RE: WS-Security

[Patrick Heffernan]

Title: Message



I mean 
wsdl2java instead of wsdl2ws.
 
pat

  
  -Original Message-From: Patrick 
  Heffernan [mailto:[EMAIL PROTECTED] Sent: 
  Thursday, May 12, 2005 11:29 AMTo: 'Apache AXIS C User 
  List'Subject: RE: WS-Security
  Could I use JNI and call the java classes/methods generated by wsdl2ws 
  from my C++ application?  Thoughts on this approach?
   
  pat
  

-Original Message-From: Patrick 
Heffernan [mailto:[EMAIL PROTECTED] Sent: 
Thursday, May 12, 2005 11:12 AMTo: 'Apache AXIS C User 
List'Subject: RE: WS-Security
Hi 
Samisa, Dinesh, and John,
 
Thanks for taking on my WS-Security question.
 
I've got a Linux C++ application that I'm modifying to send web 
services requests to a Microsoft WS server that is implementing the Web 
Services Enhancements (WSE) package that includes WS-Security.  I have 
no choice in the server as we are a third party developer that is 
integrating our product into an existing system (and we're not a Microsoft 
shop to boot -- so not taking on a MS WS client!).  I've had them turn 
off the security stuff on the dev system we're testing against so I can 
continue my application dev/testing but the WS-Security obviously needs to 
be in place for us to go to production.
 
This is the format of soap messages I am required to 
support:
 


  

    

  
http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId
  
http://iwslib/cox.web.services.profile/ServiceCustomer.asmx
  
uuid:0c58b657-0242-4e43-9bf7-68904b9e6294
    

    

  
2005-05-11T14:41:07Z
  
2005-05-11T14:46:07Z
    

    

  

    
webserviceuser
    
aa
    
xmOrtuc7SgN2QoFJgBk8uw==
    
2005-05-11T14:41:07Z
  

  

    

  

  

  

    

  

    

    

    
qRU8kf9YQDtevGGRLqbJ7k5biuc=
  

  

    

  

    

    

    
FMEJoIBD7T0uXY3eizSz0oiwzRE=
  

  

    

  

    

    

    
wdST6LxVV+0XOZ7xqhVe9zIJ2G4=
  

  

    

  

    

    

    
2MJUGSiUzDLBFyDAH0OrJP46R6k=
  

  

    

  

    

    

    
cqRYyBRHatKNRvAQM01OrvBERyw=
  

  

    

  

    

    

    
j6AxeTlBcpfKuVJHD1TvoMuEaes=
  

    

    
IwEDjgV/jC/HjyXPxyzaF738eZc=
    

  

    

  

    

  

    

  

  

    

  

  
0
    

  


 
It sounds like you guys have done alot of good work 
on this.  What are the chances of getting it completed in the near 
future?  Other than me trying to hack something to make it work, do I 
have any other options?
 
Thanks again,
 
pat

  
  -Original Message-From: John Hawkins 
  [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 
  AMTo: Apache AXIS C User ListSubject: Re: 
  WS-SecuritySo, it 
  doesn't sound like we're that far off - if we just implement the 
  getSOAPBodyAsString() method then we would be able to have ws-security on 
  client-side (at least)? 
  


  Din%$h 
<[EMAIL PROTECTED]> 
12/05/2005 10:21 

  
  

  Please respond 
  to"Apache AXIS C User 
List"
  

  
  

  To
Apache AXIS C User 
  List  
  

  cc

  

  Subject
Re: 
  WS-Security

  
  

Hi John,    Let me breif what we tried to 
  do.  When Client make a request ,  we get the Body from 
  the serializer and Encrypt it again set those encrypted Body to the 
  message. At the server end we got the encrypted message from the 
   

RE: WS-Security

[Patrick Heffernan]

Title: Message



Could 
I use JNI and call the java classes/methods generated by wsdl2ws from my C++ 
application?  Thoughts on this approach?
 
pat

  
  -Original Message-From: Patrick 
  Heffernan [mailto:[EMAIL PROTECTED] Sent: 
  Thursday, May 12, 2005 11:12 AMTo: 'Apache AXIS C User 
  List'Subject: RE: WS-Security
  Hi 
  Samisa, Dinesh, and John,
   
  Thanks for taking on my WS-Security question.
   
  I've 
  got a Linux C++ application that I'm modifying to send web services requests 
  to a Microsoft WS server that is implementing the Web Services Enhancements 
  (WSE) package that includes WS-Security.  I have no choice in the server 
  as we are a third party developer that is integrating our product into an 
  existing system (and we're not a Microsoft shop to boot -- so not taking on a 
  MS WS client!).  I've had them turn off the security stuff on the dev 
  system we're testing against so I can continue my application dev/testing but 
  the WS-Security obviously needs to be in place for us to go to 
  production.
   
  This 
  is the format of soap messages I am required to support:
   
  
  
    
  
      
  
    
  http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId
    
  http://iwslib/cox.web.services.profile/ServiceCustomer.asmx
    
  uuid:0c58b657-0242-4e43-9bf7-68904b9e6294
      
  
      
  
    
  2005-05-11T14:41:07Z
    
  2005-05-11T14:46:07Z
      
  
      
  
    
  
      
  webserviceuser
      
  aa
      
  xmOrtuc7SgN2QoFJgBk8uw==
      
  2005-05-11T14:41:07Z
    
  
    
  
      
  
    
  
    
  
    
  
      
  
    
  
      
  
      
  
      
  qRU8kf9YQDtevGGRLqbJ7k5biuc=
    
  
    
  
      
  
    
  
      
  
      
  
      
  FMEJoIBD7T0uXY3eizSz0oiwzRE=
    
  
    
  
      
  
    
  
      
  
      
  
      
  wdST6LxVV+0XOZ7xqhVe9zIJ2G4=
    
  
    
  
      
  
    
  
      
  
      
  
      
  2MJUGSiUzDLBFyDAH0OrJP46R6k=
    
  
    
  
      
  
    
  
      
  
      
  
      
  cqRYyBRHatKNRvAQM01OrvBERyw=
    
  
    
  
      
  
    
  
      
  
      
  
      
  j6AxeTlBcpfKuVJHD1TvoMuEaes=
    
  
      
  
      
  IwEDjgV/jC/HjyXPxyzaF738eZc=
      
  
    
  
      
  
    
  
      
  
    
  
      
  
    
  
    
  
      
  
    
  
    
  0
      
  
    
  
  
   
  It sounds like you guys have done alot of good work 
  on this.  What are the chances of getting it completed in the near 
  future?  Other than me trying to hack something to make it work, do I 
  have any other options?
   
  Thanks again,
   
  pat
  

-Original Message-From: John Hawkins 
[mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 
AMTo: Apache AXIS C User ListSubject: Re: 
WS-SecuritySo, it 
doesn't sound like we're that far off - if we just implement the 
getSOAPBodyAsString() method then we would be able to have ws-security on 
client-side (at least)? 

  
  
Din%$h 
  <[EMAIL PROTECTED]> 
  12/05/2005 10:21 
  


  
Please respond 
to"Apache AXIS C User 
  List"

  


  
To
  Apache AXIS C User 
List  

  
cc
  

  
Subject
  Re: 
WS-Security
  


  
  Hi John,    Let me breif what we tried to 
do.  When Client make a request ,  we get the Body from 
the serializer and Encrypt it again set those encrypted Body to the message. 
At the server end we got the encrypted message from the deserializer and 
decrypted it. and get the original message. For the response flow also 
scenario remains same. We hoped to do it using an handler.Since 
there was a method called getBodyAsString(), (as I remember). We creadted 
DOM tree using that body. ( If we could get Object Model that was easier). 
giving soap message as a String I was able to Encrypt it and Giving 
that Encrypt message I was able to got that  original message 
too.Since there wasn't a way to get acess to the Body( 
getSoapBodyAsString ()  or any other method which can access body 
didn't implemented at that time). We didn't able to integrate it with axis 
using a handler.regards,DineshOn 
5

RE: WS-Security

[Patrick Heffernan]

Title: Message



Hi 
Samisa, Dinesh, and John,
 
Thanks 
for taking on my WS-Security question.
 
I've 
got a Linux C++ application that I'm modifying to send web services requests to 
a Microsoft WS server that is implementing the Web Services Enhancements (WSE) 
package that includes WS-Security.  I have no choice in the server as we 
are a third party developer that is integrating our product into an existing 
system (and we're not a Microsoft shop to boot -- so not taking on a MS WS 
client!).  I've had them turn off the security stuff on the dev system 
we're testing against so I can continue my application dev/testing but the 
WS-Security obviously needs to be in place for us to go to 
production.
 
This 
is the format of soap messages I am required to support:
 


  

    

  
http://webservices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId
  
http://iwslib/cox.web.services.profile/ServiceCustomer.asmx
  
uuid:0c58b657-0242-4e43-9bf7-68904b9e6294
    

    

  
2005-05-11T14:41:07Z
  
2005-05-11T14:46:07Z
    

    

  
    
webserviceuser
    
aa
    
xmOrtuc7SgN2QoFJgBk8uw==
    
2005-05-11T14:41:07Z
  

  

    

  

  

  

    

  

    

    

    
qRU8kf9YQDtevGGRLqbJ7k5biuc=
  

  

    

  

    

    

    
FMEJoIBD7T0uXY3eizSz0oiwzRE=
  

  

    

  

    

    

    
wdST6LxVV+0XOZ7xqhVe9zIJ2G4=
  

  

    

  

    

    

    
2MJUGSiUzDLBFyDAH0OrJP46R6k=
  

  

    

  

    

    

    
cqRYyBRHatKNRvAQM01OrvBERyw=
  

  

    

  

    

    

    
j6AxeTlBcpfKuVJHD1TvoMuEaes=
  

    

    
IwEDjgV/jC/HjyXPxyzaF738eZc=
    

  

    

  

    

  

    

  

  
    

  

  
0
    

  


 
It sounds like you guys have done alot of good work on 
this.  What are the chances of getting it completed in the near 
future?  Other than me trying to hack something to make it work, do I have 
any other options?
 
Thanks again,
 
pat

  
  -Original Message-From: John Hawkins 
  [mailto:[EMAIL PROTECTED] Sent: Thursday, May 12, 2005 3:30 
  AMTo: Apache AXIS C User ListSubject: Re: 
  WS-SecuritySo, it 
  doesn't sound like we're that far off - if we just implement the 
  getSOAPBodyAsString() method then we would be able to have ws-security on 
  client-side (at least)? 
  


  Din%$h 
<[EMAIL PROTECTED]> 
12/05/2005 10:21 

  
  

  Please respond 
  to"Apache AXIS C User 
List"
  

  
  

  To
Apache AXIS C User 
  List  
  

  cc

  

  Subject
Re: 
  WS-Security

  
  

Hi 
  John,    Let me breif what we tried to do.  
  When Client make a request ,  we get the Body from the serializer and 
  Encrypt it again set those encrypted Body to the message. At the server end we 
  got the encrypted message from the deserializer and decrypted it. and get the 
  original message. For the response flow also scenario remains same. We hoped 
  to do it using an handler.Since there was a method called 
  getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If 
  we could get Object Model that was easier). giving soap message as a 
  String I was able to Encrypt it and Giving that Encrypt message I was able to 
  got that  original message too.Since there wasn't a way to get 
  acess to the Body( getSoapBodyAsString ()  or any other method which can 
  access body didn't implemented at that time). We didn't able to integrate it 
  with axis using a handler.regards,DineshOn 5/12/05, John Hawkins <[EMAIL PROTECTED]> wrote: 
  Hi Dinesh, 
  Can I ask - how you wanted that 
  soap body? Would you need a byte stream or an object model? Was this client or server 
  side or both? Was it on the outgoing or incoming message or both? cheers, John. 
  
  


  Din%$h <[EMAIL PROTECTED]> 
12/05/2005 08:07 


  
  

  Please respond 
  to"Apache AXIS C User List"

  

  
  

  To
Apache 
  AXIS C User List  
  

  cc

  

  Subject
Re: 
  WS-Security

  
  
  

Re: WS-Security

[John Hawkins]

So, it doesn't sound like we're that
far off - if we just implement the getSOAPBodyAsString() method then we
would be able to have ws-security on client-side (at least)?









Din%$h <[EMAIL PROTECTED]>

12/05/2005 10:21



Please respond to
"Apache AXIS C User List"





To
Apache AXIS C User List 


cc



Subject
Re: WS-Security








Hi John,

     Let me breif what we tried to do.

   When Client make a request ,  we get the Body from the serializer
and Encrypt it again set those encrypted Body to the message. At the server
end we got the encrypted message from the deserializer and decrypted it.
and get the original message. For the response flow also scenario remains
same. We hoped to do it using an handler.

Since there was a method called getBodyAsString(), (as I remember). We
creadted DOM tree using that body. ( If we could get Object Model that
was easier). 

giving soap message as a String I was able to Encrypt it and Giving that
Encrypt message I was able to got that  original message too.

Since there wasn't a way to get acess to the Body( getSoapBodyAsString
()  or any other method which can access body didn't implemented at
that time). We didn't able to integrate it with axis using a handler.

regards,
Dinesh


On 5/12/05, John Hawkins <[EMAIL PROTECTED]>
wrote:

Hi Dinesh, 

Can I ask - how you wanted that soap body? 

Would you need a byte stream or an object model? 

Was this client or server side or both? 

Was it on the outgoing or incoming message or both?



cheers, 
John. 






Din%$h <[EMAIL PROTECTED]>

12/05/2005 08:07





Please respond to
"Apache AXIS C User List"






To
Apache AXIS C User
List  


cc



Subject
Re: WS-Security










Hi,
     
     Both Sameera and my self had worked on this (WSS4C). We
needed to get body of Soap Message through a handler.( from Serilizer).
But Unfortunately It was not implemented at that time.( It was commented
/* To do */). There were some threads discussing about those methods. 

We were unable to get access to the Body of the Soap message through a
handler.So we 
stopped at that point. ( Until those methods are implemented )

http://wiki.apache.org/ws/WSS4C

I don't know whether some one is working on this Project now.

thanx,
Dinesh

On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]
> wrote: 
There were some efforts and there were some improvements proposed to the
current engine to help implement WS-Security ,like opening up the SOAP
body in handlers. But we did not hear from anyone on this lately.

Is there anyone working on WS-Sec at the moment?

Thanks,
Samisa...


-Original Message-
From: Patrick Heffernan [mailto:[EMAIL PROTECTED]
]
Sent: Thursday, May 12, 2005 12:14 PM
To: axis-c-user@ws.apache.org
Subject: WS-Security

I apologize if I've missed this in some publication.  What is the
plan 
for Axis C++ support WS-Security?  I've got a project that requires
the
WSE Username/Password token and I'm trying to determine what options are
available to me.

Thanks, pat




-- 
W.Dinesh Premalal
[EMAIL PROTECTED]

http://www.cse.mrt.ac.lk/~premalwd/




-- 
W.Dinesh Premalal
[EMAIL PROTECTED]
http://www.cse.mrt.ac.lk/~premalwd/

Re: WS-Security

[Din%$h]

Hi John,

 Let me breif what we tried to do.

   When Client make a request ,  we get the Body from
the serializer and Encrypt it again set those encrypted Body to the
message. At the server end we got the encrypted message from the
deserializer and decrypted it. and get the original message. For the
response flow also scenario remains same. We hoped to do it using an
handler.

Since there was a method called getBodyAsString(), (as I remember). We
creadted DOM tree using that body. ( If we could get Object Model that
was easier). 

giving soap message as a String I was able to Encrypt it and Giving
that Encrypt message I was able to got that  original message too.
Since there wasn't a way to get acess to the Body( getSoapBodyAsString
()  or any other method which can access body didn't implemented
at that time). We didn't able to integrate it with axis using a handler.

regards,
Dinesh

On 5/12/05, John Hawkins <[EMAIL PROTECTED]> wrote:

Hi Dinesh,

Can I ask - how you wanted that soap
body?

Would you need a byte stream or an object
model?

Was this client or server side or both?

Was it on the outgoing or incoming message
or both?


cheers,
John.







Din%$h <[EMAIL PROTECTED]>

12/05/2005 08:07



Please respond to
"Apache AXIS C User List"





To
Apache AXIS C User List 


cc

  


Subject
Re: WS-Security




  





Hi,
      
      Both Sameera and my self had worked on this (WSS4C).
We needed to get body of Soap Message through a handler.( from Serilizer).
But Unfortunately It was not implemented at that time.( It was commented
/* To do */). There were some threads discussing about those methods. 
 
We were unable to get access to the Body of the Soap message through a
handler.So we 
stopped at that point. ( Until those methods are implemented )

http://wiki.apache.org/ws/WSS4C


I don't know whether some one is working on this Project now.

thanx,
Dinesh

On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]
>
wrote:
There were some efforts and there were some improvements
proposed to the
current engine to help implement WS-Security ,like opening up the SOAP
body in handlers. But we did not hear from anyone on this lately.

Is there anyone working on WS-Sec at the moment?

Thanks,
Samisa...


-Original Message-
From: Patrick Heffernan [mailto:[EMAIL PROTECTED]
]
Sent: Thursday, May 12, 2005 12:14 PM
To: axis-c-user@ws.apache.org
Subject: WS-Security

I apologize if I've missed this in some publication.  What is the
plan 
for Axis C++ support WS-Security?  I've got a project that requires
the
WSE Username/Password token and I'm trying to determine what options are
available to me.

Thanks, pat




-- 
W.Dinesh Premalal
[EMAIL PROTECTED]

http://www.cse.mrt.ac.lk/~premalwd/



-- W.Dinesh Premalal[EMAIL PROTECTED]http://www.cse.mrt.ac.lk/~premalwd/

RE: soapAction and .NET interoperability

[John Hawkins]

which is what Websphere does ;-)







"Samisa Abeysinghe"
<[EMAIL PROTECTED]> 
12/05/2005 09:31



Please respond to
"Apache AXIS C User List"





To
"Apache AXIS C User
List" 


cc



Subject
RE: soapAction and .NET interoperability








Surely picking from SOAPAction
is a bad idea as this is not something mandatory.
 
Then the other sensible means
of doing this is to look in the SOAP body and understand what method to
invoke.
 
Thanks,
Samisa…
 
 
-Original Message-
From: John Hawkins [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 12, 2005 2:18 PM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability
 

Do we have a clear direction that we should be heading to? What is the
way we should be finding the operation we're calling?


.NET and  Websphere for example have different methods - which should
we adopt (or some other third method?)







"Samisa Abeysinghe"
<[EMAIL PROTECTED]> 
12/05/2005 06:37






Please respond to
"Apache AXIS C User List"






To
"Apache AXIS
C User List" 



cc
 


Subject
RE: soapAction and .NET interoperability
 




 
 




Yes, Axis C++ server side is looking for a soap action of the form:
ServiceName#MethodName

It uses the MethodName to locate the method to be invoked.
This is not a very good practice and is something that need be fixed.


Thanks,
Samisa...


-Original Message-
From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 8:39 PM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

Does Axis require the SOAPAction to be formatted with a '#' separating
the service and method?  All the Microsoft documentation I've Googled
about setting SOAPAction from their stuff shows it formatted like a URL
with a slash setting off the method.  Would Axis reject this?

By the way, I haven't actually tested with a .NET client.  I'm just
assuming they don't send SOAPAction, because the WSDL I was given to
implement was generated with .NET tools, and it had soapAction="".
 I
couldn't get my Axis-to-Axis code to work until I filled in at least
#method there (the service name doesn't seem to be necessary).

-Original Message-
From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 12:03 AM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

> Does anybody know of a workaround for this?  Either a way to
define my
> service to not require soapAction or a way to 
> get a .NET client to provide the method name in the soapAction header?

There is no way in Axis C++ to define the service not to require the
SOAPAction as of now. (But we wish to implement such kind of a mechanism
- there is a Jira issue raised on this)

Hence I think you have to figure out how to set the SOAPAction with .net
client. I am not sure how to do this exactly but
http://msdn.microsoft.com/library/default.asp?url="">
tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction
Topic.asp may lead to a clue.

Thanks,
Samisa...

-Original Message-
From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 2:39 AM
To: Apache AXIS C User List
Subject: soapAction and .NET interoperability

I've seen posted here that Axis services don't work with soapAction set
to "".  I can verify that that's the case.  With no
soapAction, I get a
"Soap method is not allowed to invoke" exception, but when I
put it in,
I'm able to access the service.  As a matter of fact, it seems to
only
require the method (i.e.  soapAction="#METHOD" works just
as well as
soapAction="SERVICE#METHOD").

My problem is that I need to interoperate with .NET clients, and they
don't seem to set soapAction (at least by default).

Does anybody know of a workaround for this?  Either a way to define
my
service to not require soapAction or a way to 
get a .NET client to provide the method name in the soapAction header?

Thanks,
Rob

RE: soapAction and .NET interoperability

[Samisa Abeysinghe]

Surely picking from SOAPAction
is a bad idea as this is not something mandatory.

 

Then the other sensible means of doing
this is to look in the SOAP body and understand what method to invoke.

 

Thanks,

Samisa…

 

 

-Original Message-
From: John Hawkins
[mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 12, 2005 2:18
PM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET
interoperability

 


Do we have a clear direction that we should be heading
to? What is the way we should be finding the operation we're calling?


.NET
and  Websphere for example have different methods - which should we adopt
(or some other third method?) 






 
  
  "Samisa Abeysinghe"
  <[EMAIL PROTECTED]> 
  12/05/2005 06:37 
  
   

Please
respond to
"Apache AXIS C User List"

   
  
  
  
  
  
   

To


"Apache AXIS C User List"
 

   
   

cc


 

   
   

Subject


RE: soapAction and .NET interoperability

   
  
   
  
   

 


 

   
  
  
  
 





Yes,
Axis C++ server side is looking for a soap action of the form:
ServiceName#MethodName

It uses the MethodName to locate the method to be
invoked.
This is not a very good practice and is something
that need be fixed.


Thanks,
Samisa...


-Original Message-
From: Yampolsky, Robert
[mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 8:39 PM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

Does Axis require the SOAPAction to be formatted
with a '#' separating
the service and method?  All the Microsoft
documentation I've Googled
about setting SOAPAction from their stuff shows it
formatted like a URL
with a slash setting off the method.  Would
Axis reject this?

By the way, I haven't actually tested with a .NET
client.  I'm just
assuming they don't send SOAPAction, because the
WSDL I was given to
implement was generated with .NET tools, and it
had soapAction="".  I
couldn't get my Axis-to-Axis code to work until I
filled in at least
#method there (the service name doesn't seem to be
necessary).

-Original Message-
From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED]

Sent: Wednesday, May 11, 2005 12:03 AM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

> Does anybody know of a workaround for this?
 Either a way to define my
> service to not require soapAction or a way to

> get a .NET client to provide the method name
in the soapAction header?

There is no way in Axis C++ to define the service
not to require the
SOAPAction as of now. (But we wish to implement
such kind of a mechanism
- there is a Jira issue raised on this)

Hence I think you have to figure out how to set
the SOAPAction with .net
client. I am not sure how to do this exactly but
http://msdn.microsoft.com/library/default.asp?url="">
tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction
Topic.asp may lead to a clue.

Thanks,
Samisa...

-Original Message-
From: Yampolsky, Robert
[mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 2:39 AM
To: Apache AXIS C User List
Subject: soapAction and .NET interoperability

I've seen posted here that Axis services don't
work with soapAction set
to "".  I can verify that that's
the case.  With no soapAction, I get a
"Soap method is not allowed to invoke"
exception, but when I put it in,
I'm able to access the service.  As a matter
of fact, it seems to only
require the method (i.e.
 soapAction="#METHOD" works just as well as
soapAction="SERVICE#METHOD").

My problem is that I need to interoperate with
.NET clients, and they
don't seem to set soapAction (at least by
default).

Does anybody know of a workaround for this?
 Either a way to define my
service to not require soapAction or a way to 
get a .NET client to provide the method name in
the soapAction header?

Thanks,
Rob

Re: WS-Security

[John Hawkins]

Hi Dinesh,

Can I ask - how you wanted that soap
body?

Would you need a byte stream or an object
model?

Was this client or server side or both?

Was it on the outgoing or incoming message
or both?


cheers,
John.







Din%$h <[EMAIL PROTECTED]>

12/05/2005 08:07



Please respond to
"Apache AXIS C User List"





To
Apache AXIS C User List 


cc



Subject
Re: WS-Security








Hi,
      
      Both Sameera and my self had worked on this (WSS4C).
We needed to get body of Soap Message through a handler.( from Serilizer).
But Unfortunately It was not implemented at that time.( It was commented
/* To do */). There were some threads discussing about those methods. 
 
We were unable to get access to the Body of the Soap message through a
handler.So we 
stopped at that point. ( Until those methods are implemented )

http://wiki.apache.org/ws/WSS4C

I don't know whether some one is working on this Project now.

thanx,
Dinesh

On 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]>
wrote:
There were some efforts and there were some improvements
proposed to the
current engine to help implement WS-Security ,like opening up the SOAP
body in handlers. But we did not hear from anyone on this lately.

Is there anyone working on WS-Sec at the moment?

Thanks,
Samisa...


-Original Message-
From: Patrick Heffernan [mailto:[EMAIL PROTECTED]
]
Sent: Thursday, May 12, 2005 12:14 PM
To: axis-c-user@ws.apache.org
Subject: WS-Security

I apologize if I've missed this in some publication.  What is the
plan 
for Axis C++ support WS-Security?  I've got a project that requires
the
WSE Username/Password token and I'm trying to determine what options are
available to me.

Thanks, pat




-- 
W.Dinesh Premalal
[EMAIL PROTECTED]
http://www.cse.mrt.ac.lk/~premalwd/

RE: soapAction and .NET interoperability

[John Hawkins]

Do we have a clear direction that we
should be heading to? What is the way we should be finding the operation
we're calling?

.NET and  Websphere for example
have different methods - which should we adopt (or some other third method?)







"Samisa Abeysinghe"
<[EMAIL PROTECTED]> 
12/05/2005 06:37



Please respond to
"Apache AXIS C User List"





To
"Apache AXIS C User
List" 


cc



Subject
RE: soapAction and .NET interoperability








Yes, Axis C++ server side is looking for a soap action
of the form:
ServiceName#MethodName

It uses the MethodName to locate the method to be invoked.
This is not a very good practice and is something that need be fixed.


Thanks,
Samisa...


-Original Message-
From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 8:39 PM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

Does Axis require the SOAPAction to be formatted with a '#' separating
the service and method?  All the Microsoft documentation I've Googled
about setting SOAPAction from their stuff shows it formatted like a URL
with a slash setting off the method.  Would Axis reject this?

By the way, I haven't actually tested with a .NET client.  I'm just
assuming they don't send SOAPAction, because the WSDL I was given to
implement was generated with .NET tools, and it had soapAction="".
 I
couldn't get my Axis-to-Axis code to work until I filled in at least
#method there (the service name doesn't seem to be necessary).

-Original Message-
From: Samisa Abeysinghe [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 12:03 AM
To: Apache AXIS C User List
Subject: RE: soapAction and .NET interoperability

> Does anybody know of a workaround for this?  Either a way to
define my
> service to not require soapAction or a way to 
> get a .NET client to provide the method name in the soapAction header?

There is no way in Axis C++ to define the service not to require the
SOAPAction as of now. (But we wish to implement such kind of a mechanism
- there is a Jira issue raised on this)

Hence I think you have to figure out how to set the SOAPAction with .net
client. I am not sure how to do this exactly but
http://msdn.microsoft.com/library/default.asp?url="">
tml/frlrfSystemRuntimeRemotingMetadataSoapMethodAttributeClassSoapAction
Topic.asp may lead to a clue.

Thanks,
Samisa...

-Original Message-
From: Yampolsky, Robert [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 11, 2005 2:39 AM
To: Apache AXIS C User List
Subject: soapAction and .NET interoperability

I've seen posted here that Axis services don't work with soapAction set
to "".  I can verify that that's the case.  With no
soapAction, I get a
"Soap method is not allowed to invoke" exception, but when I
put it in,
I'm able to access the service.  As a matter of fact, it seems to
only
require the method (i.e.  soapAction="#METHOD" works just
as well as
soapAction="SERVICE#METHOD").

My problem is that I need to interoperate with .NET clients, and they
don't seem to set soapAction (at least by default).

Does anybody know of a workaround for this?  Either a way to define
my
service to not require soapAction or a way to 
get a .NET client to provide the method name in the soapAction header?

Thanks,
Rob

Re: WS-Security

[Din%$h]

Hi,
  
  Both Sameera and my self had worked on
this (WSS4C). We needed to get body of Soap Message through a handler.(
from Serilizer). But Unfortunately It was not implemented at that
time.( It was commented /* To do */). There were some threads
discussing about those methods. 
 
We were unable to get access to the Body of the Soap message through a handler.So we 
stopped at that point. ( Until those methods are implemented )

http://wiki.apache.org/ws/WSS4C

I don't know whether some one is working on this Project now.

thanx,
DineshOn 5/12/05, Samisa Abeysinghe <[EMAIL PROTECTED]> wrote:
There were some efforts and there were some improvements proposed to thecurrent engine to help implement WS-Security ,like opening up the SOAPbody in handlers. But we did not hear from anyone on this lately.
Is there anyone working on WS-Sec at the moment?Thanks,Samisa...-Original Message-From: Patrick Heffernan [mailto:[EMAIL PROTECTED]
]Sent: Thursday, May 12, 2005 12:14 PMTo: axis-c-user@ws.apache.orgSubject: WS-SecurityI apologize if I've missed this in some publication.  What is the plan
for Axis C++ support WS-Security?  I've got a project that requires theWSE Username/Password token and I'm trying to determine what options areavailable to me.Thanks, pat
-- W.Dinesh Premalal[EMAIL PROTECTED]http://www.cse.mrt.ac.lk/~premalwd/