libcurl options
Hi, Is there any way to specify additional connection options for libcurl? For example I need the client to connect via SOCKS5 proxy with authorization, increase connection timeouts and make it not complain about self-signed SSL certificate. The following are the libcurl options I need to set: curl_easy_setopt(handler, CURLOPT_PROXY, proxy); curl_easy_setopt(handler, CURLOPT_PROXYPORT, port); curl_easy_setopt(handler, CURLOPT_PROXYTYPE, type); curl_easy_setopt(handler, CURLOPT_PROXYAUTH, CURLAUTH_ANY); curl_easy_setopt(handler, CURLOPT_PROXYUSERPWD, userpwd); curl_easy_setopt(handler, CURLOPT_TIMEOUT, timeout); curl_easy_setopt(handler, CURLOPT_CONNECTTIMEOUT, 10); curl_easy_setopt(handler, CURLOPT_SSL_VERIFYHOST, 0); curl_easy_setopt(handler, CURLOPT_SSL_VERIFYPEER, 0); How do I set these in axis2c? I don't see a way to access the CURL* handler directly... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
No soap-header tag
Hello, In our project we use Axis2c and we have the strange request to have the soapenv:Header/ tag *completely* eliminated, even if it is an empty tag. Don't ask why :-( Does anyone of you have an idea if there is a configuration setting to have this set at startup/runtime (quite improbable, imho), or in which source file I have to comment which lines? :-) I am currently going through the source files, but it is like looking for a needle in a haystack :-( Thanks a lot in advance! Joris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: libcurl options
Hi, How do I set these in axis2c? I don't see a way to access the CURL* handler directly... Yes, You are correct we still don't have a way to specify CURL * handler options directly. Please raise a jira issue for this. thanks, Dinesh -- http://nethu.org/
RE: Rampart versions
Yes, you should make sure your /lib only contains either Rampart 1.3 or Rampart 1.4. Cheers Sanjay -Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Tue 15/07/2008 01:37 To: axis-user@ws.apache.org Subject: RE: Rampart versions Would having the Rampart 1.3 module and Rampart 1.4 files in the java/jre/lib cause any errors? -Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 12:45 PM To: axis-user@ws.apache.org Subject: Rampart Policy Samples Has anyone run the Policy Samples with Rampart 1.4? For some reason I get an exception (I believe in deployment) when all I'm doing is building the .aar archive with ant and copying it to tomcat/webapps/axis2/WEB-INF/services. I believe I was able to run them with Rampart 1.3, but I recently changed to Rampart 1.4; could there be a step that I may have missed? I even tried to run the policy samples from the Rampart 1.3 directory and they don't even deploy correctly. Thanks. =RY - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Rampart: Policy versus Parameters
Dynamically? How so? Thanks. =RY -Original Message- From: Sanjay Vivek [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:25 PM To: axis-user@ws.apache.org Subject: RE: Rampart: Policy versus Parameters The policy method is far more flexible. It allows you to dynammically set the username/password (which cannot be done by the Parameter method) and much more. Cheers Sanjay -Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Mon 14/07/2008 18:35 To: axis-user@ws.apache.org Subject: Rampart: Policy versus Parameters I was just wondering, what method of WS-Security with Rampart do most people use and find the easiest: the Policy method (with the RampConfig element) or the Parameter method (with the InflowSecurity and OutflowSecurity parameters in services.xml)? Thanks. = RY - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] winmail.dat- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Rampart: Policy versus Parameters
In the Parameter config, the username/password has to be hardcoded in the client.axis2.xml file. So it essentially means that you have to change the username/password for every new user (or maybe have separate installations for every user). With the Policy config however, the username/password combo is retrieved via the password callback handler class. The username/password can be retrieved from any authentication backend you can think of. As such, you can dynamically set the username/password from the client code. Cheers Sanjay -Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: 15 July 2008 08:09 To: axis-user@ws.apache.org Subject: RE: Rampart: Policy versus Parameters Dynamically? How so? Thanks. =RY -Original Message- From: Sanjay Vivek [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:25 PM To: axis-user@ws.apache.org Subject: RE: Rampart: Policy versus Parameters The policy method is far more flexible. It allows you to dynammically set the username/password (which cannot be done by the Parameter method) and much more. Cheers Sanjay -Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Mon 14/07/2008 18:35 To: axis-user@ws.apache.org Subject: Rampart: Policy versus Parameters I was just wondering, what method of WS-Security with Rampart do most people use and find the easiest: the Policy method (with the RampConfig element) or the Parameter method (with the InflowSecurity and OutflowSecurity parameters in services.xml)? Thanks. = RY - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Namespace problem Axis 1.2.1
Ah, I've just found out what the problem is. When we deploy the application, the first time we call the WSDL file its namespace is generated. Appearantly the request-url is used for the namespace generation. For example, if I call the WSDL with: http://some-url.com/somename//services/Service?WSDL The WSDL gets the following namespace: import namespace=http://some-url.com/somename//services/Service/ This seriously messes up our system..! Does anybody know a good solution to this? Is there a setting in Axis that strips the extra slashes while generating the namespace? Do newer versions filter the access slashes? (1.3?, 1.4?) Help please :) On Mon, Jul 14, 2008 at 9:49 AM, Roy van Rijn [EMAIL PROTECTED] wrote: Hi Axis users/devs, Since a couple of weeks I'm working on a old project which uses Axis 1.2.1. The big problem is we can't affort to upgrade to a more recent version, then we would have to do a awful lot of regression tests (just so you know). We are experiencing a namespace problem with this service. We haven't specified a specific namespace in the WSDD file so apperantly Axis dynamicly chooses a relevant namespace for us in the generated WSDL file. But on different machines and on different times the namespace changes! Its very strange behaviour and I've seen it happen after a reboot. Let me show some snippets: Before reboot: import namespace=http://some-url.com/profielen2/services/KennisnetProfielen/ After reboot: import namespace=http://some-url.com/profielen2//services/KennisnetProfielen/ Same WAR-file after some reboots on a different machine: import namespace=http://some-other-url.com/profielen2///services/KennisnetProfielen/ (notice the two and three forward-slashes after the 'profielen2' part!!) The client uses the URL of the webservice and asumes its the same as the namespace. And as you all probably know, the namespace must match 100%, so if the client browses to ..profielen2/services.. it can't find the webservice with the namespace ..profielen2//services... So a quick (and dirty) workaround was changing the client to ..profielen2//services because the URL is the same as a single slash, and the namespace was still correct. But we don't want to keep changing the configuration of the client if we reboot the server and the amount of slashes changes! Can anybody explain this behaviour? I sure can't... :-) I've been going through the code, but couldn't locate where this problem might originate from. And, second, does anybody know if setting the wsdlTargetNamespace parameter (forcing a namespace) might be a good idea? The problem with this idea is that we need to change the WSDD on all the enviroments (development/test/production) to make sure the URL is the same as the namespace. Or is there another way around this problem? Please send any ideas, we're getting desperate :-( Roy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Unknown Host Exception
Hi, I have a long running problem that I cant seem to find an answer to, I am sure I have asked here before but I didn't get any replies. I get an unknown host exception generated as a SOAP fault by axis, I can't see any reason for this although there is one thing that is unusual and I think it 'could' be the cause. The dns name I am trying to connect to is MHS-0 and it resolves to an IP address fine, however the IP address that is returned by a DNS query to MHS-0 is not MHS-0's IP address. MHS-0 is a load balancer and it returns the IP address of MHS-1 or MHS-2 dependant on load. I can ping, nslookup MHS-0 fine from the commandline and it always returns either MHS-1 or MHS-2's IP. I think that this is a java\axis problem only. I think that it could be that axis resolves MHS-0 to an IP address and sends a request, but the IP address that is returned is for MHS-1 or MHS-2 (dependant on load), if axis now attempted to perform a DNS on that IP address it would not resolve to MHS-0 now. Does anybody know any answers to this, or has anyone experienced anything similar? Would upgrading to the latest version of axis solve this? I am sorry if this is a basic description but I have a limited knowledge of networking and DNS etc. If anyone can help me it would be good as this has been ongoing for sometime now, and currently we have to get around this using a hack and mapping a host entry for MHS-0 to either MHS-1 or MHS-2 IP address (which means we have no load balancing). Thanks Paul Ockleford ** This message may contain confidential and privileged information. If you are not the intended recipient please accept our apologies. Please do not disclose, copy or distribute information in this e-mail or take any action in reliance on its contents: to do so is strictly prohibited and may be unlawful. Please inform us that this message has gone astray before deleting it. Thank you for your co-operation. NHSmail is used daily by over 100,000 staff in the NHS. Over a million messages are sent every day by the system. To find out why more and more NHS personnel are switching to this NHS Connecting for Health system please visit www.connectingforhealth.nhs.uk/nhsmail ** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Calling Axis service on Applet client
Hi All, I am new to axis. I have deployed a sample axis web service which accepts a sting and displays Hello +string. I have created a applet client in that I am calling that web service. here I am facing the following error. java.net.MalformedURLException: no protocol: Axis at java.net.URL.init(Unknown Source) at java.net.URL.init(Unknown Source) at java.net.URL.init(Unknown Source) at TestApplet.makeSoapCall(TestApplet.java:35) at TestApplet.init(TestApplet.java:22) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please help me to solve this issue. Then It would be a great help for me.. Here is my applet code: import java.applet.*; import org.apache.axis.AxisFault; import org.apache.axis.client.Call; import org.apache.axis.client.Service; import javax.xml.rpc.ParameterMode; import org.apache.axis.encoding.XMLType; public class TestApplet1 extends Applet { private static String endpoint = http://xx.xx.xx.xx:8200/axis/services/TomcatTestService;; public void init () { System.out.println(\n**\nStarting up!\n); makeSoapCall(Axis); System.out.println(\n**\n); } private static void makeSoapCall( String message ){ try { // EndPoint URL for the HelloWorld Web Service String endpointURL =message; String methodName = getHelloMessage; Service service = new Service(); Call call = (Call) service.createCall(); //Set the endPoint URL call.setTargetEndpointAddress (new java.net.URL(endpointURL)); call.setOperationName (methodName); call.addParameter(name,XMLType.XSD_STRING,ParameterMode.IN); call.setReturnType (XMLType.XSD_STRING); String result = (String) call.invoke (new Object[] { AXIS } ); //Print out the result System.out.println (result); }catch (AxisFault fault) { System.err.println(Error : + fault.toString()); } catch (Exception e) { e.printStackTrace(); } } } Regards, Thamizhannal P - From Chandigarh to Chennai - find friends all over India. Click here.
Re: Calling Axis service on Applet client
I think applets can access resources back from the same domain only from where it gets downloaded/accessed. So, one possible solution could be to host your applet page in a tomcat instance and deploy a proxy servlet there. From the applet, call the servlet proxy method and that method would in turn call the web service. -Madhav On Tue, Jul 15, 2008 at 5:18 PM, Thamizh [EMAIL PROTECTED] wrote: Hi All, I am new to axis. I have deployed a sample axis web service which accepts a sting and displays Hello +string. I have created a applet client in that I am calling that web service. here I am facing the following error. java.net.MalformedURLException: no protocol: Axis at java.net.URL.init(Unknown Source) at java.net.URL.init(Unknown Source) at java.net.URL.init(Unknown Source) at TestApplet.makeSoapCall(TestApplet.java:35) at TestApplet.init(TestApplet.java:22) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Please help me to solve this issue. Then It would be a great help for me.. Here is my applet code: import java.applet.*; import org.apache.axis.AxisFault; import org.apache.axis.client.Call; import org.apache.axis.client.Service; import javax.xml.rpc.ParameterMode; import org.apache.axis.encoding.XMLType; public class TestApplet1 extends Applet { private static String endpoint = http://xx.xx.xx.xx:8200/axis/services/TomcatTestService;; public void init () { System.out.println(\n**\nStarting up!\n); makeSoapCall(Axis); System.out.println(\n**\n); } private static void makeSoapCall( String message ){ try { // EndPoint URL for the HelloWorld Web Service String endpointURL =message; String methodName = getHelloMessage; Service service = new Service(); Call call = (Call) service.createCall(); //Set the endPoint URL call.setTargetEndpointAddress (new java.net.URL(endpointURL)); call.setOperationName (methodName); call.addParameter(name,XMLType.XSD_STRING,ParameterMode.IN); call.setReturnType (XMLType.XSD_STRING); String result = (String) call.invoke (new Object[] { AXIS } ); //Print out the result System.out.println (result); }catch (AxisFault fault) { System.err.println(Error : + fault.toString()); } catch (Exception e) { e.printStackTrace(); } } } Regards, Thamizhannal P -- From Chandigarh to Chennai - find friends all over India. Click here.http://in.rd.yahoo.com/tagline_groups_10/*http://in.promos.yahoo.com/groups/citygroups/ -- -Madhav
Re: [Axis2 - 1.4] Nodes with multiple child nodes not parsed correctly
Amila: Thanks for the information. Changing to jaxbri and fixing my code seems to work now. Is there a high-level overview of what each binding has and does not have? I'd prefer to not have to find out the hard way that jaxbri doesn't (for example) support maxOccurs! I think I will file a JIRA, as the ADB code generation should definitely throw a warning or error when it sees a mixed type. -Jake Amila Suriarachchi wrote: ADB does not support mixed attribute in complex types. So either you can 1. change your schema to xs:element name=description type=xs:string !--xs:complexType mixed=true/-- /xs:element 2. use different data binding framwork eg. -d jaxbri -d xmlbeans thanks, Amila. On Tue, Jul 15, 2008 at 2:48 AM, Jake Goulding [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hey all: I keep getting this error: org.apache.axis2.AxisFault: org.apache.axis2.databinding.ADBException: Unexpected subelement node at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) at vivisimo.VivisimoVelocityQueryServiceStub.fromOM(VivisimoVelocityQueryServiceStub.java:5494) at vivisimo.VivisimoVelocityQueryServiceStub.Simple(VivisimoVelocityQueryServiceStub.java:194) at Main.main(Main.java:24) Caused by: java.lang.Exception: org.apache.axis2.databinding.ADBException: Unexpected subelement node at vivisimo.VivisimoVelocityQueryServiceStub$Vce$Factory.parse(VivisimoVelocityQueryServiceStub.java:2092) at vivisimo.VivisimoVelocityQueryServiceStub.fromOM(VivisimoVelocityQueryServiceStub.java:5488) ... 2 more Caused by: org.apache.axis2.databinding.ADBException: Unexpected subelement node at vivisimo.VivisimoVelocityQueryServiceStub$Vce$Factory.parse(VivisimoVelocityQueryServiceStub.java:2086) However, I took the schema from my WSDL and the XML returned over the wire, ran them through the W3 XML Validator [1], and it passed. I added some extra prints to the generated code, and can see the following code path: parsing a Vce parsing a VceChoice parsing a Tree_type0 parsing a Node_type0 parsing a NodeChoice parsing a Node_type0 parsing a NodeChoice parsing a Description Which seems that it gets to vce/tree/node/node[1], but doesn't correctly see that vce/tree/node/node[2] should be in the array. I have attached the WSDL, the SOAP response, a small test program, and a Wireshark dump of the traffic. Any advice would be highly appreciated! -Jake [1] http://www.w3.org/2001/03/webdata/xsv - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Amila Suriarachchi, WSO2 Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2 - 1.4] Nodes with multiple child nodes not parsed correctly
I have filed JIRA 3912 https://issues.apache.org/jira/browse/AXIS2-3912 -Jake Jake Goulding wrote: Amila: Thanks for the information. Changing to jaxbri and fixing my code seems to work now. Is there a high-level overview of what each binding has and does not have? I'd prefer to not have to find out the hard way that jaxbri doesn't (for example) support maxOccurs! I think I will file a JIRA, as the ADB code generation should definitely throw a warning or error when it sees a mixed type. -Jake Amila Suriarachchi wrote: ADB does not support mixed attribute in complex types. So either you can 1. change your schema to xs:element name=description type=xs:string !--xs:complexType mixed=true/-- /xs:element 2. use different data binding framwork eg. -d jaxbri -d xmlbeans thanks, Amila. On Tue, Jul 15, 2008 at 2:48 AM, Jake Goulding [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Hey all: I keep getting this error: org.apache.axis2.AxisFault: org.apache.axis2.databinding.ADBException: Unexpected subelement node at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) at vivisimo.VivisimoVelocityQueryServiceStub.fromOM(VivisimoVelocityQueryServiceStub.java:5494) at vivisimo.VivisimoVelocityQueryServiceStub.Simple(VivisimoVelocityQueryServiceStub.java:194) at Main.main(Main.java:24) Caused by: java.lang.Exception: org.apache.axis2.databinding.ADBException: Unexpected subelement node at vivisimo.VivisimoVelocityQueryServiceStub$Vce$Factory.parse(VivisimoVelocityQueryServiceStub.java:2092) at vivisimo.VivisimoVelocityQueryServiceStub.fromOM(VivisimoVelocityQueryServiceStub.java:5488) ... 2 more Caused by: org.apache.axis2.databinding.ADBException: Unexpected subelement node at vivisimo.VivisimoVelocityQueryServiceStub$Vce$Factory.parse(VivisimoVelocityQueryServiceStub.java:2086) However, I took the schema from my WSDL and the XML returned over the wire, ran them through the W3 XML Validator [1], and it passed. I added some extra prints to the generated code, and can see the following code path: parsing a Vce parsing a VceChoice parsing a Tree_type0 parsing a Node_type0 parsing a NodeChoice parsing a Node_type0 parsing a NodeChoice parsing a Description Which seems that it gets to vce/tree/node/node[1], but doesn't correctly see that vce/tree/node/node[2] should be in the array. I have attached the WSDL, the SOAP response, a small test program, and a Wireshark dump of the traffic. Any advice would be highly appreciated! -Jake [1] http://www.w3.org/2001/03/webdata/xsv - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Amila Suriarachchi, WSO2 Inc. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Get Enumerated Type Value List
Is it possible to get a list of valid values for an enumerated type using Axis2/ADB? I'm not seeing an easy way to do this using the generated ADB classes. Type construct: xs:simpleType name=SimpleTypeT xs:restriction base=xs:string xs:enumeration value=Value1/ xs:enumeration value=Value2/ xs:enumeration value=Value3/ xs:enumeration value=Value4/ xs:enumeration value=Value5/ xs:enumeration value=Value6/ xs:enumeration value=Value7/ /xs:restriction /xs:simpleType Need an ArrayList or String [] containing these values. Thanks for any insight. Ishtvan
Newbie Question: Rampart Policy Sample 01
I think I've read this somewhere before, but just to verify... If you run Rampart Policy Sample 01 as is and if you don't have https, it won't work, and will create an Internal server error? Because I am not using SSL; I'm using HTTP and running policy/sample01. However, if I uncomment the line sp:HttpsToken RequireClientCertificate=false/ in the services.xml file, a WSDL file is generated. It' be appreciated if someone could explain what the uncommented line does. :P Thanks. =RY winmail.dat- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: Newbie Basics: Security Policy
-Original Message- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Tue 7/15/2008 8:11 AM To: [EMAIL PROTECTED] Subject: RE: Newbie Basics: Security Policy Just to verify how this policy would work... So if I use this policy, I can just tell soapUI to add a User Name Token with username alice and password bobPW, and I should receive an echo back (using the service in the samples) in the response? However, when I do this, for some reason I receive and error. The RAW messages are reprinted below: REQUEST: Host: 192.168.1.247:8080 Content-Length: 803 User-Agent: Jakarta Commons-HttpClient/3.0.1 Content-Type: application/soap+xml;charset=UTF-8;action=urn:echo soap:Envelope xmlns:sam=http://sample01.policy.samples.rampart.apache.org; xmlns:soap=http://www.w3.org/2003/05/soap-envelope; soap:Header wsse:Security soap:mustUnderstand=true xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd; wsse:UsernameToken wsu:Id=UsernameToken-10518016 xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsse:Usernamealice/wsse:Username wsse:Password Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText;bobPW/wsse:Password /wsse:UsernameToken /wsse:Security /soap:Header soap:Body sam:echo !--Optional:-- sam:param0?/sam:param0 /sam:echo /soap:Body /soap:Envelope RESPONSE: HTTP/1.1 500 Internal Server Error Date: Tue, 15 Jul 2008 18:05:24 GMT Transfer-Encoding: chunked Connection: close Content-Type: application/soap+xml; action=http://www.w3.org/2005/08/addressing/soap/fault;charset=UTF-8 Server: Apache-Coyote/1.1 ?xml version='1.0' encoding='UTF-8'? soapenv:Envelope xmlns:soapenv=http://www.w3.org/2003/05/soap-envelope; soapenv:Body soapenv:Fault soapenv:Code soapenv:Valuesoapenv:Receiver/soapenv:Value /soapenv:Code soapenv:Reason soapenv:Text xml:lang=en-USjava.lang.NoSuchMethodError: org.apache.ws.security.message.WSSecHeader.isEmpty(Lorg/w3c/dom/Document;)Z/soapenv:Text /soapenv:Reason soapenv:Detail / /soapenv:Fault /soapenv:Body /soapenv:Envelope Thanks. =RY -Original Message- From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:01 AM To: [EMAIL PROTECTED] Subject: Re: Newbie Basics: Security Policy Hi Roxane, This is the policy to be used. Hope you know how to attach this policy to services.xml and to a client. Please go through the Rampart policy samples and you will be able to see how that is done. If you have further questions, please feel free to throw them in. regards, nandana wsp:Policy wsu:Id=UT xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; wsp:ExactlyOne wsp:All sp:SupportingTokens xmlns:sp= http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; wsp:Policy sp:UsernameToken sp:IncludeToken= http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient; / /wsp:Policy /sp:SupportingTokens ramp:RampartConfig xmlns:ramp=http://ws.apache.org/rampart/policy; ramp:userusername/ramp:user ramp:passwordCallbackClassorg.apache.rampart.samples.policy.sample01.PWCBHandler/ramp:passwordCallbackClass /ramp:RampartConfig /wsp:All /wsp:ExactlyOne /wsp:Policy On Mon, Jul 14, 2008 at 11:53 PM, Roxanne Yee [EMAIL PROTECTED] wrote: If I simply wanted to implement a web service that used a User Name Token authentication system with a Username and Password in Plaintext (no SSL for now, cause I'm a little sketchy on how to actually set that up), what would I need to do if using the Policy handler configuration? Thanks. = RY - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FW: Newbie Basics: Security Policy
What is the version of the WSS4J jar you are using ? It seems you are using a older on than 1.5.4. You can find all the dependencies needed for Rampart 1.4 in the Rampart 1.4 binary distribution under /rampart-1.4/lib/ which can downloaded form here [1]. Adding the wss4j 1.5.4 jar to your Axis2 lib will solve this problem. You can also post your password callback handler class for the server side and the services.xml, so we can verify whether they are correct. thanks, nandana [1] - http://ws.apache.org/rampart/download/1.4/download.cgi Just to verify how this policy would work... So if I use this policy, I can just tell soapUI to add a User Name Token with username alice and password bobPW, and I should receive an echo back (using the service in the samples) in the response? However, when I do this, for some reason I receive and error. The RAW messages are reprinted below: REQUEST: Host: 192.168.1.247:8080 Content-Length: 803 User-Agent: Jakarta Commons-HttpClient/3.0.1 Content-Type: application/soap+xml;charset=UTF-8;action=urn:echo soap:Envelope xmlns:sam= http://sample01.policy.samples.rampart.apache.org; xmlns:soap= http://www.w3.org/2003/05/soap-envelope; soap:Header wsse:Security soap:mustUnderstand=true xmlns:wsse= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd wsse:UsernameToken wsu:Id=UsernameToken-10518016 xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsse:Usernamealice/wsse:Username wsse:Password Type= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText bobPW/wsse:Password /wsse:UsernameToken /wsse:Security /soap:Header soap:Body sam:echo !--Optional:-- sam:param0?/sam:param0 /sam:echo /soap:Body /soap:Envelope RESPONSE: HTTP/1.1 500 Internal Server Error Date: Tue, 15 Jul 2008 18:05:24 GMT Transfer-Encoding: chunked Connection: close Content-Type: application/soap+xml; action= http://www.w3.org/2005/08/addressing/soap/fault;charset=UTF-8 Server: Apache-Coyote/1.1 ?xml version='1.0' encoding='UTF-8'? soapenv:Envelope xmlns:soapenv=http://www.w3.org/2003/05/soap-envelope soapenv:Body soapenv:Fault soapenv:Code soapenv:Valuesoapenv:Receiver/soapenv:Value /soapenv:Code soapenv:Reason soapenv:Text xml:lang=en-USjava.lang.NoSuchMethodError: org.apache.ws.security.message.WSSecHeader.isEmpty(Lorg/w3c/dom/Document;)Z/soapenv:Text /soapenv:Reason soapenv:Detail / /soapenv:Fault /soapenv:Body /soapenv:Envelope Thanks. =RY -Original Message- From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:01 AM To: [EMAIL PROTECTED] Subject: Re: Newbie Basics: Security Policy Hi Roxane, This is the policy to be used. Hope you know how to attach this policy to services.xml and to a client. Please go through the Rampart policy samples and you will be able to see how that is done. If you have further questions, please feel free to throw them in. regards, nandana wsp:Policy wsu:Id=UT xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; wsp:ExactlyOne wsp:All sp:SupportingTokens xmlns:sp= http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; wsp:Policy sp:UsernameToken sp:IncludeToken= http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient / /wsp:Policy /sp:SupportingTokens ramp:RampartConfig xmlns:ramp=http://ws.apache.org/rampart/policy ramp:userusername/ramp:user ramp:passwordCallbackClassorg.apache.rampart.samples.policy.sample01.PWCBHandler/ramp:passwordCallbackClass /ramp:RampartConfig /wsp:All /wsp:ExactlyOne /wsp:Policy On Mon, Jul 14, 2008 at 11:53 PM, Roxanne Yee [EMAIL PROTECTED] wrote: If I simply wanted to implement a web service that used a User Name Token authentication system with a Username and Password in Plaintext (no SSL for now, cause I'm a little sketchy on how to actually set that up), what would I need to do if using the Policy handler configuration? Thanks. = RY - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/
RE: FW: Newbie Basics: Security Policy
Could it been that the wss4j jars are conflicting? Because the axis2 library contains both the 1.5.3 version and the 1.5.4 version? However, I'll post my callback handler and services.xml as well. CALLBACK HANDLER: package org.apache.rampart.samples.policy.sample01; import org.apache.ws.security.WSPasswordCallback; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import java.io.IOException; public class PWCBHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i callbacks.length; i++) { //When the server side need to authenticate the user WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i]; if (pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) { if(pwcb.getIdentifer().equals(alice) pwcb.getPassword().equals(bobPW)) { return; } else { throw new UnsupportedCallbackException(callbacks[i], check failed); } } //When the client requests for the password to be added in to the //UT element pwcb.setPassword(bobPW); } } } Thank you! =RY SERVICES.XML: ?xml version=1.0 encoding=UTF-8? service operation name=echo messageReceiver class=org.apache.axis2.rpc.receivers.RPCMessageReceiver/ /operation parameter name=ServiceClass locked=falseorg.apache.rampart.samples.policy.sample01.SimpleService/parameter module ref=rampart / module ref=addressing / wsp:Policy wsu:Id=UT xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; wsp:ExactlyOne wsp:All sp:SupportingTokens xmlns:sp=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; wsp:Policy sp:UsernameToken sp:IncludeToken=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient/ /wsp:Policy /sp:SupportingTokens ramp:RampartConfig xmlns:ramp=http://ws.apache.org/rampart/policy; !-- Does the following user have to be the same as the username for the token? Is that alice in this case? -- ramp:userusername/ramp:user ramp:passwordCallbackClassorg.apache.rampart.samples.policy.sample01.PWCBHandler/ramp:passwordCallbackClass /ramp:RampartConfig /wsp:All /wsp:ExactlyOne /wsp:Policy /service -Original Message- From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] Sent: Tue 7/15/2008 4:39 PM To: axis-user@ws.apache.org; [EMAIL PROTECTED] Subject: Re: FW: Newbie Basics: Security Policy What is the version of the WSS4J jar you are using ? It seems you are using a older on than 1.5.4. You can find all the dependencies needed for Rampart 1.4 in the Rampart 1.4 binary distribution under /rampart-1.4/lib/ which can downloaded form here [1]. Adding the wss4j 1.5.4 jar to your Axis2 lib will solve this problem. You can also post your password callback handler class for the server side and the services.xml, so we can verify whether they are correct. thanks, nandana [1] - http://ws.apache.org/rampart/download/1.4/download.cgi Just to verify how this policy would work... So if I use this policy, I can just tell soapUI to add a User Name Token with username alice and password bobPW, and I should receive an echo back (using the service in the samples) in the response? However, when I do this, for some reason I receive and error. The RAW messages are reprinted below: REQUEST: Host: 192.168.1.247:8080 Content-Length: 803 User-Agent: Jakarta Commons-HttpClient/3.0.1 Content-Type: application/soap+xml;charset=UTF-8;action=urn:echo soap:Envelope xmlns:sam= http://sample01.policy.samples.rampart.apache.org; xmlns:soap= http://www.w3.org/2003/05/soap-envelope; soap:Header wsse:Security soap:mustUnderstand=true xmlns:wsse= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd wsse:UsernameToken wsu:Id=UsernameToken-10518016 xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsse:Usernamealice/wsse:Username wsse:Password Type= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText bobPW/wsse:Password /wsse:UsernameToken /wsse:Security /soap:Header soap:Body sam:echo !--Optional:-- sam:param0?/sam:param0 /sam:echo /soap:Body /soap:Envelope RESPONSE: HTTP/1.1 500 Internal Server Error Date: Tue, 15 Jul 2008 18:05:24