Re: Newbie Question on axis2
One way is to create the response as an XML document and return that, this allows you to return multiple values. Chino Aureus [EMAIL PROTECTED] wrote: Hi All, Hope I'm sending this to the right mailing list. :) I'm new to web services and currently I'm studying and using axis2. I have made a very simple web service (i.e. int add(int x, int y) ) that returns an int. I started from POJO to create a create a service archive. Now, I want to create a web service that returns two parameters to the client: 1. Response-Code - String 2. Reply-Message - String The SOAP client which will be written in PHP, needs to check the response code first, before looking at the Reply-Message. My problem is If I will start from POJO, how should I defined the method for this service? Or, what's the proper way of creating the service that returns multiple parameters? Any docs, tutorials, links will do... Thank in advance! Chino - Get the name you always wanted with the new y7mail email address.
Re: [Axis2] Thread
Hi, You could create a Singleton class which is instanciated by your service and then use that class to create a thread for whatever you need to do. I currently create a Singleton in an axis2 service to read in config and use it in the classes which make up my service. Hope this helps. Arlindo Luis Marcon Junior [EMAIL PROTECTED] wrote: Hi All... Doubt: Is possible to have a new Thread inside one service deployed in Axis2? Example: I have a Web Service which attend many clientes,,, with scope=request... In other words,,, many instances of the same service,,, one instance for each cliente... And I need one ( only one ) Thread ( or something like this ) to perform some tasks for me ( like monitoring my environment )... Question: Is possible do it? If Yes, where/how I could start, and stop, this Thread? Or has other elegant manner to do it? Any cue is welcome... Thanks all... -- Arlindo Luis Marcon Junior E-mail: [EMAIL PROTECTED] Internet Web Page: http://lattes.cnpq.br/6483462042489662 ICQ: 138864173 Curitiba - ParanĂ¡ - Brasil - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Send instant messages to your online friends http://au.messenger.yahoo.com
SAML token insertion using ServiceClient class.
Hi, Is it possible to insert a saml token which has been acquired from a third party into the soap request using ServiceClient class. Regards, Hardev - Get the name you always wanted with the new y7mail email address.
Re: SCT
exchange. We have you use case implemented in a slightly different approach: - Client contacts the STS and obtains a SAML token to talk to a service - The STS includes a symm key encrypted for the service within the SAML token - The RSTR (response from the STS to the client) will have that *same* symm key for the client to extract - (When using Rampart/Rahas the client uses org.apache.rahas.client.STSClient which will extract this information and bundle all of it into a org.apache.rahas.Token instance) - Now this SAML token (assertion) will be added to the Security header of the message from client to service and the symm key that is associated with the SAML token will be used to encrypt/sign the message as specified by the service policy. - At the service the SAML assertion in the Security header will be processed and the symm key will be extracted. - Processing at the service will use this extracted symm key to decrypt/verify signature where necessary. A sample client that does this sort of a message exchange is available here : [1] Now ... SCT usage scenario is usually a WS-SecureConversation scenario where rampart/rahas supports the application service it self to act as an STS. In this case since the service and the STS both are the same the symm key created is known at the service, and it is not included in the SecurityContextToken (SCT) itself. Are you sure you want to use this SCT scenario in the context of WS-SecureConversation or are you looking for a pure WS-Trust scenario as I explained above. Thanks, Ruchith 1. https://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/src/org/wso2/wsas/sample/sts/client/Client.java On Sat, Feb 23, 2008 at 3:06 AM, Hardev Sian wrote: Hi Dimuthu, I have had a look at that sample but it doesn't provide what I am looking for. My use case is that I have acquired a SCT from an STS service. I want to now embed that token in the outgoing request which can then be accessed by a callback handler. The callback handler can access the STS to get the symmetric key for that token and encrypt the outbound data with that. Similarly the callback at the handler can access the same to decrypt, the response can be handled in the same manner. I am just not familiar enough how to set the policies to achieve this. Any help in doing this is greatly appreciated. Thank you, Hardev Dimuthu Leelarathne wrote: Hi, You can find a SCT sample inside the rampart 1.3 distribution. samples/policy/sample04 Thank you, Dimuthu On Fri, 2008-02-22 at 16:52 +1100, Hardev Sian wrote: I know that rahas has been integrated into rampart but I was interested at looking at this example : http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/RahasScenario3Test.java which talks about using an acquired SCT token to secure the web service requests/responses. Can anybody help in locating this or something similar. Thanks, Hardev __ Get the name you always wanted with the new y7mail email address. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Get the name you always wanted with the new y7mail email address. -- http://blog.ruchith.org http://wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Get the name you always wanted with the new y7mail email address.
Re: SCT
Hi Ruchith, I used the config files from http://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/conf/ and copied the sts.policy.xml to services.xml and try and run the STS service but I get an invalid services.xml. [java] org.apache.axis2.deployment.DeploymentException: Invalid services.xm l found [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.pro cessServiceGroup(ArchiveReader.java:144) [java] at org.apache.axis2.deployment.ServiceDeployer.deploy(ServiceDep loyer.java:78) [java] at org.apache.axis2.deployment.repository.util.DeploymentFileDat a.deploy(DeploymentFileData.java:137) [java] at org.apache.axis2.deployment.DeploymentEngine.doDeploy(Deploym entEngine.java:571) [java] at org.apache.axis2.deployment.repository.util.WSInfoList.update (WSInfoList.java:141) [java] at org.apache.axis2.deployment.RepositoryListener.update(Reposit oryListener.java:318) [java] at org.apache.axis2.deployment.RepositoryListener.checkServices( RepositoryListener.java:220) [java] at org.apache.axis2.deployment.DeploymentEngine.loadServices(Dep loymentEngine.java:118) [java] at org.apache.axis2.deployment.FileSystemConfigurator.loadServic es(FileSystemConfigurator.java:146) [java] at org.apache.axis2.context.ConfigurationContextFactory.createCo nfigurationContext(ConfigurationContextFactory.java:78) [java] at org.apache.axis2.context.ConfigurationContextFactory.createCo nfigurationContextFromFileSystem(ConfigurationContextFactory.java:180) [java] at org.apache.axis2.transport.http.SimpleHTTPServer.main(SimpleH TTPServer.java:166) [java] Caused by: org.apache.axis2.AxisFault: Invalid services.xml found [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.bui ldServiceGroup(ArchiveReader.java:105) [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.pro cessServiceGroup(ArchiveReader.java:137) [java] ... 11 more [java] [SimpleHTTPServer] Started I have an STS service running from sample05 and so I tried to run the Client against that but I run into encryption problems, the reason I think is that I am not setting up the client keystore with the correct keys ( I am using the keystore from sample 05) as I don't have access to the files needed to build the client keystore as defined in build.xml from http://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/conf/ Hope you can help with this. Thanks, Hardev Ruchith Fernando [EMAIL PROTECTED] wrote: Hi Hardev, Your messages exchanges sounds fine up to the point where the callback handler accesses the STS to obtain the symm key. IMHO WS-Trust doesn't provide a specific way to obtain a key at this point of a standard WS-Trust exchange. We have you use case implemented in a slightly different approach: - Client contacts the STS and obtains a SAML token to talk to a service - The STS includes a symm key encrypted for the service within the SAML token - The RSTR (response from the STS to the client) will have that *same* symm key for the client to extract - (When using Rampart/Rahas the client uses org.apache.rahas.client.STSClient which will extract this information and bundle all of it into a org.apache.rahas.Token instance) - Now this SAML token (assertion) will be added to the Security header of the message from client to service and the symm key that is associated with the SAML token will be used to encrypt/sign the message as specified by the service policy. - At the service the SAML assertion in the Security header will be processed and the symm key will be extracted. - Processing at the service will use this extracted symm key to decrypt/verify signature where necessary. A sample client that does this sort of a message exchange is available here : [1] Now ... SCT usage scenario is usually a WS-SecureConversation scenario where rampart/rahas supports the application service it self to act as an STS. In this case since the service and the STS both are the same the symm key created is known at the service, and it is not included in the SecurityContextToken (SCT) itself. Are you sure you want to use this SCT scenario in the context of WS-SecureConversation or are you looking for a pure WS-Trust scenario as I explained above. Thanks, Ruchith 1. https://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/src/org/wso2/wsas/sample/sts/client/Client.java On Sat, Feb 23, 2008 at 3:06 AM, Hardev Sian wrote: Hi Dimuthu, I have had a look at that sample but it doesn't provide what I am looking for. My use case is that I have acquired a SCT from an STS service. I want to now embed that token in the outgoing request which can then be accessed by a callback handler. The callback handler can access the STS to get the symmetric key for that token and encrypt the outbound data
Re: SCT
Hi Ruchith, Please ignore my last email, I was just doing something really silly. I have managed to send a request to the STS service but I get a Unsupported WS-SecureConversation version response back, I think I shoul be able to work that out. Regards, Hardev Hardev Sian [EMAIL PROTECTED] wrote: Hi Ruchith, I used the config files from http://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/conf/ and copied the sts.policy.xml to services.xml and try and run the STS service but I get an invalid services.xml. [java] org.apache.axis2.deployment.DeploymentException: Invalid services.xm l found [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.pro cessServiceGroup(ArchiveReader.java:144) [java] at org.apache.axis2.deployment.ServiceDeployer.deploy(ServiceDep loyer.java:78) [java] at org.apache.axis2.deployment.repository.util.DeploymentFileDat a.deploy(DeploymentFileData.java:137) [java] at org.apache.axis2.deployment.DeploymentEngine.doDeploy(Deploym entEngine.java:571) [java] at org.apache.axis2.deployment.repository.util.WSInfoList.update (WSInfoList.java:141) [java] at org.apache.axis2.deployment.RepositoryListener.update(Reposit oryListener.java:318) [java] at org.apache.axis2.deployment.RepositoryListener.checkServices( RepositoryListener.java:220) [java] at org.apache.axis2.deployment.DeploymentEngine.loadServices(Dep loymentEngine.java:118) [java] at org.apache.axis2.deployment.FileSystemConfigurator.loadServic es(FileSystemConfigurator.java:146) [java] at org.apache.axis2.context.ConfigurationContextFactory.createCo nfigurationContext(ConfigurationContextFactory.java:78) [java] at org.apache.axis2.context.ConfigurationContextFactory.createCo nfigurationContextFromFileSystem(ConfigurationContextFactory.java:180) [java] at org.apache.axis2.transport.http.SimpleHTTPServer.main(SimpleH TTPServer.java:166) [java] Caused by: org.apache.axis2.AxisFault: Invalid services.xml found [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.bui ldServiceGroup(ArchiveReader.java:105) [java] at org.apache.axis2.deployment.repository.util.ArchiveReader.pro cessServiceGroup(ArchiveReader.java:137) [java] ... 11 more [java] [SimpleHTTPServer] Started I have an STS service running from sample05 and so I tried to run the Client against that but I run into encryption problems, the reason I think is that I am not setting up the client keystore with the correct keys ( I am using the keystore from sample 05) as I don't have access to the files needed to build the client keystore as defined in build.xml from http://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/conf/ Hope you can help with this. Thanks, Hardev Ruchith Fernando [EMAIL PROTECTED] wrote: Hi Hardev, Your messages exchanges sounds fine up to the point where the callback handler accesses the STS to obtain the symm key. IMHO WS-Trust doesn't provide a specific way to obtain a key at this point of a standard WS-Trust exchange. We have you use case implemented in a slightly different approach: - Client contacts the STS and obtains a SAML token to talk to a service - The STS includes a symm key encrypted for the service within the SAML token - The RSTR (response from the STS to the client) will have that *same* symm key for the client to extract - (When using Rampart/Rahas the client uses org.apache.rahas.client.STSClient which will extract this information and bundle all of it into a org.apache.rahas.Token instance) - Now this SAML token (assertion) will be added to the Security header of the message from client to service and the symm key that is associated with the SAML token will be used to encrypt/sign the message as specified by the service policy. - At the service the SAML assertion in the Security header will be processed and the symm key will be extracted. - Processing at the service will use this extracted symm key to decrypt/verify signature where necessary. A sample client that does this sort of a message exchange is available here : [1] Now ... SCT usage scenario is usually a WS-SecureConversation scenario where rampart/rahas supports the application service it self to act as an STS. In this case since the service and the STS both are the same the symm key created is known at the service, and it is not included in the SecurityContextToken (SCT) itself. Are you sure you want to use this SCT scenario in the context of WS-SecureConversation or are you looking for a pure WS-Trust scenario as I explained above. Thanks, Ruchith 1. https://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/src/org/wso2/wsas/sample/sts/client/Client.java On Sat, Feb 23, 2008 at 3:06 AM, Hardev Sian wrote: Hi Dimuthu, I have had a look at that sample but it doesn't provide
Re: SCT
Hi Ruchith, Thanks for the prompt reply, I feel the use case you suggest at the beginning is what I am looking for, I will be trying that out over the next day and let you know how I get on. Again thanks for your help. By the way I have only just using axis2 security modules and I think apache has done a wonderful job, I intend to learn axis2 in a lot more detail and hopefully it comes our standard infrastructure for web services. Regards, Hardev Ruchith Fernando [EMAIL PROTECTED] wrote: Hi Hardev, Your messages exchanges sounds fine up to the point where the callback handler accesses the STS to obtain the symm key. IMHO WS-Trust doesn't provide a specific way to obtain a key at this point of a standard WS-Trust exchange. We have you use case implemented in a slightly different approach: - Client contacts the STS and obtains a SAML token to talk to a service - The STS includes a symm key encrypted for the service within the SAML token - The RSTR (response from the STS to the client) will have that *same* symm key for the client to extract - (When using Rampart/Rahas the client uses org.apache.rahas.client.STSClient which will extract this information and bundle all of it into a org.apache.rahas.Token instance) - Now this SAML token (assertion) will be added to the Security header of the message from client to service and the symm key that is associated with the SAML token will be used to encrypt/sign the message as specified by the service policy. - At the service the SAML assertion in the Security header will be processed and the symm key will be extracted. - Processing at the service will use this extracted symm key to decrypt/verify signature where necessary. A sample client that does this sort of a message exchange is available here : [1] Now ... SCT usage scenario is usually a WS-SecureConversation scenario where rampart/rahas supports the application service it self to act as an STS. In this case since the service and the STS both are the same the symm key created is known at the service, and it is not included in the SecurityContextToken (SCT) itself. Are you sure you want to use this SCT scenario in the context of WS-SecureConversation or are you looking for a pure WS-Trust scenario as I explained above. Thanks, Ruchith 1. https://wso2.org/repos/wso2/trunk/wsas/java/modules/samples/sts-sample/src/org/wso2/wsas/sample/sts/client/Client.java On Sat, Feb 23, 2008 at 3:06 AM, Hardev Sian wrote: Hi Dimuthu, I have had a look at that sample but it doesn't provide what I am looking for. My use case is that I have acquired a SCT from an STS service. I want to now embed that token in the outgoing request which can then be accessed by a callback handler. The callback handler can access the STS to get the symmetric key for that token and encrypt the outbound data with that. Similarly the callback at the handler can access the same to decrypt, the response can be handled in the same manner. I am just not familiar enough how to set the policies to achieve this. Any help in doing this is greatly appreciated. Thank you, Hardev Dimuthu Leelarathne wrote: Hi, You can find a SCT sample inside the rampart 1.3 distribution. samples/policy/sample04 Thank you, Dimuthu On Fri, 2008-02-22 at 16:52 +1100, Hardev Sian wrote: I know that rahas has been integrated into rampart but I was interested at looking at this example : http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/RahasScenario3Test.java which talks about using an acquired SCT token to secure the web service requests/responses. Can anybody help in locating this or something similar. Thanks, Hardev __ Get the name you always wanted with the new y7mail email address. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Get the name you always wanted with the new y7mail email address. -- http://blog.ruchith.org http://wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Get the name you always wanted with the new y7mail email address.
Re: SCT
Hi Dimuthu, I have had a look at that sample but it doesn't provide what I am looking for. My use case is that I have acquired a SCT from an STS service. I want to now embed that token in the outgoing request which can then be accessed by a callback handler. The callback handler can access the STS to get the symmetric key for that token and encrypt the outbound data with that. Similarly the callback at the handler can access the same to decrypt, the response can be handled in the same manner. I am just not familiar enough how to set the policies to achieve this. Any help in doing this is greatly appreciated. Thank you, Hardev Dimuthu Leelarathne [EMAIL PROTECTED] wrote: Hi, You can find a SCT sample inside the rampart 1.3 distribution. samples/policy/sample04 Thank you, Dimuthu On Fri, 2008-02-22 at 16:52 +1100, Hardev Sian wrote: I know that rahas has been integrated into rampart but I was interested at looking at this example : http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/RahasScenario3Test.java which talks about using an acquired SCT token to secure the web service requests/responses. Can anybody help in locating this or something similar. Thanks, Hardev __ Get the name you always wanted with the new y7mail email address. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Get the name you always wanted with the new y7mail email address.
SCT
I know that rahas has been integrated into rampart but I was interested at looking at this example : http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/RahasScenario3Test.java which talks about using an acquired SCT token to secure the web service requests/responses. Can anybody help in locating this or something similar. Thanks, Hardev - Get the name you always wanted with the new y7mail email address.
