RE: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Hi Prabath, thanks again. I have configured the axis used by this wizard to be axis2, and to revision 1.3. Your comment about axis server axis2.xml files - yes, I have been using the server config file, although changing to use the client config file hasn't helped. What has helped though, is not only including the configuration context line you suggested, but also *using* it in the stub constructor :) Doh! Thanks again for your excellent help. Phil --- Phil Davies wrote: > The client architecture was mainly decided by Eclipse's Web Services > Client wizard. I guess this generates stubs with Axis - not Axis2, please verify the versions of the referenced libraries. ...> program? Think in this way - there is one Axis2.xml used by the service, that is what you find by default inside - [AXIS2_HOME]/conf. Also - when you are using a client, you can specify an Axis2.xml for the client as well - in the way I mentioned previously. If you can go through sample available with [1] - it explains all what you need to know from both the service and the client side. Thanks & regards. - Prabath [1]:http://blog.facilelogin.com/2008/07/web-services-security-encryption -with.html > > Thanks, > Phil > > > Hi Phil; > >>From your previous comments I guess, you have not engaged rampart module > at the client side - only at the service end. > > Make sure at the client side you load the axis2.xml with Rampart being > engaged. > > ConfigurationContext ctx = > ConfigurationContextFactory.createConfigurationContextFromFileSystem("re > po","repo/conf/axis2.xml" > > Also, please make sure that you have the rampart module inside > repo/modules. > > Thanks & regards. > - Prabath > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Phil Davies wrote: > The client architecture was mainly decided by Eclipse's Web Services > Client wizard. I guess this generates stubs with Axis - not Axis2, please verify the versions of the referenced libraries. > It put the stub into an existing web project, and axis2 is on the > classpath. > The project's WEB-INF/conf dir has an axis2.xml file, and so does > AXIS2_HOME/conf. I have added the "module" and "parameter" elements to > both of these now. > > I then wrote a little test program which invokes one of the operations > and when I do this I get an axis fault returned, after the round trip to > the server. Wireshark also shows me an outgoing request with no security > header. I have also used the Web Services Explorer in Eclipse with the > same result. > > Here's something I find a little confusing - after running the wizard to > generate the client, the Eclipse local Tomcat on that machine has the > WebServicesTestClient (described above) deployed. If I then point a > browser at this, I can log in to the axis admin pages, and I can see > that rampart is globally engaged - but how can I know that *this* axis > is the same axis the client stub sees when it's called from my test > program? Think in this way - there is one Axis2.xml used by the service, that is what you find by default inside - [AXIS2_HOME]/conf. Also - when you are using a client, you can specify an Axis2.xml for the client as well - in the way I mentioned previously. If you can go through sample available with [1] - it explains all what you need to know from both the service and the client side. Thanks & regards. - Prabath [1]:http://blog.facilelogin.com/2008/07/web-services-security-encryption-with.html > > Thanks, > Phil > > > Hi Phil; > >>From your previous comments I guess, you have not engaged rampart module > at the client side - only at the service end. > > Make sure at the client side you load the axis2.xml with Rampart being > engaged. > > ConfigurationContext ctx = > ConfigurationContextFactory.createConfigurationContextFromFileSystem("re > po","repo/conf/axis2.xml" > > Also, please make sure that you have the rampart module inside > repo/modules. > > Thanks & regards. > - Prabath > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Thanks Prabath, for such a quick reply. Yes, this is all client work. Ok, I wasn't expecting to have to write any Java to get security added, but anyway I added your line and when I finally gave it the right file paths it behaved as before - i.e. no headers. I ran the ant script which sets up the modules for axis, and can see that rampart is globally engaged by using the axis2 admin page. The client architecture was mainly decided by Eclipse's Web Services Client wizard. It put the stub into an existing web project, and axis2 is on the classpath. The project's WEB-INF/conf dir has an axis2.xml file, and so does AXIS2_HOME/conf. I have added the "module" and "parameter" elements to both of these now. I then wrote a little test program which invokes one of the operations and when I do this I get an axis fault returned, after the round trip to the server. Wireshark also shows me an outgoing request with no security header. I have also used the Web Services Explorer in Eclipse with the same result. Here's something I find a little confusing - after running the wizard to generate the client, the Eclipse local Tomcat on that machine has the WebServicesTestClient (described above) deployed. If I then point a browser at this, I can log in to the axis admin pages, and I can see that rampart is globally engaged - but how can I know that *this* axis is the same axis the client stub sees when it's called from my test program? Thanks, Phil Hi Phil; >From your previous comments I guess, you have not engaged rampart module at the client side - only at the service end. Make sure at the client side you load the axis2.xml with Rampart being engaged. ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("re po","repo/conf/axis2.xml" Also, please make sure that you have the rampart module inside repo/modules. Thanks & regards. - Prabath - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Hi Phil; >From your previous comments I guess, you have not engaged rampart module at the client side - only at the service end. Make sure at the client side you load the axis2.xml with Rampart being engaged. ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("repo","repo/conf/axis2.xml" Also, please make sure that you have the rampart module inside repo/modules. Thanks & regards. - Prabath Phil Davies wrote: > Thanks for the info - I have already found and read this page, and again > it looks initially like what I'm doing should work. > Can you tell me - do I *need* a policy somewhere? > > Thanks, > Phil > --- > Hi Phil; > > Hope this[1] may be helpful. > > Thanks & regards. > - Prabath > > [1]:http://blog.facilelogin.com/2008/07/web-services-security-encryption-with.html > > Phil Davies wrote: >> Hi, I've scoured the web for this particular problem, but no answer > yet. > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Thanks for the info - I have already found and read this page, and again it looks initially like what I'm doing should work. Can you tell me - do I *need* a policy somewhere? Thanks, Phil --- Hi Phil; Hope this[1] may be helpful. Thanks & regards. - Prabath [1]:http://blog.facilelogin.com/2008/07/web-services-security-encryption -with.html Phil Davies wrote: > Hi, I've scoured the web for this particular problem, but no answer yet. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Rampart engaged, OutflowSecurity set in axis2.xml, still no security in headers
Hi Phil; Hope this[1] may be helpful. Thanks & regards. - Prabath [1]:http://blog.facilelogin.com/2008/07/web-services-security-encryption-with.html Phil Davies wrote: > Hi, I've scoured the web for this particular problem, but no answer yet. > > > > I'm trying to build a WS client. I am using axis2-1.3, and I can > successfully query the web services without security. > > > > When I add security, I still don't get any SOAP header, only the same > outgoing request. I am adding security by (a) making sure the Rampart > module (1.3) is globally engaged, and (b) adding the module and > OutflowSecurity elements to the axis2.xml file (see below). > > > > I'm fairly sure the axis2.xml file is getting used, because if I break > the xml in (say) the OutflowSecurity element and restart Tomcat, I get a > complaint from the servlet. Apart from that there's no sign that the > OutflowSecurity element is being processed at all. > > > > Are there other factors which need to be present before rampart will add > security to the message headers? > > > > Any help appreciated. > > Thanks > > Phil Davies > > > > Added to axis2.xml: > > > > > > > > > > UsernameToken Timestamp > > wsuser > > > com.PasswordGetter > > > > > > > > > > > > > > > No virus found in this incoming message. > Checked by AVG. > Version: 7.5.549 / Virus Database: 270.9.0/1777 - Release Date: 11/9/2008 > 9:53 AM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]