Re: Using SAML with Axis
WSS4J class you will need to implement is called org.apache.ws.security.handler.WSS4JHandler HTH, M-- You don't do it through the call object in your client code. You do it in the handler. Anne On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: Thanks Anne. I've looked at the examples on the WSS4J website. Looks like what I need, however I'm still unclear about how to obtain the SOAP envelope associated with the web service call. E.g. if I'm setting up an RPC/literal WS call like this - org.apache.axis.client.Service service = new Service(...); java.xml.rpc.Call call = service.createCall(...); // Invoke RPC/literal web service Object[] params = ... call.invoke(params); There is no method on 'Call' which allows me to retrieve the SOAP envelope. BTW I'm working with existing code which I didn't write, so this may or may not be the correct way of doing this. > -Original Message- > From: Anne Thomas Manes [mailto:[EMAIL PROTECTED] > Sent: 18 August 2006 16:11 > To: axis-user@ws.apache.org > Subject: Re: Using SAML with Axis > > You should pass SAML tokens in a WS-Security header rather than in the > body. > WSS4J provides a handler to do this for you automatically, and it > works with any style message. > > Anne > > On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: > > Can anyone advise on the following issue? - > > I'm using Axis 1.2. I have a requirement to add SAML security tokens > > when calling web services. This is possible for document/literal > > operations by adding SAML tokens to the SOAP message body. > > However I can't see a way to do this for RPC/literal operations, since > > the Axis API doesn't allow the SOAP envelope to be modified in this > > case. > > Is there any way of doing this? Would Axis2 allow me to do it? > > I'm relatively new to the world of SAML, so some indication of whether > > this is feasible would be appreciated. > > > > Thanks. > > Andrew. > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using SAML with Axis
You don't do it through the call object in your client code. You do it in the handler. Anne On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: Thanks Anne. I've looked at the examples on the WSS4J website. Looks like what I need, however I'm still unclear about how to obtain the SOAP envelope associated with the web service call. E.g. if I'm setting up an RPC/literal WS call like this - org.apache.axis.client.Service service = new Service(...); java.xml.rpc.Call call = service.createCall(...); // Invoke RPC/literal web service Object[] params = ... call.invoke(params); There is no method on 'Call' which allows me to retrieve the SOAP envelope. BTW I'm working with existing code which I didn't write, so this may or may not be the correct way of doing this. > -Original Message- > From: Anne Thomas Manes [mailto:[EMAIL PROTECTED] > Sent: 18 August 2006 16:11 > To: axis-user@ws.apache.org > Subject: Re: Using SAML with Axis > > You should pass SAML tokens in a WS-Security header rather than in the > body. > WSS4J provides a handler to do this for you automatically, and it > works with any style message. > > Anne > > On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: > > Can anyone advise on the following issue? - > > I'm using Axis 1.2. I have a requirement to add SAML security tokens > > when calling web services. This is possible for document/literal > > operations by adding SAML tokens to the SOAP message body. > > However I can't see a way to do this for RPC/literal operations, since > > the Axis API doesn't allow the SOAP envelope to be modified in this > > case. > > Is there any way of doing this? Would Axis2 allow me to do it? > > I'm relatively new to the world of SAML, so some indication of whether > > this is feasible would be appreciated. > > > > Thanks. > > Andrew. > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Using SAML with Axis
Thanks Anne. I've looked at the examples on the WSS4J website. Looks like what I need, however I'm still unclear about how to obtain the SOAP envelope associated with the web service call. E.g. if I'm setting up an RPC/literal WS call like this - org.apache.axis.client.Service service = new Service(...); java.xml.rpc.Call call = service.createCall(...); // Invoke RPC/literal web service Object[] params = ... call.invoke(params); There is no method on 'Call' which allows me to retrieve the SOAP envelope. BTW I'm working with existing code which I didn't write, so this may or may not be the correct way of doing this. > -Original Message- > From: Anne Thomas Manes [mailto:[EMAIL PROTECTED] > Sent: 18 August 2006 16:11 > To: axis-user@ws.apache.org > Subject: Re: Using SAML with Axis > > You should pass SAML tokens in a WS-Security header rather than in the > body. > WSS4J provides a handler to do this for you automatically, and it > works with any style message. > > Anne > > On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: > > Can anyone advise on the following issue? - > > I'm using Axis 1.2. I have a requirement to add SAML security tokens > > when calling web services. This is possible for document/literal > > operations by adding SAML tokens to the SOAP message body. > > However I can't see a way to do this for RPC/literal operations, since > > the Axis API doesn't allow the SOAP envelope to be modified in this > > case. > > Is there any way of doing this? Would Axis2 allow me to do it? > > I'm relatively new to the world of SAML, so some indication of whether > > this is feasible would be appreciated. > > > > Thanks. > > Andrew. > > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using SAML with Axis
Also, if you decide to upgrade to Axis2, use Rampart instead of WSS4J. On 8/18/06, Anne Thomas Manes <[EMAIL PROTECTED]> wrote: You should pass SAML tokens in a WS-Security header rather than in the body. WSS4J provides a handler to do this for you automatically, and it works with any style message. Anne On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: > Can anyone advise on the following issue? - > I'm using Axis 1.2. I have a requirement to add SAML security tokens > when calling web services. This is possible for document/literal > operations by adding SAML tokens to the SOAP message body. > However I can't see a way to do this for RPC/literal operations, since > the Axis API doesn't allow the SOAP envelope to be modified in this > case. > Is there any way of doing this? Would Axis2 allow me to do it? > I'm relatively new to the world of SAML, so some indication of whether > this is feasible would be appreciated. > > Thanks. > Andrew. > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using SAML with Axis
You should pass SAML tokens in a WS-Security header rather than in the body. WSS4J provides a handler to do this for you automatically, and it works with any style message. Anne On 8/18/06, Andrew Fielden <[EMAIL PROTECTED]> wrote: Can anyone advise on the following issue? - I'm using Axis 1.2. I have a requirement to add SAML security tokens when calling web services. This is possible for document/literal operations by adding SAML tokens to the SOAP message body. However I can't see a way to do this for RPC/literal operations, since the Axis API doesn't allow the SOAP envelope to be modified in this case. Is there any way of doing this? Would Axis2 allow me to do it? I'm relatively new to the world of SAML, so some indication of whether this is feasible would be appreciated. Thanks. Andrew. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
