Re: [Axis2] SAML security tokens generation
Hi Christina, Check the contents under Setting up a Security Token Service available at [1] if you want to set up Rahas. Another sample is available at [2]. If you want to supply your own name identifier in the SAML token please implement the CallbackHanlder like this[3] and specify it in the saml-config as follows dataCallbackHandlerClassorg.apache.rahas.MySAMLDataProvider/dataCallbackHandlerClass Whole lot of test cases are available at [4], but I don't know how reader-friendly they are. There is also a concept of TokenCallbackHandler. I will check whether it is possible to add a SAML token using this concept without using Rahas. Cheers, Dimuthu. [1]http://ws.apache.org/rampart/quick-start.html [2]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-samples/policy/sample05/ [3]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/SAMLDataProvider.java [3]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/ On 8/14/07, Christina Larocca [EMAIL PROTECTED] wrote: Hi all Axis2 users: I have been managing some web services using UsernameTokens (without using rampart) to convey identities. I've a client that connects to a Token issuer service that provides it an EndpointReference and the Username token needed to authenticate. Now I must remodelate the security of the whole model and instead of that, SAML tokens with encryption of the user name and signature will be used. The last axis2 version I've been using was the 1.1 and now I'm thinking about updating to the newest one and start using rampart. I have read that, unfortunatelly, Rampart itself can't be configured to add the SAML token to the Security header and that it delegates those functions to a STS called Rahas. The documentation I found about Rahas is very weak and despite my experience I don't have a clue about where or how to start. Could anyone indicate me where to find a good tutorial or use examples? Or, even better, could anyone show me some code to generate the tokens? If it's possible, I would prefer to config rahas with code instead of creating text config files. Thanks in advance. Christina. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: passwordCallbackClass
Hi Pavan, As far as I know you cannot completely remove the concept of password call back handler, if you want to put signature or username token. However you can programatically create and add RampartConfig. This way you can get rid of it from the policy.xml file, but still it will exit. Regards, Dimuthu. On 8/13/07, Pavan Madiraju [EMAIL PROTECTED] wrote: Is there any way that we can configure the client and service policy without coding the PWCBHandler so that I can keep all the security information in the policy. ramp:passwordCallbackClass org.apache.rampart.samples .policy.sample02.PWCBHandler/ramp:passwordCallbackClass Can I complete remove :passwordCallbackClass in the client and server ? Any ideas ? Thanks in Advance, Pavan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WS:Axis2-1.1.1 Ramprt 1.1 error
Hi, This is because you haven't set the action of InflowSecurity parameter in the services.xml at server side. Please look at sample 02. parameter name=InflowSecurity action itemsTimestamp/items passwordCallbackClassorg.apache.rampart.samples.sample02.PWCBHandler/passwordCallbackClass /action /parameter Cheers, Dimuthu. On 5/23/07, snehil [EMAIL PROTECTED] wrote: Hi All, Here is the problem I am facing.Any help is much appreciated. Versions Used - Axis2 1.1.1 Rampart 1.1 WSS4j 1.5.1 Problem :I am able to send Timestamp in outflow security parameter from client but as soon as I add inflow security parameters in to services.xml I start getting fault. If I remove this part from services.xml, service starts working. REQUEST : POST /axis2/services/SimpleService HTTP/1.1 SOAPAction: urn:echo User-Agent: Axis2 Host: 127.0.0.1: Transfer-Encoding: chunked Content-Type: text/xml; charset=UTF-8 2c8 ?xml version='1.0' encoding='UTF-8'?soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/;soapenv:Header wsse:Security xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd; soapenv:mustUnderstand=1wsu:Timestamp xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-1465214wsu:Created2007-05-23T07:21:48.753Z/wsu:Createdwsu:Expires2007-05-23T07:26:48.753Z/wsu:Expires/wsu:Timestamp/wsse:Security/soapenv:Headersoapenv:Bodyns1:echo xmlns:ns1=http://sample01.samples.rampart.apache.org/xsd;param0Hello world/param0/ns1:echo/soapenv:Body/soapenv:Envelope 0 RESPONSE : HTTP/1.1 500 Internal Server Error Content-Type: text/xml;charset=UTF-8 Transfer-Encoding: chunked Date: Wed, 23 May 2007 07:21:50 GMT Server: Apache-Coyote/1.1 Connection: close 273 ?xml version='1.0' encoding='UTF-8'?soapenv:Envelope xmlns:wsa=http://www.w3.org/2005/08/addressing; xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/;soapenv:Headerwsa:ReplyTowsa:Addresshttp://www.w3.org/2005/08/addressing/none/wsa:Address/wsa:ReplyTowsa:MessageIDurn:uuid:88FC109B3027D65F721179904910301/wsa:MessageIDwsa:Actionhttp://www.w3.org/2005/08/addressing/soap/fault/wsa:Action/soapenv:Headersoapenv:Bodysoapenv:Faultfaultcodesoapenv:Client/faultcodefaultstringWSDoAllReceiver: No action items defined/faultstringdetail //soapenv:Fault/soapenv:Body/soapenv:Envelope 0 --- --- EXCEPTION THROWN: --- --- [java] org.apache.axis2.AxisFault: WSDoAllReceiver: No action items defined [java] at org.apache.axis2.description.OutInAxisOperationClient.send(Ou tInAxisOperation.java:271) [java] at org.apache.axis2.description.OutInAxisOperationClient.execute (OutInAxisOperation.java:202) [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClie nt.java:579) [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClie nt.java:508) [java] at org.apache.rampart.samples.sample01.Client.main(Unknown Sourc e) [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [java] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcces sorImpl.java:39) --- --- Services.xml - --- --- service operation name=echo messageReceiver class=org.apache.axis2.rpc.receivers.RPCMessageReceiver/ /operation parameter name=ServiceClass locked=falseorg.apache.rampart.samples.sample01.SimpleService/parameter module ref=rampart / parameter name=InflowSecurity action itemTimestamp/item /action /parameter !-- parameter name=OutflowSecurity action itemTimestamp/item /action /parameter-- /service --- --- Client axis2.xml
Re: [Axis2] SAML/Rampart Question
Hi Ted, On 5/17/07, Ted Jones [EMAIL PROTECTED] wrote: Thanks Dimuthu. That's better than nothing. :-) Any plans to add documentation/examples in the future? Yes we must add documentation :). Anyone else have a working implementation of Rampart with SAML they could share? Specifically adding the SAML assertion to the WS-Security header. I don't know of anyone having a SAML implementation with Rampart. Regards, Dimuthu -Original Message- From: Dimuthu Leelaratne [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 16, 2007 10:28 PM To: axis-user@ws.apache.org Subject: Re: [Axis2] SAML/Rampart Question Hi Ted, Unforutunately we don't have a sample, but we have some TestCases where Rampart talks to a Security Token Service and recieves a SAML token. Look inside /trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas Regards, Dimuthu On 5/17/07, Ted Jones [EMAIL PROTECTED] wrote: I'm just digging into SAML, so please bare with me. There does not seem to be a lot of documentation or examples for adding SAML assertions to a WS-Security header in Rampart, maybe someone could point me to some? :-) Does Rampart/OpenSAML integrate with an existing SAML server(s), provide it's own, or neither? Is it possible for a web service client just to accept a SAML token and add it to the WS-Security header? That is really what I am looking for. TIA, Ted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How to deploy e simple webservice in axis2
Hi Pierpaolo, Here is my favorite simplest sample. It is a Hello World sample. http://wso2.org/library/95 Cheers, Dimuthu. -- http://wso2.org On 3/1/07, Pierpaolo Pagnoni [EMAIL PROTECTED] wrote: I'm a new user in AXIS2 and I've some difficult to deploy a ws. I must build a ws to exchange attachments with MTOM, but I don't know how deploy a simple example (ee a WS calculator with a service sum) Before Axis2 I've used AXIS 1.4, with Axis 1.4 I use Eclipse + WTP to create a WS or java2WSDL, WSDL2JAVA and AdminClient I cannot find a simple guide in AXIS2 as the the AXIS1 guide. I've also try to use axis2-eclipse-codegen-wizard but the code produced for the server and the client is very cryptic Please helpme, is very very urgent Thanks in advance Pierpaolo -- Passa a Infostrada. ADSL e Telefono senza limiti e senza canone Telecom http://click.libero.it/infostrada1marz07 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart 1.1 - Sample07 as policy
Hi riis, Monitor the SOAP message using a TCP monitor. Then you can find answers to most of your questions. Sample07 did it use TripleDesRsa15 or Basic128Rsa15? It uses Rsa15 for encryption. Do you know which part of the document that was signed? SOAP Body - this is the default. I realized this by studying the SOAP message. As for the question below, please refer Security Policy specification at [1] Did it use a Asymmetric binding? Yes. The Securit policy specification states. The AsymmetricBinding assertion is used in scenarios in which message protection is provided by means defined in WSS: SOAP Message Security. When we used client.axis2.xml file for configuration what we did was configure WSS. Would it be possible at all to change my service to use policies without changing the clients. The clients are already running with the old configuration style and it would be hard work changing them. But it would be nice to support policies for new clients. Yes. Cheers, Dimuthu http://wso2.org [1]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf On 2/19/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi Dimuthu, Thank you for answering. I have already tried to compare the samples from the basic and policy folder. But I still have some problems figuring it out. In the old way you didn't specify encryption protocol or whether it was header, body or the entire soap message that should be signed. I have some questions then. Sample07 did it use TripleDesRsa15 or Basic128Rsa15? Do you know which part of the document that was signed? Did it use a Asymmetric binding? Would it be possible at all to change my service to use policies without changing the clients. The clients are already running with the old configuration style and it would be hard work changing them. But it would be nice to support policies for new clients. Hope you can help me! Regards Multi-Support A/S Torben Riis Phone +45 96 600 600, Fax +45 96 600 601 E-mail: [EMAIL PROTECTED] http://www.multi-support.com Dimuthu Leelaratne dimuthu.leelarat To [EMAIL PROTECTED] axis-user@ws.apache.org cc 19-02-2007 04:37 Subject Re: Rampart 1.1 - Sample07 as Please respond to policy [EMAIL PROTECTED] he.org Hi Riis, Please have a look at samples/policy folder in rampart 1.1 distribution. It has 4 samples and they could help you. Cheers, Dimuthu On 2/16/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I'm trying to change my implementation to use policies instead of the old way. But I have some problems figuring it out. If I should implement sample07 as policies instead of the below way, what would it take? Could some one give an example of Sample07 from the Rampart 1.1 distribution as policies? Client (axis.conf) parameter name=OutflowSecurity action itemsTimestamp Encrypt Signature/items userclient/user passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierSKIKeyIdentifier/encryptionKeyIdentifier encryptionUserservice/encryptionUser /action /parameter parameter name=InflowSecurity action itemsTimestamp Encrypt Signature/items passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile /action /parameter Service (service.conf) parameter name=InflowSecurity action itemsTimestamp Encrypt Signature/items passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileservice.properties/signaturePropFile /action /parameter parameter name=OutflowSecurity action itemsTimestamp Encrypt Signature/items userservice/user passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileservice.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierSKIKeyIdentifier/encryptionKeyIdentifier encryptionUseruseReqSigCert/encryptionUser /action /parameter Regards Multi-Support A/S Torben Riis Phone +45 96 600 600, Fax +45 96 600 601 E-mail: [EMAIL PROTECTED] http://www.multi
Re: Rampart 1.1 - Sample07 as policy
Hi Riis, Please have a look at samples/policy folder in rampart 1.1 distribution. It has 4 samples and they could help you. Cheers, Dimuthu On 2/16/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I'm trying to change my implementation to use policies instead of the old way. But I have some problems figuring it out. If I should implement sample07 as policies instead of the below way, what would it take? Could some one give an example of Sample07 from the Rampart 1.1 distribution as policies? Client (axis.conf) parameter name=OutflowSecurity action itemsTimestamp Encrypt Signature/items userclient/user passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierSKIKeyIdentifier/encryptionKeyIdentifier encryptionUserservice/encryptionUser /action /parameter parameter name=InflowSecurity action itemsTimestamp Encrypt Signature/items passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile /action /parameter Service (service.conf) parameter name=InflowSecurity action itemsTimestamp Encrypt Signature/items passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileservice.properties/signaturePropFile /action /parameter parameter name=OutflowSecurity action itemsTimestamp Encrypt Signature/items userservice/user passwordCallbackClassorg.apache.rampart.samples.sample07.PWCBHandler/passwordCallbackClass signaturePropFileservice.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierSKIKeyIdentifier/encryptionKeyIdentifier encryptionUseruseReqSigCert/encryptionUser /action /parameter Regards Multi-Support A/S Torben Riis Phone +45 96 600 600, Fax +45 96 600 601 E-mail: [EMAIL PROTECTED] http://www.multi-support.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart-1.1 samples
Hi Hailong Wang, There are two ways in which we can configure Rampart to include a UsernameToken. One way is by using the configuration file which is Axis specific. Please have a look at samples/basic/samples02/client.axis2.xml inside the rampart folder. Look at this part [1] The other is using a policy file as per policy specification available here[2]. Now look at the samples/policy/sample01/policy.xml file. Same applies to Encrypt, Signature, TimeStamp. We can basically configure Rampart in two methods - one method is using the client.axis2.xml file or the other method is using policy. The new trend is to use policy. Using the axis2.xml file for security configuration is deprecated. Cheers, Dimuthu http://wso2.org [1] module ref=rampart / parameter name=OutflowSecurity action itemsUsernameToken Timestamp/items userbob/user passwordCallbackClassorg.apache.rampart.samples.sample02.PWCBHandler/passwordCallbackClass /action /parameter [2]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf On 2/16/07, Wang, Hailong (NIH/CIT) [C] [EMAIL PROTECTED] wrote: Hi, Could somebody explain to me what's the difference between basic fold and policy fold under rampart-1.1\samples\ fold? Both of them can use UsernameToken, Encrypt, Signature, TimeStamp. I got confused. Thanks in advance. Hailong Wang National Database for Autism Research(NDAR) NIH/CIT/DECA 9000 Rockville Pike, Bld 12A/Room 2027 Bethesda, MD 20892 Phone: 301-402-3045 Fax: 301-480-0028 Email: [EMAIL PROTECTED] URL: http://ndar.nih.gov - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] [rampart] Problems using rampart
Hi Sebestian, Can you check wether you are using the correct axiom jars in the class path? It should be axiom 1.2.2 jars, namely axiom-dom, axiom-impl and axiom-api. With rampart-1.1 both 1.2.2 and 1.2.1 axiom jar set should work properly. If this step also doesn't work, then I can have a look at it if you can send me the client code. Thank you, Dimuthu. - WSO2 -Oxygenating the Web Service Platform www.wso2.com On 1/22/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi Dimuthu, thanks for your help again!!! I tried all the examples and they are all working fine. I really don't know where this problem comes from. Do you have any ideas? Regards, Sebastian Dimuthu Leelaratne schrieb: Hi Sebastian, I tried to recreate the scenario as follows. 1) I used axis2-1.1.1 and rampart 1.1 and executed the first rampart smaple which is in samples/basic/sample01. Which is identical to your situation. It executed without any problems 2) But then I realized that it didn't have any addressing headers as yours. So I added some addressing headers and ran it, but it worked perfectly too. 3) After that I added a null element and ran the sample which again worked perfectly. So finally the SOAP message I observed was as follows(Please refer [1]) and in the axis2.xml I had what you had which is module ref=rampart/ Did you try running the sample01 in rampart? It is an identical situation where the axis2.xml has only engaged the module but doesn't do any security actions. If it works fine in your machine then we can narrow down the problem to scenario specific. Thank you. Rgds, Dimuthu - WSO2 -Oxygenating the Web Service Platform www.wso2.com [1] The soap messagge ?xml version='1.0' encoding='UTF-8'? soapenv:Envelope xmlns:wsa=http://www.w3.org/2005/08/addressing; xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header wsa:Tohttp://localhost:9080/axis2/services/sample01/wsa:To wsa:ReplyTo wsa:Addresshttp://www.w3.org/2005/08/addressing/anonymous/wsa:Address /wsa:ReplyTo wsa:MessageIDurn:uuid:8655FCF2CBB79A97C711691163447531/wsa:MessageID wsa:Actionurn:echo/wsa:Action /soapenv:Header soapenv:Body ns1:echo xmlns:ns1=http://sample01.samples.rampart.apache.org/xsd; param1lastMan/param1 param0 / /ns1:echo /soapenv:Body /soapenv:Envelope On 1/19/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi Dimuthu, thanks for your support solving this problem. I'm currently using rampart-1.1 and axis2-1.1.1. I have no policy configured at all. I removed all configurations but the failure remains. The only thing that is configured is that the client should use the rampart module. I have a module ref=rampart/ in the axis2 related config file. The exception is thrown on client side while the rampart module is invoked on the axis2 stack. Do you need any additional information? Regards, Sebastian Dimuthu Leelaratne schrieb: Hi Sebastian, Looks like I was wrong in the previos mail. Can you pls tell me the rampart version that you are using, so that I can look into it the matter? One more question, do you load Policy at the client side? Thank you, Dimuthu. On 1/18/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi Dimuthu, Thanks for the hint... The SOAP messages I use are really simple. There is nothing special I think. It is something like that: ?xml version='1.0' encoding='utf-8'? soapenv:Envelope xmlns:wsa=http://www.w3.org/2005/08/addressing; xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header wsa:Tohttp://localhost:3003/axis2/services/MessagingClientService/wsa:To wsa:ReplyTo wsa:Addresshttp://www.w3.org/2005/08/addressing/anonymous/wsa:Address /wsa:ReplyTo wsa:MessageIDurn:uuid:8655FCF2CBB79A97C711691163447531/wsa:MessageID wsa:Actionurn:addClient/wsa:Action /soapenv:Header soapenv:Body ns2:addClient xmlns:ns2=http://www.hpi.uni-potsdam.de/skid.common/wsmessaging/types; ns2:agentNametest/ns2:agentName ns2:classNameskid.agent.test.TestAgent/ns2:className ns2:configPathmessaging_test.config/ns2:configPath ns2:messageFactoryClassName / /ns2:addClient /soapenv:Body /soapenv:Envelope Maybe you have any ideas. Please write when you have suggestions... Regards, Sebastian Dimuthu Leelaratne schrieb: Hi Sebastian, This is not a rampart problem. The pointed out JIRA shows the bug. I walked through the stack trace. This happens for specific SOAP messages, when they are converted to DOOM as mentioned. I have never experienced the problem. Maybe because the SOAP messages that I use wouldn't re-create the problem
Re: [Axis2][rampart] Unknown top level PED error
Hi JF, We do not support the WS-SX WS-SecurityPolicy specification yet. Rampart supports only July 2005 version [1] In the current implementaiton you will have to include the supporting token in a bindding as shown in the sample 1 in the policy samples. Thanks, Dimuthu [1] http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf On 1/23/07, footh [EMAIL PROTECTED] wrote: I am getting the above error when I try to invoke a web service programmatically using WS-SecurityPolicy examples I found at this link: http://www.oasis-open.org/committees/download.php/21422/UseCases-Examples-6-06-draft-8-03-distr-tc.doc For example, I am using this policy file: wsp:Policy xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; sp:SupportingToken xmlns:sp=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; wsp:Policy sp:UserNameToken wsp:Policy sp:HashPassword/ /wsp:Policy /sp:UserNameToken /wsp:Policy /sp:SupportingToken ramp:RampartConfig xmlns:ramp=http://ws.apache.org/rampart/policy; ramp:useralice/ramp:user ramp:passwordCallbackClassorg.apache.rampart.samples.policy.sample01.PWCBHandler/ramp:passwordCallbackClass /ramp:RampartConfig /wsp:Policy And the error occurs. When I use the policy file from sample01 in the rampart distribution, I don't get the error. Can anyone point out what is going wrong here? I'm trying to use as simple a policy file as possible. Regards, JF Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/features_spam.html - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] [rampart] Problems using rampart
Hi Sebastian, Looks like I was wrong in the previos mail. Can you pls tell me the rampart version that you are using, so that I can look into it the matter? One more question, do you load Policy at the client side? Thank you, Dimuthu. On 1/18/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi Dimuthu, Thanks for the hint... The SOAP messages I use are really simple. There is nothing special I think. It is something like that: ?xml version='1.0' encoding='utf-8'? soapenv:Envelope xmlns:wsa=http://www.w3.org/2005/08/addressing; xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header wsa:Tohttp://localhost:3003/axis2/services/MessagingClientService/wsa:To wsa:ReplyTo wsa:Addresshttp://www.w3.org/2005/08/addressing/anonymous/wsa:Address /wsa:ReplyTo wsa:MessageIDurn:uuid:8655FCF2CBB79A97C711691163447531/wsa:MessageID wsa:Actionurn:addClient/wsa:Action /soapenv:Header soapenv:Body ns2:addClient xmlns:ns2=http://www.hpi.uni-potsdam.de/skid.common/wsmessaging/types; ns2:agentNametest/ns2:agentName ns2:classNameskid.agent.test.TestAgent/ns2:className ns2:configPathmessaging_test.config/ns2:configPath ns2:messageFactoryClassName / /ns2:addClient /soapenv:Body /soapenv:Envelope Maybe you have any ideas. Please write when you have suggestions... Regards, Sebastian Dimuthu Leelaratne schrieb: Hi Sebastian, This is not a rampart problem. The pointed out JIRA shows the bug. I walked through the stack trace. This happens for specific SOAP messages, when they are converted to DOOM as mentioned. I have never experienced the problem. Maybe because the SOAP messages that I use wouldn't re-create the problem. Regards, Dimuthu On 1/17/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi everybody, I have a problem using rampart in axis2. I just have configured the axis2-client.xml this way, that it should use rampart. At the moment I have no configuration for the rampart module at all. While using the client api to invoke a soap request, I get the following exceptions: org.apache.axis2.AxisFault: Error in extracting message properties; nested exception is: org.apache.rampart.RampartException: Error in extracting message properties at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65) at org.apache.axis2.engine.Phase.invoke(Phase.java:381) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:518) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:651) at org.apache.axis2.description.OutOnlyAxisOperationClient.execute(OutOnlyAxisOperation.java:353) at skid.messaging.ws.client.client.MessagingClientServiceStub.addClient(MessagingClientServiceStub.java:126) at skid.messaging.client.ClientControl.main(ClientControl.java:55) Caused by: org.apache.rampart.RampartException: Error in extracting message properties at org.apache.rampart.RampartMessageData.init(RampartMessageData.java:294) at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:56) at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:59) ... 6 more Caused by: org.apache.ws.security.WSSecurityException: Error in converting SOAP Envelope to Document; nested exception is: org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:121) at org.apache.rampart.RampartMessageData.init(RampartMessageData.java:146) ... 8 more Caused by: org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:199) at org.apache.axiom.om.impl.dom.NodeImpl.build(NodeImpl.java:469) at org.apache.axiom.om.impl.dom.DocumentImpl.build(DocumentImpl.java:476) at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:107) ... 9 more Caused by: javax.xml.stream.XMLStreamException at org.apache.axiom.om.impl.llom.OMStAXWrapper.updateLastNode(OMStAXWrapper.java:952) at org.apache.axiom.om.impl.llom.OMStAXWrapper.next(OMStAXWrapper.java:913) at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:116) ... 12 more This exception is thrown when invoking the first request on the stub. I can find the following link concerning that problem: http://www.mail-archive.com/axis-dev@ws.apache.org/msg25582.html As proposed in this post I should check wether the soap message includes MIME parts. I used MIME parts in former times, but at the moment I disabled all MTOM related things. Do you have any suggestions concernings this problem? Is it a known problem or a bug? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail
Re: Configuration in Rampart 1.1
Hi Sriram, As I understand your single client can tallk to multiple services but with different security requirements. For configurations now we encourage using Policy file according to WS Security Policy specification (http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf). Since your services require different security settings, we may have to create different Policy.xml files. After that according to the service the client is going to invoke you can load the relevant Policy file as follows. StAXOMBuilder builder = new StAXOMBuilder(pathToPolicyfile); Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement()); //setting the object Options options = new Options(); options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, clientPolicy); Schemas are available at, http://ws.apache.org/axis2/modules/rampart/1_1/security-module.html Cheers, Dimuthu On 1/18/07, Sriram Vaidyanathan [EMAIL PROTECTED] wrote: Hi, I am currently trying to upgrade to Rampart 1.1 from Rampart 1.0 and using Rampart 1.0 we could talk to multiple services from a single client by programmatically configuring the parameters using the OutflowConfiguration class. From previous posts in the forum it looks like these are deprecated with the 1.1 releases. Is there an alternative way we can dynamically configure the parameters in 1.1? Any help on this would be appreciated. Thanks and Regards Sriram Vaidyanathan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WS-SECURITY WITH SAML2 TOKENS
Hi Evaristo,' Rampart uses opensaml-1.1 library to give support for the SAML. Currently the library doen't support SAML2. Regards, Dimuthu On 1/17/07, Evaristo José Camarero [EMAIL PROTECTED] wrote: Hi: Does Axis2 with rampart module support SAML2 Security Tokens? Regards, Evaristo __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] [rampart] Problems using rampart
Hi Sebastian, This is not a rampart problem. The pointed out JIRA shows the bug. I walked through the stack trace. This happens for specific SOAP messages, when they are converted to DOOM as mentioned. I have never experienced the problem. Maybe because the SOAP messages that I use wouldn't re-create the problem. Regards, Dimuthu On 1/17/07, Sebastian Roschke [EMAIL PROTECTED] wrote: Hi everybody, I have a problem using rampart in axis2. I just have configured the axis2-client.xml this way, that it should use rampart. At the moment I have no configuration for the rampart module at all. While using the client api to invoke a soap request, I get the following exceptions: org.apache.axis2.AxisFault: Error in extracting message properties; nested exception is: org.apache.rampart.RampartException: Error in extracting message properties at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65) at org.apache.axis2.engine.Phase.invoke(Phase.java:381) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:518) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:651) at org.apache.axis2.description.OutOnlyAxisOperationClient.execute(OutOnlyAxisOperation.java:353) at skid.messaging.ws.client.client.MessagingClientServiceStub.addClient(MessagingClientServiceStub.java:126) at skid.messaging.client.ClientControl.main(ClientControl.java:55) Caused by: org.apache.rampart.RampartException: Error in extracting message properties at org.apache.rampart.RampartMessageData.init(RampartMessageData.java:294) at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:56) at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:59) ... 6 more Caused by: org.apache.ws.security.WSSecurityException: Error in converting SOAP Envelope to Document; nested exception is: org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:121) at org.apache.rampart.RampartMessageData.init(RampartMessageData.java:146) ... 8 more Caused by: org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:199) at org.apache.axiom.om.impl.dom.NodeImpl.build(NodeImpl.java:469) at org.apache.axiom.om.impl.dom.DocumentImpl.build(DocumentImpl.java:476) at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:107) ... 9 more Caused by: javax.xml.stream.XMLStreamException at org.apache.axiom.om.impl.llom.OMStAXWrapper.updateLastNode(OMStAXWrapper.java:952) at org.apache.axiom.om.impl.llom.OMStAXWrapper.next(OMStAXWrapper.java:913) at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:116) ... 12 more This exception is thrown when invoking the first request on the stub. I can find the following link concerning that problem: http://www.mail-archive.com/axis-dev@ws.apache.org/msg25582.html As proposed in this post I should check wether the soap message includes MIME parts. I used MIME parts in former times, but at the moment I disabled all MTOM related things. Do you have any suggestions concernings this problem? Is it a known problem or a bug? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]