Re: Need information on MTOMChunkBufferSize and MTOMMaxChunkBuffers parameters
Manjula Peiris wrote: Hi Navin, Axis2/C reads the whole attachment at once. When there is a content-length this is not a problem. But when the incoming stream is chunked we need to read till end of the chunks. So, MTOMChunkBufferSize means the size (In MB) of the buffers we keep on reading. MTOMMaxChunkBuffers means the number of such buffers the system can handle. say your , MTOMMaxChunkBuffers 1000 MTOMMaxChunkBuffers 1 Then you can handle Maximum size of 1000*1 MB attachements. So By changing these parameters you can change the maximum size of attachments your system can handle given that you have enough memory. The default is 1*1000MB. The values in the commented line in axis2.xml are just an example. I will change them to default and add more comments there. Also I think it's better to update the Axis2/C manual. And add another entry to Axis2/C FAQ. Cheers, Kau Thanks for raising this. Thanks, -Manjula. On Wed, 2008-05-21 at 11:08 +0530, Navin Bhat wrote: Hello group, I am new to axis2/c. I am working on axis2-1.4. I have a service where is need to enable MTOM to send large attachments. I wanted to know how I can tune the MTOMChunkBufferSize and MTOMMaxChunkBuffers parameters to send the attachment efficiently. I am not getting information about what these parameters imply. Does MTOMChunkBufferSize mean size of buffer allocated ??? I see in axis2.xml that by default this parameter has value 10. Is it 10 bytes buffer size Does MTOMMaxChunkBuffers mean no.of buffers I see in axis2.xml that by default this parameter has value 1000. Is it 1000 buffers??? I am not finding information about these parameters in axis2/c manual. Need help….Thanks in advance.. Regards, Navin Bhat The information contained in this e-mail message and in any attachments/annexure/appendices is confidential to the recipient and may contain privileged information. If you are not the intended recipient, please notify the sender and delete the message along with any attachments/annexure/appendices. You should not disclose, copy or otherwise use the information contained in the message or any annexure. Any views expressed in this e-mail are those of the individual sender except where the sender specifically states them to be the views of Toshiba Embedded Software India Pvt. Ltd. (TESI),Bangalore. Although this transmission and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by Toshiba Embedded Software India Pvt. Ltd, for any loss or damage arising in any way from its use. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] Server did not recognize the value of HTTP Header SOAPAction
Fan, Jan-fon wrote: Hi Dimuthu, Thank you so much. I tried to use tcpdump to see what is the soap message when I send out my request, but I find out that I don't have the permission to run tcpdump. However, after I try to use axis2_options_set_soap_action function according to your suggestion, the server can recognize the action now. But I have another problem, from the server's return, the payload does not contain the required parameters. Is it a SOAP fault or an empty response? What's expected result and what is you are getting now? Cheers, Kau This is what I set up my payload: axiom_node_t *GetData_om_node = NULL; axiom_element_t *GetData_om_ele = NULL; axiom_node_t *text_om_node = NULL; axiom_element_t *text_om_ele = NULL; ns1 = axiom_namespace_create(env, http://test.intel.com;, nsl); GetData_om_ele = axiom_element_create(env, NULL, GetData, ns1, GetData_om_node); text_om_ele = axiom_element_create(env, GetData_om_node, LotNumber, NULL, text_om_node); axiom_element_set_text(text_om_ele, env, 149544, text_om_node); GetData_om_node is the payload that I use for axis2_svc_client_send_receive function. What part did I miss? Jan-fon -Original Message- From: Dimuthu Gamage [mailto:[EMAIL PROTECTED] Sent: Monday, May 12, 2008 9:56 AM To: Apache AXIS C User List Subject: Re: [Axis2] Server did not recognize the value of HTTP Header SOAPAction Did you set the soap action correctly, i mean using the axis2_options_set_soap_action function?, or can you capture the request message using a tool like tcpmon and check the soap action is correctly set or not? Thanks Dimuthu On Mon, May 12, 2008 at 10:11 PM, Fan, Jan-fon [EMAIL PROTECTED] wrote: Hi, I am trying to use Axis2C client API from Linux to consume a web services that is created by Microsoft .NET in Windows. But the return of axis2_svc_client_send_receive function indicates: soap:Fault xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; faultcodesoap:Client/faultcode faultstringSystem.Web.Services.Protocols.SoapException: Server did not recognize the value of HTTP Header SOAPAction: . at System.Web.Services.Protocols.Soap11ServerProtocolHelper.RouteRequest() at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Booleanamp; abortProcessing)/faultstring detail/ /soap:Fault It seems to me that there is something wrong in the SOAPAction, what might be the reason causing this problem. Thanks, Jan-fon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[Rampart/C] [ANN] Apache Rampart/C 1.1.0 Released
Hi All, Apache Rampart/C team is pleased to announce the release of Apache Rampart/C 1.2.0 You may download the release from http://ws.apache.org/rampart/c/download.cgi Key features of the release --- 1. Ability to send and verify UsernameTokens with - Username and PlainText password - Username and Digested password 2. Ability to send Timestamp tokens 3. SOAP message encryption - With derived key support for improved security - Symmetric and Asymmetric modes of operations - Support for AES and Tripple DES encryption - Signature encryption - Keys encryption 4. SOAP message signature - XML signature with RSA-SHA1 - Message authentication with HMAC-SHA1 - Signature confirmation support - SOAP Header signing 5. WS-Security Policy (spec 1.1) based configurations - Support for both Symmetric as well as Asymmetric policy bindings - Support for different modes of key identifiers - Support for different algorithm suites [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15] - Support for IssuedToken assertion in client side. - Support for SAMLToken assertion. 6. Replay detection support - Easy to use built-in replay detection module - Ability to deploy a customized replay detection module 7. Different protection orders - Encrypt before signing - Sign before encrypting 8. Extensible modules - Password callback module - Authentication module - Credentials module 9. Keys management - Support for X509 token profile - Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references 10. WS-Secure Conversation Language support (Experimental) - Establishing Security Context and thereby maintaining a session - Per message key derivation - Support for stored securtiy context token 11. WS-Trust Language support (Experimental) - Security Token Services (STS) - STS Client - Server and Client entrophy support 12. SAML Support - Support for Creation and Processing of SAML Core 1.1 Assertions - SAML Token as Sign Supporting Token 10. Other - Easy to use deployment scripts - A comprehensive set of samples Major Changes Since Last Release 1. WS-Secure Conversation Language support (Experimental) 2. WS-Trust Language support (Experimental) 3. SAML 1.1 Support 4. Memory leak fixes 5. Many bug fixes Apache Rampart/C 1.2.0 works with the Apache Axis2/C 1.4.0 http://ws.apache.org/axis2/c/download.cgi Issues can be reported here. http://issues.apache.org/jira/browse/RAMPARTC We welcome your early feedback. Thank you for your interest in Rampart/C. --Apache Rampart/C Team-- http://ws.apache.org/rampart/c/ -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Rampart/C] [ANN] Apache Rampart/C 1.2.0 Released
This time with the correct subject ;-) -Kau Kaushalye Kapuruge wrote: Hi All, Apache Rampart/C team is pleased to announce the release of Apache Rampart/C 1.2.0 You may download the release from http://ws.apache.org/rampart/c/download.cgi Key features of the release --- 1. Ability to send and verify UsernameTokens with - Username and PlainText password - Username and Digested password 2. Ability to send Timestamp tokens 3. SOAP message encryption - With derived key support for improved security - Symmetric and Asymmetric modes of operations - Support for AES and Tripple DES encryption - Signature encryption - Keys encryption 4. SOAP message signature - XML signature with RSA-SHA1 - Message authentication with HMAC-SHA1 - Signature confirmation support - SOAP Header signing 5. WS-Security Policy (spec 1.1) based configurations - Support for both Symmetric as well as Asymmetric policy bindings - Support for different modes of key identifiers - Support for different algorithm suites [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15] - Support for IssuedToken assertion in client side. - Support for SAMLToken assertion. 6. Replay detection support - Easy to use built-in replay detection module - Ability to deploy a customized replay detection module 7. Different protection orders - Encrypt before signing - Sign before encrypting 8. Extensible modules - Password callback module - Authentication module - Credentials module 9. Keys management - Support for X509 token profile - Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references 10. WS-Secure Conversation Language support (Experimental) - Establishing Security Context and thereby maintaining a session - Per message key derivation - Support for stored securtiy context token 11. WS-Trust Language support (Experimental) - Security Token Services (STS) - STS Client - Server and Client entrophy support 12. SAML Support - Support for Creation and Processing of SAML Core 1.1 Assertions - SAML Token as Sign Supporting Token 10. Other - Easy to use deployment scripts - A comprehensive set of samples Major Changes Since Last Release 1. WS-Secure Conversation Language support (Experimental) 2. WS-Trust Language support (Experimental) 3. SAML 1.1 Support 4. Memory leak fixes 5. Many bug fixes Apache Rampart/C 1.2.0 works with the Apache Axis2/C 1.4.0 http://ws.apache.org/axis2/c/download.cgi Issues can be reported here. http://issues.apache.org/jira/browse/RAMPARTC We welcome your early feedback. Thank you for your interest in Rampart/C. --Apache Rampart/C Team-- http://ws.apache.org/rampart/c/ -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] Server did not recognize the value of HTTP Header SOAPAction
Hmm... seems your code and payload tally (Except for the GetMMDData element name, which I believe is a typo). If the service indicates the payload is exactly as in yours then seriously there is a problem in the service side. Any chance of contacting them to get the exact reason? BTW, have you tried different numbers? For example by changing number of digits in it. Cheers, Kau Fan, Jan-fon wrote: Hi Kau, I print out the return of the axis2_svc_client_send_receive and this is what I get: Received OM : GetDataResponse xmlns=http://test.intel.com/;GetDataResultReturnError xmlns=LotNumber/LotNumberMessageInvalid Lot Number/Message/ReturnError/GetDataResult/GetDataResponse The server indicates that the LotNumber is empty. But if I serialize the payload of my request, the payload is: Sending OM : nsl:GetData xmlns:nsl=http://test.intel.com;LotNumber149544/LotNumber/nsl:Get MMDData It shows me the LotNumber is not empty. I can not figure out what's wrong. Thanks, Jan-fon -Original Message- From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] Sent: Monday, May 12, 2008 3:15 PM To: Apache AXIS C User List Subject: Re: [Axis2] Server did not recognize the value of HTTP Header SOAPAction Fan, Jan-fon wrote: Hi Dimuthu, Thank you so much. I tried to use tcpdump to see what is the soap message when I send out my request, but I find out that I don't have the permission to run tcpdump. However, after I try to use axis2_options_set_soap_action function according to your suggestion, the server can recognize the action now. But I have another problem, from the server's return, the payload does not contain the required parameters. Is it a SOAP fault or an empty response? What's expected result and what is you are getting now? Cheers, Kau This is what I set up my payload: axiom_node_t *GetData_om_node = NULL; axiom_element_t *GetData_om_ele = NULL; axiom_node_t *text_om_node = NULL; axiom_element_t *text_om_ele = NULL; ns1 = axiom_namespace_create(env, http://test.intel.com;, nsl); GetData_om_ele = axiom_element_create(env, NULL, GetData, ns1, GetData_om_node); text_om_ele = axiom_element_create(env, GetData_om_node, LotNumber, NULL, text_om_node); axiom_element_set_text(text_om_ele, env, 149544, text_om_node); GetData_om_node is the payload that I use for axis2_svc_client_send_receive function. What part did I miss? Jan-fon -Original Message- From: Dimuthu Gamage [mailto:[EMAIL PROTECTED] Sent: Monday, May 12, 2008 9:56 AM To: Apache AXIS C User List Subject: Re: [Axis2] Server did not recognize the value of HTTP Header SOAPAction Did you set the soap action correctly, i mean using the axis2_options_set_soap_action function?, or can you capture the request message using a tool like tcpmon and check the soap action is correctly set or not? Thanks Dimuthu On Mon, May 12, 2008 at 10:11 PM, Fan, Jan-fon [EMAIL PROTECTED] wrote: Hi, I am trying to use Axis2C client API from Linux to consume a web services that is created by Microsoft .NET in Windows. But the return of axis2_svc_client_send_receive function indicates: soap:Fault xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; faultcodesoap:Client/faultcode faultstringSystem.Web.Services.Protocols.SoapException: Server did not recognize the value of HTTP Header SOAPAction: . at System.Web.Services.Protocols.Soap11ServerProtocolHelper.RouteRequest() at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Booleanamp; abortProcessing)/faultstring detail/ /soap:Fault It seems to me that there is something wrong in the SOAPAction, what might be the reason causing this problem. Thanks, Jan-fon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Failed in creating DLL / axis2_http_server (linux)
Have you set your LD_LIBRARY_PATH to AXIS2C_HOME/lib? Cheers, Kaushalye Paulo Vicentini wrote: Hi, I am facing problems in order to call my service, I got Failed in creating DLL. The service is deployed with success in the axis2_http_server (linux) but when I call it i get the message above. Since the service itself is linked against other shared libraries (.so), is there anything else I should set up (services.xml) ? Should I dynamically load the other libraries (*dlopen*) or the dynamic linker will do that ? thanks Paulo -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: doubt about ws specifications support
Enric Jaen wrote: Hi Kaushalye, thanks a lot for the info. I am doing just a review of supported ws-*. I forgot to ask about SwA and WS-Addressing Metadata. Are they supported? Nop. -Kaushalye Best regards, /Enric - Mensaje original De: Kaushalye Kapuruge [EMAIL PROTECTED] Para: Apache AXIS C User List axis-c-user@ws.apache.org Enviado: martes, 15 de abril, 2008 3:55:36 Asunto: Re: doubt about ws specifications support Hi Enric, Though Apache Axis2/C supports WS-Policy, right now only the WS-Security implementation (i.e. Apache Rampart/C[1]) is behaving[2] according to the WS-Policy( WS-Security Policy assertions to be more specific). If you can be more specific on your requirements, there might be a way to use existing framework to support them. Also still we do not have the WS-Policy Attachment support. Neither it supports WS-Context nor WS-Coordination. Cheers, Kaushalye [1]http://ws.apache.org/rampart/c/ [2]See sample security policy files available here http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/samples/secpolicy/ Enric Jaen wrote: Does axis2/c support WS-RM Policy and WS-policy Attachment? If so which version? I haven't found it in the documentation. And just to confirm, it doesn't support neither WS-context nor ws-coordination, does it? /Enric __ Tu correo también desde el móvil. Descárgate gratis Yahoo! Go. http://es.mobile.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: doubt about ws specifications support
Hi Enric, Though Apache Axis2/C supports WS-Policy, right now only the WS-Security implementation (i.e. Apache Rampart/C[1]) is behaving[2] according to the WS-Policy( WS-Security Policy assertions to be more specific). If you can be more specific on your requirements, there might be a way to use existing framework to support them. Also still we do not have the WS-Policy Attachment support. Neither it supports WS-Context nor WS-Coordination. Cheers, Kaushalye [1]http://ws.apache.org/rampart/c/ [2]See sample security policy files available here http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/samples/secpolicy/ Enric Jaen wrote: Does axis2/c support WS-RM Policy and WS-policy Attachment? If so which version? I haven't found it in the documentation. And just to confirm, it doesn't support neither WS-context nor ws-coordination, does it? /Enric __ Tu correo también desde el móvil. Descárgate gratis Yahoo! Go. http://es.mobile.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: axis2_http_server fails on solaris9
Hi, Instead of removing the service directory, can you move sub directories(services lice echo and math) to another place one by one and try to start the server? The idea is to check which service has the fault. Cheers, Kaushalye Manfred Bohlmann wrote: Hi Dinesh, hi Supun again, I cannot discover any errors with the .so files in services/*. If I remove the services directory, the log file reports [error] dir_handler.c(220) No files in the path ..//services. and the final message is [error] http_server_main.c(217) Server creation failed: Error code: 34 :: Repository listener initialization failed again. Manfred -Ursprüngliche Nachricht- Von: Apache AXIS C User List axis-c-user@ws.apache.org Gesendet: 08.04.08 15:36:03 An: Apache AXIS C User List axis-c-user@ws.apache.org Betreff: Re: axis2_http_server fails on solaris9 Hi, Also dep_engine fails if the service folder is not present. Also, it fails if the service so files are corrupted and cannot be loaded. In this case you can , remove all services in services directory and check whether server starts ? thanks, Dinesh -- http://nethu.org/ __ GRATIS: Movie-FLAT. Jetzt freischalten! http://freemail.web.de/club/maxdome.htm/?mc=025557 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: axis2_http_server fails on solaris9
OK. I checked the code and found that even a failure in a module can also result in such an error. So can you do the same for the modules directory too? Note that you need to remove the relavent entry engage ... in the axis2.xml file as well. Am not sure the debug message directly relates to the problem we have here. But can you attach your axis2.xml file to have a look? Meantime appreciate if someone can enlighten Manfred, if this is a Solaris issue... -Kau Manfred Bohlmann wrote: Hi Kaushalye, if the services directory contains one or more or all of the subdirectories: the result is the same. The log file reports [error] dep_engine.c(768) dep_engine repos listener creation failed, folder name is ../ [error] conf_init.c(67) dep engine load failed. conf value is NULL [error] http_server_main.c(217) Server creation failed: Error code: 34 :: Repository listener initialization failed Before these messages there is another one, that might perhaps be interesting (not related to presence or absence of services subfolders): [debug] conf_builder.c(233) no custom dispatching order found continue with default dispatching order Manfred -Ursprüngliche Nachricht- Von: Apache AXIS C User List axis-c-user@ws.apache.org Gesendet: 08.04.08 17:47:05 An: Apache AXIS C User List axis-c-user@ws.apache.org Betreff: Re: axis2_http_server fails on solaris9 Hi, Instead of removing the service directory, can you move sub directories(services lice echo and math) to another place one by one and try to start the server? The idea is to check which service has the fault. Cheers, Kaushalye Manfred Bohlmann wrote: Hi Dinesh, hi Supun again, I cannot discover any errors with the .so files in services/*. If I remove the services directory, the log file reports [error] dir_handler.c(220) No files in the path ..//services. and the final message is [error] http_server_main.c(217) Server creation failed: Error code: 34 :: Repository listener initialization failed again. Manfred -Ursprüngliche Nachricht- Von: Apache AXIS C User List axis-c-user@ws.apache.org Gesendet: 08.04.08 15:36:03 An: Apache AXIS C User List axis-c-user@ws.apache.org Betreff: Re: axis2_http_server fails on solaris9 Hi, Also dep_engine fails if the service folder is not present. Also, it fails if the service so files are corrupted and cannot be loaded. In this case you can , remove all services in services directory and check whether server starts ? thanks, Dinesh -- http://nethu.org/ ... -- http://blog.kaushalye.org/ http://wso2.org/ _ Mit der Gruppen-SMS von WEB.DE FreeMail können Sie eine SMS an alle Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Regarding Axis2C architecture
Hi Baxi, The most common methods that worth looking at are axis2_msg_ctx_get/set_property_value() axis2_msg_ctx_get_soap_envelope() You can pass information between phases using the message context and get/set using the former. If you need to add certain headers to the SOAP message the latter will be useful. Have a look at Apache Rampart/C handlers[1] how this is done. Should you need more information other than above, please drop an email to the list, with specific requirement and I'm sure you'll get the help you need. Cheers, kaushalye [1]http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/src/handlers/ Baxi, Rinilkumar (TCS) wrote: Hi Kau, Thanks, the links are really useful. We plan to develop some custom handlers / modules to meet our requirement within the legacy system. Do we have any document or link which provides a detailed description of each phase (for example, pre-dispatch, postdispatch, and so on). Apart this it would be helpful if we get details about the format in which information is passed between phases. This information will be really helpful in deciding design for the handlers / modules we plan to develop. Thanking you in advance. Regards, Rinil Baxi -Original Message- From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] Sent: Monday, March 17, 2008 5:34 PM To: Apache AXIS C User List Subject: Re: Regarding Axis2C architecture Hi, This might be useful... http://wso2.org/library/777 And this too... http://wso2.org/library/2406 Cheers, Kau Baxi, Rinilkumar (TCS) wrote: Hi All, Currently I am working on the Axis2c 1.2 to make it communicate with a legacy system. I have gone through the architecture given in the manual on the website. But from that I am not able to get the exact idea of the flow of the request. Kindly let me know the architecture of the Axis2 C and how the request flows from the client to the server and the response coming beck from the server to the client. Thanks in advance. Regards, Rinil Baxi -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Regarding Axis2C architecture
Hi, This might be useful... http://wso2.org/library/777 And this too... http://wso2.org/library/2406 Cheers, Kau Baxi, Rinilkumar (TCS) wrote: Hi All, Currently I am working on the Axis2c 1.2 to make it communicate with a legacy system. I have gone through the architecture given in the manual on the website. But from that I am not able to get the exact idea of the flow of the request. Kindly let me know the architecture of the Axis2 C and how the request flows from the client to the server and the response coming beck from the server to the client. Thanks in advance. Regards, Rinil Baxi -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: version incompatibilities
Samisa Abeysinghe wrote: Oops! That is a glitch :( We should add this to our check list in the release process Wiki. Devs, should we do a patch release fixing this? I think we should. +1 -Kau Thanks, Samisa... Michael Sutter wrote: Hello list, I have found two incompatibilities in version 1.2. First one is in axutil_version.h. There the AXIS2_MINOR_VERSION is defined as 1 and should be 2. The second one is in axis2.pc config file. If I use pkg-config to find the correct libraries I think the provided output is not correct: pkg-config --libs axis2c produces -L/home/auger/axis2c-1.2.0/lib -laxis2 -lxml2 -lz -ldl But there exists no axis2 library. So it produces a error when used for compiling. The -laxis2 is defined in axis2.pc.in. It would be nice if both could be fixed. Kind regards Michael - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [AXIS2C] how to set logging to stderr?
Stadelmann Josef wrote: I am a newbee regarding the correct use of loggin, My question is: what do I have to do to get logging redirected to sdterr or stdout instead to a log file such as axis2.log? This as I am not a unix expert and somehow on war.path with streams in general :-) Try to start the simple axis server as follows (if that's your requirement)... ./axis2_http_server -f /dev/stderr -Kau Is tere a way to profile this with Axis2C as with the log4j system? Josef.Stadelmann@ axa-winterthur.ch -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[Rampart/C] [ANN] Apache Rampart/C 1.1.0 Released
Hi All, Apache Rampart/C team is pleased to announce the release of Apache Rampart/C 1.1 You may download the release from http://ws.apache.org/rampart/c/download.cgi Key features of the release --- 1. Ability to send and verify UsernameTokens with - Username and PlainText password - Username and Digested password 2. Ability to send Timestamp tokens 3. SOAP message encryption - With derived key support for improved security - Symmetric and Asymmetric modes of operations - Support for AES and Tripple DES encryption - Signature encryption - Keys encryption 4. SOAP message signature - XML signature with RSA-SHA1 - Message authentication with HMAC-SHA1 - Signature confirmation support - SOAP Header signing 5. WS-Security Policy (spec 1.1) based configurations - Support for both Symmetric as well as Asymmetric policy bindings - Support for different modes of key identifiers - Support for different algorithm suites [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15, Basic192Rsa15,Basic256Rsa15, TripleDesRsa15] 6. Replay detection support - Easy to use built-in replay detection module - Ability to deploy a customized replay detection module 7. Different protection orders - Encrypt before signing - Sign before encrypting 8. Extensible modules - Password callback module - Authentication module - Credentials module 9. Keys management - Support for X509 token profile - Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded and Direct references 10. Other - Easy to use deployment scripts - A comprehensive set of samples Major Changes Since Last Release 1. MAC support with HMAC-SHA1 2. Derrived key encryption 3. Derived key signing 4. Symmetric policy bindings 5. New security header processor based on SOAP header layout 6. Security policy validator 7. Extensible Replay detection module 8. Signature confirmation support 9. Support for X509 thumb prints 10. Easy to use deployment scripts 11. Memory leak fixes 12. Many bug fixes Issues can be reported here. http://issues.apache.org/jira/browse/RAMPARTC We welcome your early feedback. Thank you for your interest in Rampart/C. --Apache Rampart/C Team-- http://ws.apache.org/rampart/c/ -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: xml
Atanacio Reyes wrote: hi: how to add the proccessing instruction xml version ?xml version='1.0' encoding='utf-8 ? before soap envelope in a server response message. AFAIK the SOAP specification 1.2 discourage this.[1] {Section 5. SOAP Message Construct} If anybody know a way to add processing instructions please shout. -Kau [1]http://www.w3.org/TR/soap12-part1/#soapenv Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart question
Uthaiyashankar wrote: Hi Subra, Please see the comments.. Hello folks, 1. How is role based authorization handled in Rampart? The Username and password (basic or digest) just provide a way to authenticate the user, but not authorize. Rampart just authenticates the user. As far as I know, it is not doing any role based authorization. Somebody please correct me if I am wrong. Yes. The username token profile[1] provides a direct way to authenticate a user based on a username password pair. But in order to use it for authorization purposes, the service provider has to have own mechanisms. Basically the question to answer is Is the user X has privileges to access resource Y or perform operation Z? Rampart stores the username in the message context with other security processed results. Within the service it is possible to access these as an array of properties. 2. Is there anyway in Rampart/Axis2C to pass down the username from the UsernameToken to the webservice code (after the username and password have been authenticated) so that the webservice can then use the username to determine if a user is authorized to access a particular resource or not. The code axis2_char_t* uname = NULL; uname = (axis2_char_t*)rampart_get_security_processed_result(env, msg_ctx, RAMPART_SPR_UT_USERNAME); will give you the username. You can use it in your webservice code. To compile the code, you have to include rampart_sec_processed_result.h and rampart_constants.h. Yes. This is how you do it. Cheers, Kau [1] http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf Thanks for the help! Subra Regards, Shankar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: AXIS2/C and scope=soapsession
Samisa Abeysinghe wrote: Stadelmann Josef wrote: Hi Subra, The problem you see tells me that it is more wors with Axis2/C in regard to sessions as I expected. When looking at what I said below, regarding the defines made in axis_config.h one can get the impression that sessions are somewhat handled, but when I read your e-mail the I get a different feeling and the idea that some work is pending on Axis2/C SOAP session is not tested, even though the code may be there. All that is supported is demonstrated in the sg_math sample. Meanwhil I am switching over from Axis2/C the simple_httop_server to Axis2 Java and call from a service object per session, an real instance of the class, one per soap session, via a WSIT toolkit through JVM my legacy services written in C, and there, in this legacy C code, I use my axiom and axutil libs ported to OpenVMS, from my wrapper of the legacy service. That way I can at least say: I have scope=soapsession supported by Axis2 Java and get to a OpenVMS process after all, one for each client calling in, through my webservice in Java. my issue is: one session to one OpenVMS process for authentication purpose. If it is about authentication, why not use WS-Security UsernameToken? You can use this with the Rampart/C module and is the right way to do auth in Web services. If this is a requirement... You may find the information on how to add Username Tokens to SOAP messages here[1]. A complete sample can be found here[2]. Cheers, Kau [1]http://wso2.org/library/2702#ut [2]http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/samples/secpolicy/scenario2 Samisa... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: new line \n is interpreted as AXIOM_TEXT
Hi Atanacio, It is necessary to consider \n as an AXIOM TEXT node. For example, in order to canonicalize an XML node, the new line is required to be considered in that way. Do you have a strong reason to claim this behavior is wrong? Cheers, Kaushalye Atanacio Reyes wrote: Hello: If a message like bellow is send to axis2 server, all '\n' (new line) are interpreted as AXIOM_TEXT node. I think this is wrong. param150/param1 param220/param2 /ns1:add example: param150/param1 is AXIOM_ELEMENT AXIOM_TEXT AXIOM_TEXT param120/param1 is AXIOM_ELEMENT AXIOM_TEXT AXIOM_TEXT Get easy, one-click access to your favorites. Make Yahoo! your homepage. http://www.yahoo.com/r/hs - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] SSL and certificate support
Dumindu Pallewela wrote: Subra A Narayanan wrote: But when I was reading rampart documentation, it talks about soap body encryption using SSL certs. How is that different from using apache for SSL? To add to my previous reply, *SSL certificate* seems a misnomer when talking about Rampart, and SOAP body encryption. Shouldn't it rather be *x509 certificate*? Any thoughts? Which documentation are we talking about? Installation/Configuration guides[1][2] ? It should be X509 certificates. -Kau [1] http://ws.apache.org/rampart/c/docs/installationguide.html [2] http://ws.apache.org/rampart/c/docs/configurations.html -Dumindu. -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: issue 731 - please have a look
Hi Subra and others, I've committed the new code to calculate the base64_decode_len. Please find the JIRA here[1] The code works fine. And Manjula has done successful interop tests using the new code. You can use following to calculate the decoded length of a char buff. Let us know if you are still experiencing the problem. int axutil_base64_decode_len( const char *bufcoded) Cheers, Kaushalye [1]https://issues.apache.org/jira/browse/AXIS2C-731 Subra A Narayanan wrote: Hello, So what is the proposed solution to this problem? Is the code going to be changed so that apr_base64_decode_len() always returns the correct length or should developers use [axutil/apr]_base64_decode() to get the exact length? I use the apr_base64_decode_len() function to allocate memory for attachment recvd via the webservice and that introduces garbage characters in the end as the len function always returns a value greates than the actual length. Subra On 10/23/07, *Dumindu Pallewela* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Kaushalye Kapuruge wrote: Samisa Abeysinghe wrote: Mark Nüßler wrote: hello users, on 26.09.2007 Royston Day found an issue, i just correct my svn-code localy. Can someone have a look - 4 me Royston is right. https://issues.apache.org/jira/browse/AXIS2C-731 https://issues.apache.org/jira/browse/AXIS2C-731 I think Rampart folks uses base64 encoding. Can someone using rampart please verify that the proposed code it correct. I tried with the new code and it worked fine for all the scenarios in Rampart/C. But I'm concerned about the interoperability. So it's too early to say that new implementation is correct unless it is inter-operable with other implementations. I'll update on that later. axutil_base64_decode_len() is the same implementation as that of the apr_base64_decode_len() found in libapr. AFAIK, this does not returns the exact decoded length of the encoded string, but returns at least as many number of bytes that is necessary. Exact length is anyway returned by the [axutil/apr]_base64_decode(). Thus, if the length returned from the proposed code is correct, there should be no problems with interoperability. -Dumindu. -- Dumindu Pallewela http://blog.dumindu.com GPG ID: 0x9E131672 WSO2 | http://wso2.com | Oxygenating the Web Service Platform -- http://blog.kaushalye.org/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: issue 731 - please have a look
Samisa Abeysinghe wrote: Mark Nüßler wrote: hello users, on 26.09.2007 Royston Day found an issue, i just correct my svn-code localy. Can someone have a look - 4 me Royston is right. https://issues.apache.org/jira/browse/AXIS2C-731 I think Rampart folks uses base64 encoding. Can someone using rampart please verify that the proposed code it correct. I tried with the new code and it worked fine for all the scenarios in Rampart/C. But I'm concerned about the interoperability. So it's too early to say that new implementation is correct unless it is inter-operable with other implementations. I'll update on that later. -Kau Thanks, Samisa... mfg derMark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem with invoking a https based service
Hi, You don't need to engage Ramprat to provide transport level security. This is why you get above error. Please remove the line module ref=rampart/ from the axis2.xml. If you are not planning for a message level protection, you don't need to have security polices in the services.xml or in the client_policy.xml. -Kaushalye divakar wrote: Hi, I commented user name from client_policy.xml . I is giving user name token notspcified error in log. I have one doubt why it is accessing service.xml from /usr/local/axis2c/services/sec_echo/service.xml. should it need for client. Thanks Divakar Dumindu Pallewela wrote: Hi Divakar, You don't have to set a userName parameter for https transport to work. If you have encrypted the server key using a password it should be given in the SSL_PASSPHRASE parameter. In addition, AFAIK, userName and password parameters are not at all used in axis2/c. HTH -Dumindu. divakar wrote: Hi All, I am facing some problems with invoking a https based .Net webservice using the axis2c client. I am getting Error code 2. It is giving error cannot find the password for user pbsgridworks\\administrator. How can i set the password to this. I am sending axis.xml ,my .c file and client_policy.xml file. Please check and give reply. Thanks Divakar - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[Rampart/C] [ANN] Apache Rampart/C 1.0.0 Released
Hi All, Apache Rampart/C team is pleased to announce the release of Apache Rampart/C 1.0. You may download the release from http://ws.apache.org/rampart/c/download.cgi Key features of the release 1. Ability to send and verify UsernameTokens with - PlainText password - Digested password 2. Ability to send Timestamp tokens 3. SOAP message encryption 4. SOAP message signature 5. WS Security Policy based configurations Major changes since last release 1. Memory leak fixes 2. Many bug fixes 3. SOAP message encryption - Signature Encryption 4. SOAP message signature - Signing specific headers 5 Different protection orders - Sign before encryption - Encryption before signing 6. Replay detection support 7. Improvements to the context model 8. Authentication module implementation 9. Credentials module implementation 10. Improvements to Key/Certificate loading mechanisms 11. Easy to use deployment scripts 12. WS-Security Policy (Spec 1.1) based configurations Issues can be reported here. http://issues.apache.org/jira/browse/RAMPARTC We welcome your early feedback. Thank you for your interest in Rampart/C. --Apache Rampart/C Team-- http://ws.apache.org/rampart/c/ -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: how to set the username password dynamically using Rampart
Hi Murali, Rampart/C[1] is the security module of Axis2/C. And it is based on the security policy assertions. So in order to enable username tokens, you need to engage Rampart/C with axis2/C. Please look at the scenario2, which shows how to enable user name tokens. And I hope following description would be a help. To add a usernametoken you need to include it under the sp:SignedSupportingTokens assertion. This is how you do it in the policy file. sp:SignedSupportingTokens xmlns:sp=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; wsp:Policy sp:UsernameToken sp:IncludeToken=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always/ /wsp:Policy /sp:SignedSupportingTokens In addition you need to tell, which username should be included in the Usernametoken. This can be done using following assertion under RampartConfigs rampc:UserAlice/rampc:User Like for the user name we do not specify the password in the configuration file. instead we use a password callback mechanism, where we get a password for the above mentioned user name. The user has to specify a DLL or a module to load the password from. For this, following assertion is used. rampc:PasswordCallbackClass/home/Alice/my_modules/pwcb.so/rampc:PasswordCallbackClass So what Rampart/C does is, first it loads the module dynamically and then call the function to get the password, which has to be implemented by the user. This gives user flexibility to call databases, flat files or any other storage mechanism to extract the password. The username token profile allows two ways to send a password. Either you can send the password in the pain text form or you can send as a digest of the password. This can be specified using following assertion. rampc:PasswordTypeDigest/PlainText/rampc:PasswordType Note that we are about to release version 1.0. And the artifacts are here. You may use these releases for now. We will announce once the version 1.0 is released. Cheers, Kaushalye [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/ Murali Konnipati wrote: Hi All, I am very new to Axis2c. I am trying to develop a client for my .Net Web service. For this .Net web service, i need to send the username password in the UsernameToken element of the SOAP header. So, i am planning to use the Rampart API to set the username password in my code. Can anybody please tell me, how to set the username password in the client through programmatically.. Thanks Regards, Murali Krishna K -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: rampart/c compilation error on Solaris
Hi Sharada, What openssl version you are using? You can view it by using this command. %openssl version Cheers, Kaushalye [EMAIL PROTECTED] wrote: Hi, While trying to compile rampart/c version 0.90 on Solaris, I get the following error on the 'make' command. Has anyone encountered the same issue? If so, how do we fix it? cc -DHAVE_CONFIG_H -I. -I. -I../../.. -I../../../include -I ../../../../util/include -I ../../../../include -I ../../../../axiom/include -I /usr/local/ssl/include -I/opt/crm/snaccess/axis2c/bin/include/axis2-1.1 -g -D_LARGEFILE64_SOURCE -c rsa.c -KPIC -DPIC -o .libs/rsa.o rsa.c, line 69: undefined symbol: __FUNCTION__ rsa.c, line 70: warning: improper pointer/integer combination: arg #4 rsa.c, line 108: undefined symbol: __FUNCTION__ rsa.c, line 109: warning: improper pointer/integer combination: arg #4 rsa.c, line 150: undefined symbol: __FUNCTION__ rsa.c, line 151: warning: improper pointer/integer combination: arg #4 rsa.c, line 192: undefined symbol: __FUNCTION__ rsa.c, line 193: warning: improper pointer/integer combination: arg #4 cc: acomp failed for rsa.c *** Error code 1 make: Fatal error: Command failed for target `rsa.lo' Thanks Sharada The contents of this email are the property of the sender. If it was not addressed to you, you have no legal right to read it. If you think you received it in error, please notify the sender. Do not forward or copy without permission of the sender. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Issues with the log directory
Hi Raghav, You may use the -f option when you start the server. Usage : ./axis2_http_server [-p PORT] [-t TIMEOUT] [-r REPO_PATH] [-l LOG_LEVEL] [-f LOG_FILE] Options : -p PORT port number to use, default port is 9090 -r REPO_PATH repository path, default is ../ -t TIMEOUT socket read timeout, default is 30 seconds -l LOG_LEVEL log level, available log levels: 0 - critical1 - errors 2 - warnings 3 - information 4 - debug 5- trace Default log level is 4(debug). -f LOG_FILE log file, default is $AXIS2C_HOME/logs/axis2.log or axis2.log in current folder if AXIS2C_HOME not set Cheer, Kaushalye Raghavendra SM wrote: Hi All, Axis2C, by default writes the axis2.log file to /logs/ directory. But we need to write the axis2.log to a new directory say, /axis2_log/. I tried changing the Makefile and Makefile.in as below, logsdir=$(prefix)/logs # old logsdir=$(prefix)/axis_logs #mine With the above changes, the log isn’t getting written to the new path. Are the changes done above are valid and relevent? Is there any other configuration that needs to be tuned? Or is it needs to taken care at the code level of axutil? Please reply. P.S: even Makefile.am has logsdir=$(prefix)/logs, which I haven’t changed. Does it matter? Regards, ~raghav -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Issues with the log directory
Hmm.. have you tried axutil_env_create_all() function ? There you can specify the log file name. -Kaushalye Raghavendra SM wrote: Kaushalye, We are not starting the axis2_http_server as below. Its done programmatically and not through command line, we are invoking axis_init related functions ourselves. Regards, ~raghav -Original Message- From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] Sent: Monday, September 03, 2007 3:19 PM To: Apache AXIS C User List Subject: Re: Issues with the log directory Hi Raghav, You may use the -f option when you start the server. Usage : ./axis2_http_server [-p PORT] [-t TIMEOUT] [-r REPO_PATH] [-l LOG_LEVEL] [-f LOG_FILE] Options : -p PORT port number to use, default port is 9090 -r REPO_PATH repository path, default is ../ -t TIMEOUT socket read timeout, default is 30 seconds -l LOG_LEVEL log level, available log levels: 0 - critical1 - errors 2 - warnings 3 - information 4 - debug 5- trace Default log level is 4(debug). -f LOG_FILE log file, default is $AXIS2C_HOME/logs/axis2.log or axis2.log in current folder if AXIS2C_HOME not set Cheer, Kaushalye Raghavendra SM wrote: Hi All, Axis2C, by default writes the axis2.log file to /logs/ directory. But we need to write the axis2.log to a new directory say, /axis2_log/. I tried changing the Makefile and Makefile.in as below, logsdir=$(prefix)/logs # old logsdir=$(prefix)/axis_logs #mine With the above changes, the log isnt getting written to the new path. Are the changes done above are valid and relevent? Is there any other configuration that needs to be tuned? Or is it needs to taken care at the code level of axutil? Please reply. P.S: even Makefile.am has logsdir=$(prefix)/logs, which I havent changed. Does it matter? Regards, ~raghav -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Digest Verification problem
Hi Dairush, Seems what we guessed is correct. In Axis2/C it uses AXIOM as the XML infoset model. So when C14N algorithm pulls nodes using the AXIOM object model, it fails to give the nodes, when generated by the code-gen tool. There is a slight difference from writing your payload manually. When you use the code-gen tool, the payload is actually kept as a stream (that has introduced for some efficiency issues). So for the time being, unfortunately though, you cannot sign payloads which are generated using the tool. We will try to come-up with a workaround for this in Rampart/C level first. If not we might have to change the behavior of the code-gen tool. I will raise a JIRA issue on this. Thanks a lot for informing us about this. Cheers, Kaushalye Dariush Forouher wrote: Hi Kaushalye! Kaushalye Kapuruge wrote: Hi Dariush, Could you please send us the WSDL that you are using? Of course. Attached is a package containing the WSDL file as well as a runnable subset of the client implementation. One of the problematic operations is for example getPosixGroupByGid. If the C14N input is different to the actual payload, signature must be failed in the server side. Instead of using the code generation tool, have you tried building the same payload manually? No, but I have just tried it now. :) Using the sample code echo.c as a starting point it was quite easy - and suprisingly it works! (the modified echo.c is also in the package) That might help to identify the origin of the problem. Yes, indeed. The problem now obviously seems to be caused by the different ways the payload is constructed. But I don't know enough of Axis2 to understand why. Especially since both methods behave the same when Rampart is disabled; And the actual payload sent over the wire in the body (not counting the security stuff) also look the same in both cases. Cheers, Kaushalye ciao Dariush - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- http://kaushalye.blogspot.com/ http://wso2.org/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Digest Verification problem
Hi Dariush, Could you please send us the WSDL that you are using? If the C14N input is different to the actual payload, signature must be failed in the server side. Instead of using the code generation tool, have you tried building the same payload manually? That might help to identify the origin of the problem. Cheers, Kaushalye Dariush Forouher wrote: Hello, I am trying to create a Axis2/C + Rampart/C WS client together with a Axis2/Java +Rampart/Java service. I've managed to get most of the stuff to work, Signing and even Encryption works fine. But an odd problem is that Rampart Body signature validation seems to fail on certain operations. Calling operations which don't have any parameters on the client side seem to work fine (see attachment rampartc.working.soapmessage), whereas calls to operations which have at least one parameter fail when the service tries to validate the digest (see rampartc.not.working.soapmessage): This ist the output from the Axis2 webservice: SNIP WARNUNG: Verification failed for URI #SigID-0484f390-41fb-1dc1 03.08.2007 21:52:08 org.apache.xml.security.signature.Reference verify INFO: Verification successful for URI #SigID-0484f818-41fb-1dc1 org.apache.ws.security.WSSecurityException: The signature verification failed at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:341) at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:80) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:279) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:201) at [...] /SNIP Looking at the axis2 client log (see wsauth.log.bad), I found it suspicious that the soap body captured via wireshark doesn't match with the one logged: This is the output of the canonicalizer, according to the log: soapenv:Body xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=SigID-0484f390-41fb-1dc1ns1:getPosixUserByName xmlns:ns1=urn:WSAuth/ns1:getPosixUserByName /soapenv:Body Wheras this is the actual body send over the wire: soapenv:Body wsu:Id=SigID-0484f390-41fb-1dc1 xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd;ns1:getPosixUserByName xmlns:ns1=urn:WSAuthns1:usernameschumi/ns1:username/ns1:getPosixUserByName/soapenv:Body/soapenv:Envelope (Notice the missing ns1:username.../... element) I'm using Axis2c und RampartC from SVN. The snapshot was taken on 2007-07-29. The code has not been modified by me exept a one line change suggested in the Generating incorrect digests? thread on axis2c-dev (u - wsu). I generated the client code via WSDL2C tool from the Axis2 Package (some SVN snapshot from July). I changed some lines here and there to workaround some problems, but I didn't touch the serializer code. ciao Dariush POST /axis2/services/WSAuthService HTTP/1.0 User-Agent: Axis2/C SOAPAction: urn:WSAuth Content-Length: 2473 Content-Type: text/xml;charset=UTF-8 soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/;soapenv:Headerwsse:Security soapenv:mustUnderstand=1 xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;wsu:Timestamp wsu:Id=SigID-0484f818-41fb-1dc1 xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd;wsu:Created2007-08-03T19:52:08.269Z/wsu:Createdwsu:Expires2007-08-03T19:58:08.269Z/wsu:Expires/wsu:Timestampds:Signature Id=SigID-0485117c-41fb-1dc1 xmlns:ds=http://www.w3.org/2000/09/xmldsig#;ds:SignedInfods:CanonicalizationMethod Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:CanonicalizationMethodds:SignatureMethod Algorithm=http://www.w3.org/2000/09/xmldsig#rsa-sha1;/ds:SignatureMethodds:Reference URI=#SigID-0484f390-41fb-1dc1ds:Transformsds:Transform Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:Transform/ds:Transformsds:DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha1; /ds:DigestMethodds:DigestValueY/RfvBEMACnPbPDl8RCbOiVdPKo=/ds:DigestValue/ds:Referenceds:Reference URI=#SigID-0484f818-41fb-1dc1ds:Transformsds:Transform Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:Transform/ds:Transformsds:DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha1;/ds:DigestMethodds:DigestValuebRiadT/dswEBTVb72JDhpjzBgiI=/ds:DigestValue/ds:Reference/ds:SignedInfods:SignatureValuepf8YpZOMnF4NX9G2ihhiAqCJcomxzTcnI8wTSeixbRLuTQB54ivbjoydqoEqsRskRvfqM5cGLgilybRRwuv3+IJIiUOtaVH31gvIwfVZIlrLzsMvy98i35gufEokLCfxovlrXAFWZadkQYey5NlgNebz/jJoMa9ozrl9w85IkCw=/ds:SignatureValueds:KeyInfowsse:SecurityTokenReference xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;wsse:KeyIdentifier
Re: Digest Verification problem
One more thing. To try out your code, we need the generated header files too. :) -Kaushalye Kaushalye Kapuruge wrote: Hi Dariush, Could you please send us the WSDL that you are using? If the C14N input is different to the actual payload, signature must be failed in the server side. Instead of using the code generation tool, have you tried building the same payload manually? That might help to identify the origin of the problem. Cheers, Kaushalye Dariush Forouher wrote: Hello, I am trying to create a Axis2/C + Rampart/C WS client together with a Axis2/Java +Rampart/Java service. I've managed to get most of the stuff to work, Signing and even Encryption works fine. But an odd problem is that Rampart Body signature validation seems to fail on certain operations. Calling operations which don't have any parameters on the client side seem to work fine (see attachment rampartc.working.soapmessage), whereas calls to operations which have at least one parameter fail when the service tries to validate the digest (see rampartc.not.working.soapmessage): This ist the output from the Axis2 webservice: SNIP WARNUNG: Verification failed for URI #SigID-0484f390-41fb-1dc1 03.08.2007 21:52:08 org.apache.xml.security.signature.Reference verify INFO: Verification successful for URI #SigID-0484f818-41fb-1dc1 org.apache.ws.security.WSSecurityException: The signature verification failed at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:341) at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:80) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:279) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:201) at [...] /SNIP Looking at the axis2 client log (see wsauth.log.bad), I found it suspicious that the soap body captured via wireshark doesn't match with the one logged: This is the output of the canonicalizer, according to the log: soapenv:Body xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=SigID-0484f390-41fb-1dc1ns1:getPosixUserByName xmlns:ns1=urn:WSAuth/ns1:getPosixUserByName /soapenv:Body Wheras this is the actual body send over the wire: soapenv:Body wsu:Id=SigID-0484f390-41fb-1dc1 xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd;ns1:getPosixUserByName xmlns:ns1=urn:WSAuthns1:usernameschumi/ns1:username/ns1:getPosixUserByName/soapenv:Body/soapenv:Envelope (Notice the missing ns1:username.../... element) I'm using Axis2c und RampartC from SVN. The snapshot was taken on 2007-07-29. The code has not been modified by me exept a one line change suggested in the Generating incorrect digests? thread on axis2c-dev (u - wsu). I generated the client code via WSDL2C tool from the Axis2 Package (some SVN snapshot from July). I changed some lines here and there to workaround some problems, but I didn't touch the serializer code. ciao Dariush POST /axis2/services/WSAuthService HTTP/1.0 User-Agent: Axis2/C SOAPAction: urn:WSAuth Content-Length: 2473 Content-Type: text/xml;charset=UTF-8 soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/;soapenv:Headerwsse:Security soapenv:mustUnderstand=1 xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;wsu:Timestamp wsu:Id=SigID-0484f818-41fb-1dc1 xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd;wsu:Created2007-08-03T19:52:08.269Z/wsu:Createdwsu:Expires2007-08-03T19:58:08.269Z/wsu:Expires/wsu:Timestampds:Signature Id=SigID-0485117c-41fb-1dc1 xmlns:ds=http://www.w3.org/2000/09/xmldsig#;ds:SignedInfods:CanonicalizationMethod Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:CanonicalizationMethodds:SignatureMethod Algorithm=http://www.w3.org/2000/09/xmldsig#rsa-sha1;/ds:SignatureMethodds:Reference URI=#SigID-0484f390-41fb-1dc1ds:Transformsds:Transform Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:Transform/ds:Transformsds:DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha1; /ds:DigestMethodds:DigestValueY/RfvBEMACnPbPDl8RCbOiVdPKo=/ds:DigestValue/ds:Referenceds:Reference URI=#SigID-0484f818-41fb-1dc1ds:Transformsds:Transform Algorithm=http://www.w3.org/2001/10/xml-exc-c14n#;/ds:Transform/ds:Transformsds:DigestMethod Algorithm=http://www.w3.org/2000/09/xmldsig#sha1;/ds:DigestMethodds:DigestValuebRiadT/dswEBTVb72JDhpjzBgiI=/ds:DigestValue/ds:Reference/ds:SignedInfods:SignatureValuepf8YpZOMnF4NX9G2ihhiAqCJcomxzTcnI8wTSeixbRLuTQB54ivbjoydqoEqsRskRvfqM5cGLgilybRRwuv3+IJIiUOtaVH31gvIwfVZIlrLzsMvy98i35gufEokLCfxovlrXAFWZadkQYey5NlgNebz/jJoMa9ozrl9w85IkCw
Re: rampart/c not working with stubs generated using wsdl2c
Hi Sharada, Could you pls send us the generated client code? Then we can see what's wrong with it. Reading the log it's clear that Rampart is not in the outgoing path for the generated client. So there is no way of adding security headers. Also we believe that you have specified AXIS2C_HOME correctly. Cheers, Kaushalye [EMAIL PROTECTED] wrote: Hi Manjula, Here is the axis2.xml I am using.(See attached file: axis2.xml) I am using the same axis2.xml file in both manual and through stub. After seeing your reply I thought may be my stub program is not invoking the correct axis2.xml and added the following line in my stub. axis2_svc_client_engage_module(svc_client, env,rampart); But now I see the error that rampart is already engaged. That means it is reading from both axis2.xml and my stub, right? [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_holder.c(129) Add handler RampartOutHandler to phase MessageOut [Mon Jul 23 07:24:49 2007] [info] [rampart][mod_rampart] mod_rampart initialized [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(117) Service name is : __ANONYMOUS_SERVICE__ [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_holder.c(129) Add handler RampartOutHandler to phase MessageOut [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_holder.c(129) Add handler RampartOutHandler to phase MessageOut [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_holder.c(129) Add handler RampartOutHandler to phase MessageOut [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(231) module name is:rampart [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(117) Service name is : __ANONYMOUS_SERVICE__ [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(1298) Module rampart already engaged. [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(1298) Module rampart already engaged. [Mon Jul 23 07:24:49 2007] [debug] ..\..\src\core\phaseresolver\phase_resolver.c(1502) Handler inclusion failed for MessageOut phase [Mon Jul 23 07:24:51 2007] [debug] ..\..\src\core\transport\http\sender\http_transport_sender.c(566) OP name axutil_qname_get_localpart = http://www.w3.org/2004/08/wsdl/out-in [Mon Jul 23 07:24:51 2007] [debug] ..\..\axiom\src\soap\soap_builder.c(737) Identified soap version is soap11 [Mon Jul 23 07:24:51 2007] [debug] ..\..\src\core\engine\engine.c(179) Axis2 engine send successful Thank you Sharada Manjula Peiris [EMAIL PROTECTED] To Apache AXIS C User List 07/23/2007 05:01 axis-c-user@ws.apache.org AM cc Subject Please respond to Re: rampart/c not working with Apache AXIS C stubs generated using wsdl2c User List [EMAIL PROTECTED] pache.org
Re: HTTP headers
Stefano Pettini wrote: Thank you Sahan, so AXIS2C-639 can be closed. Can I suggest to change name of internal constants AXIS_SOAP_11 and _12 in axis2_options.h and axis2_stub.h to less misleading names? +1. Seems we don't use 'em anywhere. Do we? And the axis2/C manual suggests that we have to use these constants, which is wrong... :( http://ws.apache.org/axis2/c/docs/axis2c_manual.html Cheers, Kaushalye Cheers, Stefano Sahan Gamage wrote: Hi Stefano, See my comments below .. On 7/11/07, Stefano Pettini [EMAIL PROTECTED] wrote: Hi Kaushalye, probably the issue I'm talking about is different than AXIS2C-124. I tested again the soap client and here are the results: With: No axis2_options_set_soap_version call or axis2_options_set_soap_version(axOptions, axEnv, AXIOM_SOAP_11) The correct constant to set soap version 1.1 is AXIOM_SOAP11. Please have a look at axiom_soap_const.h. I get: content-type: application/soap+xml;charset=UTF-8;action=helloAction; With: axis2_options_set_soap_version(axOptions, axEnv, AXIOM_SOAP_12) Again correct constant is AXIOM_SOAP12. Thanks -sahan I get: content-type: text/xml;charset=UTF-8 soapaction: helloAction No special option is written in axis2.xml. MTOM and REST default options have been commented out from axis2.xml. I raised this issue in JIRA (AXIS2C-639). BTW, I'm not sure the trailing ; at the end of first content-type is correct or should be removed Cheers, Stefano Kaushalye Kapuruge wrote: To add to my previous mail, We had this issue some time back and it's fixed from Axis2/C version 0.91. (See JIRA[1]). If you see this again please raise the issue in JIRA. But I tried this with Axis2/C 1.0 and works fine for me. Cheers, Kaushalye [1] http://issues.apache.org/jira/browse/AXIS2C-124 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTP headers
Stefano Pettini wrote: Hi all again, multithreading issue is still open, but now I'm looking at http headers sent by the client. If I don't specify a SOAP version, the clients sends content-type: application/soap+xml;charset=UTF-8;action=helloAction, while if I set SOAP version 1.2, using axis2_options_set_soap_version(axOptions, axEnv, AXIOM_SOAP_12), the client sends content-type: text/xml;charset=UTF-8 and a separate soapaction. Do you confirm this behavior is intended and standard? Nop. If the SOAP version is 1.2, then there is NO sperate SOAP action. Instead you should see something like follows in your headers. ...charset=UTF-8;action=http://xmlsoap.org/your/actionHost: your.host... Cheers, Kaushalye Thanks. Stefano - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: HTTP headers
To add to my previous mail, We had this issue some time back and it's fixed from Axis2/C version 0.91. (See JIRA[1]). If you see this again please raise the issue in JIRA. But I tried this with Axis2/C 1.0 and works fine for me. Cheers, Kaushalye [1] http://issues.apache.org/jira/browse/AXIS2C-124 Kaushalye Kapuruge wrote: Stefano Pettini wrote: Hi all again, multithreading issue is still open, but now I'm looking at http headers sent by the client. If I don't specify a SOAP version, the clients sends content-type: application/soap+xml;charset=UTF-8;action=helloAction, while if I set SOAP version 1.2, using axis2_options_set_soap_version(axOptions, axEnv, AXIOM_SOAP_12), the client sends content-type: text/xml;charset=UTF-8 and a separate soapaction. Do you confirm this behavior is intended and standard? Nop. If the SOAP version is 1.2, then there is NO sperate SOAP action. Instead you should see something like follows in your headers. ...charset=UTF-8;action=http://xmlsoap.org/your/actionHost: your.host... Cheers, Kaushalye Thanks. Stefano - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Interop test results
Hi All, We are happy to announce that the Rampart/C is now inter-operable with Rampart/Java and IBM's latest WSDL2 implementation. This has been proven in the WS-Policy interop held in Ottawa, Canada(May 23rd-25th). They have published results here [1]. (See Table 11, 12, 13, 14). Thanks Manjula and Chinthaka for making this a success. :). We are planning to do more interop tests with other implementers in near future. Cheers, Kaushalye [1] http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/interop/results/dashboard.html - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [AXIS2C] C-Client and Java Server
Hi, Do you need know How to run a C-client to consume a Java Service? Well in that case this is what web services are for:) Please find the relevant information here. http://ws.apache.org/axis2/c/docs/axis2c_manual.html#quick_start Cheers, Kaushalye Yogender Singh01 wrote: Hi All, Can I get any document how to deploy C-client with Java Server in AXIS or Tomcat? Regards, Yogender CAUTION - Disclaimer * This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system. ***INFOSYS End of Disclaimer INFOSYS*** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [AXIS2C] query regarding deploying the calculator services
Yogender Singh01 wrote: Hi all, I am deploying the calculator services in Axis2c. I generated all the files (server and client side) using wsdl2c tool. Then for server side files, I did the necessary changes in axis2_skel_Calculator.c file. And for client side a new file for adding subtracting etc are written. If I name my dll file generated from server side files as calculator.dll then its working fine. But if my dll file name is different (like calserver.dll) then it’s not working. Where is it mentioned that dll file name should be calculator.dll?? AFAIK the service name is specified in the services.xml file. The parameter used is ServiceClass. :) The server picks the DLL name up from the value specified in it. For example if you have calserver.dll , then the parameter should be... parameter name=ServiceClass locked=xsd:falsecalserver/parameter Cheers, Kaushalye Do we have to mention it somewhere in WSDL file??? Regards, Yogender singh CAUTION - Disclaimer * This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system. ***INFOSYS End of Disclaimer INFOSYS*** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[ANN] Apache Rampart/C 0.90 Released
Hi List, Apache Rampart/C Team is happy to announce the release of Apache Rampart/C version 0.90. You may download the release here [1]. Key feature of Rampart/C are 1. SOAP message encryption 2. SOAP message signature 3. Ability to send and verify Username Tokens with 1. Plain Text password 2. Digested password 4. Ability to send Timestamp tokens 5. Policy based configurations as per WS-Security Policy Since this is the very first release of the project, we welcome your valuable feedback. Cheers, [Apache Rampart/C Team] [1]http://ws.apache.org/rampart/c/download.cgi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] rampart/security question
Hi George, See my comments below. Cheers, Kau George Stanchev wrote: Hi, I am new to axis2/c and I had a use cases that wanted to see if it is supported. Clients of my services are expected to pass a SAML assertion in wsse header. The header is or it is not tagged with specific actor. The SAML asserttion needs to be checked for: * integrity (using its signature) * trust (using the PK/cert used to sign the assertion - checked against a local keystore) * expiration Finally, the assertion needs to be passed to the services (or the services need to be able to get a hold of it) so they can use it further. Can someone tell me what in the use case above its possible and what now currently and may be suggest implementation direction? Unfortunately Rampart/C does not support SAML yet. But indeed it is in our TODO list. Should I write a custom handler if rampart doesn't support this? Does axis2/c allows access to processed and unprocessed SOAP headers from within the services? Yes, you may. Axis2 architecture allows you to have your own handlers and do the SOAP header processing. Alternatively you can use rampart handlers and customize it to do the SAML processing. If you are developing in C++ you can use OpenSAML. http://www.opensaml.org/ rather than writing your own SAML library. And FYI: We are expecting to enrich Rampart/C with SAML by July 2006. Thanks in advance!! You are welcome. George Stanchev ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: axis2/c support for signatures
Hi George, Signature support will be available in end of May 2007. Sorry that we haven't mentioned this in the home page. Thanks for the inquiry. Cheers, Kaushalye George Stanchev wrote: Hi, What is the roadmap for getting signatures support for Axis2/C? I don't see it mentioned in the TODO list on the main axis2/C page. I remember seeing a note somewhere on wso2 that encryption has been added and signature is on the way? Thanks in adavance! Best Regards, George Stanchev ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] Rampart build system
Dinesh Premalal wrote: Hi, Samisa Abeysinghe [EMAIL PROTECTED] writes: There are couple of issues with rampart build: 1. It installs the libs to deploy/rampart/rampart/rampart be default - this is wired; why three levels? Don't know whether I already miss the answer for this thread. axis2c-412 issue is related to this issue. Please close that issue if we have any special reason to keep three levels. See my comments on this in... https://issues.apache.org/jira/browse/AXIS2C-412 thanks, Dinesh - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] rampart problem using WS-SECURITY
rdCallbackClass timeToLive360/timeToLive /action /parameter parameter name=InflowSecurity action itemsUsernameToken Timestamp/items passwordCallbackClassD:/ttaxiswsse/Debug/ttwebserviceswsse.dll/passwo rdCallbackClass /action /parameter !--Rampart configurations END -- 2. Here is the trace of incoming and outgoing soap. I am using Visual Studio 2005 C# for the client side: Incoming: ?xml version=1.0 encoding=utf-8 ? soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema; xmlns:wsa=http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse curity-secext-1.0.xsd xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd soap:Header wsa:Action / wsa:MessageIDurn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3/wsa:Messag eID wsa:ReplyTo wsa:Addresshttp://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony mous/wsa:Address /wsa:ReplyTo wsa:Tohttp://localhost:8181/axis2/services/ttwebservices/wsa:To wsse:Security soap:mustUnderstand=1 wsu:Timestamp wsu:Id=Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b wsu:Created2006-11-15T05:22:08Z/wsu:Created wsu:Expires2006-11-15T05:23:08Z/wsu:Expires /wsu:Timestamp wsse:UsernameToken xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd wsu:Id=SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe wsse:Usernamebill/wsse:Username wsse:Password Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t oken-profile-1.0#PasswordTextb/wsse:Password wsse:NoncevVR7Rzg8oLtLfg5NjxWV1g==/wsse:Nonce wsu:Created2006-11-15T05:22:08Z/wsu:Created /wsse:UsernameToken /wsse:Security /soap:Header soap:Body CreatePrimaryItem xmlns=urn:ttwebservices auth userId xsi:nil=true / password xsi:nil=true / hostname xsi:nil=true / /auth projectID16/projectID item genericItem itemID xsi:nil=true / itemNameBUG/itemName /genericItem classificationImage Builder/classification titlemy title/title descriptionmy desc/description createdBybill/createdBy createDate2006-01-01T00:12:12/createDate modifiedBybill/modifiedBy modifiedDate2006-01-01T00:12:12/modifiedDate activeInactivetrue/activeInactive stateWaiting/state ownerjoe/owner extendedFieldList nameFOUND_IN_VERSION/name valuev1.1/value /extendedFieldList extendedFieldList nameFUNCTIONAL_AREA/name valueHelp/value /extendedFieldList /item /CreatePrimaryItem /soap:Body /soap:Envelope Outgoing: ?xml version=1.0 encoding=UTF-8 ? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header / soapenv:Body / /soapenv:Envelope When I use the same client code without WS-SECURITY and take rampart out of the axis2.xml, my web service method does get called and everything gets returned correctly to the client. Thanks, -Dave. -Original Message- From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 14, 2006 9:02 PM To: Apache AXIS C User List Subject: Re: [Axis2] rampart problem using WS-SECURITY Hi, I need some information from you to figure out what exactly is the problem. 1. Have you specified the Outflow/InflowSecurity parameters correctly using axis2.xml If you have any questions on this do not hesitate to ask me. Have a look at the sample axis2.xml file in rampart/samples/client/echo/data/un_ts_axis2.xml. 2. Is it possible to send a trace of outgoing message. (You may use TCPMonitor for this) BTW from log entries I can see that Rampart has done the validation correct. But in the message building has failed in the server side. This might be due to improper settings in the server side. Try the latest code. But do not use the encryption yet:) It is still under development. Cheers, Kau Dave Meier wrote: Hi, Okay, I got the latest code. I had to add #include oxs_xml_encryption.h to the rampart_encryption.c file in order to get it to link on Windows. Now it returns an empty message as it's not invoking my service method: ?xml version=1.0 encoding=UTF-8 ? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header / soapenv:Body
Re: [Axis2] rampart problem using WS-SECURITY
Dave Meier wrote: I have the rampart module hooked up and my password callback is called correctly. But after successful validation, my web service method does not get called. Instead I get back the following response: ?xml version=1.0 encoding=UTF-8 ? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header / soapenv:Body soapenv:Fault faultcodesoapenv:MustUnderstand/faultcode faultstringHeader not understood/faultstring /soapenv:Fault /soapenv:Body /soapenv:Envelope This occurs after the userid and password have already been validated. Here are the log entries: [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP version HTTP/1.1 [Mon Nov 13 17:01:14 2006] [debug] ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is soap11 [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler AddressingInHandler within the phase PreDispatch [Mon Nov 13 17:01:14 2006] [info] Starting addressing in handler . [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]Inflow Security found [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] Validating Timestamp [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler addressing_based_dispatcher within the phase Dispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\addr_disp.c(99) Checking for service using WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA enpoint address [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\soap_action_disp.c(106) Checking for operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_message_body_based_dispatcher within the phase Dispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(196) Checking for operation using SOAP message body's first child's local name : CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using SOAP message body's first child's local name [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler dispatch_post_conditions_evaluator within the phase PostDispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler context_handler within the phase PostDispatch [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Mon Nov 13 17:01:14 2006] [info] Request served successfully I did have mustUnderstand set in the request like this: wsse:Security soap:mustUnderstand=1 Rampart_in_handler should set this relaying attribute to false after processing. Thanks for pointing this out. BTW, are you using a rampart in the client side as well? Or is it another implementation? :) 'Coz rampart doesn't set mustUnderstand=1. How can I get around this? Thanks, -Dave. ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail:
Re: [Axis2] rampart problem using WS-SECURITY
Dave Meier wrote: Well it appears to be just a problem with my callback dll on outflow as I took out the outflow portion in my axis2.xml and now it works. I can't figure out why my server side method was not being called before, but at least it's working well now. Hope you didn't spend much time looking into it. No problem.:) Glad that you have a solution. Thanks, -Dave. -Original Message- From: Dave Meier Sent: Tuesday, November 14, 2006 9:47 PM To: 'Apache AXIS C User List' Subject: RE: [Axis2] rampart problem using WS-SECURITY Hi Kau, Sorry, I did some more testing back without using rampart. At first I was getting the same error that showed with rampart. After some fiddling around I got that working again and then set it up with Rampart again. Now I don't get the same error but it is failing with A different error [rampart][rampart_out_handler] UsernmaeToken build failed. ERROR: [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow Security found [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating Timestamp [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler addressing_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\addr_disp.c(108) Checking for service using WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA enpoint address [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation using SOAPAction : [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation using SOAP message body's first child's local name : CreatePrimaryItem [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using SOAP message body's first child's local name [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler dispatch_post_conditions_evaluator within the phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler context_handler within the phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler AddressingOutHandler within the phase MessageOut [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler RampartOutHandler within the phase MessageOut [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler] building UsernmaeToken [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler] UsernmaeToken build failed. ERROR [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue Nov 14 21:42:32 2006] [info] Request served successfully Thanks, -Dave. ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: