Re: WSS4J/Axis1 and .Net integration for web service security
Hello, I strong believe I did what you want to do in the past. Please refer to the article I use. Server is: FULLY Java (Axis 1.4 + WSS4J 1.5.3) .Net client used c# using dotnet framework 2.0 and Web Services enhancements 3.0 (WSE) Java client used Java, WSS4J 1.5.2 I manage to exchange message on the above configuration. Please refer to the article I wrote[1]. You may also find examples on the WSS4J distribution. Rgds. José FERREIRO ing.sys.com.dipl.EPFL [1] - http://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html On Thu, Dec 17, 2009 at 11:20 PM, mule_user s...@aol.com wrote: Can anyone share with me some good articles, or sample example on how to enable Sign and Encryption using X509 (self signed) certificate with .Net (WSE3) as a cleint and also as a server and Java web application as a client and also as a server? WSS4J web site is not thorough. -- View this message in context: http://old.nabble.com/WSS4J-Axis1-and-.Net-integration-for-web-service-security-tp26836052p26836052.html Sent from the Axis - User mailing list archive at Nabble.com. -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: character converted to lt; in request XML
Is this * *the payload? I had simular issue when using WSS4J, which if I am not wrong is within Rampart. I solved the solution by escaping the * *using appche commons utilities if I am not wrong. Both at client and server side. Hope this helps.* * On Wed, Nov 11, 2009 at 8:19 PM, Selvaraj, Peter (eBusiness) peter.selva...@thehartford.com wrote: Hi, I'm using Axis2 1.4 and Rampart 1.4 java client which creates the request xml and invokes the webservice. In the request xml, I can see the* * character is converted to* lt; * Because of this I get ErrorResponse from the webservice. Any idea how to avoid this character conversion. Thanks Regards, Peter R Selvaraj This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: character converted to lt; in request XML
This is a work around I found. It is a but into wss4j. This problem does not happend if you do not use encryption or other. See methods below on: http://commons.apache.org/lang/api/org/apache/commons/lang/StringEscapeUtils.html you should escape sent response by server org.apache.commons.lang.StringEscapeUtils.escapeXml and then on the client you should unscape received response org.apache.commons.lang.StringEscapeUtils.unescapeXml Hope this helps. On Wed, Nov 11, 2009 at 8:38 PM, Selvaraj, Peter (eBusiness) peter.selva...@thehartford.com wrote: Hi, Could you please let me know how did you solve this using apache common utilities? Any sample code you have? Thanks Regards, Peter R Selvaraj -- *From:* jose.ferre...@gmail.com [mailto:jose.ferre...@gmail.com] *On Behalf Of *José Ferreiro *Sent:* Wednesday, November 11, 2009 2:36 PM *To:* axis-user@ws.apache.org *Subject:* Re: character converted to lt; in request XML Is this * *the payload? I had simular issue when using WSS4J, which if I am not wrong is within Rampart. I solved the solution by escaping the * *using appche commons utilities if I am not wrong. Both at client and server side. Hope this helps.* * On Wed, Nov 11, 2009 at 8:19 PM, Selvaraj, Peter (eBusiness) peter.selva...@thehartford.com wrote: Hi, I'm using Axis2 1.4 and Rampart 1.4 java client which creates the request xml and invokes the webservice. In the request xml, I can see the* * character is converted to* lt; * Because of this I get ErrorResponse from the webservice. Any idea how to avoid this character conversion. Thanks Regards, Peter R Selvaraj This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Is WRAPPED LITERAL web service not compatible for C# clients?
Hello, in order to achieve interoperability with C# I have: service name= provider=java:RPC style=*document* use=literal There was also another thing, but I do not remember now. I know it was about the namimg and they should be the same... Maybe this after I see on my deployed WS. operation name=geXYZ qname=getXYZ ... in your case: qname=operNS:findPersons - qname=findPersons remove the namespace adn you will see. Hope this helps! Let me know. José Ferreiro EPFL On Tue, Sep 29, 2009 at 6:39 PM, Srinivasa K kusampudi.a...@gmail.comwrote: Thank you very much for your reply on this. We dont have C# connectivity issue. Below is the wsdd file where style is wrapped and use is literal. This is not working from C# client. The response has null references. But, in server side, we clearly see incoming and outgoing soap messages. If I change style to rpc and use to encoded, C# client gettting the results without changing anything esle. I dont know whats missing here. I really appreciate if you have any clue on this. Please note that I changed some namespace in the below wsdd file just for company privacy. + service name=perservice provider=java:RPC style=wrapped use=literal requestFlow handler type=credentialHandler / /requestFlow parameter name=wsdlTargetNamespace value= https://us.org.test/WS/services/perservice/https://us.org.test/WS/services/perservice%22/ parameter name=wsdlServiceElement value=PersonService/ parameter name=schemaQualified value= https://us.org.test/WS/services/perservice,http://data.ws.test.org.us/https://us.org.test/WS/services/perservice,http://data.ws.test.org.us%22/ parameter name=wsdlServicePort value=perservice/ parameter name=className value=us.org.test.ws.PersonServiceImpl/ parameter name=wsdlPortType value= PersonService/ parameter name=typeMappingVersion value=1.2/ operation name=findPersons qname=operNS:findPersons xmlns:operNS=https://us.org.test/WS/services/perservice; returnQName=retNS:findPersonsReturn xmlns:retNS= https://us.org.test/WS/services/perservice; returnType=rtns: WSSearchResult xmlns:rtns=http://data.ws.test.org.us; soapAction= parameter qname=pns:in0 xmlns:pns= https://us.org.test/WS/services/perservice; type=tns: WSSearchCriteria xmlns:tns=http://data.ws.test.org.us/ http://data.ws.test.org.us%22/ /operation . . . . . + Thanks, Srini 2009/9/26 José Ferreiro jose.ferre...@a3.epfl.ch Hello, I am using Wrapped and it works well with Java and C# dotnet 2.0 See links below. ht tp://magnot.blogspot.com/2008/04/secure-web-services-interoperability.htmlhttp://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html Hope this helps. José Ferreiro On Fri, Sep 25, 2009 at 11:22 PM, Srinivasa K kusampudi.a...@gmail.com wrote: We are having issue with WRAPPED LITERAL web service for our C# clients. The response object contains nulls. But, If I use RPC ENCODED, they are working fine. I see some discouragement to use the RPC ENCODED. I really appreciate if somebody suggest the right use and style of WSDL for both Java and C# clients. We produce web services using Axis1.4 Thanks, Srini -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: how to set timeout in axis 1.4 web service client
Hello Ashish, In order to complement the previously answer from Bauer, please take a look here: http://wiki.apache.org/ws/FrontPage/Axis/JavaTimeout Hope this helps. José Ferreiro On Wed, Sep 30, 2009 at 8:40 PM, Ashish Kulkarni ashish.kulkarn...@gmail.com wrote: HiThanks, do you have example of getting MessageContext and setting this message context to stub, all i have in my program is ExecutePortTypeBindingStub stub = new ExecutePortTypeBindingStub(new URL(endPoint), null); stub.callMethod(parameter) On Wed, Sep 30, 2009 at 1:34 PM, Bauer Horscht bauer.hors...@gmx.dewrote: In a custom handler, you can directly set it on the MessageContext object (mc): mc.setTimeout(120*1000); //120 seconds Ashish Kulkarni schrieb: Hi How do we set connection timeout in axis 1.4 web service client, i think default is 10 minutes, I want to timeout if web service does not respond in 2 minutes, how can i do so -- Ashish www.ayurwellness.com http://www.ayurwellness.com www.mysoftwareneeds.com http://www.mysoftwareneeds.com -- Ashish www.ayurwellness.com www.mysoftwareneeds.com -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Is WRAPPED LITERAL web service not compatible for C# clients?
Hello, I am using Wrapped and it works well with Java and C# dotnet 2.0 See links below. http://magnot.blogspot.com/2008/04/secure-web-services-interoperability.htmlhttp://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html Hope this helps. José Ferreiro On Fri, Sep 25, 2009 at 11:22 PM, Srinivasa K kusampudi.a...@gmail.comwrote: We are having issue with WRAPPED LITERAL web service for our C# clients. The response object contains nulls. But, If I use RPC ENCODED, they are working fine. I see some discouragement to use the RPC ENCODED. I really appreciate if somebody suggest the right use and style of WSDL for both Java and C# clients. We produce web services using Axis1.4 Thanks, Srini -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: activation.jar and mailapi.jar are missing from the download
Dear Hetal, You may download the missing jars for example by using http://www.findjar.com/ Then, place the jar in the corresponding folder. Have a great day. HTH, José Ferreiro On Thu, Jun 11, 2009 at 1:45 AM, Hetal Desai desa...@yahoo.com wrote: Hello, I downloaded Axis 1.4 Zip but its missing activation.jar and mailapi.jar. I tried downloading from different mirror sites but still didnot have this file. I need these files to use wsdl2java for Siebel CRM OD wsdl. Appreciate your help, Thanks, Hetal -- José Ferreiro MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: wss4j with Axis 1( no Axis2) comunicating with WSE3 configured webservice
Hello! I successfully made a secure dotnet client using the dotnet. 2.0 and Web services enhancement 3.0 (WSE 3.0) talking to axis 1.4 and wss4j 1.5.3 [1] with *x509 v3 certificates*. See this page which helps me as a start [2]! There is the equivalent file of client.wsdd in the dotnet framework nammed as web.config. In my project I called it [3] wse3PolicyCache.config. The name does not matter... Happy Axis and Happy coding! José Ferreiro [1]- http://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html [2]- http://erlend.oftedal.no/blog/?blogid=12 [3]- http://bp1.blogger.com/_SFCs1WYrqtY/SBXPETktd3I/AXE/nNI7mNpQS6c/s1600-h/visualStudio.png [4]- http://bp0.blogger.com/_SFCs1WYrqtY/SBXILDktdzI/AWk/9wqequ_9vNk/s1600-h/pfx-pkcs12-1.PNG On Fri, May 29, 2009 at 6:39 PM, Wishing Carebear wishing.careb...@gmail.com wrote: Hello: I'm using wss4j with Apache Axis 1.4 (no Axis2). Wondering if someone could provide what should be the equivalent client.wsdd file for the following policy file. I have tried posting this in wss4j newsgroup but could not get any response. Hoping some one could give me some pointers. Thanks. policies xmlns=http://schemas.microsoft.com/wse/2005/06/policy; extensions extension name=usernameForCertificateSecurity type=Microsoft.Web.Services3.Design.UsernameForCertificateAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 / extension name=x509 type=Microsoft.Web.Services3.Design.X509TokenProvider, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 / extension name=requireActionHeader type=Microsoft.Web.Services3.Design.RequireActionHeaderAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 / /extensions policy name=usernameTokenSecurity usernameForCertificateSecurity establishSecurityContext=true renewExpiredSecurityContext=true requireSignatureConfirmation=false messageProtectionOrder=SignBeforeEncrypt requireDerivedKeys=true ttlInSeconds=300 serviceToken x509 storeLocation=LocalMachine storeName=AddressBook findValue=CN=TMPDMDevelopment findType=FindBySubjectDistinguishedName / /serviceToken protection request signatureOptions=IncludeAddressing, IncludeTimestamp, IncludeSoapBody encryptBody=true / response signatureOptions=IncludeAddressing, IncludeTimestamp, IncludeSoapBody encryptBody=true / fault signatureOptions=IncludeAddressing, IncludeTimestamp, IncludeSoapBody encryptBody=false / /protection /usernameForCertificateSecurity requireActionHeader / /policy /policies
Re: Axis 1.3 webservice C# client
Hello Santosh, I assume that you already have a wsdl. Then to work with C# you may use the wsdl.exe tool provided by Microsoft. I suggest you to use at least .Net framework 2.0. See those links [1], [2]. It is possible you may face some interoperabilitiy issues. For that refer to the samples in the axis 1.3 package. Hope this helps. Warmest regards José [1] - http://msdn.microsoft.com/en-us/library/7h3ystb6(VS.80).aspx [2] - http://developer.searchmarketing.yahoo.com/docs/V4/sample_code/net.php On Mon, Mar 23, 2009 at 8:06 AM, sh_santosh santosh.nc...@gmail.com wrote: Dear Vali, How to write C# client code to access/consume Axis 1.3 web services developed in java. Please reply. Regards, Santosh Vali Grigoras wrote: Hello, I have some Axis webservices protect the service with user and password using WSS4J. I can connect to the webservice via java client no problem, but I need to do the same from C# client. I don't know how to provide user credentials from a C# client. Have you guys done anything like that?. Thanks, Vali -- View this message in context: http://www.nabble.com/Axis-1.3-webservice-C--client-tp5749022p22655163.html Sent from the Axis - User mailing list archive at Nabble.com.
Re: Axis 1.3 webservice C# client
Hello again Santosh, If it is a secure client you need to use the Web Service Enhancements (WSE) from Microsoft [1] and use wsewsdl3.exe command to generate a proxy if you choose to use WSE version 3.0. Hope this helps. Rgds, /JF [1] - http://msdn.microsoft.com/en-us/library/aa529578.aspx 2009/3/23 José Ferreiro jose.ferre...@gmail.com Hello Santosh, I assume that you already have a wsdl. Then to work with C# you may use the wsdl.exe tool provided by Microsoft. I suggest you to use at least .Net framework 2.0. See those links [1], [2]. It is possible you may face some interoperabilitiy issues. For that refer to the samples in the axis 1.3 package. Hope this helps. Warmest regards José [1] - http://msdn.microsoft.com/en-us/library/7h3ystb6(VS.80).aspxhttp://msdn.microsoft.com/en-us/library/7h3ystb6%28VS.80%29.aspx [2] - http://developer.searchmarketing.yahoo.com/docs/V4/sample_code/net.php On Mon, Mar 23, 2009 at 8:06 AM, sh_santosh santosh.nc...@gmail.comwrote: Dear Vali, How to write C# client code to access/consume Axis 1.3 web services developed in java. Please reply. Regards, Santosh Vali Grigoras wrote: Hello, I have some Axis webservices protect the service with user and password using WSS4J. I can connect to the webservice via java client no problem, but I need to do the same from C# client. I don't know how to provide user credentials from a C# client. Have you guys done anything like that?. Thanks, Vali -- View this message in context: http://www.nabble.com/Axis-1.3-webservice-C--client-tp5749022p22655163.html Sent from the Axis - User mailing list archive at Nabble.com.
Re: Axis 1.3 webservice C# client
Hello Santosh, Well, I am using wrapped document/literal convention as this is the one to achieve interoperability between Microsoft .net and Java server side based on Axis 1.x. I can not say for RPC/encoded but according to Anne Thomas Manes[1] .net doesn't support rpc/literal. Hope this helps. Jose Ferreiro [1] - http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.htmlby Anne Thomas Manes On Mon, Mar 23, 2009 at 9:47 AM, sh_santosh santosh.nc...@gmail.com wrote: Dear Jose, Can you please provide some link from where i can know about - How to consume Axis 1.3 RPC/encoded web services from C# client program. Any specific attributes / value need to put while consuming from C# client program in client program. Regards, Santosh José Ferreiro wrote: Hello Santosh, I assume that you already have a wsdl. Then to work with C# you may use the wsdl.exe tool provided by Microsoft. I suggest you to use at least .Net framework 2.0. See those links [1], [2]. It is possible you may face some interoperabilitiy issues. For that refer to the samples in the axis 1.3 package. Hope this helps. Warmest regards José [1] - http://msdn.microsoft.com/en-us/library/7h3ystb6(VS.80).aspxhttp://msdn.microsoft.com/en-us/library/7h3ystb6%28VS.80%29.aspx [2] - http://developer.searchmarketing.yahoo.com/docs/V4/sample_code/net.php On Mon, Mar 23, 2009 at 8:06 AM, sh_santosh santosh.nc...@gmail.com wrote: Dear Vali, How to write C# client code to access/consume Axis 1.3 web services developed in java. Please reply. Regards, Santosh Vali Grigoras wrote: Hello, I have some Axis webservices protect the service with user and password using WSS4J. I can connect to the webservice via java client no problem, but I need to do the same from C# client. I don't know how to provide user credentials from a C# client. Have you guys done anything like that?. Thanks, Vali -- View this message in context: http://www.nabble.com/Axis-1.3-webservice-C--client-tp5749022p22655163.html Sent from the Axis - User mailing list archive at Nabble.com. -- View this message in context: http://www.nabble.com/Axis-1.3-webservice-C--client-tp5749022p22656194.html Sent from the Axis - User mailing list archive at Nabble.com.
Re: Error in signature with X509Token
Looks like the file *server.jks* cannot be loaded keys\\server.jks and not found. Try to type the whole path.. or keys/server.jks Whole localtion path c:/tomcat/foldername/foldername/keys/server.jks HTH, Rgds, Jose Ferreiro On Mon, Feb 9, 2009 at 11:41 AM, TomazM tomaz.majerh...@arnes.si wrote: I still have problem, now I get error: .. org.apache.ws.security.util.Loader - Caught Exception while in Loader.getResource. This may be innocuous. java.lang.NullPointerException ... org.apache.ws.security.components.crypto.Merlin cannot create instance What did you write in service.xml? Regard, Tomaz Erwin Reinhoud wrote: Hello Tomaz, In my sanbox env i have put the file in the tomcat bin dir and no path indication in service.xml. Regards, Erwin -Oorspronkelijk bericht- Van: TomazM [mailto:tomaz.majerh...@arnes.si] Verzonden: donderdag 5 februari 2009 12:13 Aan: axis-user@ws.apache.org Onderwerp: Re: Error in signature with X509Token I'm using rampart version 1.4, but it seem as the rampart(org.apache.ws.security.crypto.merlin.file) doesn't pick the keystore, because I change the name to a nonexistent file and I don't get any error that file don't exist. Regards, Tomaz Erwin Reinhoud wrote: Hello Tomaz, Try also using rampart version 1.4 io 1.3. Regards, Erwin -- -- *Van:* m4rkuz [mailto:m4r...@gmail.com] *Verzonden:* woensdag 4 februari 2009 15:16 *Aan:* axis-user@ws.apache.org *Onderwerp:* Re: Error in signature with X509Token Hi Tomaz, I think you should attach you'r policy.xml file and your services.xml, and maybe an example of the soap message generated, so it could be esiar to help you. Marcus V. Sánchez D. __ Enterprise Developer. Sun Certified Java Programmer (SCJP) On Wed, Feb 4, 2009 at 9:08 AM, TomazM tomaz.majerh...@arnes.si mailto:tomaz.majerh...@arnes.si wrote: Env: OS: Microsoft Windows XP [Version 5.1.2600] java: Java(TM) SE Runtime Environment (build 1.6.0_10-b33) Tomcat: 6.0.16 Axis2: 1.4.1 Rampart: 1.3 I'm trying to sign message with my CallbackHandler and wsp:Policy, keys are in keystore of JKS type(server.jks and client.jks) 1) In service.xml I have: . ramp:passwordCallbackClassrampart.sign.service.SecurityHandler/ramp:passwordCallbackClass ramp:signatureCrypto ramp:crypto provider=org.apache.ws.security.components.crypto.Merlin ramp:property name=org.apache.ws.security.crypto.merlin.keystore.typeJKS/ramp:property ramp:property name=org.apache.ws.security.crypto.merlin.filekeys\\server.jks/ramp:property ramp:property name=org.apache.ws.security.crypto.merlin.keystore.password/ramp:property /ramp:crypto 2) In client I also have my CallbackHandler and applying RampartConfig which use client.jks(contain server key) The finger print of server and client certificates are the same in both keystore. Error: org.apache.axis2.AxisFault: Error in signature with X509Token at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:1 63) Is anybody have a clue what I'm doing wrong Best regards, Tomaz
Re: Design AXIS2 web service for .NET
Hello, This information is provided for explanation. You would like to have a VB .net client. The explanations provided below (Martin's mail) are for a C# (c-sharp) .net client. If you are using .net 2.0 the you may find the program wsdl.exe in the installed .net package in your computer. Hope those explanations provided you additional help to the excellent one provided by Martin below and the link he provided to his example. HTH too. Rgds, jose ferreiro On Fri, Jan 23, 2009 at 6:29 PM, Martin Gainty mgai...@hotmail.com wrote: http://my.execpc.com/~gopalan/dotnet/webservices/webservice_csharp_client.htmlhttp://my.execpc.com/%7Egopalan/dotnet/webservices/webservice_csharp_client.html Create the .NET Service call from the WSDL wsdl /l:CS /protocol:SOAP http://localhost/ServerName/ServerServiceName.asmx?wsdl then compile the service csc /t:library /r:System.WebServices.sll /r:System.xml.dll OIDServer.cs then create the client wsdl /l:CS /protocol:SOAP http://localhost/OIDServer/OIDServer.asmx?WSDL wsdl /l:CS /protocol:HttpGet http://localhost/OIDServer/OIDServer.asmx?WSDL wsdl /l:CS /protocol:HttpPost http://localhost/OIDServer/OIDServer.asmx?WSDL Now compile csc /t:library /r:System.Web.Services.dll /r:System.Xml.dll OIDServer.cs HTH Martin Gainty __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Fri, 23 Jan 2009 08:25:44 -0800 From: mathias.muel...@etc-consult.de To: axis-user@ws.apache.org Subject: Design AXIS2 web service for .NET Hello, I'm new to AXIS2 web services. I have studied the POJO Weather example of the AXIS2 user guide. The example runs fine. Now I have a question to make this web service available for a VB .NET client. How can I get access to the methods of the Weather class? Do I have to make these methods available in the WeatherService class and is this the right design pattern for this case? I have access to the methods setWeather(...) and getWeather() from the .NET client. Best regards, etcuser -- View this message in context: http://www.nabble.com/Design-AXIS2-web-service-for-.NET-tp21627641p21627641.html Sent from the Axis - User mailing list archive at Nabble.com. -- Windows Live™ Hotmail(R)…more than just e-mail. See how it works.http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howitworks_012009 -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: List of free webservices
archive at Nabble.com. -- José Ferreiro Systems Analysis and Design Specialist MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: .NET Web Service is accessed by java program
Hello Ferry, You need to generate the proxy with the tool wsdl.exe that is in the dotnet framework 2.0 After you generate the proxy you need to write your client. See an example here. Hope this helps. Warmest regards, José Ferreiro On Thu, Nov 27, 2008 at 12:16 PM, ibrahim demir [EMAIL PROTECTED]wrote: Hi; No matter if it is .net or in other language. If you can reach the wsdl file you can generate the code with wsdl2java or Axis2 codegen eclipse plugin. And use the ganareted stub for that: http://wso2.org/library/1719 Also you can use the RPC style : http://ws.apache.org/axis2/1_1/pojoguide.html#servicedef Yours Ibrahim DEMIR CyberSoft Yazilim Muh. http://www.ibrahimdemir.org -- *From:* Ferry Sumendap [EMAIL PROTECTED] *To:* axis-user@ws.apache.org *Sent:* Thursday, November 27, 2008 12:32:48 PM *Subject:* .NET Web Service is accessed by java program Hello everybody, I am looking for a sample code how java access / call /execute functions which are available at .NET Web Service (.NET framework 2.0). The java program should retrieve the XML response (output) from the web service . If anyone knows tutorial about this matter, please let me know the url... :) Thank you very much. Regards, Ferry -- José Ferreiro MSc in Communication Systems, EPFL.
Re: Cyrillic characters.
Thank you Ognjen, You are correct about your statement. I also suceeded without any problem to do the excaping for lt;/codeDescriptiongt; - /codeDescription As I am developping in a English (Western country) environment with eclipse I cannot display the word *Основное *from * #x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435;* in the Eclipse console (I mean when I do a System.out.println). This is due in my understanding because I am working with Latin encoding and I should change my environment (of the Console output) to another encoding thing that I do not want to do. May I ask you which is your Environment setting in your machine (Russian KOI)? Thank you Ognjen. Rgds, /JF On Thu, Nov 13, 2008 at 3:17 PM, Ognjen Blagojevic [EMAIL PROTECTED]wrote: José Ferreiro wrote: Item#x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435; lt;/codeDescriptiongt;lt;/errorCodeItemgt;/Item Does anyone has an idea how I can get the encoded word/phrase back to cyrillic in the client? I assume that it is UTF-8 encoded... Actually, this is XML encoding. You can use apache commons class StringEscapeUtils[1] to work with it. For the given string, System.out.println(StringEscapeUtils.unescapeXml(#x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435; lt;/codeDescriptiongt;lt;/errorCodeItemgt;)); prints Основное /codeDescription/errorCodeItem (Osnovnoe in cyrillic). -Ognjen [1] http://commons.apache.org/lang/api-release/org/apache/commons/lang/StringEscapeUtils.html - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro MSc in Communication Systems, EPFL. Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Cyrillic characters.
Thank you Ognjen. I tried this and I see you logic but it is not working! Well for me it is not the most important to see the data in the Output Console (well it will help but as far as I know that the data is transfered this is the most important). I am trying now to develop a GUI to see better what I may display or not... Thank you once again Ognjen! On Thu, Nov 13, 2008 at 4:57 PM, Ognjen Blagojevic [EMAIL PROTECTED]wrote: As I am developping in a English (Western country) environment with eclipse I cannot display the word *Основное *from *#x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435;* in the Eclipse console (I mean when I do a System.out.println). Just try this: Run, Open run dialog... then locate the class where the main method is, then select Arguments tab, and write -Dfile.encoding=UTF-8 in VM arguments text field. Then, select Common tab, and for Console Encoding select Other: UTF-8. After that, you should be able to see cyrillic characters on the console. -Ognjen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cyrillic characters.
Martin, I fully agree with you! I will develop a GUI and I will see better those problems. Thank you for your advice. PS: The display from the received XML message works in the Browser. But some problems arises when I apply WSS4J (encryption + signature) due to the following error: org.apache.xml.security.encryption.XMLEncryptionException: An invalid XML character (Unicode: 0x1e) was found in the element content of the document. Therefore I think I will escape XML of those characters: #x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435 from the DB... Thank you Martin. . 2008/11/13 Martin Gainty [EMAIL PROTECTED] the problem is accomodating input and display for cyrillic characters you should implement all of the features DB, AppServer as well as KB and Browser configurations on a separate machine so to maintain input (Keyboard) and display (browser)cleanly separated (and operational) for either latin or cyrillic Martin __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. Date: Thu, 13 Nov 2008 16:57:57 +0100 From: [EMAIL PROTECTED] To: axis-user@ws.apache.org Subject: Re: Cyrillic characters. As I am developping in a English (Western country) environment with eclipse I cannot display the word *Основное *from *#x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435;* in the Eclipse console (I mean when I do a System.out.println). Just try this: Run, Open run dialog... then locate the class where the main method is, then select Arguments tab, and write -Dfile.encoding=UTF-8 in VM arguments text field. Then, select Common tab, and for Console Encoding select Other: UTF-8. After that, you should be able to see cyrillic characters on the console. -Ognjen - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Stay up to date on your PC, the Web, and your mobile phone with Windows Live Click here http://clk.atdmt.com/MRT/go/119462413/direct/01/ -- José Ferreiro MSc in Communication Systems, EPFL.
Encoding of non latin characters (Cyrillic)
Hello all, I have the Russian Word (taken as example): *Основное* that is encoded as UTF-8 by axis as: #x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435; (a) I may transmit this kind of information in a XML well formed packet using axis 1.4 after a client request from the server to the client again. There is no problem. The deserialization works perfectly. However if I try to transmit applying wss4j with encryption signature and timestamp the following error arises: org.apache.xml.security.encryption.XMLEncryptionException: An invalid XML character (Unicode: 0x1e) was found in the element content of the document. Therefore in order to avoid invalid characters in the packet I decide then to escape all XML chars using org.apache.commons.lang.StringEscapeUtils.escapeXML [1] In the client in order to recover the original world I decide to do an unescapeXML [1], which gives this Unicode string: #1054;#1089;#1085;#1086;#1074;#1085;#1086;#1077; (b) First, it should be concluded that I am not getting the same Unicode string as at the beginning (a) where [(a) != (b)] I was then wondering what kind of encoding I got. I looked at this web site http://2cyr.com/decode/?lang=en to understand more and it looks like I got windows-1251 (see [2]) that can be displayed in a browser as encoding=iso8859-1. *My question is: Why didn't i get UTF-8 and how is it possible I got (b) ?* Thank you for your reading and any comments you might have. José Ferreiro Many thanks to Martin Gainty and Ognjen Blagojevic for already commeting and helping in another thread I posted. [1] - http://commons.apache.org/lang/api-release/org/apache/commons/lang/StringEscapeUtils.html [2] - http://en.wikipedia.org/wiki/CP1251 PS: Thanks to Martin and -- José Ferreiro MSc in Communication Systems, EPFL.
Cyrillic characters.
Hello I am providing data in cyrillic characters using Axis 1.x. The tag in the SOAP response looks like: Item#x41E;#x441;#x43D;#x43E;#x432;#x43D;#x43E;#x435; lt;/codeDescriptiongt;lt;/errorCodeItemgt;/Item Does anyone has an idea how I can get the encoded word/phrase back to cyrillic in the client? I assume that it is UTF-8 encoded... Thank you! -- José Ferreiro MSc in Communication Systems, EPFL.
Re: Problems with wss4j and timestamp
Hola Tomas! Try using this parameter: parameter name=*disablePrettyXML* value=true/ Although this is much for the signature, but you never know! Un saludo On Thu, Sep 18, 2008 at 4:47 PM, Nandana Mihindukulasooriya [EMAIL PROTECTED] wrote: Hi Thomas, Are you using Axis2 or Axis ? I assume you are using Axis. There is a property in WSSConfig in WSS4J called precisionInMilliSeconds. You must be able to set it to false using configuration. Sometimes having mili second precision in the time stamp cause a problem in the .NET side. thanks, nandana On Thu, Sep 18, 2008 at 8:05 PM, Tomás Tormo [EMAIL PROTECTED] wrote: Greetings I'm implementing a secure webservice client using wss4j wich is supposed to use only signature Soap messages (I'm using it to communicate with a public webservice server). In the beginning I had the following problem: faultString: WSDoAllReceiver: security processing failed (actions number mismatch) After searching for a while I discovered that if the server is implemented in .NET, it always needs the message to be timestamped. So, just in case it was the reason of the problem (and while they send me the correct specification), I tried to add timestaping to the actions of the WSDoAllSender with the following order: parameter name=action value=Signature Timestamp/ and then the error is different, now it says: WSDoAllReceiver: security processing failed; nested exception is: org.apache.ws.security.WSSecurityException: An error was discovered processing the wsse:Security header. (WSSecurityEngine: Invalid timestamp {0}); nested exception is: java.text.ParseException: Unparseable date: 2008-09-18T14:29:10.722Z that looks like the timestamp format is not correct. I was thinking that maybe the problem was the time location difference, but i've seen on the internet that in that case the error is different (and can be solved by the timetolive parameter). I tried to put the Signature and Timestamp in opposite way but I get the same error. Could anybody help me? Thank you very much -- Un saludo, Tomás Tormo Franco Indenova, S.L. Tels.: +34 963 81 99 47 ext.519http://www.indenova.commailto:[EMAIL PROTECTED] [EMAIL PROTECTED] -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org -- Jose Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: Problem verifying the signature with wss4j
Hello Tomás, May/Did you try using the certificates in the interop folder from the wss4j 1.5.3 distribution? Maybe you have a problem with your certificate. Is it a self-signed certificate? Regards, Jose Ferreiro On Wed, Sep 3, 2008 at 2:30 PM, Tomás Tormo [EMAIL PROTECTED] wrote: Greetings I'm trying to write an webservice client wich uses signed SOAP messages in order to communicate. For this, i'm using wss4j 1.5.3 with axis 1.4. I've succesfully wrote the client code wich signs the message and sends it to the server, but i'm getting the following error: WSDoAllReceiver: security processing failed; nested exception is: org.apache.ws.security.WSSecurityException: The signature verification failed (The provided certificate is invalid) As far as i know (by reading posts in the internet) this is caused because the XML is modified after it is signed. I've tried to set the disablePrettyXML to true and the enableNamespacePrefixOptimization to false, but it didn't work... I've read in other posts that this could be caused by the default blank namespaces added by Axis (when I checked the XML thanks to TCPMonitor, i could see that the attributes of the sent objects had no namespace, but the object itself had). Does anybody have any solution for this problem? Could be possible to disable the default namespace in axis? Thank you very much -- Un saludo, Tomás Tormo Franco Indenova, S.L. Tels.: +34 963 81 99 47 ext.519 http://www.indenova.com mailto:[EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Jose Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: *SPAM* RE: *SPAM* RE: Problem verifying the signature with wss4j... Good News!!
Correct Frank, Why don't you get the right certificate you need that is issued and signed by the correct third party? Un saludo. José On Wed, Sep 3, 2008 at 7:09 PM, Tomás Tormo [EMAIL PROTECTED] wrote: Good news!!! After changing the keystore for interop2.jks, and using alice as alias the exception changed :). Now it looks like this: WSDoAllReceiver: The certificate used for the signature is not trusted I'm trying the webservice client against a public webservice, that's why I think this exception is pretty normal, cause this certificate is self-signed, and the public webservice maybe needs a trusted certificate. Am I right? Thank you very much Tomás Tormo escribió: Sorry, my mistake, the client_deploy.wsdd file I'm using is the following one: deployment xmlns=http://xml.apache.org/axis/wsdd/;http://xml.apache.org/axis/wsdd/xmlns:java= http://xml.apache.org/axis/wsdd/providers/java;http://xml.apache.org/axis/wsdd/providers/java transport name=http pivot=java:org.apache.axis.transport.http.HTTPSender/ globalConfiguration requestFlow handler name=DoSecuritySender type=java:org.apache.ws.axis.security.WSDoAllSender parameter name=passwordCallbackClass value=pruebawebserviceregistraduria.PWCallback/ parameter name=user value=sample/ parameter name=action value=Signature/ parameter name=signaturePropFile value=crypto.properties / parameter name=signatureKeyIdentifier value=DirectReference / /handler /requestFlow responseFlow handler name=DoSecurityReceiver type=java:org.apache.ws.axis.security.WSDoAllReceiver parameter name=passwordCallbackClass value=pruebawebserviceregistraduria.PWCallback/ parameter name=action value=Signature/ parameter name=signaturePropFile value=crypto.properties / /handler /responseFlow /globalConfiguration /deployment Thank you Tomás Tormo escribió: Ok, sorry i didn't see the link... Anyway i would like to ask you why you don't use DirectReference as signatureKeyIdentifier instead of X509KeyIdentifier.Is the server able to verify the sign just with that? The client_deploy.wsdd file I was using was the following one (now it's a mix of several xD): ?xml version=1.0 encoding=UTF-8? deployment xmlns=http://xml.apache.org/axis/wsdd/;http://xml.apache.org/axis/wsdd/xmlns:java= http://xml.apache.org/axis/wsdd/providers/java;http://xml.apache.org/axis/wsdd/providers/java transport name=java pivot=java:org.apache.axis.transport.java.JavaSender/ transport name=http pivot=java:org.apache.axis.transport.http.HTTPSender/ transport name=local pivot=java:org.apache.axis.transport.local.LocalSender/ globalConfiguration parameter name=disablePrettyXML value=true/ parameter name=enableNamespacePrefixOptimization value=true/ requestFlow handler type=java:org.apache.ws.axis.security.WSDoAllSender parameter name=action value=Signature/ parameter name=passwordCallbackClass value=PWCallback/ parameter name=user value=sample/ parameter name=signaturePropFile value=crypto.properties / parameter name=signatureKeyIdentifier value=DirectReference / parameter name=encryptionSymAlgorithm value= http://www.w3.org/2001/04/xmlenc#aes128-cbc;http://www.w3.org/2001/04/xmlenc#aes128-cbc/ parameter name=encryptionKeyTransportAlgorithm value= http://www.w3.org/2001/04/xmlenc#rsa-1_5;http://www.w3.org/2001/04/xmlenc#rsa-1_5/ /handler /requestFlow responseFlow handler type=java:org.apache.ws.axis.security.WSDoAllReceiver parameter name=passwordCallbackClass value=PWCallback/ parameter name=action value=Signature/ parameter name=signaturePropFile value=crypto.properties / /handler /responseFlow /globalConfiguration Martin Gainty escribió: TomasBR the provided example works with WSS4J ..specificallyBR *WSS4J configuration*BR Below is the important parts from the deployment .wsdd-file for the web service. The test.PWCallback BR class is a simple class returning the password of the private key in the keystore. I used the same BR crypto.properties as the one supplied as wsstest.properties in the interop-folder. As you can see I have BR specified which algorithms to use for the session key and ecrypted session key (RSA15 and AES128). BR Did you try?BR SaludosBR Martin BR __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. -- Date: Wed, 3 Sep 2008 16:10:30 +0200 From: [EMAIL PROTECTED] To: axis-user@ws.apache.org Subject: Re: *SPAM* RE: Problem verifying the signature with wss4j Thank you very
Re: Can I transfer/response an JPG or PDF file from server to client via AXIS 1.x?
Hi Thomas, Yes you may send a PDF file as it is a binary file as well. For that you need to adapt the MIME in the SOAP message ( Multipurpose Internet Mail Extensions) type. e.g. mime:multipartRelated mime:part soap:body parts=body use=literal/ /mime:part mime:part mime:content part=pdf type=application/pdf/ /mime:part /mime:multipartRelated For more info about the MIME types pleaser refer [1] [2]. Hope this helps. Jose [1] - Format of Internet Message Bodies ( ftp://ftp.isi.edu/in-notes/rfc2045.txt) [2] - Media Types (ftp://ftp.isi.edu/in-notes/rfc2046.txt). On Wed, Aug 27, 2008 at 1:27 PM, thomas2004 [EMAIL PROTECTED] wrote: Hi Jose, Thanks for the reply. Do you think I can transfer the PDF file in the same way? Regards Thomas José Ferreiro wrote: Hello Thomas, It is possible to transfer other data from the server to the client than XML. This can be done by sending binary data within the SOAP message. See an example for Axis 1.x here: http://www.agileskills2.org/DWSAA/v10pub/source.zip Unzip the folder and refer to the folder *image service* : which shows the example of uploading a JPG image from the client to the web service in the server. For your example you only need to switch the request and the response in the wsdl file. Hope this helps. Jose Ferreiro On Tue, Aug 26, 2008 at 9:11 PM, thomas2004 [EMAIL PROTECTED] wrote: What I am going to do is: I get some datas from client and will return/transfer/response an JPG or PDF file to the client. Is it possible? So far I understand, the Web Service can only transfer XML-file. Is that right? Any example or infos? Regards Thomas -- View this message in context: http://www.nabble.com/Can-I-transfer-response-an-JPG-or-PDF-file-from-server-to-client-via-AXIS-1.x--tp19168366p19168366.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer -- View this message in context: http://www.nabble.com/Can-I-transfer-response-an-JPG-or-PDF-file-from-server-to-client-via-AXIS-1.x--tp19168366p19179073.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: Can I transfer/response an JPG or PDF file from server to client via AXIS 1.x?
Hello Thomas, It is possible to transfer other data from the server to the client than XML. This can be done by sending binary data within the SOAP message. See an example for Axis 1.x here: http://www.agileskills2.org/DWSAA/v10pub/source.zip Unzip the folder and refer to the folder *image service* : which shows the example of uploading a JPG image from the client to the web service in the server. For your example you only need to switch the request and the response in the wsdl file. Hope this helps. Jose Ferreiro On Tue, Aug 26, 2008 at 9:11 PM, thomas2004 [EMAIL PROTECTED] wrote: What I am going to do is: I get some datas from client and will return/transfer/response an JPG or PDF file to the client. Is it possible? So far I understand, the Web Service can only transfer XML-file. Is that right? Any example or infos? Regards Thomas -- View this message in context: http://www.nabble.com/Can-I-transfer-response-an-JPG-or-PDF-file-from-server-to-client-via-AXIS-1.x--tp19168366p19168366.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer
Re: Timestamp error when invoking a Rampart service from a .NET client.
Hello Sanjay, Please observe the following: SOAP Request from your .NET client wsse:Security wsu:Timestamp wsu:Id=Timestamp-74569579-8e34-407f-a10c-c27d3b119b80 wsu:Created2008-07-23T14:55:04Z/wsu:Created wsu:Expires2008-07-23T15:00:04Z/wsu:Expires /wsu:Timestamp /wsse:Security ### Java ### wsu:Timestamp xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-1035988 wsu:Created2008-07-24T08:59:27.952Z/wsu:Created wsu:Expires2008-07-24T09:04:27.952Z/wsu:Expires /wsu:Timestamp Please take a look at the clock synchonization between the two machines. By default this value should not have a difference bigger than 300 seconds (5 minutes) timetolive parameter in Axis(for sure) or Axis2( I guess too) [1]. I you would like to change this default value in .NET proceed as follow in the configuration file. MICROSOFT World: WSE 3.0 [2] - Use the tags timeToleranceInSeconds and defaultTtlInSeconds in the app.config file of the web service in your project (illustration follows with the corresponding xml tags) configuration microsoft.web.services3 security timeToleranceInSeconds value = 3600 / defaultTtlInSeconds value = 3600 / Maybe you may investigate in this direction because your SOAP message seems OK but it fails when verifying the timestamp. Also in .NET the timestamp is always there by default. You cannot remove it. This is not the case with Java where you may specify if it is there or not. Hope this helps. [1] - http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#time [2] - http://msdn.microsoft.com/en-us/library/ms824668.aspx -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL On 7/24/08, Sanjay Vivek [EMAIL PROTECTED] wrote: Hi everyone, I'm attempting to invoke a simple Rampart enabled EchoService from a .NET client. However, I get a The timestamp could not be validated error everytime. I've disabled the Timestamp option on the service side but it doesn't make any difference. I've compared the Timestamp formatting between a .NET and Java client and there's not much difference at all as shown below: ### .NET ### wsu:Timestamp wsu:Id=Timestamp-74569579-8e34-407f-a10c-c27d3b119b80 wsu:Created2008-07-23T14:55:04Z/wsu:Created wsu:Expires2008-07-23T15:00:04Z/wsu:Expires /wsu:Timestamp ### Java ### wsu:Timestamp xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-1035988 wsu:Created2008-07-24T08:59:27.952Z/wsu:Created wsu:Expires2008-07-24T09:04:27.952Z/wsu:Expires /wsu:Timestamp I've searched the web and one of the issues raised was that a .NET client appends the Timestamp at the top of the security header while a Java client appends the Timestamp at the bottom of the security header. Could this be an issue? Although I doubt the ordering of WSSE elements should make any difference. I've posted both the SOAP request (from a .NET client) and response (from a Rampart enabled service) messages at the bottom of this email for further reference. Any insight would be greatly appreciated. Cheers. Regards -- Sanjay Vivek SOAP Request from a .NET client ?xml version=1.0 encoding=utf-8? soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd= http://www.w3.org/2001/XMLSchema; xmlns:wsa= http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:wsse= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd; xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd soap:Header wsa:Actionurn:echo/wsa:Action wsa:MessageIDurn:uuid:1673e489-d3be-4810-b40e-854423fef2c2/wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:To http://128.240.2.3:8083/rampart-echo/services/RampartEchoService.RampartEchoServiceHttpSoap11Endpoint /wsa:To wsse:Security wsu:Timestamp wsu:Id=Timestamp-74569579-8e34-407f-a10c-c27d3b119b80 wsu:Created2008-07-23T14:55:04Z/wsu:Created wsu:Expires2008-07-23T15:00:04Z/wsu:Expires /wsu:Timestamp /wsse:Security /soap:Header soap:Body echo xmlns=http://service.echo.rampart; arghello/arg /echo /soap:Body /soap:Envelope SOAP Response from a Rampart enabled service ?xml version='1.0' encoding='utf-8'? soapenv:Envelope xmlns:soapenv= http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header xmlns:wsa= http
Re: Question on WSS4J 1.5 Crypto Provider Configuration
Hello Santosh, Your line: wsse:UsernameToken xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3 is based on the namespace: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd you may open the URL by double clicking in the link: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd By reading the provided documentation it follows that the attribute ID: xsd:attribute name=Id type=xsd:ID xsd:annotation xsd:documentationThis global attribute supports annotating arbitrary elements with an ID./xsd:documentation /xsd:annotation /xsd:attribute Then we may conclude that this type defines the fault code value for Timestamp message expiration (wsu:Id=SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3). Hope this helps. Jose Ferreiro On 7/20/08, Werner Dittmann [EMAIL PROTECTED] wrote: Strange - same mail with different subjects - what do intend here? Regards, Werner sh_santosh schrieb: Dear all, Hi Jose / all, just one word away. I am NOT able generate 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' inside the wsse:UsernameToken tag. In place of this i am able to generate only ' wsu:Id=UsernameToken-2691004 ' wsse:UsernameToken xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3 What is this 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' ? How can I generate it in Java (using Axis 1.3 and wss4j) ? Required Security Header by other end( .Net WSE 3.0) ?xml version=1.0 encoding=utf-8? soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema; xmlns:wsa=http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:wsse= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd soap:Header wsa:Action http://www.test.com/api/ws/internal/testInfo /wsa:Action wsa:MessageID urn:uuid:ca7e475b-484a-4bb8-974f-eb573438bb43 /wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:To http://localhost:8080/testapi/testwsapi.asmx /wsa:To wsse:Security soap:mustUnderstand=1 wsu:Timestamp wsu:Id=Timestamp-c70b72e2-561c-4b18-bc4b-acf8c3896b14 wsu:Created2008-02-28T15:33:56Z/wsu:Created wsu:Expires2008-02-28T15:38:56Z/wsu:Expires /wsu:Timestamp wsse:UsernameToken xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3 wsse:Username[EMAIL PROTECTED] /wsse:Username wsse:Password Type= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText SomePassword /wsse:Password wsse:Nonce5SImW1gykzSPdeiWzcCdaQ==/wsse:Nonce wsu:Created2008-02-28T15:33:56Z/wsu:Created /wsse:UsernameToken /wsse:Security /soap:Header soap:Body SAN_Info xmlns=http://www.test.com/api/testing/ws/internal SAN_Request VendorId=TestVendor VendorPassword=SomePassword xmlns= http://www.test.com/api/testing/testinforequest; BrandSANBUS/Brand TourCodeGE/TourCode Code80135/Code /SAN_Request /SAN_Info /soap:Body /soap:Envelope Generated Security header By my side (Java- Axis 1.3 and wss4j )- ?xml version=1.0 encoding=UTF-8? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; xmlns:wsa=http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:xsd=http://www.w3.org/2001/XMLSchema; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; soapenv:Header wsse:Security xmlns:wsse= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
Re: Signing SOAP messages with Axis
Hola Tomás, You may use the library wss4j for accomplishing that [1]. If you are using Axis2 you should use Rampart[2] Un saludo Jose Ferreiro [1] - http://ws.apache.org/wss4j/ [2] - http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html On 7/21/08, Tomás Tormo [EMAIL PROTECTED] wrote: Hello! I have to communicate with a webservice wich needs signed SOAP messages in order to ensure communications. I'm using Axis in order to create the SOAP messages but my problem is that i don't really know how to sign the messages before sending them. I've been told that I should add a reference to a subclass of BasicHandler in my client-config.wsdd and use that subclass in order to access the generated XML and sign it with the XMLSecurity library. I've never used the client-config.wsdd file to communicate with a webservice... ¿Could anybody provide me any example/link about this? ¿Or how to modify a SOAP message? -- Un saludo, Tomás Tormo Franco Indenova, S.L. Tels.: +34 963 81 99 47 ext.519http://www.indenova.commailto:[EMAIL PROTECTED] [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: WSS4J , Rampart
Hello, Basically, you may use WSS4J with Axis 1.x to implement WS-Security. Rampart is the WS-Security module in Axis 2. Rampart uses WSS4J. Hope this helps. José Ferreiro On Mon, Jul 14, 2008 at 6:38 PM, Chau, Hoang [EMAIL PROTECTED] wrote: Hi all, I am new to webservice security so could anyone tell me the difference between WSS4j and Rampart or point me the link talk about them. Thanks -- *From:* Juan Gabriel Arias [mailto:[EMAIL PROTECTED] *Sent:* Monday, July 14, 2008 9:18 AM *To:* axis-user@ws.apache.org *Subject:* QName is null for... Hi all, i'm facing this issue. I try to generate the java files from this wsdl wsdl:operation name=RefundTransaction soap:operation soapAction=RefundTransaction / wsdl:inputsoap:body use=literal //wsdl:input wsdl:outputsoap:body use=literal //wsdl:output /wsdl:operation And the generator throws this exception: Using AXIS2_HOME: D:\java\axis2-1.4\ Using JAVA_HOME:C:\Program Files\Java\jre1.6.0_05 Retrieving document at 'OIContentProviderv0.2.wsdl'. Exception in thread main org.apache.axis2.wsdl.codegen.CodeGenerationException: org.apache.axis2.wsdl.codegen.CodeGenerationException: java.lang.RuntimeException: Element QName is null for ErrorResponseMessage! at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.generate( CodeGenerationEngine.java:271) at org.apache.axis2.wsdl.WSDL2Code.main(WSDL2Code.java:35) at org.apache.axis2.wsdl.WSDL2Java.main(WSDL2Java.java:24) Caused by: org.apache.axis2.wsdl.codegen.CodeGenerationException: java.lang.RuntimeException: Element QName is null for ErrorResponseMessage! at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.emitStub( AxisServiceBasedMultiLanguageEmitter.java:534) at org.apache.axis2.wsdl.codegen.CodeGenerationEngine.generate( CodeGenerationEngine.java:260) ... 2 more Caused by: java.lang.RuntimeException: Element QName is null for ErrorResponseMessage! at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.getFaultParamElements( AxisServiceBasedMultiLanguageEmitter.java:2829) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.getFaultElement( AxisServiceBasedMultiLanguageEmitter.java:2748) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.generateMethodElement( AxisServiceBasedMultiLanguageEmitter.java:2269) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.loadOperations( AxisServiceBasedMultiLanguageEmitter.java:2151) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.createDOMDocumentForCallbackHandler( AxisServiceBasedMultiLanguageEmitter.java:1151) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.writeCallBackHandlers( AxisServiceBasedMultiLanguageEmitter.java:1117) at org.apache.axis2.wsdl.codegen.emitter. AxisServiceBasedMultiLanguageEmitter.emitStub( AxisServiceBasedMultiLanguageEmitter.java:497) ... 3 more I found that the problem is the missing fault definition. I i try this, it works: wsdl:operation name=RefundTransaction soap:operation soapAction=RefundTransaction / wsdl:inputsoap:body use=literal //wsdl:input wsdl:outputsoap:body use=literal //wsdl:output wsdl:fault name=faultsoap:fault use=literal name=fault//wsdl:fault /wsdl:operation Why? AFAIK, this is not mandatory... am i wrong? And it would be nice to get a better error message. thanks in advance! Juan -- * This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, notify the sender immediately by return email and delete the message and any attachments from your system. * -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: CRUD web service (Axis 1.4)
Hello Pedro, The book will help you to understand how to develop/deploy web services using Axis 1.4 but will definitely not provide you information on how to implement CRUD. You will have to develop your DAO layer by side. I recommend you to read the book if you don't have experience with Web services and if you will use Axis 1.4. *Please note that I have any interest/relationship/benefit) with the author of the book.* Hope this helps. José Ferreiro Web page of the book: http://www.agileskills2.org/DWSAA/v10pub/index.html On Mon, Jun 30, 2008 at 3:11 PM, Duseja, Sushil [EMAIL PROTECTED] wrote: Hello Pedro, Which chapter, of the book, should I go through, to learn how to write CRUD web service. Thanks. *From:* Pedro Felipe [mailto:[EMAIL PROTECTED] *Sent:* Monday, June 30, 2008 6:25 PM *To:* axis-user@ws.apache.org *Subject:* Re: CRUD web service (Axis 1.4) Hi Sushil! You should read this book: TONG, Ka Iok 'Kent'. *Developing Web Services with Apache Axis*. 2005. []'s Pedro On Mon, Jun 30, 2008 at 9:30 AM, Duseja, Sushil [EMAIL PROTECTED] wrote: Hello, Can anyone please let me know as to – how can I create a simple *CRUD web service* (say - for an employee)? In other words, I want to develop a web service, with CREATE, RETRIEVE, UPDATE and DELETE operations, using *Axis 1.4*. Any sample application would help a great deal. Thanking you in anticipation.
Re: UUID generator in Axis2-1.3
Hello, http://java.sun.com/j2se/1.5.0/docs/api/java/util/UUID.html java.util.UUID a = UUID.randomUUID ( ) ; Hope this helps. José FERREIRO PS: UUID is the equivalent of GUID in dotnet On Thu, Jun 26, 2008 at 4:36 PM, Rajesh, Peter (CLAIMS, WIP) [EMAIL PROTECTED] wrote: Hi, How to generate and UUID? Below class is deprecated. org.apache.axis2.util.UUIDGenerator; Thanks Regards, Peter Rajesh * This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. * -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Hello Ritesh, If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you should use the library Apache WSS4J [2] and not Rampart Rampart is a module based on Apache WSS4J that provides the WS-Security features for Axis2 [3][4]. Hope this helps: José Ferreiro [1] - http://ws.apache.org/axis/ [2] - http://ws.apache.org/wss4j/ [3] - http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html [4] - http://ws.apache.org/axis2/ On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh [EMAIL PROTECTED] wrote: Hi Keith, I am using Axis1.3 version not Axis2. So,is Rampart will work with Axis1.3 or it will work with only with Axis2 and higher versions. Thanks, Ritesh. sh_santosh wrote: Dear All, I have a Java Client generated by using Axis1.3.By use of my Java Client I want to access a Web Service Implemented in .NET using WSE3.0 Standards. When I tried to submit my Request using a method available in my Client Class ,I am getting Exception that Security requirements are not satisfied because the security header is not present in the incoming message. Then I have added the SOAP Security Headers(which are not available in my Java Client Code) in my Stub Object by using SOAPHeaderElement Class's Object and Tried to submit the Request ,but still I got the Same Exception. Note : - That the Java Client Code Pass an Object as Request having required Parameters and Gets the User Defined Object in Response. I have to generate a Structure Like below inside my SOAPHeader Tag : soap:Header wsa:Actionhttp://www.test/info/wsa:Action wsa:MessageIDurn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84/wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:Tohttp://localhost:8080/bookingapi/bookingapi.asmx/wsa:To wsse:Security soap:mustUnderstand=1 wsu:Timestamp wsu:Id=Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43 wsu:Created2008-02-28T15:33:56Z/wsu:Created wsu:Expires2008-02-28T15:38:56Z/wsu:Expires /wsu:Timestamp wsse:UsernameToken xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2 wsse:Username[EMAIL PROTECTED]/wsse:Username wsse:Password Type= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText SomePassword/wsse:Password wsse:Nonce5SImW1gykzSPdeiWzcCdaQ==/wsse:Nonce wsu:Created2008-02-28T15:33:56Z/wsu:Created /wsse:UsernameToken /wsse:Security /soap:Header Any Help at Java Code Level or any Guidance/Example will be highly appreciated. Thanks, Ritesh. -- View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Hello, First you have to determine which Token profile you need to use[1]: Is it: - Username Token Profile -X.509 Token Profile - SAML Token profile - Kerberos Token Profile most probably I will be Username Token Profile or X.509 Token Profile You will have two ways to do add the security header to your soap message: Either you use Axis2 and rampart module to generate a client (stubs, etc, etc). You don't need to add a security header. The module will do the work for you. Obviously you have to add the right configuration files. You may download Axis2 and Rampart and there should be some examples in the package. Or you user Axis 1.3 with WSS4J. Same thing as above the security header of your SOAP message will be added by WSS4J according to the deployement files (extension is wsdd, which measn web service deployement descriptor) You may find examples in the package WSS4J. Also this link [2] in the URL source code in the book you may download some examples. They show you the configuration of a such project with WSS4J. Please note that the author is using *X.509 Token profile*. As you need to interoperate with donet. I will suggest you to read this article from Anne Thomas Manes [3]. Dot net requires the wrapped style. Hope this helps. Jose FERREIRO [1] - http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview [2] - http://www.agileskills2.org/DWSAA/v10pub/index.html [3] - http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html On 6/18/08, sh_santosh [EMAIL PROTECTED] wrote: Hi Jose, Thanks for your reply, Problem with my Java Client Code is that I have a Limitation that either I can add Security headers to my org.apache.axis.client.Call class object or in the Stub class object. Can you guide me about, how I can use WSS4J classes and method with my Call or Stub's Class Object.so that i can set the security headers. Can you provide me some sample Java code or example ,from where I can get the idea that how should go further ,because right now I am totally stucked because of this. Thanks, Ritesh. José Ferreiro wrote: Hello Ritesh, If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you should use the library Apache WSS4J [2] and not Rampart Rampart is a module based on Apache WSS4J that provides the WS-Security features for Axis2 [3][4]. Hope this helps: José Ferreiro [1] - http://ws.apache.org/axis/ [2] - http://ws.apache.org/wss4j/ [3] - http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html [4] - http://ws.apache.org/axis2/ On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh [EMAIL PROTECTED] wrote: Hi Keith, I am using Axis1.3 version not Axis2. So,is Rampart will work with Axis1.3 or it will work with only with Axis2 and higher versions. Thanks, Ritesh. sh_santosh wrote: Dear All, I have a Java Client generated by using Axis1.3.By use of my Java Client I want to access a Web Service Implemented in .NET using WSE3.0 Standards. When I tried to submit my Request using a method available in my Client Class ,I am getting Exception that Security requirements are not satisfied because the security header is not present in the incoming message. Then I have added the SOAP Security Headers(which are not available in my Java Client Code) in my Stub Object by using SOAPHeaderElement Class's Object and Tried to submit the Request ,but still I got the Same Exception. Note : - That the Java Client Code Pass an Object as Request having required Parameters and Gets the User Defined Object in Response. I have to generate a Structure Like below inside my SOAPHeader Tag : soap:Header wsa:Actionhttp://www.test/info/wsa:Action wsa:MessageIDurn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84/wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:Tohttp://localhost:8080/bookingapi/bookingapi.asmx/wsa:To wsse:Security soap:mustUnderstand=1 wsu:Timestamp wsu:Id=Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43 wsu:Created2008-02-28T15:33:56Z/wsu:Created wsu:Expires2008-02-28T15:38:56Z/wsu:Expires /wsu:Timestamp wsse:UsernameToken xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2 wsse:Username[EMAIL PROTECTED]/wsse:Username wsse:Password Type= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText SomePassword/wsse:Password wsse:Nonce5SImW1gykzSPdeiWzcCdaQ==/wsse:Nonce wsu:Created2008-02-28T15:33:56Z/wsu:Created /wsse:UsernameToken /wsse:Security /soap:Header Any Help at Java Code Level or any Guidance/Example will be highly appreciated. Thanks, Ritesh. -- View
Re: Trouble with a .NET client.
Zaq, I assume that your .net client will not only authenticate in the java web service. It looks like you are not able to perform the first operation i.e logon. Therefore if you would like that your .net client also performs other operations, I will suggest you to follow the contract-first approach (also known as WSDL first) because you will have other troubles with the other function IMHO... Hope this helps. Jose FERREIRO On 6/16/08, Anne Thomas Manes [EMAIL PROTECTED] wrote: There no option for asking the tools to generate attributes rather than elements. For the most part, it's considered a bad practice. Bear in mind that attributes must be simple types. Anne On Mon, Jun 16, 2008 at 8:08 AM, Zaq Rizer [EMAIL PROTECTED] wrote: On Mon, Jun 16, 2008 at 6:54 AM, keith chapman [EMAIL PROTECTED] wrote: I'd suggest to switch to the contract-first approach: you'll have to learn WSDL, of course, but you have much more control over interoperability and you'll get to use Axis2 (the latest version, at least) with success. Thanks, Keith Alternatively you can use a tool such a java2wsdl to generate the WSDL for you and then tune it accor ding to your needs (remove minoccurs and nillable). Thanks, Keith. Thanks for the input everyone. I will go with Keith's recommendation of modifying the produced WSDL. Does anyone know of a way to automatically change the format of the WSDL instead of modifying it by hand? (e.g. somehow modifying an underlying axis2 config file or perhaps even source file?). I'll see how this solution works for us. Regards, Zaq - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Send direct XML rather than using Java classes
Jack, It is possible. Instead of the string add your xml and it will work. Nevertheless the xml should be escaped eg.. **item**description of the item**/item** becomes: *lt;*itemgt;description of the item*lt;*/item*gt;* Jose Ferreiro On 6/16/08, Paul Fremantle [EMAIL PROTECTED] wrote: Jacky Sure. If you use Axis2 it was designed this way. The Java classes model is actually just a separate layer on top of the core XML messaging layer. You just need to look at the ServiceClient API. The XML is represented in Axis2 as an OMElement. Paul 2008/6/16 Jacky Rymasz-Maillot [EMAIL PROTECTED]: Hello, I would like to know if it is possible to send a WSDL request directly without using Java classes to create the request. Let's say I want to create a WSDL request (XML format) into a text editor and send the resulting String to my server without using the generated Java classes from Axis. What I want looks like that but for SOAP: http://users.skynet.be/pascalbotte/rcx-ws-doc/xmlpost.htm Is it possible? Thx Jack No virus found in this outgoing message. Checked by AVG. Version: 7.5.524 / Virus Database: 270.3.0/1504 - Release Date: 15/06/2008 17:52 -- Paul Fremantle Co-Founder and CTO, WSO2 Apache Synapse PMC Chair OASIS WS-RX TC Co-chair blog: http://pzf.fremantle.org [EMAIL PROTECTED] Oxygenating the Web Service Platform, www.wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Trouble with a .NET client.
Hello Zaq, The problem comes from the wsdl itself. It is not WS-I compliant, in terms of interoperability. If I understand well your wsdl is not so huge till now (two elements: logon and logonResponse). I will advise you to write your wsdl yourself using the approach wsdl first[1]. This is the price to pay if you want to achieve interoperability with dotnet (wsdl.exe). Please also read this interesting article from Anne Thomas Manes. There is an example of WSDL wrapped style. This style is important to achieve interoperability with dotnet. [2] From there you may generate the stubs using ant wsdl2java. ::You wrote: ::The XML response (in firefox) ::ns:logonResponse ::ns:return2046037248/ns:return ::/ns:logonResponse You may generate the UUID type using java: http://java.sun.com/j2se/1.5.0/docs/api/java/util/UUID.html which corresponds in .net, c# as a GUID (e.g. ad87084f-1f7e-4875-9e5d-8a626aad3bbd). It is a type similar to MAC addresses [3]. Generating an integer shouldn't be the same in .net when the deserialization happends in the .net client side. This should probably raised an error. In my opinion, you may reduce this: xs:element name=logonResponse xs:complexType xs:sequence xs:element minOccurs=0 name=return type=xs:int/ /xs:sequence /xs:complexType /xs:element to: xs:element minOccurs=0 name=logonResponse type=xs:int/ minOccurs should it be equal to 1? Because you should always return a UUID. As written it means that sometimes the logonResponse element does not exist. Hope this helps! Jose Ferreiro [1] http://www.mindreef.com/newsletter/newsletter-v6.html [2] http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html [3] http://www.csharpfriends.com/Articles/getArticle.aspx?articleID=335 On Fri, Jun 13, 2008 at 10:41 PM, Chris Richmond [EMAIL PROTECTED] wrote: Zaq, I have seen this similar problem. The culprit is actually that nillable=true OR minOccurs = 0 or possibly both in those parameters(I don't' remember exactly which one(s) it was I had to modify to fix it). Unfortunately Axis2 produces this sort of wsdl and as far as I know you cannot easily change it. Let me guess…your .net client is adding to boolean parameters along the lines of isProvided? That is because .net proxy generator thinks some things are optional, and rightfully so according to the WSDL. The best thing to do is take your wsdl generated by axis 2 and hand tweak those attributes and .NET will produce cleaner clients for it. Of course you could always just provide TRUE for all cases of the isProvided(or whatever it is called) variables in your .net code. Hope this helps…I had a problem with this too and I just provided hand tweaked WSDL to clients to generate from. Chris -- *From:* Zaq Rizer [mailto:[EMAIL PROTECTED] *Sent:* Friday, June 13, 2008 6:02 AM *To:* axis-user@ws.apache.org *Subject:* Trouble with a .NET client. I have a fairly simple Axis2 setup (running in Tomcat5.5), using POJO. I've written the java client code, which generated the proper WSDLs and have used Ruby's wsdlDriver successfully to test my methods throughout my development process, all with great success. However, when attempting to consume this service from a .NET (2.0) client, the client is unable to understand the result of my service. I see the call to my service, and the underlying database call succeeds, in fact. Basically, everything succeeds on my end but the client cannot handle it properly. My .NET people are having issues because the .NET framework does not want to call my logon method with four input parameters and have it return a single int. It's requiring them to send six input parameters, with the latter two being passed by reference (these are the outputs). No matter what they do, they only see a single 1 returned as opposed to the ten-digit UUID that they should be getting. I've read other reports and issues from people in similar situations but many of the solutions seem to pertain to either the nillable property, or the minOccurs property; how can I specify these if I'm using java2wsdl? Relevant code follows ... My method accepts four parameters, and returns a single int. *the WSDL for the logon method:* xs:element name=logon xs:complexType xs:sequence xs:element minOccurs=0 name=user nillable=true type=xs:string/ xs:element minOccurs=0 name=pass nillable=true type=xs:string/ xs:element minOccurs=0 name=device nillable=true type=xs:string/ xs:element minOccurs=0 name=cell nillable=true type=xs:string/ /xs:sequence /xs:complexType /xs:element xs:element name=logonResponse xs:complexType xs:sequence xs:element minOccurs=0 name=return type=xs:int/ /xs:sequence /xs:complexType /xs:element *The Java method:* public int logon(String user, String password, String device,
Re: Consume Axis web service in .net client
Hello Mathias, The good news for you is that: IT IS POSSIBLE. I suceed to exchange arrays between a java service and a .net client (dotnet 2.0) I used the wsdl first approach, then I genarated the stubs [1]. I suggest you to take a look at this pages: http://wiki.apache.org/ws/DotNetInteropArrays Also in order to interoperate with dotnet you should use the wrapped convention in your wsdl because dotnet uses it by default. This is a good article by Anne Thomas Manes about this topic with an WSDL file example. [1] http://www.mindreef.com/newsletter/newsletter-v6.html Regards, Jose FERREIRO PS: Try to implement those changes in your wsdl to see if you may interoperate (I assume you are using Axis 1.4): wsdl:part element=impl:getProcessedOrders name=parameters/ wsdl:part element=impl:getProcessedOrdersResponse name=parameters/ to wsdl:part element=impl:getProcessedOrders name=getProcessedOrders/ wsdl:part element=impl:getProcessedOrdersResponse name=getProcessedOrdersResponse/ Change this to: element name=getProcessedOrdersResponse complexType sequence element maxOccurs=unbounded name=getProcessedOrdersReturn type=tns1:OrderHead/ /sequence /element to element name=getProcessedOrdersResponse complexType sequence element name=firstName nillable=true type=xsd:string/ element name=orderId nillable=true type=xsd:string/ /sequence /element On 6/11/08, Mathias P.W Nilsson [EMAIL PROTECTED] wrote: Hi! I have developed a simple Axis webservice and it works fine when invoking it from a java client. When trying to invoke it in .net client I get an array but all the values in the array is empty or nothing. I have read some posts here about this but I can't resolve this. Has anyone consumed Axis webservice from .net with success? Here is the wsdl genereted from a pojo using eclipse plugin ?xml version=1.0 encoding=UTF-8? wsdl:definitions targetNamespace=http://ws.hairless.edgesoft.se; xmlns:apachesoap=http://xml.apache.org/xml-soap; xmlns:impl=http://ws.hairless.edgesoft.se; xmlns:intf=http://ws.hairless.edgesoft.se; xmlns:tns1=http://model.ws.hairless.edgesoft.se; xmlns:wsdl=http://schemas.xmlsoap.org/wsdl/; xmlns:wsdlsoap=http://schemas.xmlsoap.org/wsdl/soap/; xmlns:xsd=http://www.w3.org/2001/XMLSchema; !--WSDL created by Apache Axis version: 1.4 Built on Apr 22, 2006 (06:55:48 PDT)-- wsdl:types schema elementFormDefault=qualified targetNamespace=http://ws.hairless.edgesoft.se; xmlns=http://www.w3.org/2001/XMLSchema; import namespace=http://model.ws.hairless.edgesoft.se/ element name=getProcessedOrders complexType/ /element element name=getProcessedOrdersResponse complexType sequence element maxOccurs=unbounded name=getProcessedOrdersReturn type=tns1:OrderHead/ /sequence /complexType /element /schema schema elementFormDefault=qualified targetNamespace=http://model.ws.hairless.edgesoft.se; xmlns=http://www.w3.org/2001/XMLSchema; complexType name=OrderHead sequence element name=firstName nillable=true type=xsd:string/ element name=orderId nillable=true type=xsd:string/ /sequence /complexType /schema /wsdl:types wsdl:message name=getProcessedOrdersRequest wsdl:part element=impl:getProcessedOrders name=parameters/ /wsdl:message wsdl:message name=getProcessedOrdersResponse wsdl:part element=impl:getProcessedOrdersResponse name=parameters/ /wsdl:message wsdl:portType name=OrderService wsdl:operation name=getProcessedOrders wsdl:input message=impl:getProcessedOrdersRequest name=getProcessedOrdersRequest/ wsdl:output message=impl:getProcessedOrdersResponse name=getProcessedOrdersResponse/ /wsdl:operation /wsdl:portType wsdl:binding name=OrderServiceSoapBinding type=impl:OrderService wsdlsoap:binding style=document transport=http://schemas.xmlsoap.org/soap/http/ wsdl:operation name=getProcessedOrders wsdlsoap:operation soapAction=/ wsdl:input name=getProcessedOrdersRequest wsdlsoap:body use=literal/ /wsdl:input wsdl:output name=getProcessedOrdersResponse wsdlsoap:body use=literal/ /wsdl:output /wsdl:operation /wsdl:binding wsdl:service name=OrderServiceService wsdl:port binding=impl:OrderServiceSoapBinding name=OrderService wsdlsoap:address location=http://192.168.1.2/hairless-web/services/OrderService/ /wsdl:port /wsdl:service /wsdl:definitions -- View this message in context: http://www.nabble.com/Consume-Axis-web-service-in-.net-client-tp17784604p17784604.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems
Re: Consume Axis web service in .net client
The article from Anne Thomas Manes: http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html On 6/12/08, José Ferreiro [EMAIL PROTECTED] wrote: Hello Mathias, The good news for you is that: IT IS POSSIBLE. I suceed to exchange arrays between a java service and a .net client (dotnet 2.0) I used the wsdl first approach, then I genarated the stubs [1]. I suggest you to take a look at this pages: http://wiki.apache.org/ws/DotNetInteropArrays Also in order to interoperate with dotnet you should use the wrapped convention in your wsdl because dotnet uses it by default. This is a good article by Anne Thomas Manes about this topic with an WSDL file example. [1] http://www.mindreef.com/newsletter/newsletter-v6.html Regards, Jose FERREIRO PS: Try to implement those changes in your wsdl to see if you may interoperate (I assume you are using Axis 1.4): wsdl:part element=impl:getProcessedOrders name=parameters/ wsdl:part element=impl:getProcessedOrdersResponse name=parameters/ to wsdl:part element=impl:getProcessedOrders name=getProcessedOrders/ wsdl:part element=impl:getProcessedOrdersResponse name=getProcessedOrdersResponse/ Change this to: element name=getProcessedOrdersResponse complexType sequence element maxOccurs=unbounded name=getProcessedOrdersReturn type=tns1:OrderHead/ /sequence /element to element name=getProcessedOrdersResponse complexType sequence element name=firstName nillable=true type=xsd:string/ element name=orderId nillable=true type=xsd:string/ /sequence /element On 6/11/08, Mathias P.W Nilsson [EMAIL PROTECTED] wrote: Hi! I have developed a simple Axis webservice and it works fine when invoking it from a java client. When trying to invoke it in .net client I get an array but all the values in the array is empty or nothing. I have read some posts here about this but I can't resolve this. Has anyone consumed Axis webservice from .net with success? Here is the wsdl genereted from a pojo using eclipse plugin ?xml version=1.0 encoding=UTF-8? wsdl:definitions targetNamespace=http://ws.hairless.edgesoft.se; xmlns:apachesoap=http://xml.apache.org/xml-soap; xmlns:impl=http://ws.hairless.edgesoft.se; xmlns:intf=http://ws.hairless.edgesoft.se; xmlns:tns1=http://model.ws.hairless.edgesoft.se; xmlns:wsdl=http://schemas.xmlsoap.org/wsdl/; xmlns:wsdlsoap=http://schemas.xmlsoap.org/wsdl/soap/; xmlns:xsd=http://www.w3.org/2001/XMLSchema; !--WSDL created by Apache Axis version: 1.4 Built on Apr 22, 2006 (06:55:48 PDT)-- wsdl:types schema elementFormDefault=qualified targetNamespace=http://ws.hairless.edgesoft.se; xmlns=http://www.w3.org/2001/XMLSchema; import namespace=http://model.ws.hairless.edgesoft.se/ element name=getProcessedOrders complexType/ /element element name=getProcessedOrdersResponse complexType sequence element maxOccurs=unbounded name=getProcessedOrdersReturn type=tns1:OrderHead/ /sequence /complexType /element /schema schema elementFormDefault=qualified targetNamespace=http://model.ws.hairless.edgesoft.se; xmlns=http://www.w3.org/2001/XMLSchema; complexType name=OrderHead sequence element name=firstName nillable=true type=xsd:string/ element name=orderId nillable=true type=xsd:string/ /sequence /complexType /schema /wsdl:types wsdl:message name=getProcessedOrdersRequest wsdl:part element=impl:getProcessedOrders name=parameters/ /wsdl:message wsdl:message name=getProcessedOrdersResponse wsdl:part element=impl:getProcessedOrdersResponse name=parameters/ /wsdl:message wsdl:portType name=OrderService wsdl:operation name=getProcessedOrders wsdl:input message=impl:getProcessedOrdersRequest name=getProcessedOrdersRequest/ wsdl:output message=impl:getProcessedOrdersResponse name=getProcessedOrdersResponse/ /wsdl:operation /wsdl:portType wsdl:binding name=OrderServiceSoapBinding type=impl:OrderService wsdlsoap:binding style=document transport=http://schemas.xmlsoap.org/soap/http/ wsdl:operation name=getProcessedOrders wsdlsoap:operation soapAction=/ wsdl:input name=getProcessedOrdersRequest wsdlsoap:body use=literal/ /wsdl:input wsdl:output name=getProcessedOrdersResponse wsdlsoap:body use=literal/ /wsdl:output /wsdl:operation /wsdl:binding wsdl:service name=OrderServiceService wsdl:port binding=impl:OrderServiceSoapBinding name=OrderService wsdlsoap:address location=http://192.168.1.2/hairless-web/services/OrderService/ /wsdl:port /wsdl:service /wsdl:definitions -- View this message in context: http://www.nabble.com/Consume-Axis-web-service-in-.net-client-tp17784604p17784604.html Sent from the Axis - User mailing list archive at Nabble.com
Re: .Net web service Security problem while invoking from axis 1.3
: Security requirements are not satisfied because the security header is not present in the incoming message. at Microsoft.Web.Services3.Design.UsernameOverTransportAssertion.ServiceInputFilter.ValidateMessageSecurity(SoapEnvelope envelope, Security security) at Microsoft.Web.Services3.Security.ReceiveSecurityFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services3.WseProtocol.FilterRequest(SoapEnvelope requestEnvelope) at Microsoft.Web.Services3.WseProtocol.RouteRequest(SoapServerMessage message) at System.Web.Services.Protocols.SoapServerProtocol.Initialize() at System.Web.Services.Protocols.ServerProtocolFactory.Create(Type type, HttpContext context, HttpRequest request, HttpResponse response, Boolean abortProcessing) at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222) at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129) at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(AbstractSAXParser.java:633) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanEndElement(XMLNSDocumentScannerImpl.java:719) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1685) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1242) at javax.xml.parsers.SAXParser.parse(SAXParser.java:375) at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227) at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) at org.apache.axis.Message.getSOAPEnvelope(Message.java:435) at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at com.vtech.external.implementation..test.testWSDLfiles.test.www.api.test.ws.internal.testAPISoapStub.testInfo(testAPISoapStub.java:859) at com.vtech.external.implementation..test.testWSDLfiles.test.www.api.test.ws.internal.testBkgDepInfo.main(testBkgDepInfo.java:21) -- View this message in context: http://www.nabble.com/.Net-web-service-Security-problem-while-invoking-from-axis-1.3-tp17690995p17690995.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Using WSS4J with Axis 1.4
Hello Shirpad, You need to determine first which Token Profile you will be using [1]: Username Token Profile 1.1 X.509 Token Profile 1.1 SAML Token profile 1.1 Kerberos Token Profile 1.1 Also in the distribution of wss4j, there is samples. Hope this helps [1] http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview On 6/4/08, Shripad Gokhale [EMAIL PROTECTED] wrote: Hi, I have developed a soap server using axis 1.4 in core java. Now I want to add security support using ws4j. What are the changes I need to do in order to achieve this? Thanks Shripad This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at http://www.amdocs.com/email_disclaimer.asp -- Jose Ferreiro ing.sys.com.dipl.EPFL
Re: Interoperability in axis 1.4 and wse 3.0
Hello Anthony, Apache has two projects on web services [http://ws.apache.org/]. 1 - Axis 1.x [2] 2 - and Axis2 which is a redesign of Axis 1.x [3]. I fully agree with you that Axis2 will be more compatible with WSE 3.0. In my test I used Axis 1.x (version Axis 1.4) implementing X.509 Token Profile from WS-Security. Kind regards, Jose Ferreiro [1] - http://ws.apache.org/ [2] - http://ws.apache.org/axis/ [3] - http://ws.apache.org/axis2/ On Fri, May 16, 2008 at 1:05 AM, Anthony Bull [EMAIL PROTECTED] wrote: Are you using Axis 1 1.4 or Axis 2 1.4? Axis 2 is most certainly compatible, I've got projects in production doing interop with WSE 3.0 services,using the WS-Addressing, WS-Security, WS-Kerberos profiles going over SSL. Shripad Gokhale wrote: Hi, I am using axis 1.4 currently in my application. I want to know if it is compactible with web services extension 3.0 (wse 3.0). Where can I get this information? Thanks Shripad This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at http://www.amdocs.com/email_disclaimer.asp -- Anthony - Anthony Bull Senior Developer Black Coffee Software Ltd PO Box 10-192 The Terrace Wellington, New Zealand [EMAIL PROTECTED] Ph +64 4 472 8818 Fax +64 4 472 8811 - www.bcsoft.co.nz --- This email may contain confidential or privileged information, and is intended for use only by the addressee, or addressees. If you are not the intended recipient please advise the sender immediately and do not copy, use or disclose the contents to any other person or organisation. Black Coffee Software Ltd accepts no responsibility for viruses received with this email, or to any changes made to the original content. Any views or opinions expressed in this email may be personal to the sender and are not necessarily those of Black Coffee Software Ltd. --- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer
Re: Interoperability in axis 1.4 and wse 3.0
Hello Shripad, Some explanations from my side to avoid confusion in the answer: WSE = The Web Services Enhancements (WSE) 3.0 for Microsoft(R) .NET is an add-on to Microsoft Visual Studio(R) 2005 and the Microsoft .NET Framework 2.0 that enables developers to build secure Web services based on the latest Web services protocol specifications [1]. Please note the word secure web services. Axis 1.x = Java framework (formerly know as Apache SOAP) that implements the SOAP protocol (or a web service) [2] Then WSE cannot be compactible with Axis 1.x because WSE allows you develop secured web services and Axis 1.x allows you do develop web services. If I understood well your question should be: Is Axis 1.4 and WSS4J compactible with WSE 3.0? WSS4J being a Java implementation of OASIS Web Services Security (WS-Security) standard [3] and WSE 3.0 being a Microsoft implementation of of OASIS Web Services Security (WS-Security) standard. The whole question is to know if both technologies can interoperate/communicate between them. The answer in theory is yes. But making it work is another question... I may say that thanks to previous work from Erlend [4] I succeed making work WSE 3.0 using the X.509 Certificate Token Profile [5]. For further information please check a blog I wrote with some significant snapshots [6]. In my opinion, it depends on which Token Profile you would like to use you will face different challenges to solve. But I would say yes. The different Token Profiles are: Username, SAML, X.509 (the one I implemented and it works), Kerberos [7]. I will advice you to take a look to Axis2 as well. Hope all this information will help you! Happy axis! Jose Ferreiro [1] - http://www.microsoft.com/downloads/details.aspx?familyid=018a09fd-3a74-43c5-8ec1-8d789091255ddisplaylang=en [2] - http://wiki.apache.org/ws/FrontPage/Axis/AxisGeneral [3] - http://ws.apache.org/wss4j/ [4] - http://erlend.oftedal.no/blog/?blogid=12 [5] - http://www.oasis-open.org/specs/index.php#wssv1.0 [6] - http://www.google.ch/search?q=Secure+Web+Services+Interoperability+using+X.509+Certificate+Token+Profile+(AXIS+1.4%2C+WSS4J+1.5.3%2C+dotnet+2.0%2C+WSE+3.0+) http://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html [7] - http://www.oasis-open.org/specs/index.php#wssv1.0 On 5/15/08, Shripad Gokhale [EMAIL PROTECTED] wrote: Hi, I am using axis 1.4 currently in my application. I want to know if it is compactible with web services extension 3.0 (wse 3.0). Where can I get this information? Thanks Shripad This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at http://www.amdocs.com/email_disclaimer.asp -- José Ferreiro EPFL Communication Systems engineer
AXIS 1.4 and WSS4J - Client with different LOCAL TIMES
Dear newsgroup, I successfully developed a server side service using axis 1.4 and wss4j 1.5.3. I implemented the signature, encryption and timestamp features. I may manage the local time in the server. Nevertheless, I will have clients from different local times (not same time as in the server. the local time in the server is GMT+1 ). How can a java client implement/apply the right timestamp according to the server GMT+1 using axis 1.4 and wss4j 1.5.3? All suggestions are welcome. Thank you in advance Jose Ferreiro
Re: AXIS 1.4 and WSS4J - Client with different LOCAL TIMES [SOLUTION]
Here is the solution: I started developing a secure web service in my development computer. However when I deployed the application (in another server[JBoss]) to simulate different clients connecting to the web service with different LOCAL TIME ZONES, things went bad... Problems with TIMESTAMP validation... I got error the following error depending on the tested client (either dotnet or java): In Microsoft [dotnet framework 2.0, WSE 3.0] WSE065: Creation time of the timestamp is in the future. This typically indicates lack of synchronization between sender and receiver clocks. or for java [Axis 1.4, wss4j 1.5.3] Exception: WSDoAllReceiver: security processing failed; nested exception is: org.apache.ws.security.WSSecurityException: An error was discovered processing the wsse:Security header. (WSSecurityEngine: Invalid timestamp The security semantics of message have expired) The problems are due that the two clocks in the clients and the server are not synchonized. JAVA World: WSS4J - Use the timeToLive parameter in the handler to resolve this problem [1] [2]. MICROSOFT World: WSE 3.0 - Use the tags timeToleranceInSeconds and defaultTtlInSeconds in the app.config file of the web service in your project (illustration follows with the corresponding xml tags) [3] configuration microsoft.web.services3 security timeToleranceInSeconds value = 3600 / defaultTtlInSecondsvalue = 3600 / [1] - http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#time [2] - http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#TTL_TIMESTAMP [3] - http://msdn.microsoft.com/en-us/library/ms824668.aspx [fyi] - http://www.google.ch/search?q=Secure+Web+Services+Interoperability+using+X.509+Certificate+Token+Profile+(AXIS+1.4%2C+WSS4J+1.5.3%2C+dotnet+2.0%2C+WSE+3.0+)ie=utf-8oe=utf-8aq=trls=org.mozilla:fr-FR:officialclient=firefox-a Hope this helps! Jose Ferreiro On Wed, May 14, 2008 at 1:38 PM, José Ferreiro wrote: Dear newsgroup, I successfully developed a server side service using axis 1.4 and wss4j 1.5.3. I implemented the signature, encryption and timestamp features. I may manage the local time in the server. Nevertheless, I will have clients from different local times (not same time as in the server. the local time in the server is GMT+1 ). How can a java client implement/apply the right timestamp according to the server GMT+1 using axis 1.4 and wss4j 1.5.3? All suggestions are welcome. Thank you in advance Jose Ferreiro -- José Ferreiro EPFL Communication Systems engineer
Jboss 4.0.3SP1 and Axis 1.x
Dear newsgroup, I sucessfully developped a web service using tomcat. However I would like to set up the web service using the Jboss server. Does anyone could provide me with some info on how to do that? I am having trouble to *deploy* the web service in the Jboss server. I created a web folder webapps under %JBoss_Home%/server/default/deploy Within the webapps folder I placed the whole folder axis. That I renamed axis.war. I may sucessfully start Jboss and the servlet ( http://localhost:8080/axis/servlet/AxisServlet). *Nevertheless I am not eager to deploy my webservice (wsdd file).* Any help or hints will be welcomed. Thank you in advance.
[SOLUTION] - Is it possible to use interop (JAVA-Microsoft) with x.509 Token profile? Response - YES!
Dear newsgroup list, I would like to share with you that it is possible to achieve *interoperability *with the following combination of software for the x.509 Token profile: *Goal: *server side fully developped using java. The secured web service must be accessed by java or microsoft secured clients using x.509 Token profile http://www.oasis-open.org/specs/index.php#wssv1.0. *Server side*: axis 1.4, wss4j 1.5.3, java jdk1.6.0_05 (keytool), tomcat 4.1 (I used tomcat 4.1 bcse it is faster for the test purposes) *Java client side*: axis 1.4, wss4j 1.5.3 *Microsoft client side*: dotnet framework 2.0 and Web Services Enhancements 3.0 (WSE 3.0) *Operating System*: XP with SP2 *Development software*: Microsoft Visual Studio 2005 and Eclipse Europe. *Conversion jks to pfx *(PKCS #12): Version of OpenSSL 0.9.8g 19 Oct 2007. This step is necessary to interoperate with the microsoft keystore. I posted a small blog with some snapshots from my test environment: http://magnot.blogspot.com/2008/04/secure-web-services-interoperability.html Hope this helps! Jose Ferreiro
WSS4J: Hybrid system (Symmetric and asymmetric cryptography)
*Hello,* ** Definitions: Asymmetric cryptography: Form of cryptography in which a user has a pair of cryptographic keys (a *public key* and a *private key*) Symmetric cryptography: Form of cryptography in which many user shared a secret-key (*single key*) *WSS4J works as follows for encryption*: WSS4J generates a random session key (*single key*) for every new session (SOAP message), encrypts the data using the *single key*. The server's *public key* (usually contained in a X.509 certificate) encrypts the *session key* and packs it into the relevant SOAP header structure. Is this correct? Which is the default *symmetric* algorithm to encrypt the SOAP body data in WSS4J? Is it aes128-cbc? Which is the default *asymmetric* algorithm to encrypt the symmetric key (*single key*) in WSS4J? Is it RSA? *WSS4J works as follows for signing*: The client uses its *private key* to sign the SOAP body. The server uses the client's public key to check the signature of the SOAP body content using a cryptographic hash fuction. The client's public key is usually contained in a signed certificate by a Certificate Authority (such as Verisign) Is this correct? Which is the default hash algorithm to sign the SOA body data in WSS4J? Is it SHA-1? Thank you in advance for your comments. Jose Ferreiro
Re: WSS4J: Hybrid system (Symmetric and asymmetric cryptography)
Thank you for your reply Werner! By the way, I found this interesting article explaining the *Mechanics of WS-Security*. Additionally it has some UML sequence diagrams corresponding to a *r**eal-world WS-Security scenario*. Regards, Jose Ferreiro On 4/21/08, Dittmann, Werner (NSN - DE/Muenich) [EMAIL PROTECTED] wrote: Jose, most of your question relate to the WS-Security specifications. Would you be so kind and refer to these specifications (OASIS Web Service Security). The WSS4J documentation (mostly Javadoc) and interop/demo programs give you some more information how to use and deply WSS4J in Axis1 and Axis2 environments Best regards, Werner -- *Von:* ext José Ferreiro [mailto:[EMAIL PROTECTED] *Gesendet:* Montag, 21. April 2008 17:03 *An:* [EMAIL PROTECTED]; axis-user@ws.apache.org *Betreff:* WSS4J: Hybrid system (Symmetric and asymmetric cryptography) *Hello,* ** Definitions: Asymmetric cryptography: Form of cryptography in which a user has a pair of cryptographic keys (a *public key* and a *private key*) Symmetric cryptography: Form of cryptography in which many user shared a secret-key (*single key*) *WSS4J works as follows for encryption*: WSS4J generates a random session key (*single key*) for every new session (SOAP message), encrypts the data using the *single key*. The server's *public key* (usually contained in a X.509 certificate) encrypts the *session key* and packs it into the relevant SOAP header structure. Is this correct? Which is the default *symmetric* algorithm to encrypt the SOAP body data in WSS4J? Is it aes128-cbc? Which is the default *asymmetric* algorithm to encrypt the symmetric key ( *single key*) in WSS4J? Is it RSA? *WSS4J works as follows for signing*: The client uses its *private key* to sign the SOAP body. The server uses the client's public key to check the signature of the SOAP body content using a cryptographic hash fuction. The client's public key is usually contained in a signed certificate by a Certificate Authority (such as Verisign) Is this correct? Which is the default hash algorithm to sign the SOA body data in WSS4J? Is it SHA-1? Thank you in advance for your comments. Jose Ferreiro -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: WSS4J: Hybrid system (Symmetric and asymmetric cryptography)
Thank you for your reply Werner! By the way, I found this interesting article explaining the *Mechanics of WS-Security*. Additionally it has some UML sequence diagrams corresponding to a *r**eal-world WS-Security scenario*. The link: http://www.ibm.com/developerworks/webservices/library/ws-best11/ Regards, On 4/21/08, José Ferreiro [EMAIL PROTECTED] wrote: Thank you for your reply Werner! By the way, I found this interesting article explaining the *Mechanics of WS-Security*. Additionally it has some UML sequence diagrams corresponding to a *r**eal-world WS-Security scenario*. Regards, Jose Ferreiro On 4/21/08, Dittmann, Werner (NSN - DE/Muenich) [EMAIL PROTECTED] wrote: Jose, most of your question relate to the WS-Security specifications. Would you be so kind and refer to these specifications (OASIS Web Service Security). The WSS4J documentation (mostly Javadoc) and interop/demo programs give you some more information how to use and deply WSS4J in Axis1 and Axis2 environments Best regards, Werner -- *Von:* ext José Ferreiro [mailto:[EMAIL PROTECTED] *Gesendet:* Montag, 21. April 2008 17:03 *An:* [EMAIL PROTECTED]; axis-user@ws.apache.org *Betreff:* WSS4J: Hybrid system (Symmetric and asymmetric cryptography) *Hello,* ** Definitions: Asymmetric cryptography: Form of cryptography in which a user has a pair of cryptographic keys (a *public key* and a *private key*) Symmetric cryptography: Form of cryptography in which many user shared a secret-key (*single key*) *WSS4J works as follows for encryption*: WSS4J generates a random session key (*single key*) for every new session (SOAP message), encrypts the data using the *single key*. The server's *public key* (usually contained in a X.509 certificate) encrypts the *session key* and packs it into the relevant SOAP header structure. Is this correct? Which is the default *symmetric* algorithm to encrypt the SOAP body data in WSS4J? Is it aes128-cbc? Which is the default *asymmetric* algorithm to encrypt the symmetric key (*single key*) in WSS4J? Is it RSA? *WSS4J works as follows for signing*: The client uses its *private key* to sign the SOAP body. The server uses the client's public key to check the signature of the SOAP body content using a cryptographic hash fuction. The client's public key is usually contained in a signed certificate by a Certificate Authority (such as Verisign) Is this correct? Which is the default hash algorithm to sign the SOA body data in WSS4J? Is it SHA-1? Thank you in advance for your comments. Jose Ferreiro -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Adapting my Java only webservice security to a .net client
Hello Steve, I am glad my indications could help you to produce a Axis2/Rampart service where a .net client could connect to the service! May I ask you which security scenario did you use in your Axis2/Rampart project: TIMESTAMP, ENCRYPTION, SIGNATURE? Which certificates did you use (own ones or sample ones). I assume you used the framework .net 2.0 with WSE 3.0 . Is this correct? Thank you José Ferreiro On Mon, Apr 14, 2008 at 10:17 PM, [EMAIL PROTECTED] wrote: Jose, Wow - I just got a new project where our Axis2/Rampart web services will be consumed by .NET client. You answered most of the questions I had. Many thanks! - Steve __ Think little goals and expect little achievements. Think big goals and win big success. David Joseph Schwartz
Re: Adapting my Java only webservice security to a .net client
Hello Raphaël, I will suggest you to download WSE 3.0 (Web Services Enhancements) which requires .net 2.0 framework (although you said you need a client using .net 1.1). I will strongly recommend you to use .net 2.0 framework. If you need to use .net 1.1. I think you may use it with WSE 2.0. The thing is that WSE 3.0 should be more robust than WSE 2.0 in terms of stability and above all more compliant in terms of the WS-security standard point of view from OASIS. You are correct when saying that you need to use the TIMESTAMP parameter. When you will install the WSE 2.0 or WSE 3.0, there is some examples provided with the package. Please also note that WSS4J package provides examples under the folder interop. There is specially the folder interop/keys that contains the keys in the jks format and keys in the pfx format. They explain how they generated them (from jks - pfx), but it is still unclear for me about the formats. Maybe some of the wss4j developers may provide us more information! Because it is not easy to transfer the keys generated with the keytool to the Microsoft world. You may use the WSDL Proxy class tool (WseWsdl3.exe - this comes with WSE 3.0 ) from microsoft to generate the proxy code for the Web service client from the existing WSDL file you have. Please note that your wsdl should be compliant with WS-I, in order to achieve maximal interoperability between the two technologies (Microsoft WSE 3.0 - Axis 1.4, wss4j) (http://www.ws-i.org/). To develop the .net client you may use Visual C# 2005 Express Editionhttp://msdn.microsoft.com/vstudio/express/visualcsharp/(free), there is also a c-sharp plugin for Eclipse if you decide to write your client in C-sharp language. Well Raphaël, hope I provide some directions to inspire you. Kind regards, José Ferreiro On 4/14/08, Raphaël Di Cicco [EMAIL PROTECTED] wrote: Hello, I have the following configuration : tomcat 5.5.25 axis 1.4 wss4j 1.5.3 JDK1.5 JKS and self signed certificates I was able to secure the connection between my java client and the server by using the following conguration : SERVER WSDD service name=UploadCoverCreation provider=java:RPC attachment=NONE xmlns:ict=urn:dtos.client.ws.ic.axa.com parameter name=allowedMethods value=getVersion,invoke/ parameter name=className value=com.axa.ic.ws.UploadCoverCreationWS/ requestFlow handler type=java:org.apache.ws.axis.security.WSDoAllReceiver parameter name=passwordCallbackClass value=com.ic.ws.helpers.PWCallback/ parameter name=action value=UsernameToken Encrypt/ parameter name=decryptionPropFile value=crypto_server.properties / /handler /requestFlow ... /service CRYPTO SERVER PROPERTIES org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=keystorepassword org.apache.ws.security.crypto.merlin.keystore.alias=serverUser org.apache.ws.security.crypto.merlin.alias.password=myserverpassword org.apache.ws.security.crypto.merlin.file=serverkeystore.jks CLIENT WSDD ?xml version=1.0 encoding=UTF-8? deployment xmlns=http://xml.apache.org/axis/wsdd/; xmlns:java=http://xml.apache.org/axis/wsdd/providers/java; transport name=http pivot=java:org.apache.axis.transport.http.HTTPSender/ globalConfiguration requestFlow handler type=java:org.apache.ws.axis.security.WSDoAllSender parameter name=action value=UsernameToken Encrypt/ parameter name=passwordCallbackClass value=com.axa.ic.ws.client.helpers.PWCallback/ parameter name=passwordType value=PasswordText / parameter name=addUTElement value=Nonce Created / parameter name=encryptionPropFile value=crypto_client.properties / parameter name=encryptionKeyIdentifier value=X509KeyIdentifier / parameter name=encryptionUser value=serverUser / parameter name=encryptionParts value={Element}{ http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken / /handler /requestFlow /globalConfiguration /deployment The hard part comes now... I have to make this work with a .Net 1.1 client. I understand the .net framework must use WSE but I'm unsure which version : 2.0 or 3.0 ? I also know that I must use the Timestamp action for it to be compatible. Beeing a complete newbie to .Net I looked for a sample or tutorial that could fit to my project but could not find any. I'm especially confused about certificates, which format should I use to be compatible on both sides, and also about the policy file from the .net side that seems rather complex. So I was wondering if any of you had success with such configuration. Some pointers or code samples would be greatly appreciated in order for me to advance to interoperability. Thank you, Raphaël -- View this message in context: http://www.nabble.com/Adapting-my-%22Java-only%22-webservice
Re: Ws-secureconversation rampart samples
Hello, Do you think this configuration could work? Client side : .net 2.0 wse 3.0, authentication using: x.509 server side : axis2, rampart + rahas, authentication using: x.509, Is there any example or article? Thank you in advance for your answers On Jan 18, 2008 2:08 AM, ahurtado [EMAIL PROTECTED] wrote: I have seen that for web service secure conversation: + for axis1 there are some classes in wss4j and in wss4j-sandbox that indicates that once upon a time was some interest for do that (this is, enable axis 1 for secure conversation), but i have not found a concrete sample working doing this, specially if you want to integrate the web service with .net 2.0 + web service enhancements (wse-3.0), mantaining x.509 security certificates enabled at the same time. + for axis2, you can use rampart + rahas for this support, but the sample uses x.509, I think that you need to configure the services.xml of the sample to make it work with usernametoken ( wsp:Policy section ). you can explore http://www.mssoapinterop.org/ilab/ to find some samples for write this section. Anil Misra wrote: Hi, I have the same requirement and I see no reply to the question below, if some has a sample please let me know. Thanks, -Anil Misra Hi Ruchith, Do you have please sample configuration where the base token in RST is usernametoken instead of x509? Thank you, Elena - Original Message From: Ruchith Fernando [EMAIL PROTECTED] To: axis-user@ws.apache.org Sent: Tuesday, February 13, 2007 9:25:28 AM Subject: Re: Ws-secureconversation rampart samples Hi Elena, Please have a look at policy/sample04 in the samples directory of the rampart-1.1 release. Thanks, Ruchith On 2/11/07, Elena Neroslavskaya [EMAIL PROTECTED] wrote: Hello, I'm looking to implement an axis client establishing and canceling security context with ws-secureconversation protocol. Do you have a code sample sending RST, using context and cancelling it in Rampart? Any tutorial or sample will be very helpful, thank you in advance, Elena -- View this message in context: http://www.nabble.com/Ws-secureconversation-rampart-samples-tp14807694p14942019.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Ws-secureconversation rampart samples
Thank you so much for the interesting links. I appreciate it. On Jan 18, 2008 1:31 PM, ahurtado [EMAIL PROTECTED] wrote: Precisely I'm trying this at this time, but most links you can get about interoperability-work between platforms (.net - java ) is shown using windows communication foundation + .net 3.0/3.5 in the .net side. If you need a choice in the client side, I think WCF is a better choice. In the case of server side, an api that can expose your policies as a mex (like https://wsit.dev.java.net/ metro , or axis-2 + some other configuration does), is a good candidate. About interoperability with wse-3.0 in the .net (client side), here is a link that can help you (take in mind that this service example does not show the secure conversation that you can enable with the wse-3.0 wizard: http://www.shellysaunders.co.uk/Blog/tabid/65/EntryID/2/Default.aspx http://www.shellysaunders.co.uk/Blog/tabid/65/EntryID/2/Default.aspx (this does not shown the flag establishSecurityContext enabled as you can, as described in the Hands On Labs of wse-3 about security: http://www.microsoft.com/Downloads/details.aspx?familyid=018A09FD-3A74-43C5-8EC1-8D789091255Ddisplaylang=en ) José Ferreiro wrote: Hello, Do you think this configuration could work? Client side : .net 2.0 wse 3.0, authentication using: x.509 server side : axis2, rampart + rahas, authentication using: x.509, Is there any example or article? Thank you in advance for your answers On Jan 18, 2008 2:08 AM, ahurtado [EMAIL PROTECTED] wrote: I have seen that for web service secure conversation: + for axis1 there are some classes in wss4j and in wss4j-sandbox that indicates that once upon a time was some interest for do that (this is, enable axis 1 for secure conversation), but i have not found a concrete sample working doing this, specially if you want to integrate the web service with .net 2.0 + web service enhancements (wse-3.0), mantaining x.509 security certificates enabled at the same time. + for axis2, you can use rampart + rahas for this support, but the sample uses x.509, I think that you need to configure the services.xml of the sample to make it work with usernametoken ( wsp:Policy section ). you can explore http://www.mssoapinterop.org/ilab/ to find some samples for write this section. Anil Misra wrote: Hi, I have the same requirement and I see no reply to the question below, if some has a sample please let me know. Thanks, -Anil Misra Hi Ruchith, Do you have please sample configuration where the base token in RST is usernametoken instead of x509? Thank you, Elena - Original Message From: Ruchith Fernando [EMAIL PROTECTED] To: axis-user@ws.apache.org Sent: Tuesday, February 13, 2007 9:25:28 AM Subject: Re: Ws-secureconversation rampart samples Hi Elena, Please have a look at policy/sample04 in the samples directory of the rampart-1.1 release. Thanks, Ruchith On 2/11/07, Elena Neroslavskaya [EMAIL PROTECTED] wrote: Hello, I'm looking to implement an axis client establishing and canceling security context with ws-secureconversation protocol. Do you have a code sample sending RST, using context and cancelling it in Rampart? Any tutorial or sample will be very helpful, thank you in advance, Elena -- View this message in context: http://www.nabble.com/Ws-secureconversation-rampart-samples-tp14807694p14942019.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Ws-secureconversation-rampart-samples-tp14807694p14949166.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: WSS4J, AXIS1.X, WSE (interop)
I am asking for a possible configuration client and server side (doesn't need to be with tomcat) Thank you. On Jan 4, 2008 2:56 PM, José Ferreiro [EMAIL PROTECTED] wrote: Hello everybody, I would like to ask the developers (or if someone knows) from WSS4J or AXIS 1.X world if there is interoperability scenarios that *works* with: AXIS + WSS4J (server side with tomcat) and WSE2.0 or WSE3.0 using digital certificates. Any information will be very much appreciated. Thank you in advance.
Re: Web Services: Axis - C# :: AuthenticationException
Hello, Try to use this tool because I think you are having problem with the accepted format in .net. http://www.alphaworks.ibm.com/tech/keyman KeyMan is a tool for managing keys, certificates, certificate revocation lists (CRLs), and the respective repositories for storing and retrieving these items. The full life cycle of certificates is supported, as are processes involved in handling user and server certificates. Are you using your own generated cer? Do you use WSE 2.0 or WSE 3.0? Which .net framework do you user .net 1.1 or .net 2.0 Jose Ferreiro On 7/23/07, Srinivasa Rao K [EMAIL PROTECTED] wrote: Hi, I have extracted certificate .der (its not allowing .cer) file by using IBM ikeyman tool. C:\Program Files\IBM\irRational\SDP\6.0\runtimes\base_v51\etc\DummyServerTrustFile.JKS file is used as input file for the too. ( RAD6 ) C# client for Version Service which is on WebSphere. X509Certificate x509 = X509Certificate.CreateFromCertFile (@C:\downloads\CSharpTest\certificates\cert.der); Project2.version.VersionService Ver = new Project2.Version.VersionService (); Ver.ClientCertificates.Add(x509); Ver.Credentials = new System.Net.NetworkCredential(, *); string version = Ver.getVersion(); I am getting the below error. Unhandled Exception: System.Net.WebException: The underlying connection was clos ed: Could not establish trust relationship for the SSL/TLS secure channel. --- System.Security.Authentication.AuthenticationException: The remote certificate i s invalid according to the validation procedure. Thanks, Srini -- Park yourself in front of a world of choices in alternative vehicles. Visit the Yahoo! Auto Green Center.http://us.rd.yahoo.com/evt=48246/*http://autos.yahoo.com/green_center/;_ylc=X3oDMTE5cDF2bXZzBF9TAzk3MTA3MDc2BHNlYwNtYWlsdGFncwRzbGsDZ3JlZW4tY2VudGVy -- José Ferreiro Jose Ferreiro
Re: docs for wss4j
Hello, You may visit this page: http://wso2.org/projects/wss4j and then refer to the paragraph Links which refers to substantive information. Hope this helps José Ferreiro Jose On 6/21/07, Richard DeGrande [EMAIL PROTECTED] wrote: Hi I'm trying to write a WS client to a secure service using axis 1.4 and wss4j. I am having some difficulty finding information on the use of wss4j. Does anyone know of any links that could help me out ? thanks in advance - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
[SOLUTION] Example of Logging SOAP requests/responses in AXIS 1.4
Dear Rich, This will probably of your interest. I am using successfully the log method in Axis 1.4. It made it working but i didn't investigate all the options, for example where to store the log file, the log file name, etc. I was only curious to see if it could work to keep a trace of the message requests and responses! In my case it works as follows: In the client wsdd file add the following code: handler name=log type=java:org.apache.axis.handlers.LogHandler/ globalConfiguration requestFlow handler type=log/ /requestFlow responseFlow handler type=log/ /responseFlow /globalConfiguration This will create a log file by default nammed axis.log and it is in the root folder of my eclipse project when I run the web service client. Add this in deploy.wsdd It is really interesting feature because it logs the REQUEST AND THE RESPONSES. handler name=log type=java:org.apache.axis.handlers.LogHandler/ globalConfiguration requestFlow handler type=log/ /requestFlow responseFlow handler type=log/ /responseFlow /globalConfiguration the log file is nammed axis.log and in my case it is stored in !-- Logs stored in C:\tomcat5.5.12\bin\axis.log -- Those links will provide you more information: http://www.theserverside.com/discussions/thread.tss?thread_id=35765 http://www.google.com/support/adwordsapi/bin/answer.py?answer=15137 http://forum.java.sun.com/thread.jspa?threadID=724190 HOPE THIS HELPS. CHEERS Jose Ferreiro José Ferreiro 2007/5/24, Rich Adili [EMAIL PROTECTED]: Hi dims, Thanks! That's just what I need for my product design. However, I'm also babysitting a legacy application written around an Axis1.4 beta, I forget exactly which beta. Do you know if this technique also applies to the older code? Rich -Original Message- From: Davanum Srinivas [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 23, 2007 3:06 PM To: axis-user@ws.apache.org Subject: Re: Logging SOAP requests? Rich, See http://blogs.cocoondev.org/dims/archives/004668.html thanks, dims On 5/23/07, Rich Adili [EMAIL PROTECTED] wrote: Was thinking in terms of an option that field personnel could flip on and off. Debugging proxies are a bit arduous for such folks. I'm surprised a simple logging mechanism isn't built in. From: robert lazarski [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 23, 2007 3:01 PM To: axis-user@ws.apache.org Subject: Re: Logging SOAP requests? If you are talking about writing them to a file / db via log4j , look at the modules guide and their howto on writing a logging module: http://ws.apache.org/axis2/1_2/modules.html If you just want to look at it, try tcpmon or the soapmonitor. HTH, Robert On 5/23/07, Rich Adili [EMAIL PROTECTED] wrote: Hi, How does one go about logging the outgoing SOAP requests? Rich Adili -- Davanum Srinivas :: http://davanum.wordpress.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: create Java base Web service client
Hello Ashish, I am myself using axis 1.x. and there is a folder with examples on the binary distribution. And it is the same for Axis2. You may start downloading the binary distribution here ( http://ws.apache.org/axis2/download/1_2/download.html#std-bin): http://ws.apache.org/axis2/ http://ws.apache.org/axis2/1_2/quickstartguide.html This web side wwill be also useful for you: http://wso2.org/projects/axis2/java Have a nice day. José On 4/28/07, Ashish Kulkarni [EMAIL PROTECTED] wrote: Hi Thanks for your email, i will be using axis 2 as the webservice is written in java, and is writting using egate interface, Now with axis 2, do i run wsdl2java to create java classes and then call some methods? do you have any example of doing so using axis 2 Ashish On 4/27/07, José Ferreiro [EMAIL PROTECTED] wrote: Dear Ashish, I will say that you have two technologies to do that (among many others). You may choose Microsoft or Open source libraries. In this mailing list you have people working with Axis 1.x and Axis2. Axis 1.4 doesn't has any further development. Axis2 is evolving and supports different types of WS-standarts (which is not the case for Axis 1.x). Well, in my opinion you should ask the people who gave you the wsdl what kind of web service server do they have. If they are working with open source I will suggest your client should be open source. On the other hand if they are using microsoft, then I will suggest you to use Microsoft. Basically, using the same technology as they use will simplify your development life of your client. After you choose that you should then understand how to build the client with the desired technology. For Axis 1.4 or Axis2 you will use wsdl2java. This utility will generate automatically the stubs. Then, you need to complete the code with your logic. You may also write your own client using the a DYNAMIC INVOCATION INTERFACE method. However the source code for a DII client is more complicated than the code for the other two types of clients. I will suggest you to use the wsdl2java (at least for starting). If you will use Microsoft, then you have to learn about .NET frametwork and choose C# for example as programming language. You probably will need MS visual studio as IDE There you will use the command wsdl.exe (for java wsdl2java, use eclipse with ant). Hope this little introduction was helpfull. José Ferreiro On 4/27/07, Ashish Kulkarni [EMAIL PROTECTED] wrote: Hi I recently got a WSDL file, and i am expected to write a web service client to access this web service, Can some one give some pointers, and code or example or tutorial to do so. What are the steps, do i have to used WSDL2JAVA to create some thing. Ashish -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: create Java base Web service client
Dear Ashish, I will say that you have two technologies to do that (among many others). You may choose Microsoft or Open source libraries. In this mailing list you have people working with Axis 1.x and Axis2. Axis 1.4 doesn't has any further development. Axis2 is evolving and supports different types of WS-standarts (which is not the case for Axis 1.x). Well, in my opinion you should ask the people who gave you the wsdl what kind of web service server do they have. If they are working with open source I will suggest your client should be open source. On the other hand if they are using microsoft, then I will suggest you to use Microsoft. Basically, using the same technology as they use will simplify your development life of your client. After you choose that you should then understand how to build the client with the desired technology. For Axis 1.4 or Axis2 you will use wsdl2java. This utility will generate automatically the stubs. Then, you need to complete the code with your logic. You may also write your own client using the a DYNAMIC INVOCATION INTERFACE method. However the source code for a DII client is more complicated than the code for the other two types of clients. I will suggest you to use the wsdl2java (at least for starting). If you will use Microsoft, then you have to learn about .NET frametwork and choose C# for example as programming language. You probably will need MS visual studio as IDE There you will use the command wsdl.exe (for java wsdl2java, use eclipse with ant). Hope this little introduction was helpfull. José Ferreiro On 4/27/07, Ashish Kulkarni [EMAIL PROTECTED] wrote: Hi I recently got a WSDL file, and i am expected to write a web service client to access this web service, Can some one give some pointers, and code or example or tutorial to do so. What are the steps, do i have to used WSDL2JAVA to create some thing. Ashish -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: How to validate WSDL file?
Hello, Well, I am using this tool wsdlviewer ( http://wcf.netfx3.com/files/folders/development_tools/entry5214.aspx ) WSDL files, especially large ones, are ofter hard to read as plain XML and when adding an element you may forgot to close a tag, etc. This tool helps me to parse the file quickly and tell me if it is valid or not. This is my main usage. Hope this helps. José FERREIRO On 4/12/07, Thilina Gunarathne [EMAIL PROTECTED] wrote: Eclipse WTP[1] comes with a WSDL validator. It's open source too.. Thilina [1]http://www.eclipse.org/webtools/main.php On 4/12/07, Vikas [EMAIL PROTECTED] wrote: Hi Friends, I have created WSDL file for simple HelloWorld application. It is simple, but when our WSDL file will grow; then it is very difficult to validate that wsdl file. So for that, Is there any functionality available from Axis2 to validate wsdl file OR by using wsdl2java utility? OR is there any open source tool is available to validate WSDL file? Is there any thing available with data binding framework like ADB/XMLBeans/JiBX for validating WSDL? With best regards From Vikas R. Khengare -- Thilina Gunarathne - http://www.wso2.com - http://thilinag.blogspot.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Re: Can we define multiple web services in single WSDL?
/wsdl:portType tags in one WSDL file? With best regards From Vikas R. Khengare - Original Message - *From:* biswadip saha [EMAIL PROTECTED] *To:* axis-user@ws.apache.org *Sent:* Wednesday, April 11, 2007 4:22 PM *Subject:* Re: Can we define multiple web services in single WSDL? Hi all can you create two class in same directory with same name.??? its like that On 4/11/07, Nilesh Ghorpade [EMAIL PROTECTED] wrote: Hi Vikas, As per my knowledge you can define multiple services in a single wsdl. Regards Nilesh - Original Message From: Vikas [EMAIL PROTECTED] To: axis user axis-user@ws.apache.org Sent: Wednesday, April 11, 2007 3:59:04 PM Subject: Can we define multiple web services in single WSDL? Hi Friends, Can we define multiple web services in single WSDL? [Means If I want to define more than one web services in one WSDL, can we do so? If No, why so?] With best regards From Vikas R. Khengare -- Now that's room service! Choose from over 150,000 hotels in 45,000 destinations on Yahoo! Travelhttp://travel.yahoo.com/hotelsearchpage;_ylc=X3oDMTFtaTIzNXVjBF9TAzk3NDA3NTg5BF9zAzI3MTk0ODEEcG9zAzIEc2VjA21haWx0YWdsaW5lBHNsawNxMS0wNw--%0Ato find your fit. -- ## Sr. Software Developer +919899566690 ## o o o o o o o . . . __ o _ ||| .][__n_n_|DD[ _ | | (|__|_[_]_|| _/oo O oo` ooo ooo 'o!o!o o!o!o` -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -- ## Sr. Software Developer +919899566690 ## o o o o o o o . . . __ o _ ||| .][__n_n_|DD[ _ | | (|__|_[_]_|| _/oo O oo` ooo ooo 'o!o!o o!o!o` -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -- ## Sr. Software Developer +919899566690 ## o o o o o o o . . . __ o _ ||| .][__n_n_|DD[ _ | | (|__|_[_]_|| _/oo O oo` ooo ooo 'o!o!o o!o!o` -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
Download WSS4J 1.5.0
Hello Where can I donwload the WSS4J 1.5.0 version? Can't find it in any of the mirrors proposed at WSS4J web site. ( http://www.apache.org/dyn/closer.cgi/ws/wss4j/) Thank you in advance and best regards -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
[AXIS 1.4] WS-addressing
Hello, Does anyone know if it is possible to make working WS-Addressing with AXIS 1.4? All suggestions are welcome. Thank you. -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
[AXIS 1.4 WSS4J] - Keystore interop
HELLO, I have a key store from Java in the JKS format that was created with KEYTOOL. I programmed a .net client. As the .net client, more specifically Windows keystores do not support JKS I successfully exported a key for my client to the format PFX (PKCS12), which is a format recognized by the Windows Keystores. Then, I have the public key of the client in the java keystore (format JKS). I have the public and private key in the windows keystore (format PFX [PKCS12]). This is my question: Does the inteoperability work like this for the x509 certificates? That is to say if a key is in JKS format in the server and the client has a PFX key (generated from the one in the server). Thank you for any hint or tip. Regards, José
[Axis 1.4, WSS4J] - Timestamp in SOAP is one hour less than my current time in the computer (my timezone is : GMT+1 - Switzerland)
Hello, I am introducing the timestamp in the messages SOAP. The capture of the messages shows that the Timestamp of the REQUEST IS: ..omitted.. wsu:Timestamp xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-16795115 wsu:Created2007-02-23T15:57:47.093Z/wsu:Created wsu:Expires2007-02-23T16:02:47.093Z/wsu:Expires /wsu:Timestamp ..omitted. Timestamp of the RESPONSE IS; ..omitted.. wsu:Timestamp xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-9715140 wsu:Created2007-02-23T15:57:48Z/wsu:Created wsu:Expires2007-02-23T16:02:48Z/wsu:Expires /wsu:Timestamp ..omitted.. And the current time settins of my computer is (GMT +1). Is there a way to configure that? Did someone notice this also? I expected to have, that is to say the timestamp accordingly with my timezone: ..omitted.. wsu:Timestamp xmlns:wsu= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; wsu:Id=Timestamp-9715140 wsu:Created2007-02-23T16:57:48Z/wsu:Created wsu:Expires2007-02-23T17:02:48Z/wsu:Expires /wsu:Timestamp ..omitted.. All answers or suggestions are welcome. -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
[Axis 1.4 WSS4J] - WS-Addressing
Hello, Did someone try to implement WS-addressing using Axis 1.4 and WSS4J? I am working in a prototype for interoperability ( C#, .net 2.0, and WSE 3.0). Any coments, suggestions are welcome. Regards -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
(Interop) - Serialization /Deseralization in .net Client c# accesssing Axis 1.4
Hello, I am trying to achieve interoperability between a .net client written in C# (.net 2.0) to access a axis 1.4 web service. Java client access without any problem the web service and is able to deserialize the class in the response. I'm using document/litteral. When I use a c# client after generating the proxy using wsdl.exe tool from the WSDL file written by hand for axis. the call is successfull but I am not able to get the answer (web service response). All the field are null. Does anybody knows a solution for this? I am thinking to use arrays as it seems there is problems when using classes (to serialize and deserialize, mainly deserialize in the .net client). Any suggestion, comments, doc are welcome. I wish all of you a nice day. Happy Axis José Ferreiro -- José Ferreiro EPFL Communication Systems engineer ing.sys.com.dipl.EPFL
[AXIS 1.x - WSS4J] - HTTPs or Secure HTTP
Hi! Could someone tell me if HTTPs or Secure HTTP is supported by Axis 1.x and WSS4J? Thank you.
Re: Client .net using WSE to access Secure Web Service implemeted using Axis 1.4
Life is funny!No I didn't try but the problem is similar.We should be able to build up soap messages that both understand (Axis and .Net) with the correct headers and right mappings.Have a nice day. José FerreiroOn 9/13/06, Xinjun Chen [EMAIL PROTECTED] wrote: Hi Jose, I am trying the reverse. Have you done that? Regards, Xinjun On 9/12/06, José Ferreiro [EMAIL PROTECTED] wrote: Hello,Does/Did anyone program/ed a .net client using WSE to access a secure web service done with Axis 1.4?If you have a link with some example, or some related help, it will be great!I appreciate your help I wish you a nice day.Thank you for your help. José Ferreiro -- José FerreiroEPFL Communication Systems engineering.sys.com.dipl.EPFL
Re: WSS4J in the real word for more than 1 client
CIARO LUCA,Following this links you will find the anwers to your question. [1] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jParameters [2]http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#USE_REQ_SIG_CERT [3] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#many [4] http://archives.devshed.com/forums/apache-92/aw-aw-encryption-not-asking-for-the-right-private-key-815343.html Answer is :add this line in the Server part, response parameter name=encryptionUser value=useReqSigCert / Hope this helpsHappy AXIS :-) CIAOJosé FerreiroOn 9/12/06, Davanum Srinivas [EMAIL PROTECTED] wrote: http://www.wso2.net/tutorials/rampart/java/2006/09/06/sec-msg-exchg On 9/12/06, Luca Risello [EMAIL PROTECTED] wrote: Hi everybody, I've a question. In the real word server has to trust more than one client. For example If Have I to trust 20 client how can i configure my scenario for WSS to provide a two way security transmission? For the certificate trusting there isn't problem Client i Keystore Own keys Server public key Server Keystore Own Keys Client 1 public key Client 2 public key [...] Client 20 public key For the PWCallback class I can use a Db to manage all the clients... The problem is the server side wsdd configuration file In fact in my example I specified the user for the encryption and the digital signature (both in requestFlow and in the responseFlow) but if I have one more than client? How Can I Do!!! Thanks For Your Attention! Hope in your help! Bye. Luca__ Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it--Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers)-To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
Client .net using WSE to access Secure Web Service implemeted using Axis 1.4
Hello,Does/Did anyone program/ed a .net client using WSE to access a secure web service done with Axis 1.4?If you have a link with some example, or some related help, it will be great!I appreciate your help I wish you a nice day.Thank you for your help.José Ferreiro
Re: How to start up with keystores, and setting up your own CA (some tips)
For the server side you may define your crypto.properties in the filedeploy.wsddusing!-- if you are signing the message--parameter name=signaturePropFile value=server.crypto.properties /but you have to understand what is happening (in terms of cryptography and exchange messages)within requestFlowand responseFlowsame thing in the client side configutration file for crypto.propeties.I will suggest you to label them like thisserver side server.crypto.properties andin the client side client.crypto.properties.try to read/try this sample too. http://weblogs.asp.net/jdanforth/archive/2005/01/16/354060.aspxHope this helps!José FerreiroOn 9/6/06, Ruchith Fernando [EMAIL PROTECTED] wrote:Following is a step by step guide on setting up keystores for a client and a service:http://www.wso2.net/tutorials/rampart/java/2006/06/29/setting-up-keystoresThanks,Ruchith On 9/6/06, José Ferreiro [EMAIL PROTECTED] wrote: Hello Risello, Try to understand the keytool included in the Java SDK (how it works, how to generate keys, certificate request,etc...). This will allow you to define a crypto.propeties file... (one should be in the client side and another one in the server side...) The following links will be VERY helpful: http://www.churchillobjects.com/c/11201e.htmlhttp://www.churchillobjects.com/c/11201g.html http://marc.theaimsgroup.com/?l=tomcat-userm=106293430225790w=2 Happy Axis José Ferreiro On 9/6/06, Luca Risello [EMAIL PROTECTED] wrote:Good Morning, I'm a student and I'm trying to use wss4j features to secure SOAP messages. The Problem is that I follow step by step the tutorial http://ws.apache.org/wss4j/package.html but there are some problems about the XML Encyption and D.Signature. I Follow the tutorial but when i run the client with this config file: deployment xmlns= http://xml.apache.org/axis/wsdd/ xmlns:java=http://xml.apache.org/axis/wsdd/providers/java transport name=http pivot=java: org.apache.axis.transport.http.HTTPSender/ globalConfiguration requestFlow handler type=java: org.apache.ws.axis.security.WSDoAllSender parameter name=user value=16c73ab6-b892-458f-abf5-2f875f74882e/ parameter name=passwordCallbackClass value=org.apache.ws.axis.oasis.PWCallback / parameter name=action value=Signature Encrypt/ parameter name=signaturePropFile value= crypto.properties / /handler /requestFlow /globalConfiguration /deployment There is this excepion: AxisFault faultCode: { http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties faultActor: faultNode: faultDetail: { http://xml.apache.org/axis/}stackTrace:java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties at org.apache.ws.security.components.crypto.CryptoFactory.getProperties (CryptoFactory.java :185) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:110 ) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto (WSHandler.java:337) at org.apache.ws.security.handler.WSHandler.doSenderAction (WSHandler.java:123) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java :170) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32 ) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke( SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127 ) at org.apache.axis.client.Call.invokeEngine (Call.java:2784) at org.apache.axis.client.Call.invoke (Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke( Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at prova2.client.Saluto2SoapBindingStub.saluto (Saluto2SoapBindingStub.java:106) at prova2.client.ClientSaluto.main(ClientSaluto.java :49) { http://xml.apache.org/axis/}hostname:Chianti java.lang.RuntimeException: CryptoFactory: Cannot load properties: crypto.properties at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216) at org.apache.axis.client.Call.invokeEngine ( Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke (Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java :2366 ) at org.apache.axis.client.Call.invoke(Call.java:1812) at prova2.client.Saluto2SoapBindingStub.saluto( Saluto2SoapBindingStub.java:106) at prova2.client.ClientSaluto.main (ClientSaluto.java:49 ) Caused by: java.lang.RuntimeException: CryptoFactory: Cannot load properties: crypto.properties at org.apache.ws.security.components.crypto.CryptoFactory.getProperties (CryptoFactory.java:185) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance( CryptoFactory.java:110) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto
How to start up with keystores, and setting up your own CA (some tips)
Hello Risello,Try to understand the keytool included in the Java SDK (how it works,how to generate keys, certificate request, etc...).This will allow you to define a crypto.propeties file... (one should be in the client side and another one in the server side...) The following links will be VERY helpful:http://www.churchillobjects.com/c/11201e.html http://www.churchillobjects.com/c/11201g.htmlhttp://marc.theaimsgroup.com/?l=tomcat-userm=106293430225790w=2 Happy AxisJosé FerreiroOn 9/6/06, Luca Risello [EMAIL PROTECTED] wrote: Good Morning, I'm a student and I'm trying to use wss4j features to secure SOAP messages. The Problem is that I follow step by step the tutorial http://ws.apache.org/wss4j/package.htmlbut there are some problems about the XML Encyption and D.Signature.I Follow the tutorial but when i run the client with this config file:deployment xmlns= http://xml.apache.org/axis/wsdd/ xmlns:java=http://xml.apache.org/axis/wsdd/providers/java transport name=http pivot=java:org.apache.axis.transport.http.HTTPSender/ globalConfiguration requestFlow handler type=java: org.apache.ws.axis.security.WSDoAllSender parameter name=user value=16c73ab6-b892-458f-abf5-2f875f74882e/ parameter name=passwordCallbackClass value=org.apache.ws.axis.oasis.PWCallback/ parameter name=action value=Signature Encrypt/ parameter name=signaturePropFile value= crypto.properties / /handler /requestFlow /globalConfiguration /deployment There is this excepion: AxisFault faultCode: { http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties faultActor: faultNode: faultDetail: { http://xml.apache.org/axis/}stackTrace:java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties at org.apache.ws.security.components.crypto.CryptoFactory.getProperties(CryptoFactory.java :185) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:110 ) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:337) at org.apache.ws.security.handler.WSHandler.doSenderAction (WSHandler.java:123) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java :170) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32 ) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke( SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127 ) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke (Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke( Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at prova2.client.Saluto2SoapBindingStub.saluto (Saluto2SoapBindingStub.java:106) at prova2.client.ClientSaluto.main(ClientSaluto.java :49) { http://xml.apache.org/axis/}hostname:Chianti java.lang.RuntimeException: CryptoFactory: Cannot load properties: crypto.properties at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216) at org.apache.axis.client.Call.invokeEngine( Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke (Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366 ) at org.apache.axis.client.Call.invoke(Call.java:1812) at prova2.client.Saluto2SoapBindingStub.saluto( Saluto2SoapBindingStub.java:106) at prova2.client.ClientSaluto.main(ClientSaluto.java:49 ) Caused by: java.lang.RuntimeException: CryptoFactory: Cannot load properties: crypto.properties at org.apache.ws.security.components.crypto.CryptoFactory.getProperties (CryptoFactory.java:185) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance( CryptoFactory.java:110) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:337 ) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:123) at org.apache.ws.axis.security.WSDoAllSender.invoke (WSDoAllSender.java:170) at org.apache.axis.strategies.InvocationStrategy.visit( InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118 ) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) ... 7 more I don't understand how to use the certificate and how to configure the client...somebody can help me please? __Do You Yahoo!? Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi http://mail.yahoo.it -- José FerreiroEPFL Communication Systems engineering.sys.com.dipl.EPFL
Re: Axis tutorial. Did anyone buy it?
It is more like a tutorial.Don't expect buying this book that they will explain in all details how the libraries work and so on but it is a good starting develop your first secure web service using Tomcat, Axis 1.x, WSS4J, keytool and Eclipse.Hope this helpsHappy Axis.Jose FerreiroOn 9/5/06, HHDirecto. Net [EMAIL PROTECTED] wrote:I saw it but, it the first chapter is very simple. Are another chapters more detailled? Thanks Obviously you should not neglect to look always at the javadoc of WSS4J and Axis 1.X .You may look at the table of contents here:http://www.agileskills2.org/DWSAA/FourtyPages.pdf Hope this helps.I wish a wonderful day to everybody and HAPPY AXISJosé FerreiroOn 9/4/06, Martin Gainty [EMAIL PROTECTED] wrote: Whats the ISBN?M- *This email message and any files transmitted with it contain confidentialinformation intended only for the person(s) to whom this email message isaddressed. If you have received this email message in error, please notifythe sender immediately by telephone or email and destroy the originalmessage without making a copy. Thank you. - Original Message - From: HHDirecto.Net To: axis-user@ws.apache.org Sent: Monday, September 04, 2006 12:18 PM Subject: Axis tutorial. Did anyone buy it? Hi, Did anyone buy Axis book:Developing Web Services with Apache Axis? http://www.agileskills2.org/DWSAA/index.html Have it interesting things? or is all in ws.apache.org/axis reference? Thanks -- José FerreiroEPFL Communication Systems engineering.sys.com.dipl.EPFL
Re: axis 1.4 questions
Hello Ravi,My message answers only to your second question denoted B.I was investigating last friday the different tools to view the soap messages from the web services I am writting using Axis 1.4: Seehttp://www.oio.de/m/jaxrpc/axis-tcp-monitor.htmhttp://ws.apache.org/axis/java/user-guide.html see Appendix: Appendix : Using the Axis TCP Monitor (tcpmon) [ http://ws.apache.org/axis/java/user-guide.html#AppendixUsingTheAxisTCPMonitorTcpmon ]or you may also use the soap monitorhttp://ws.apache.org/axis/java/user-guide.html#AppendixUsingTheSOAPMonitor Another possibility is also to use tcptracehttp://www.pocketsoap.com/tcptrace/Hope this helps you.Have a nice day and weekJosé Ferreiro On 8/20/06, Ravi Krishnamurthy [EMAIL PROTECTED] wrote: Hello:a. Is it possible to generate only the java beans for the complex typementioned in the wsdl using axis1.4 wsdl2javab. Also is it possible to get a sample soap message for a givenwebservice and operation using axis 1.4. If not is there any other toolsavailable.Thanks for your time and help,Ravi-To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
TCP capture/tunel (java server - c# .net client)
Hello everybody,Here is my configuration:Java server using Axis 1.4 in Tomcat.Am using .Net Framework 1.1 for a client to access the java server web service.I did a web service and the related client using Java and .Net (they work fine) Everything is running on my LOCALHOST machine.I am testing the interoperability with the .Net client (c#).The .net client access properly the java server web service.To analyze the TCP traffic I use as provided from Axis the TCPMonitor URL: http://ws.apache.org/axis/java/user-guide.html#AppendixUsingTheAxisTCPMonitorTcpmonI successfully am able to capture the trafic between the java client and the java server web service. However I have no idea how to capture the trafic between the .Net Client and the java server web service.FYI: I also implemented a .Net Proxy in the .net Client using c# to access the java server web service. Did someone of you try out to do something this?All suggestions are welcome.Thank you in advance and a I wish a good week-end to everybodyJosé Ferreiro
[Partially SOLVED] - TCP capture/tunel (java server - c# .net client)
[Solution]To look at the payload, when writing C# code, here is the way I used to send the request from my C# client through an HTTP proxy.using System.Net; // for proxy setup... IWebProxy proxyObject = new WebProxy(http://hostname:8099, false); service.Proxy = proxyObject; Note: do not use localhost or 127.0.0.1 if you want to hit the network layer.However the TCPMonitor (org.apache.axis.utils.tcpmon) is able to return back the REQUEST field (possible bug in Axis 1.x)The same beheviour is observed with this tool http://www.pocketsoap.com/tcptrace/ On 8/18/06, José Ferreiro [EMAIL PROTECTED] wrote: Hello everybody,Here is my configuration:Java server using Axis 1.4 in Tomcat.Am using .Net Framework 1.1 for a client to access the java server web service.I did a web service and the related client using Java and .Net (they work fine) Everything is running on my LOCALHOST machine.I am testing the interoperability with the .Net client (c#).The .net client access properly the java server web service.To analyze the TCP traffic I use as provided from Axis the TCPMonitor URL: http://ws.apache.org/axis/java/user-guide.html#AppendixUsingTheAxisTCPMonitorTcpmon I successfully am able to capture the trafic between the java client and the java server web service. However I have no idea how to capture the trafic between the .Net Client and the java server web service.FYI: I also implemented a .Net Proxy in the .net Client using c# to access the java server web service. Did someone of you try out to do something this?All suggestions are welcome.Thank you in advance and a I wish a good week-end to everybodyJosé Ferreiro
Re: Book for Axis
hello Sudip,I am also new to web services and I bought this book:http://agileskills2.org/DWSAA/I am interested in WSS4J security.As I am a beginner I don't know if this is a good book or not. I start it and it is not too bad.It explains Eclipse, Axis 1.3 and WSS4J! Hope this helps. I am starting soon also with a project about web services.However I think I will use Axis 1.4 (obviously Axis 2 is another way). Some comments from someone between Axis 1.x and Axis2 will be appreciated.Thank you.JoséOn 8/2/06, sudip shrestha [EMAIL PROTECTED] wrote:Hi,What is a good reference book for Apache Axis? Need to start diggin into Web Services I am new to web services, should I jump into Axis 2, (not studyin Axis 2)? -- José FerreiroEPFL Communication Systems engineering.sys.com.dipl.EPFLPhone: +41 (0)79 644 98 25 [+41 (0)76 526 55 55]
Book for Axis (NEXT)
Well, All my developpers friends are using Apache 1.x and no one is using Axis 2... I don't know really what is the best, but if they are all using Apache 1.x it should be because of something... The user group (newsgroup)of Axis 2 seems to have more questions/mails than Axis 1.x - I am folowing both Does this means that there is more problems using Axis 2 because of lacks of documentation or because it is still not a mature release. I cannot answer or figure out an answer. And as we all know things in computer science use to go very fast. Then does anyone has an input to give about Apache Axis 1.x against Apache Axis 2? Thank you for your contribution. Regards José On 8/2/06, Wenbo Zhu [EMAIL PROTECTED] wrote: I also like to hear aboutthe actual use/design of Axis 2, compared to 1.3 ... ? -Original Message-From: sudip shrestha [mailto: [EMAIL PROTECTED]] Sent: Wednesday, August 02, 2006 3:52 PMTo: axis-user@ws.apache.org Subject: Re: Book for AxisWondering if Axis 2 is production ready or if not when we should expect it to be production ready? On 8/2/06, José Ferreiro [EMAIL PROTECTED] wrote: hello Sudip,I am also new to web services and I bought this book: http://agileskills2.org/DWSAA/ I am interested in WSS4J security.As I am a beginner I don't know if this is a good book or not. I start it and it is not too bad.It explains Eclipse, Axis 1.3 and WSS4J! Hope this helps. I am starting soon also with a project about web services. However I think I will use Axis 1.4 (obviously Axis 2 is another way). Some comments from someone between Axis 1.x and Axis2 will be appreciated.Thank you.José On 8/2/06, sudip shrestha [EMAIL PROTECTED] wrote: Hi,What is a good reference book for Apache Axis? Need to start diggin into Web Services I am new to web services, should I jump into Axis 2, (not studyin Axis 2)? -- José FerreiroEPFL Communication Systems engineering.sys.com.dipl.EPFLPhone: +41 (0)79 644 98 25 [+41 (0)76 526 55 55]