-side (at least)? Din%$h <[EMAIL PROTECTED]> 12/05/2005 10:21 Please respond to"Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the deserializer and decrypted it. and get the original message. For the response flow also scenario remains same. We hoped to do it using an handler.Since there was a method called getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If we could get Object Model that was easier). giving soap message as a String I was able to Encrypt it and Giving that Encrypt message I was able to got that original message too.Since there wasn't a way to get acess to the Body( getSoapBodyAsString () or any other method which can access body didn't implemented at that time). We didn't able to integrate it with axis using a handler.regards,DineshOn 5
RE: WS-Security
Title: Message Hi Samisa, Dinesh, and John, Thanks for taking on my WS-Security question. I've got a Linux C++ application that I'm modifying to send web services requests to a Microsoft WS server that is implementing the Web Services Enhancements (WSE) package that includes WS-Security. I have no choice in the server as we are a third party developer that is integrating our product into an existing system (and we're not a Microsoft shop to boot -- so not taking on a MS WS client!). I've had them turn off the security stuff on the dev system we're testing against so I can continue my application dev/testing but the WS-Security obviously needs to be in place for us to go to production. This is the format of soap messages I am required to support: http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId http://iwslib/cox.web.services.profile/ServiceCustomer.asmx uuid:0c58b657-0242-4e43-9bf7-68904b9e6294 2005-05-11T14:41:07Z 2005-05-11T14:46:07Z webserviceuser aa xmOrtuc7SgN2QoFJgBk8uw== 2005-05-11T14:41:07Z qRU8kf9YQDtevGGRLqbJ7k5biuc= FMEJoIBD7T0uXY3eizSz0oiwzRE= wdST6LxVV+0XOZ7xqhVe9zIJ2G4= 2MJUGSiUzDLBFyDAH0OrJP46R6k= cqRYyBRHatKNRvAQM01OrvBERyw= j6AxeTlBcpfKuVJHD1TvoMuEaes= IwEDjgV/jC/HjyXPxyzaF738eZc= 0 It sounds like you guys have done alot of good work on this. What are the chances of getting it completed in the near future? Other than me trying to hack something to make it work, do I have any other options? Thanks again, pat -Original Message-From: John Hawkins [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 AMTo: Apache AXIS C User ListSubject: Re: WS-SecuritySo, it doesn't sound like we're that far off - if we just implement the getSOAPBodyAsString() method then we would be able to have ws-security on client-side (at least)? Din%$h <[EMAIL PROTECTED]> 12/05/2005 10:21 Please respond to"Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the deserializer and decrypted it. and get the original message. For the response flow also scenario remains same. We hoped to do it using an handler.Since there was a method called getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If we could get Object Model that was easier). giving soap message as a String I was able to Encrypt it and Giving that Encrypt message I was able to got that original message too.Since there wasn't a way to get acess to the Body( getSoapBodyAsString () or any other method which can access body didn't implemented at that time). We didn't able to integrate it with axis using a handler.regards,DineshOn 5/12/05, John Hawkins <[EMAIL PROTECTED]> wrote: Hi Dinesh, Can I ask - how you wanted that soap body? Would you need a byte stream or an object model? Was this client or server side or both? Was it on the outgoing or incoming message or both? cheers, John. Din%$h <[EMAIL PROTECTED]> 12/05/2005 08:07 Please respond to"Apache AXIS C User List" To Apache AXIS C User Listcc Subject Re: WS-Security
Re: WS-Security
So, it doesn't sound like we're that far off - if we just implement the getSOAPBodyAsString() method then we would be able to have ws-security on client-side (at least)? Din%$h <[EMAIL PROTECTED]> 12/05/2005 10:21 Please respond to "Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the deserializer and decrypted it. and get the original message. For the response flow also scenario remains same. We hoped to do it using an handler. Since there was a method called getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If we could get Object Model that was easier). giving soap message as a String I was able to Encrypt it and Giving that Encrypt message I was able to got that original message too. Since there wasn't a way to get acess to the Body( getSoapBodyAsString () or any other method which can access body didn't implemented at that time). We didn't able to integrate it with axis using a handler. regards, Dinesh On 5/12/05, John Hawkins <[EMAIL PROTECTED]> wrote: Hi Dinesh, Can I ask - how you wanted that soap body? Would you need a byte stream or an object model? Was this client or server side or both? Was it on the outgoing or incoming message or both? cheers, John. Din%$h <[EMAIL PROTECTED]> 12/05/2005 08:07 Please respond to "Apache AXIS C User List" To Apache AXIS C User Listcc Subject Re: WS-Security Hi, Both Sameera and my self had worked on this (WSS4C). We needed to get body of Soap Message through a handler.( from Serilizer). But Unfortunately It was not implemented at that time.( It was commented /* To do */). There were some threads discussing about those methods. We were unable to get access to the Body of the Soap message through a handler.So we stopped at that point. ( Until those methods are implemented ) http://wiki.apache.org/ws/WSS4C I don't know whether some one is working on this Project now. thanx, Dinesh On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED] > wrote: There were some efforts and there were some improvements proposed to the current engine to help implement WS-Security ,like opening up the SOAP body in handlers. But we did not hear from anyone on this lately. Is there anyone working on WS-Sec at the moment? Thanks, Samisa... -Original Message- From: Patrick Heffernan [mailto:[EMAIL PROTECTED] ] Sent: Thursday, May 12, 2005 12:14 PM To: axis-c-user@ws.apache.org Subject: WS-Security I apologize if I've missed this in some publication. What is the plan for Axis C++ support WS-Security? I've got a project that requires the WSE Username/Password token and I'm trying to determine what options are available to me. Thanks, pat -- W.Dinesh Premalal [EMAIL PROTECTED] http://www.cse.mrt.ac.lk/~premalwd/ -- W.Dinesh Premalal [EMAIL PROTECTED] http://www.cse.mrt.ac.lk/~premalwd/
Re: WS-Security
Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the deserializer and decrypted it. and get the original message. For the response flow also scenario remains same. We hoped to do it using an handler. Since there was a method called getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If we could get Object Model that was easier). giving soap message as a String I was able to Encrypt it and Giving that Encrypt message I was able to got that original message too. Since there wasn't a way to get acess to the Body( getSoapBodyAsString () or any other method which can access body didn't implemented at that time). We didn't able to integrate it with axis using a handler. regards, Dinesh On 5/12/05, John Hawkins <[EMAIL PROTECTED]> wrote: Hi Dinesh, Can I ask - how you wanted that soap body? Would you need a byte stream or an object model? Was this client or server side or both? Was it on the outgoing or incoming message or both? cheers, John. Din%$h <[EMAIL PROTECTED]> 12/05/2005 08:07 Please respond to "Apache AXIS C User List" To Apache AXIS C User Listcc Subject Re: WS-Security Hi, Both Sameera and my self had worked on this (WSS4C). We needed to get body of Soap Message through a handler.( from Serilizer). But Unfortunately It was not implemented at that time.( It was commented /* To do */). There were some threads discussing about those methods. We were unable to get access to the Body of the Soap message through a handler.So we stopped at that point. ( Until those methods are implemented ) http://wiki.apache.org/ws/WSS4C I don't know whether some one is working on this Project now. thanx, Dinesh On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED] > wrote: There were some efforts and there were some improvements proposed to the current engine to help implement WS-Security ,like opening up the SOAP body in handlers. But we did not hear from anyone on this lately. Is there anyone working on WS-Sec at the moment? Thanks, Samisa... -Original Message- From: Patrick Heffernan [mailto:[EMAIL PROTECTED] ] Sent: Thursday, May 12, 2005 12:14 PM To: axis-c-user@ws.apache.org Subject: WS-Security I apologize if I've missed this in some publication. What is the plan for Axis C++ support WS-Security? I've got a project that requires the WSE Username/Password token and I'm trying to determine what options are available to me. Thanks, pat -- W.Dinesh Premalal [EMAIL PROTECTED] http://www.cse.mrt.ac.lk/~premalwd/ -- W.Dinesh Premalal[EMAIL PROTECTED]http://www.cse.mrt.ac.lk/~premalwd/
RE: soapAction and .NET interoperability
which is what Websphere does ;-) "Samisa Abeysinghe" <[EMAIL PROTECTED]> 12/05/2005 09:31 Please respond to "Apache AXIS C User List" To "Apache AXIS C User List" cc Subject RE: soapAction and .NET interoperability Surely picking from SOAPAction is a bad idea as this is not something mandatory. Then the other sensible means of doing this is to look in the SOAP body and understand what method to invoke. Thanks, Samisa… -Original Message- From: John Hawkins [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 2:18 PM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability Do we have a clear direction that we should be heading to? What is the way we should be finding the operation we're calling? .NET and Websphere for example have different methods - which should we adopt (or some other third method?) "Samisa Abeysinghe" <[EMAIL PROTECTED]> 12/05/2005 06:37 Please respond to "Apache AXIS C User List" To "Apache AXIS C User List" cc Subject RE: soapAction and .NET interoperability Yes, Axis C++ server side is looking for a soap action of the form: ServiceName#MethodName It uses the MethodName to locate the method to be invoked. This is not a very good practice and is something that need be fixed. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 8:39 PM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability Does Axis require the SOAPAction to be formatted with a '#' separating the service and method? All the Microsoft documentation I've Googled about setting SOAPAction from their stuff shows it formatted like a URL with a slash setting off the method. Would Axis reject this? By the way, I haven't actually tested with a .NET client. I'm just assuming they don't send SOAPAction, because the WSDL I was given to implement was generated with .NET tools, and it had soapAction="". I couldn't get my Axis-to-Axis code to work until I filled in at least #method there (the service name doesn't seem to be necessary). -Original Message- From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 12:03 AM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability > Does anybody know of a workaround for this? Either a way to define my > service to not require soapAction or a way to > get a .NET client to provide the method name in the soapAction header? There is no way in Axis C++ to define the service not to require the SOAPAction as of now. (But we wish to implement such kind of a mechanism - there is a Jira issue raised on this) Hence I think you have to figure out how to set the SOAPAction with .net client. I am not sure how to do this exactly but http://msdn.microsoft.com/library/default.asp?url=""> tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction Topic.asp may lead to a clue. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 2:39 AM To: Apache AXIS C User List Subject: soapAction and .NET interoperability I've seen posted here that Axis services don't work with soapAction set to "". I can verify that that's the case. With no soapAction, I get a "Soap method is not allowed to invoke" exception, but when I put it in, I'm able to access the service. As a matter of fact, it seems to only require the method (i.e. soapAction="#METHOD" works just as well as soapAction="SERVICE#METHOD"). My problem is that I need to interoperate with .NET clients, and they don't seem to set soapAction (at least by default). Does anybody know of a workaround for this? Either a way to define my service to not require soapAction or a way to get a .NET client to provide the method name in the soapAction header? Thanks, Rob
RE: soapAction and .NET interoperability
Surely picking from SOAPAction is a bad idea as this is not something mandatory. Then the other sensible means of doing this is to look in the SOAP body and understand what method to invoke. Thanks, Samisa… -Original Message- From: John Hawkins [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 2:18 PM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability Do we have a clear direction that we should be heading to? What is the way we should be finding the operation we're calling? .NET and Websphere for example have different methods - which should we adopt (or some other third method?) "Samisa Abeysinghe" <[EMAIL PROTECTED]> 12/05/2005 06:37 Please respond to "Apache AXIS C User List" To "Apache AXIS C User List" cc Subject RE: soapAction and .NET interoperability Yes, Axis C++ server side is looking for a soap action of the form: ServiceName#MethodName It uses the MethodName to locate the method to be invoked. This is not a very good practice and is something that need be fixed. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 8:39 PM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability Does Axis require the SOAPAction to be formatted with a '#' separating the service and method? All the Microsoft documentation I've Googled about setting SOAPAction from their stuff shows it formatted like a URL with a slash setting off the method. Would Axis reject this? By the way, I haven't actually tested with a .NET client. I'm just assuming they don't send SOAPAction, because the WSDL I was given to implement was generated with .NET tools, and it had soapAction="". I couldn't get my Axis-to-Axis code to work until I filled in at least #method there (the service name doesn't seem to be necessary). -Original Message- From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 12:03 AM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability > Does anybody know of a workaround for this? Either a way to define my > service to not require soapAction or a way to > get a .NET client to provide the method name in the soapAction header? There is no way in Axis C++ to define the service not to require the SOAPAction as of now. (But we wish to implement such kind of a mechanism - there is a Jira issue raised on this) Hence I think you have to figure out how to set the SOAPAction with .net client. I am not sure how to do this exactly but http://msdn.microsoft.com/library/default.asp?url=""> tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction Topic.asp may lead to a clue. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 2:39 AM To: Apache AXIS C User List Subject: soapAction and .NET interoperability I've seen posted here that Axis services don't work with soapAction set to "". I can verify that that's the case. With no soapAction, I get a "Soap method is not allowed to invoke" exception, but when I put it in, I'm able to access the service. As a matter of fact, it seems to only require the method (i.e. soapAction="#METHOD" works just as well as soapAction="SERVICE#METHOD"). My problem is that I need to interoperate with .NET clients, and they don't seem to set soapAction (at least by default). Does anybody know of a workaround for this? Either a way to define my service to not require soapAction or a way to get a .NET client to provide the method name in the soapAction header? Thanks, Rob
Re: WS-Security
Hi Dinesh, Can I ask - how you wanted that soap body? Would you need a byte stream or an object model? Was this client or server side or both? Was it on the outgoing or incoming message or both? cheers, John. Din%$h <[EMAIL PROTECTED]> 12/05/2005 08:07 Please respond to "Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi, Both Sameera and my self had worked on this (WSS4C). We needed to get body of Soap Message through a handler.( from Serilizer). But Unfortunately It was not implemented at that time.( It was commented /* To do */). There were some threads discussing about those methods. We were unable to get access to the Body of the Soap message through a handler.So we stopped at that point. ( Until those methods are implemented ) http://wiki.apache.org/ws/WSS4C I don't know whether some one is working on this Project now. thanx, Dinesh On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]> wrote: There were some efforts and there were some improvements proposed to the current engine to help implement WS-Security ,like opening up the SOAP body in handlers. But we did not hear from anyone on this lately. Is there anyone working on WS-Sec at the moment? Thanks, Samisa... -Original Message- From: Patrick Heffernan [mailto:[EMAIL PROTECTED] ] Sent: Thursday, May 12, 2005 12:14 PM To: axis-c-user@ws.apache.org Subject: WS-Security I apologize if I've missed this in some publication. What is the plan for Axis C++ support WS-Security? I've got a project that requires the WSE Username/Password token and I'm trying to determine what options are available to me. Thanks, pat -- W.Dinesh Premalal [EMAIL PROTECTED] http://www.cse.mrt.ac.lk/~premalwd/
RE: soapAction and .NET interoperability
Do we have a clear direction that we should be heading to? What is the way we should be finding the operation we're calling? .NET and Websphere for example have different methods - which should we adopt (or some other third method?) "Samisa Abeysinghe" <[EMAIL PROTECTED]> 12/05/2005 06:37 Please respond to "Apache AXIS C User List" To "Apache AXIS C User List" cc Subject RE: soapAction and .NET interoperability Yes, Axis C++ server side is looking for a soap action of the form: ServiceName#MethodName It uses the MethodName to locate the method to be invoked. This is not a very good practice and is something that need be fixed. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 8:39 PM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability Does Axis require the SOAPAction to be formatted with a '#' separating the service and method? All the Microsoft documentation I've Googled about setting SOAPAction from their stuff shows it formatted like a URL with a slash setting off the method. Would Axis reject this? By the way, I haven't actually tested with a .NET client. I'm just assuming they don't send SOAPAction, because the WSDL I was given to implement was generated with .NET tools, and it had soapAction="". I couldn't get my Axis-to-Axis code to work until I filled in at least #method there (the service name doesn't seem to be necessary). -Original Message- From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 12:03 AM To: Apache AXIS C User List Subject: RE: soapAction and .NET interoperability > Does anybody know of a workaround for this? Either a way to define my > service to not require soapAction or a way to > get a .NET client to provide the method name in the soapAction header? There is no way in Axis C++ to define the service not to require the SOAPAction as of now. (But we wish to implement such kind of a mechanism - there is a Jira issue raised on this) Hence I think you have to figure out how to set the SOAPAction with .net client. I am not sure how to do this exactly but http://msdn.microsoft.com/library/default.asp?url=""> tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction Topic.asp may lead to a clue. Thanks, Samisa... -Original Message- From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 11, 2005 2:39 AM To: Apache AXIS C User List Subject: soapAction and .NET interoperability I've seen posted here that Axis services don't work with soapAction set to "". I can verify that that's the case. With no soapAction, I get a "Soap method is not allowed to invoke" exception, but when I put it in, I'm able to access the service. As a matter of fact, it seems to only require the method (i.e. soapAction="#METHOD" works just as well as soapAction="SERVICE#METHOD"). My problem is that I need to interoperate with .NET clients, and they don't seem to set soapAction (at least by default). Does anybody know of a workaround for this? Either a way to define my service to not require soapAction or a way to get a .NET client to provide the method name in the soapAction header? Thanks, Rob
Re: WS-Security
Hi, Both Sameera and my self had worked on this (WSS4C). We needed to get body of Soap Message through a handler.( from Serilizer). But Unfortunately It was not implemented at that time.( It was commented /* To do */). There were some threads discussing about those methods. We were unable to get access to the Body of the Soap message through a handler.So we stopped at that point. ( Until those methods are implemented ) http://wiki.apache.org/ws/WSS4C I don't know whether some one is working on this Project now. thanx, DineshOn 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]> wrote: There were some efforts and there were some improvements proposed to thecurrent engine to help implement WS-Security ,like opening up the SOAPbody in handlers. But we did not hear from anyone on this lately. Is there anyone working on WS-Sec at the moment?Thanks,Samisa...-Original Message-From: Patrick Heffernan [mailto:[EMAIL PROTECTED] ]Sent: Thursday, May 12, 2005 12:14 PMTo: axis-c-user@ws.apache.orgSubject: WS-SecurityI apologize if I've missed this in some publication. What is the plan for Axis C++ support WS-Security? I've got a project that requires theWSE Username/Password token and I'm trying to determine what options areavailable to me.Thanks, pat -- W.Dinesh Premalal[EMAIL PROTECTED]http://www.cse.mrt.ac.lk/~premalwd/