unsubscribe
yes, I want to unsubscribe
Re: Rampart one way only
Hi Nandana, Thanks for your suggestions. I think I understand the phase stuff a bit better and I do have policy attached at the operation level (AsymmetricBinding, include timestamp) and at the input message level to sign the body. Rampart seems to be engaged on both the client and server sides. Successful reply messages include a signed header with a time stamp, but fault messages do not have a soap header, just a body with the soap fault. I was following another thread of yours about how security faults are not signed. I see messages with no soap headers where the soapfault Value is Sender and the subcode value is InvalidSecurity. My client is happy with that. But when my service code throws a fault, the soapfault is Receiver, but the message also does not have a soap header. The client then objects that there is not a soap header element, which seems like correct behavior on the client's part. Do you have any suggestions as to what could be wrong that would cause the outFlow messages have signed headers but the outFaultFlow message with Receiver faults to not have? The conf/axis2.xml file in the axis war has phaseOrder type=OutFaultFlow !-- user can add his own phases to this area -- phase name=soapmonitorPhase/ phase name=OperationOutFaultPhase/ phase name=RMPhase/ phase name=PolicyDetermination/ phase name=MessageOut/ phase name=Security/ /phaseOrder the module.xml in my rampart mar has OutFaultFlowhandler name=PolicyBasedSecurityOutHandler class=org.apache.rampart.handler.RampartSender order phase=Security phaseLast=true/ /handler /OutFaultFlow Is there something else that needs to be set? Thanks for any insights Mary Nandana Mihindukulasooriya wrote: Hi Mary, I think best way to solve this problem is to use message level policies. You can attach policies at message level, so they will be effective either on in the in flow or our flow. But still we have the problem that we can't specify policies for fault flows, For example, if we specify a policy for in message it will be applicable for both in message and in fault messages. In Axis2 , we have two kinds phases global phases and operation phases. This article [1] by Deepal explains the whole concept. Phases before dispatch phases are known as global phases and they will be called for each and every message. Security is a global phase. We need security as a global phase become dispatching mechanism like body based dispatching which used to dispatch operations need messages to be decrypted before they can act on the message. But having the security phase doesn't have any effect if rampart is not engaged. As it is described in the article, it is the rampart module that adds handlers to the phase. Even if the Rampart is engaged, if the effective security policy of the message is null, then those handlers will not have any effect. thanks, nandana [1] - http://www.packtpub.com/article/handler-and-phase-in-apache-axis On Sat, Oct 25, 2008 at 4:17 AM, Mary Thompson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I ran into the same problem when I switched to ws-policy. First I had to add the security phase to infaultflow and then the unsigned fault messages were not acceptable. I fixed it by moving the security phase in the infaultflow to the end the phase order after OperationInFaultPhase effectively causing it to be ignored. I wonder if the piece of code that insists you add a security phase when you don't want any security is wrong. Or if there is some way to indicate a null security phase. Mary Thompson RonnieMJ wrote: Ok I added an axis2.xml file in my repo, however commenting out any Security phase causes errors indicating that the Security phase is missing. I'm wondering if you would ALSO have to remove any phase info from the modules.xml file in the rampart mar? In this case I'm the client, but receiving a response. Wouldn't I want to remove the security phase from the InFlow not out? Chris82KS wrote: Hello, inside the axis2.xml you have the different flows (inFlow, OutFlow, InFault and OutFault). Just remove the phase Security from the OutFlow and the OutFaultFlow. Greetings Christian - original Nachricht Betreff: Rampart one way only Gesendet: Do, 23. Okt 2008 Von: RonnieMJ[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Is it possible to have rampart NOT be concerned with security on a return message in a synchronous transaction? Example: I send to server X with security headers. They return
Re: Rampart one way only
I ran into the same problem when I switched to ws-policy. First I had to add the security phase to infaultflow and then the unsigned fault messages were not acceptable. I fixed it by moving the security phase in the infaultflow to the end the phase order after OperationInFaultPhase effectively causing it to be ignored. I wonder if the piece of code that insists you add a security phase when you don't want any security is wrong. Or if there is some way to indicate a null security phase. Mary Thompson RonnieMJ wrote: Ok I added an axis2.xml file in my repo, however commenting out any Security phase causes errors indicating that the Security phase is missing. I'm wondering if you would ALSO have to remove any phase info from the modules.xml file in the rampart mar? In this case I'm the client, but receiving a response. Wouldn't I want to remove the security phase from the InFlow not out? Chris82KS wrote: Hello, inside the axis2.xml you have the different flows (inFlow, OutFlow, InFault and OutFault). Just remove the phase Security from the OutFlow and the OutFaultFlow. Greetings Christian - original Nachricht Betreff: Rampart one way only Gesendet: Do, 23. Okt 2008 Von: RonnieMJ[EMAIL PROTECTED] Is it possible to have rampart NOT be concerned with security on a return message in a synchronous transaction? Example: I send to server X with security headers. They return an OK message or a fault. Neither of which would have security heading information. -- View this message in context: http://www.nabble.com/Rampart-one-way-only-tp20133511p20133511.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- original Nachricht Ende - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem attaching ws-policy at message level
Thanks, Nandana, With the help of a working example, I was eventually able to figure out what I had done wrong. It was error in the policy that I was attempting to attach to the message that caused it to be ignored. I also learned a lot studying the various WS02 tutorials on this and related topics. Thanks for taking the time to help, Mary Nandana Mihindukulasooriya wrote: Hi Mary, Has anyone had success in attaching ws-policy at the message level in the xml.services file? I am trying to get the request messages signed and time stamped and the response messages just time stamped. I just tested this scenario with Axis2 1.4.1 and Rampart nightly build and worked as expected for me. I have attached the service [1] that I tested for your reference. I also included the SOAP messages for each of the scenarios I have tested. However in the response also, time stamp will be signed. I have followed Nandana's tutorial at https://wso2.org/library/3786 and used the following PolicyAttachement element The service seems to just ignore the signedParts. E.g when I send it a non-signed body it does not reject the message. Just to see what was happening, I tried attaching the policy to the response message and it did not sign the response. When you attach the policies as you have described above using the services.xml, do they appear on the generated WSDL ? thanks, nandana [1] - https://wso2.org/repos/wso2/people/nandana/demo-service/demo-service.zip -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Problem attaching ws-policy at message level
Nandana, Your example services looks like mine except for the inclusion of the rampart encryption stuff and the fact that I pass the x509 certificate in the message. I write both a services.xml and OSCARS.wsdl and then use wsdl2java. As a side effect a new services.xml and OSCARS.wsdl are written to a resources directory. The new services.xml has no policy information, but the new OSCARS.wsdl does have the correct policyReference elements. We include the original files in our aar, not the generated ones. Unfortunately my generated client Stub only includes the binding-level policy for the _operation.getMessage MESSAGE_LABEL_IN_VALUE, and does not even include an _operation for MESSAGE_LABEL_OUT_VALUE. It looks like wsdl2java didn't recognize the wsp:PolicyReference URI=#signedMsgPolicy/ and just dropped the input element. At least when I included the policy in each input element, it generated the OUT_VALUE operation. How did you create the SimpleServiceStub? It says it was auto-generated from WSDL, but you did not include a WSDL in the example. Does the wsdl2java included in axis 1.4.1 work out of the box or does it need to become rampart aware in some way? I'll try to run your example in my tomcat environment and see what happens. Mary Nandana Mihindukulasooriya wrote: Hi Mary, Has anyone had success in attaching ws-policy at the message level in the xml.services file? I am trying to get the request messages signed and time stamped and the response messages just time stamped. I just tested this scenario with Axis2 1.4.1 and Rampart nightly build and worked as expected for me. I have attached the service [1] that I tested for your reference. I also included the SOAP messages for each of the scenarios I have tested. However in the response also, time stamp will be signed. I have followed Nandana's tutorial at https://wso2.org/library/3786 and used the following PolicyAttachement element The service seems to just ignore the signedParts. E.g when I send it a non-signed body it does not reject the message. Just to see what was happening, I tried attaching the policy to the response message and it did not sign the response. When you attach the policies as you have described above using the services.xml, do they appear on the generated WSDL ? thanks, nandana [1] - https://wso2.org/repos/wso2/people/nandana/demo-service/demo-service.zip -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart Username and signed certificate
Nandana, Your example works correctly in my tomcat/axis environment. Now I just have to figure out why mine doesn't. Maybe there is something missing in our service skeleton class. Mary Nandana Mihindukulasooriya wrote: Hi, I've tried it with SignedSupportingTokens (or even just SupportingTokens) below the binding (as a top level) a few times. It ends up making the token still embedded and encrypted (not a plain old Username token). Yes, when a username token is used as supporting token with symmetric binding or an asymmetric binding it is encrypted due security considerations. You can't control this using policy. If we want to control this we might need to introduce a custom flag in to Rampart configuration. Using just SupportingTokens (without the Signed) removes it entirely. This should be a bug if it removes it completely. Please create a JIRA for this under Apache Rampart [1]. Here's my most recent message: Was this most recent message a successful one ? In that message, it seems the Username Token is encrypted. thanks, nandana [1] - http://issues.apache.org/jira/browse/Rampart On Tue, Oct 7, 2008 at 9:34 AM, keith chapman [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]wrote: On Tue, Oct 7, 2008 at 8:50 AM, Samisa Abeysinghe [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Nandana Mihindukulasooriya wrote: Hi Ronnie, Please change the policy as given below. But should not this policy come from the service? Ideally yes. ;) I just assumed that the service doesn't have a policy and security requirements are published out of band. I know that I need to send both a usernameToken and sign the header with a certificate. I'm fairly sure I've just got the policy file slightly off. Any suggestions ? But if the WSDL publishes the security requirements via policy, there is no need for us to manually create policies and attach them. If you are using the Axis2 cord generator, it will do this for you. Please take a look at this tutorial [1]. thanks, nandana [1] - http://wso2.org/library/3415 Samisa... -- View this message in context: http://www.nabble.com/Rampart-Username-and-signed-certificate-tp19843845p19859682.html Sent from the Axis - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem attaching ws-policy at message level
Has anyone had success in attaching ws-policy at the message level in the xml.services file? I am trying to get the request messages signed and time stamped and the response messages just time stamped. I have followed Nandana's tutorial at https://wso2.org/library/3786 and used the following PolicyAttachement element wsp:PolicyAttachment xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; wsp:AppliesTo policy-subject identifier=binding:soap11/operation:createReservation/in / policy-subject identifier=binding:soap12/operation:createReservation/in / /wsp:AppliesTo wsp:policy wsu:id=signedMsgPolicy xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd; xmlns:wsp=http://schemas.xmlsoap.org/ws/2004/09/policy; xmlns:sp=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; sp:SignedParts xmlns:sp=http://schemas.xmlsoap.org/ws/2005/07/securitypolicy; sp:Body/ /sp:SignedParts /wsp:policy /wsp:PolicyAttachment The service seems to just ignore the signedParts. E.g when I send it a non-signed body it does not reject the message. Just to see what was happening, I tried attaching the policy to the response message and it did not sign the response. I have also tried to put the policy in-line in the action-mapping element, but it made no difference. If anyone has gotten this to work, I would love to hear how. I'm using axis 1.4.1 and the Rampart nightly build from Oct 1 . Mary Thompson - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: wsld2java and ws-policy
I created jira AXIS2-4065. My WSDL is manually created. The policy was attached after reading the Web Services Policy 1.2 - Attachment (WS-PolicyAttachment), so I may have done it incorrectly. There seem to be several places where it could be placed. I did try by reference, and using a PolicyAttachment element as well, with no luck. Mary Nandana Mihindukulasooriya wrote: Hi Mary, Can you please create a JIRA and attach the WSDL too. I tested this with an Axis2 generated WSDL with external policies references at binding, binding message and binding operation level and it worked for me with Axis2 1.4.1. http://1.4.1. If the message level policies are not attached to the stub correctly, it is a bug that should be fixed. thanks, nandana On Thu, Oct 2, 2008 at 7:38 AM, Mary Thompson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: When switching to ws-policy from basic security I noticed that policy attached to messages does not get picked up by wsdl2java and added to the client Stub code. The policy at the binding level is added to the Stub operations. It is easy enough to edit the Stub code after it is generated to add the message specific stuff (e.g. sp:SignedParts), but it would be nice if wsld2java did it all. Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Lawrence Berkeley National Lab http://acs.lbl.gov/~mrt http://acs.lbl.gov/%7Emrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
wsld2java and ws-policy
When switching to ws-policy from basic security I noticed that policy attached to messages does not get picked up by wsdl2java and added to the client Stub code. The policy at the binding level is added to the Stub operations. It is easy enough to edit the Stub code after it is generated to add the message specific stuff (e.g. sp:SignedParts), but it would be nice if wsld2java did it all. Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] Lawrence Berkeley National Lab http://acs.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Web Service requires secure header - how to generate with Axis?
Steve, axis2.xml will be read by the appropriate library method if it appears on your class path, or is specified using a -Daxis2.xml=pathname Java option when you run the client, or set by a System.setProperty(axis2.xml,pathname ) call in your program. In my experience, the pathname needed to be relative to the classpath. The axis2.xml sections for rampart are the module ref=rampart line and the OutflowSecurity and InflowSecurity sections, specifying the security properties of the request and response messages. I think that samples/basic/sample03/client-axis.xml would give you want you want for the security heading. Since the message is not signed you don't need the properties or keystore files. I'm not sure how you would set the user interactively. You can probably write a PWCBHandler that prompts for a username and password, and then add them to the header. As for the addressing part of the message I would guess that the addressing module handles that, but I have no experience with it. Hope this is a bit of help Mary Steve Cohen wrote: Okay, thanks Mary. On your suggestion and others I have rethought and begun switching to Axis2 so that I might use Rampart. I am looking at the samples and they pose a question I want to understand. That is, the use of client.axis2.xml as in the samples. WSDL2java did not generate this file for me and I'm not sure what is going to cause this file to be read. Can you explain how this works? Once I get past this, I think I will be on my way. Thanks. Steve Mary Thompson wrote: If you mean axis2 1.4, the Rampart module will do that for you. The Axis pages link to some documentation and to the rampart 1.3 module. Go to http://ws.apache.org/rampart/download/1.4/download.cgi for rampart 1.4 and more documentation. After you have read the overviews, look at the rampart/samples code. I think samples/basic/sample03 may do what you want. Mary Steve Cohen wrote: I am trying to generate java Client code to access a web service from a WSDL using axis 1.4. Documentation that comes with the WSDL expects me to generate packets with SOAP headers that look something like this. q soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema; xmlns:wsa=http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext- 1.0.xsd xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility- 1.0.xsd soap:Header wsa:Action/wsa:Action wsa:MessageIDurn:uuid:xxx----/wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:Tohttps://{url:443}/wsa:To wsse:Security soap:mustUnderstand=1 wsse:UsernameToken xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis- 200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-xxx--- - wsse:Username[username]/wsse:Username wsse:Password Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username- token-profile-1.0#PasswordText [password] /wsse:Password /wsse:UsernameToken /wsse:Security /soap:Header soap:Body ... /soap:Body /soap:Envelope - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Unsigned messages not rejected in rampart/policy/sample02
I have recently upgraded to axis2 1.4.1 and rampart 1.4. and decided to switch to using ws-policy files. I modeled my use on the policy/sample02, but noticed that if I sent a request that was time-stamped but did not have the body signed it was accepted by the service. I went back to sample02 and just modified the policy.xml file to remove the sp:SignedParts ... lines and ran a standalone (server ant service.02) and client (ant client.02) and the same thing happened. The message that is being sent has a syntactically correct security header containing a signed timestamp, but not a signed body. The services file says there should be a signed body, but the service accepts and replies to the unsigned message. I don't see how this can be correct behavior. Is the services.xml file missing something? BTW, If I remove the timestamp and keep the body signed, the message is rejected for a missing timestamp. I'm running with Java 1.5.0_16, Mac OS X 10.4.11 Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] Lawrence Berkeley National Lab http://acs.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Web Service requires secure header - how to generate with Axis?
If you mean axis2 1.4, the Rampart module will do that for you. The Axis pages link to some documentation and to the rampart 1.3 module. Go to http://ws.apache.org/rampart/download/1.4/download.cgi for rampart 1.4 and more documentation. After you have read the overviews, look at the rampart/samples code. I think samples/basic/sample03 may do what you want. Mary Steve Cohen wrote: I am trying to generate java Client code to access a web service from a WSDL using axis 1.4. Documentation that comes with the WSDL expects me to generate packets with SOAP headers that look something like this. Is this a well-known security scheme that Axis can be easily configured to generate or must it be coded by hand? soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema; xmlns:wsa=http://schemas.xmlsoap.org/ws/2004/08/addressing; xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext- 1.0.xsd xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility- 1.0.xsd soap:Header wsa:Action/wsa:Action wsa:MessageIDurn:uuid:xxx----/wsa:MessageID wsa:ReplyTo wsa:Address http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous /wsa:Address /wsa:ReplyTo wsa:Tohttps://{url:443}/wsa:To wsse:Security soap:mustUnderstand=1 wsse:UsernameToken xmlns:wsu=http://docs.oasis-open.org/wss/2004/01/oasis- 200401-wss-wssecurity-utility-1.0.xsd wsu:Id=SecurityToken-xxx--- - wsse:Username[username]/wsse:Username wsse:Password Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username- token-profile-1.0#PasswordText [password] /wsse:Password /wsse:UsernameToken /wsse:Security /soap:Header soap:Body ... /soap:Body /soap:Envelope - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: axis 2 1.1.1 RC1
Rishi krish wrote: Hi thanks for all the response. Can you pls tell me how to set the soap12 while using the serviceclient api? I remember seeing this piece of code somewhere and not sure this is the way to set soap12 for servicelcient: options.setSoapVersionURI(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI); serviceClient.setOptions(options); That looks right. I just set the soap namespace in my WSDL to xmlns:soap=http://schemas.xmlsoap.org/wsdl/soap12/; and WSDL2java generated the following line in the clientStub constructor //Set the soap version _serviceClient.getOptions().setSoapVersionURI(org.apache.axiom.soap.SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI); Also u said the soap fault is broken for soap11 - but I can still use soap11 as long as I am not bothered about faults - right? Yes. rampart 1.1 broke the handling of enumerated strings on the server-side for me, but Ruchith said my test case worked for him, so I just gave up and switched to plain strings and let code that I wrote and understand check for the allowed values. Is there any chance of a fix by the time axis 2 1.1.1 is released finally?[probably a question for Thilana] You could go to the jira page and vote for it and the WSCOMMONS bug :-) Mary thanks Rishi On 1/2/07, *Mary Thompson* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Yes you do need Rampart 1.1. I have been using rampart 1.1 with the nightly builds for about a month now. You can ignore all the policy stuff. In fact I have not always even loaded rahas.mar. I did not need to make any wsdl changes for rampart 1.1. However, using rampart 1.1 did break the soap 1.1 fault message handling. There is a jira about this, AXIS2-1643. The cause is evidently caused by a bug in WSCOMMONS-104. Using SOAP 1.2 gets around this. Mary Thompson Rishi krish wrote: Hi I have downloaded the axis2 1.1.1 rc1 and I have some setup questions: 1What version of rampart should I download? I assume the answer is rampart 1.1. 2I have been using rampart 1.0 along with axis2 and if I have to use rampart 1.1 will all my services.xml securiy deployment xml format change? I see the samples from rampart 1.1 [basic samples] and they seem exactly same as before. But the site for downloading rampart1.1 says The WS-Security and WS-SecureConversation implementation for axis2. Now with a new configuration model based on WS-SecurityPolicy I am confused at the new configuration model statement. If I am not using ws-policy or security policy can I still go on using the old [rampart 1.0] way of specifying security attributes. 3Getting compilation error in using the piece of code below - used to work for axis2 1.0 release. *if*(httpUserName != *null* httpPassword != * null*) { HttpTransportProperties.BasicAuthentication basicAuthentication = *new* HttpTransportProperties().*new* BasicAuthentication(); basicAuthentication.setUsername( axis2); basicAuthentication.setPassword( axis2); options.setProperty( org.apache.axis2.transport.http.HTTPConstants.BASIC_AUTHENTICATION, basicAuthentication); } 4I was using OperationContext to get some custom parameters from services.xml . Should I start using MessageContext.getCurrentMessageContext().getParameter(..) instead? thanks Rishi - Mary R. Thompson [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- thanks Rishi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2] Feeback on 1.1.1-RC1
Thilina, Now that Christmas vacation is over maybe you will get some feedback. I tried it out today and it works ok with my Tomcat/https/rampart 1.1/soap 1.2 deployment. However, I can't tell if you have fixed the problems with the version service. There is mail from Deepal Jayasinghe on 12/18 that implies it was fixed on the 1.1 branch, (see below). When I now click on the version link on the services list, it just displays the wsdl. If I go to the url at axis2/rest/Version/getVersion, it does return a version. Also the happyAxis page says that version did not work and it generates the following error log messages in catalina.out Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: I/O exception (org.apache.axis2.AxisFault) caught when processing request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is: com.ctc.wstx.exc.WstxIOException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: Retrying request Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: I/O exception (org.apache.axis2.AxisFault) caught when processing request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is: com.ctc.wstx.exc.WstxIOException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: Retrying request Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: I/O exception (org.apache.axis2.AxisFault) caught when processing request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target; nested exception is: com.ctc.wstx.exc.WstxIOException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Jan 2, 2007 5:16:28 PM org.apache.commons.httpclient.HttpMethodDirector executeWithRetry INFO: Retrying request null It would be nice if this worked the way it used to cira axis1 1.0. While I know it is a lot of work, it is really helpful when the release notes give a clue as to what bugs have been fixed. A reference to the specific jira's would be great. Mary Thompson Previous mail about the version bug Hi Gul; Yes we a had a problem in 1.1 release with HTTPS , but now we have fixed th issue in 1.1 branch. Thanks Deepal Gul Onural wrote: Hi, I am trying to setup https access to Axis2 in tomcat. I have configured the tomcat to use https on port 8443. I can get access to the list of services using _https://localhost:8443/axis2/services/listServices_. I can see version in the list of available services, but when I click the version I get 500 error. What else I need to do to get https access working for a services ? Gul *HTTP Status 500 - * *type* Exception report *message* *description*_ The server encountered an internal error () that prevented it from fulfilling this request._ *exception* java.lang.NullPointerException org.apache.axis2.transport.http.ListingAgent$HTTPSListener.getEPRsForService(ListingAgent.java:406) org.apache.axis2.description.AxisService.getEPRs(AxisService.java:625) org.apache.axis2.description.AxisService.printWSDL(AxisService.java:600) org.apache.axis2.transport.http.ListingAgent.processListService(ListingAgent.java:184) org.apache.axis2.transport.http.AxisServlet.doGet(AxisServlet.java:177) javax.servlet.http.HttpServlet.service(HttpServlet.java:689) javax.servlet.http.HttpServlet.service(HttpServlet.java:802) *note*_ The full stack trace of the root cause is available in the Apache Tomcat/5.5.15 logs._ -- Thanks, Deepal Thilina Gunarathne wrote: Hi all, It's been almost a week since the 1.1.1-RC1 release[1].. We would like to know about your experience with it, so that we can go ahead with the 1.1.1 (may be a RC2 if there are major issues)... Thanks a lot, Thilina [1] http://people.apache.org/~thilina/axis2/1.1.1-RC1/ -- Thilina Gunarathne
Re: axis 2 1.1.1 RC1
Yes you do need Rampart 1.1. I have been using rampart 1.1 with the nightly builds for about a month now. You can ignore all the policy stuff. In fact I have not always even loaded rahas.mar. I did not need to make any wsdl changes for rampart 1.1. However, using rampart 1.1 did break the soap 1.1 fault message handling. There is a jira about this, AXIS2-1643. The cause is evidently caused by a bug in WSCOMMONS-104. Using SOAP 1.2 gets around this. Mary Thompson Rishi krish wrote: Hi I have downloaded the axis2 1.1.1 rc1 and I have some setup questions: 1What version of rampart should I download? I assume the answer is rampart 1.1. 2I have been using rampart 1.0 along with axis2 and if I have to use rampart 1.1 will all my services.xml securiy deployment xml format change? I see the samples from rampart 1.1 [basic samples] and they seem exactly same as before. But the site for downloading rampart1.1 says The WS-Security and WS-SecureConversation implementation for axis2. Now with a new configuration model based on WS-SecurityPolicy I am confused at the new configuration model statement. If I am not using ws-policy or security policy can I still go on using the old [rampart 1.0] way of specifying security attributes. 3Getting compilation error in using the piece of code below - used to work for axis2 1.0 release. *if*(httpUserName != *null* httpPassword != * null*) { HttpTransportProperties.BasicAuthentication basicAuthentication = *new* HttpTransportProperties().*new* BasicAuthentication(); basicAuthentication.setUsername( axis2); basicAuthentication.setPassword( axis2); options.setProperty( org.apache.axis2.transport.http.HTTPConstants.BASIC_AUTHENTICATION, basicAuthentication); } 4I was using OperationContext to get some custom parameters from services.xml. Should I start using MessageContext.getCurrentMessageContext().getParameter(..) instead? thanks Rishi - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [Axis2]Help handling faults as exceptions
Javier, Did you ever figure this out? There is a faulthandling example in the axis2-1.1 release that generates code that looks like yours and does work. I have also been using the same wsdl/code pattern with success. My cases all fail as soon as I engage the rampart1.1 module on the client side, giving the error java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:312) at example.BankServiceStub.withdraw(BankServiceStub.java:173) at example.BankClient.main(BankClient.java:59) Are you using rampart or getting errors without it? Mary - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- Javier Kohen wrote: Hi, There is this webservice that I've written the WSDL for. I want to handle the fault it returns as an exception on the client side. The code generated by WSDL2Java from Axis1.1 that is supposed to convert the AxisFault into an AuthenticationFailedMessageException (see below) seems fishy to me, as it will never succeed. Namely it tries to map the QName of the detail element with help of the faultExeptionNameMap (sic) when this map only contains a reference to the faultcode class. This of course fails, and thus the exception is never generated; the AxisFault is re-thrown instead. I don't understand why the detail is being used instead of the faultcode. I believe the WSDL is correct, but please let me know if there is something I'm doing wrong here. When debugging the AxisFault catch block below I see that faultElt is assigned an ElementA element, which isn't in the exception maps. Moreover, the setFaultMessage method of AuthenticationFailedMessageException is defined to take a mypackage.AuthenticationFailed instance and not mypackage.ElementA, so the code obviously expects faultElt to contain an AFME. Furthermore, there is an explicit check for instance-of that exception at the end of the block that is but dead code currently. Even a hint on how to workaround the generated code manually for now would be very appreciated. I couldn't find out how to extract the AuthenticationFailed element from the AxisFault, which I need to pass to fromOM, so my progress is temporarily blocked by this issue. The generated code: private void populateFaults(){ faultExeptionNameMap.put( new javax.xml.namespace.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException ); faultExeptionClassNameMap.put(new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException); faultMessageMap.put( new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.MyServiceStub$AuthenticationFailed ); faultExeptionNameMap.put( new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException ); faultExeptionClassNameMap.put(new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException); faultMessageMap.put( new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.MyServiceStub$AuthenticationFailed ); faultExeptionNameMap.put( new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException ); faultExeptionClassNameMap.put(new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.AuthenticationFailedMessageException); faultMessageMap.put( new javax.xml.mypackage.QName( , AuthenticationFailed), mypackage.MyServiceStub$AuthenticationFailed ); } public mypackage.MyServiceStub.MyOperationResponse MyOperation(... // ... }catch(org.apache.axis2.AxisFault f){ org.apache.axiom.om.OMElement faultElt = f.getDetail(); if (faultElt!=null){ if (faultExeptionNameMap.containsKey(faultElt.getQName())){ //make the fault by reflection
[axis2-rampart1.1] Error parsing SoapFaults by client-side code once rampart-1.1 is deployed
I have been fighting with SoapFaults failing to parse once rampart 1.1 is deployed ever since I moved to Axis2.1.1. It did work in axis2.1.0. I am currently using the December 15 snapshot of axis1.1.1.1 and the rampart1.1 release. Maybe I am missing some trick in deploying rampart. If any one else is getting this to work, I would love to know how. I have been working with the code is samples/faulthandling since it parallels my real code. The stub is is generated by WSDL2Java. The response message looks correct to me: Soapenv:Body soapenv:Fault faultcodesoapenv:Client/faultcode faultstringAccount does not exist!/faultstring detail ns1:AccountNotExistFault xmlns:ns1=http://example; ns1:account13/ns1:account /ns1:AccountNotExistFault /detail /soapenv:Fault /soapenv:Body Without rampart deployed the client program catches a AccountNotExistFaultMessageException. With rampart deployed it geta the following exception: [java] Withdrawing 1000 dollars from account#13 [java] java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl [java] at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:215) [java] at example.BankServiceStub.withdraw(BankServiceStub.java:173) [java] at example.BankClient.main(BankClient.java:59) To duplicate this result try: a recent axis2-1.1 release. set AXIS2_HOME to where the zip file was unziped start the server running locally by bin/axis2server.sh cd to samples/faulthandling ant generate.service - builds and deploys the service locally ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 should work [java] Withdrawing 400 dollars from account#13 [java] Account#13 does not exist Then deploy a rampart module in the samples/faulthandling client. Download and unzip rampart.1.1.zip http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/rampart/1_1/rampart-1.1.zip Copy the rampart libraries to axis2-home per rampart release instructions pd ../../../rampart-1.1/samples ant -- copies 7 jar files from ../lib to AXIS2_HOME/lib ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 Test still works Deploy rampart create client/repo/axis2.xml by copying rampart-1.1/samples/basic/sample01/client.axis2.xml, then copy the rampart.1.1.mar file to client/repo/modules/rampart.1.1.mar Then you need to edit BankClient.java to add the line ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(client/repo, client/repo/axis2.xml); now ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 fails with [java] Withdrawing 1000 dollars from account#13 [java] java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl [java] at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:215) [java] at example.BankServiceStub.withdraw(BankServiceStub.java:173) [java] at example.BankClient.main(BankClient.java:59) It seems like it is caused by some confusion of classes, but I haven't figured which ones yet. Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [axis2-rampart1.1] Error parsing SoapFaults by client-side code once rampart-1.1 is deployed
thanks for the reply. We are using soap 1.1 in hopes of being compatible with non-axis2 clients. I'll have to check to see if we can change. Mary Ruchith Fernando wrote: This is a know issues as reported here : https://issues.apache.org/jira/browse/AXIS2-1643 https://issues.apache.org/jira/browse/WSCOMMONS-104 If you can use SOAP 1.2 then this issue can be avoided. Thanks, Ruchith On 12/16/06, Mary Thompson [EMAIL PROTECTED] wrote: I have been fighting with SoapFaults failing to parse once rampart 1.1 is deployed ever since I moved to Axis2.1.1. It did work in axis2.1.0. I am currently using the December 15 snapshot of axis1.1.1.1 and the rampart1.1 release. Maybe I am missing some trick in deploying rampart. If any one else is getting this to work, I would love to know how. I have been working with the code is samples/faulthandling since it parallels my real code. The stub is is generated by WSDL2Java. The response message looks correct to me: Soapenv:Body soapenv:Fault faultcodesoapenv:Client/faultcode faultstringAccount does not exist!/faultstring detail ns1:AccountNotExistFault xmlns:ns1=http://example; ns1:account13/ns1:account /ns1:AccountNotExistFault /detail /soapenv:Fault /soapenv:Body Without rampart deployed the client program catches a AccountNotExistFaultMessageException. With rampart deployed it geta the following exception: [java] Withdrawing 1000 dollars from account#13 [java] java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl [java] at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:215) [java] at example.BankServiceStub.withdraw(BankServiceStub.java:173) [java] at example.BankClient.main(BankClient.java:59) To duplicate this result try: a recent axis2-1.1 release. set AXIS2_HOME to where the zip file was unziped start the server running locally by bin/axis2server.sh cd to samples/faulthandling ant generate.service - builds and deploys the service locally ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 should work [java] Withdrawing 400 dollars from account#13 [java] Account#13 does not exist Then deploy a rampart module in the samples/faulthandling client. Download and unzip rampart.1.1.zip http://www.apache.org/dyn/mirrors/mirrors.cgi/ws/rampart/1_1/rampart-1.1.zip Copy the rampart libraries to axis2-home per rampart release instructions pd ../../../rampart-1.1/samples ant -- copies 7 jar files from ../lib to AXIS2_HOME/lib ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 Test still works Deploy rampart create client/repo/axis2.xml by copying rampart-1.1/samples/basic/sample01/client.axis2.xml, then copy the rampart.1.1.mar file to client/repo/modules/rampart.1.1.mar Then you need to edit BankClient.java to add the line ConfigurationContext configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(client/repo, client/repo/axis2.xml); now ant run.client -Durl=http://localhost:8080/axis2/services/BankService -Daccount=13 -Damt=400 fails with [java] Withdrawing 1000 dollars from account#13 [java] java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl [java] at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:215) [java] at example.BankServiceStub.withdraw(BankServiceStub.java:173) [java] at example.BankClient.main(BankClient.java:59) It seems like it is caused by some confusion of classes, but I haven't figured which ones yet. Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [axis2-1.1.1] probems with enumerated types
I finally narrowed it down to an interaction with enumerated types and rampart.1.1-RC1. I have submitted a JIRA under the component Modules Mary Thompson Davanum Srinivas wrote: Mary, Please create an issue in JIRA and upload your wsdl and sample service/client. thanks, dims On 11/29/06, Mary Thompson [EMAIL PROTECTED] wrote: One more thing that broke when I moved from 2.1 to 2.1.1. In 2.1 enumerated types based on strings were just treated as ordinary strings. In 2.1.1 a class was created (by wsdl2java) for each enumerated type and the values were checked. So far, an improvement. But when the type is put in or out of a message (using ADB binding) the OMElement classes reject it. For example resStatus is a return parameter which can hold a few string values. It is part of a CreateReservationResponse but when axis goes to return it I get. Nov 29, 2006 6:54:02 PM org.apache.axiom.om.impl.llom.OMSourcedElementImpl forceExpand SEVERE: forceExpand: expected element name cancelReservationResponse, found resStatus Nov 29, 2006 6:54:02 PM org.apache.axis2.transport.http.AxisServlet doPost SEVERE: java.lang.ExceptionInInitializerError My Skeleton class is returning a CreateReservationClass which contains a ResStatus class instance which has been set to CANCELLED using the fromString(CANCELLED) method. This happens both in axis2 1.1 and 1.1.1 Nov 29. Any suggestions or enlightenment would be appreciated. Mary - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Encrypting Message Failure
I haven't tried encryption, but have signature verification working with Axis2-1.1.(1) and Rampart 1.1. Do you have the rampart module findable by your client? ie, engaged in axis2.xml and available at run time. I copied the following command line from an example somewhere. #!/bin/sh . setclasspath.sh java -Daxis2.xml=repo/axis2.xml QueryReservationClient repo https://domain.name/axis2-1.1.1/services/OSCARS where the repo/modules contains the rampart.mar, and repo contains the sec.properties and jks files. Mary Thompson - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt - Philipp Perner wrote: I have a service to transfer files. I am using SwA with ADB as data binding. But in my opinion, the client doesn't even take the client's axis2.xml when running, so outflow configuration from client doesn't even make timestamp, signature or encryption. It doesn't matter which items i have in the outflow configuration of the client, the soap message is generated everytime without these items. The server does everything correct - Timestamp, Signature, Encryption... This doesn't matter as long as I want to encrypt from service to client, and client's axis2.xml has to be taken to decrypt. swaramp.client: [copy] Copying 1 file to D:\Development\eclipse3.2\WebClient\WEB-INF\build\client_repositories\test01\conf [copy] Copying 1 file to D:\Development\eclipse3.2\WebClient\WEB-INF\build\client_repositories\test01\modules [copy] Copying 1 file to D:\Development\eclipse3.2\WebClient\WEB-INF\build\temp_client [java] java.lang.RuntimeException: java.lang.RuntimeException: Unexpected subelement EncryptionMethod [java] at sample.soapwithattachments.SWASampleServiceStub.fromOM(Unknown Source) [java] at sample.soapwithattachments.SWASampleServiceStub.uploadFile(Unknown Source) [java] at sample.soapwithattachments.SWAClient.transferFile(Unknown Source) [java] at sample.soapwithattachments.SWAClient.main(Unknown Source) [java] Caused by: java.lang.RuntimeException: Unexpected subelement EncryptionMethod [java] at sample.soapwithattachments.service.xsd.UploadFileResponse$Factory.parse(Unknown Source) [java] ... 4 more [java] Exception in thread main [java] Java Result: 1 BUILD SUCCESSFUL Is there any further configuration I have to do? Or is it just an incompatibility from axis2 1.1 to rampart1.1 ? I don't understand why the samples of rampart1.1 are working with axis2-1.1 I'm using the client and service keys from the rampart tutorials. Has anyone else encountered this error? philipp - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Apache Rampart-1.1-RC1
Ruchith, I picked up the rampart-1.1.RC1 release and am having library problems. I have copies of wss4j-SNAPSHOT.jar and bcprov.jar in my service.aar file because my application needs them. I copied the versions of those jars from the rampart-1.1-RC1.mar and put them in my aar file. Somehow finding those jars in my aar file confuses rampart. I get the following errors when axis2 is trying to read a request message. If I remove wss4j.jar from my aar file, rampart works, but then my code fails since it can't find the classes it is using. I was previously using the rampart1.1 snapshot from Nov 13 and it was ok after I put the updated versions of wss4j and bcprov in my aar file. I am using axis2-1.1.1 nightly build of Nov 29. INFO: Server startup in 24471 ms java.lang.ClassCastException: org.apache.ws.security.components.crypto.Merlin at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.j ava:180) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory .java:153) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:347) at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.jav a:848) (...) Nov 29, 2006 4:18:53 PM org.apache.ws.security.components.crypto.CryptoFactory loadClass SEVERE: Unable to instantiate (2): org.apache.ws.security.components.crypto.Merlin java.lang.InstantiationException: org.apache.ws.security.components.crypto.Merlin at java.lang.Class.newInstance0(Class.java:335) at java.lang.Class.newInstance(Class.java:303) at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.j ava:188) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory .java:153) at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(WSHandler.java:347) at org.apache.ws.security.handler.WSHandler.decodeSignatureParameter2(WSHandler.jav a:848) at org.apache.ws.security.handler.WSHandler.doReceiverAction(WSHandler.java:232) at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:249 ) at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:8 8) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:74) at org.apache.axis2.engine.Phase.invoke(Phase.java:382) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:522) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:487) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTr ansportUtils.java:326) Any suggestions would be appreciated Thanks, Mary - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- Ruchith Fernando wrote: Hi All, Apache Rampart-1.1-RC artifacts are now available. You can find them here: http://people.apache.org/~ruchithf/rampart-1.1-RC1/ Please try out rampart and report any issues you have. Thanks, Ruchith - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Receiving soap faults in axis2-1-1 client
Ever since I switched to axis2-1-1 my client stubs have generated the following exception whenever they receive a soap fault from the server. (the stub code is generated by WSDL2java) OSCARSStub threw exception org.apache.axiom.om.impl.llom.OMElementImpl java.lang.ClassCastException: org.apache.axiom.om.impl.llom.OMElementImpl at org.apache.axiom.soap.impl.llom.SOAPFaultImpl.getCode(SOAPFaultImpl.java:101) at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:312) at net.es.oscars.service.OSCARSStub.cancelReservation(Unknown Source) at net.es.oscars.client.Client.cancelReservation(Unknown Source) at CancelReservationClient.main(Unknown Source) I have been logging the reply message to see what it really wrong and the message looks ok to me. DEBUG [httpclient.wire.content] ?xml version='1.0' encoding='UTF-8'?soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/;soapenv:Header /soapenv:Bodysoapenv:Faultfaultcodesoapenv:Client/faultcodefaultstringjava.lang.ExceptionInInitializerError/faultstringdetailExceptionorg.apache.axis2.AxisFault: java.lang.ExceptionInInitializerError; nested exception is: [\n] DEBUG [httpclient.wire.content] [0x9]java.lang.ExceptionInInitializerError[\n] .. long stack trace of error ... /Exception/detail/soapenv:Fault/soapenv:Body/soapenv:Envelope Has any one else seen this? It was working ok with axis2-1.0. Did I miss some trick in switching to the 2.1.1 release? I have just tried the Nov 29 nightly build, but it didn't help. Mary - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[axis2-1.1.1] probems with enumerated types
One more thing that broke when I moved from 2.1 to 2.1.1. In 2.1 enumerated types based on strings were just treated as ordinary strings. In 2.1.1 a class was created (by wsdl2java) for each enumerated type and the values were checked. So far, an improvement. But when the type is put in or out of a message (using ADB binding) the OMElement classes reject it. For example resStatus is a return parameter which can hold a few string values. It is part of a CreateReservationResponse but when axis goes to return it I get. Nov 29, 2006 6:54:02 PM org.apache.axiom.om.impl.llom.OMSourcedElementImpl forceExpand SEVERE: forceExpand: expected element name cancelReservationResponse, found resStatus Nov 29, 2006 6:54:02 PM org.apache.axis2.transport.http.AxisServlet doPost SEVERE: java.lang.ExceptionInInitializerError My Skeleton class is returning a CreateReservationClass which contains a ResStatus class instance which has been set to CANCELLED using the fromString(CANCELLED) method. This happens both in axis2 1.1 and 1.1.1 Nov 29. Any suggestions or enlightenment would be appreciated. Mary - Mary R. Thompson[EMAIL PROTECTED] Secure Grid Technologies Group (510) 486-7408 Lawrence Berkeley National Lab http://dsd.lbl.gov/~mrt -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: multi operation service
I also tried to do that and decided that it didn't work. The documentation does not suggest that you can assign flows per operation. I switched to using multiple services within a service group and setting the security parameters per service. That worked with Axis2-1.0, but I am still having trouble with Axis2.1-1 recognizing the operations in the second service. Mary Thompson fer wrote: Hi all! I have a service with more than one operation. I´m trying to assign different flows (request and response) to this operations in this way: (client-config.wsdd) service name=serviceName operation name=OperationName1 requestFlow /requestFlow responseFlow /responsetFlow /operation operation name=OperationName2 requestFlow /requestFlow responseFlow /responsetFlow /operation /service but I'm having some problems. ¿Is there a way to assign a different request and response flows to a several operations of the same service? I'm trying to assign different security levels to these operations I would greatly appreciate any help Thanx - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]