RE: wss4j and axis2?
Thanks Paul, Yes, the wss4j code does contain org.apache.ws.axis* packages, but three classes in wss4j depend on org.apache.axis.* classes. I just realized that only 3 classes in wss4j depend on the old axis, and the code I was running through Rampart didn't use those classes, which is why I didn't get the error. cheers, md > -Original Message- > From: Paul Fremantle [mailto:[EMAIL PROTECTED] > Sent: Monday, July 09, 2007 7:05 PM > To: axis-user@ws.apache.org > Subject: Re: wss4j and axis2? > > > Michael > > WSS4J really contains the security handling code, based on a DOM view > of the SOAP messages. Rampart contains the bridging logic from the > Axis2 module/handler model to that code. And something called DOOM > (DOM over Axiom) provides the DOM interface to the Axis2 messages. > > Paul > > PS the code in wss4j is org.apache.ws.axis.* which is actually > something different to org.apache.axis.* AFAIK > > On 7/9/07, [EMAIL PROTECTED] > <[EMAIL PROTECTED]> wrote: > > Hi, > > > > I've been digging around the source code of wss4j (the > WS-Security library used by Rampart), and there's something > very fundamental I don't understand. > > > > As far as I know, I've got the most recent versions of > these (axis2 1.2, wss4j 1.5.2). The strange thing is, wss4j > seems to use the older axis 1 libraries, with package names > like org.apache.axis.*, whereas axis2 has package names like > org.apache.axis2.*. > > > > I would expect to get a lot of ClassNotFound exceptions, > but it seems to work fine. Is there some strange trickery > going on, or am I just confused? > > > > Thanks > > Michael Davis > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > -- > Paul Fremantle > Co-Founder and VP of Technical Sales, WSO2 > OASIS WS-RX TC Co-chair > > blog: http://pzf.fremantle.org > [EMAIL PROTECTED] > > "Oxygenating the Web Service Platform", www.wso2.com > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: wss4j and axis2?
Michael WSS4J really contains the security handling code, based on a DOM view of the SOAP messages. Rampart contains the bridging logic from the Axis2 module/handler model to that code. And something called DOOM (DOM over Axiom) provides the DOM interface to the Axis2 messages. Paul PS the code in wss4j is org.apache.ws.axis.* which is actually something different to org.apache.axis.* AFAIK On 7/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Hi, I've been digging around the source code of wss4j (the WS-Security library used by Rampart), and there's something very fundamental I don't understand. As far as I know, I've got the most recent versions of these (axis2 1.2, wss4j 1.5.2). The strange thing is, wss4j seems to use the older axis 1 libraries, with package names like org.apache.axis.*, whereas axis2 has package names like org.apache.axis2.*. I would expect to get a lot of ClassNotFound exceptions, but it seems to work fine. Is there some strange trickery going on, or am I just confused? Thanks Michael Davis - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Paul Fremantle Co-Founder and VP of Technical Sales, WSO2 OASIS WS-RX TC Co-chair blog: http://pzf.fremantle.org [EMAIL PROTECTED] "Oxygenating the Web Service Platform", www.wso2.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
wss4j and axis2?
Hi, I've been digging around the source code of wss4j (the WS-Security library used by Rampart), and there's something very fundamental I don't understand. As far as I know, I've got the most recent versions of these (axis2 1.2, wss4j 1.5.2). The strange thing is, wss4j seems to use the older axis 1 libraries, with package names like org.apache.axis.*, whereas axis2 has package names like org.apache.axis2.*. I would expect to get a lot of ClassNotFound exceptions, but it seems to work fine. Is there some strange trickery going on, or am I just confused? Thanks Michael Davis - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: wss4j and axis2
Thanks Ruchith, That worked. I had the module installed correctly but the client was not aware of the axis2.xml file. creating a ServiceClient with custom repository worked. I am aware that for service specific settings i will have to configure the services.xml file, that will be done in due course. For now I am going to get encryption and signatures working at a global! Thanks again, Brian. Ruchith Fernando wrote: If you are using the axis2.xml file to configure security module parameters in the server side, please note that those configurations will be applicable to ALL the services in that axis2 repository. Therefore if you want to configure security on a per service basis you MUST use the services.xml file to configure the parameters. Thanks, Ruchith On 2/2/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote: Hi Brian, If you get "the request does not contain the required Security headers" then it seems like the security module is not deployed at the client side OR the configured axis2.xml file is not picked up by the client. You MUST provide this configured axis2.xml file along with a repository containing the security.mar in the 'modules' directory. [1] - Are you providing the repository location to the ServiceClient? - If NOT, please provide an axis2 repository with the 'modules' directory as as sub directory and make sure you have security configured [2] axis2.xml file in the repo directory (if you are using the SVN HEAD axis2.xml file should be in the 'conf' directory in the repo direcotry). - If YES, the please check whether you have the security.mar file in the 'modules' directory of the repo. Thanks, Ruchith Notes: [1] Creating a ServiceClient with a custom repository: ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("/path/to/axis2/repo", "path/to/configured/axis2.xml"); ServiceClient serviceClient = new ServiceClient(ctx, null); [2] Security configured mean that you must have the entry in axis2.xml along with the required inflow/outflow parameters. But if you don't have the entry in the axis2.xml you can engage the security module using the ServiceClient object as shown beow: serviceClient.engageModule(new QName("security")); [3] Make sure you include the commons-codec.jar in the client's and server's classpath (in WEB-INF/lib directory in the case of Tomcat) On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: Thanks for the reply Ruchith, What do you mean by the axis2.xml file of the client? Is this the same axis2.xml file as that of the server if one is calling a service from localhost? I am using 2 deployments of axis2 on two different machines, one of which i have the two parameters below included in the axis2. This is my server. My client machine on the other hand has the same configurations all down to the axis2.xml file where i have only the OutflowSecurity parameter included. When calling the service i get an error saying that the request does not contain the required Security headers!! I have used tcpmon and the message is being sent successfully, without the security header! Is it possible that the client is ignoring the axis2.xml configurations when calling the service? I presume the axis2.xml replaces the client_deploy.wsdd file! Thanks, Brian. Ruchith Fernando wrote: Hi Brian, Please see my comments below: On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: Hello, I am deploying security handlers in axis2. My question may be very simple, apologies if the answer is staring me in the face!! Where is the best place to include security tokens in the client? I have altered the axis2.xml file to include a parameters in the inflow and outflow.. Timestamp Timestamp From what i can make out, the outflowsecurity parmeter refers to any security tokens which will be added in the outflow of a service request and the inflowsecurity parameters are parameters which are expected for the service to be invoked?!? Correct !!! The above configuration will ensure that a Timestamp is added to the outgoing message and it will require all incoming messages to contain a Timestamp header. Where then are they applied to the client? Using the Options parameters? With the Axis2-0.94 release we support setting the client parameters in the axis2.xml of the client. And from the next release you will be able to set the configuration via Options parameters (Using org.apache.axis2.security.handler.config.InflowConfiguration and org.apache.axis2.security.handler.config.OutflowConfiguration). This feature is already available in the SVN HEAD. Thanks, Ruchith Thanks, Brian. -- Brian Shields BSc. MSc., PhD Candidate, Department of Information Technology, National University of Ireland, Galway, Ireland. -- Brian Shields BSc. MSc., PhD Candidate, Department of Infor
Re: wss4j and axis2
If you are using the axis2.xml file to configure security module parameters in the server side, please note that those configurations will be applicable to ALL the services in that axis2 repository. Therefore if you want to configure security on a per service basis you MUST use the services.xml file to configure the parameters. Thanks, Ruchith On 2/2/06, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi Brian, > > If you get "the request does not contain the required Security > headers" then it seems like the security module is not deployed at the > client side OR the configured axis2.xml file is not picked up by the > client. You MUST provide this configured axis2.xml file along with a > repository containing the security.mar in the 'modules' directory. [1] > > - Are you providing the repository location to the ServiceClient? > >- If NOT, please provide an axis2 repository with the 'modules' > directory as as sub directory and make sure you have security > configured [2] axis2.xml file in the repo directory (if you are using > the SVN HEAD axis2.xml file should be in the 'conf' directory in the > repo direcotry). > > - If YES, the please check whether you have the security.mar file in > the 'modules' directory of the repo. > > Thanks, > Ruchith > > Notes: > [1] Creating a ServiceClient with a custom repository: > > ConfigurationContext ctx = > ConfigurationContextFactory.createConfigurationContextFromFileSystem("/path/to/axis2/repo", > "path/to/configured/axis2.xml"); > ServiceClient serviceClient = new ServiceClient(ctx, null); > > > [2] Security configured mean that you must have the ref="security" /> entry in axis2.xml along with the required > inflow/outflow parameters. But if you don't have the ref="security" /> entry in the axis2.xml you can engage the security > module using the ServiceClient object as shown beow: > > serviceClient.engageModule(new QName("security")); > > [3] Make sure you include the commons-codec.jar in the client's and > server's classpath (in WEB-INF/lib directory in the case of Tomcat) > > On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: > > Thanks for the reply Ruchith, > > What do you mean by the axis2.xml file of the client? Is this the same > > axis2.xml file as that of the server if one is calling a service from > > localhost? I am using 2 deployments of axis2 on two different machines, > > one of which i have the two parameters below included in the axis2. This > > is my server. My client machine on the other hand has the same > > configurations all down to the axis2.xml file where i have only the > > OutflowSecurity parameter included. > > When calling the service i get an error saying that the request does not > > contain the required Security headers!! I have used tcpmon and the > > message is being sent successfully, without the security header! Is it > > possible that the client is ignoring the axis2.xml configurations when > > calling the service? I presume the axis2.xml replaces the > > client_deploy.wsdd file! > > Thanks, > > Brian. > > > > Ruchith Fernando wrote: > > > > >Hi Brian, > > > > > >Please see my comments below: > > > > > >On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: > > > > > > > > >>Hello, > > >>I am deploying security handlers in axis2. My question may be very > > >>simple, apologies if the answer is staring me in the face!! > > >>Where is the best place to include security tokens in the client? I have > > >>altered the axis2.xml file to include a parameters in the inflow and > > >>outflow.. > > >> > > >> > > >>Timestamp > > >> > > >> > > >> > > >> > > >> > > >>Timestamp > > >> > > >> > > >> From what i can make out, the outflowsecurity parmeter refers to any > > >>security tokens which will be added in the outflow of a service request > > >>and the inflowsecurity parameters are parameters which are expected for > > >>the service to be invoked?!? > > >> > > >> > > > > > >Correct !!! > > > > > >The above configuration will ensure that a Timestamp is added to the > > >outgoing message and it will require all incoming messages to contain > > >a Timestamp header. > > > > > > > > > > > >>Where then are they applied to the client? Using the Options parameters? > > >> > > >> > > > > > >With the Axis2-0.94 release we support setting the client parameters > > >in the axis2.xml of the client. And from the next release you will be > > >able to set the configuration via Options parameters (Using > > >org.apache.axis2.security.handler.config.InflowConfiguration and > > >org.apache.axis2.security.handler.config.OutflowConfiguration). This > > >feature is already available in the SVN HEAD. > > > > > >Thanks, > > >Ruchith > > > > > > > > > > > >>Thanks, > > >>Brian. > > >> > > >>-- > > >>Brian Shields BSc. MSc., > > >>PhD Candidate, > > >>Department of Information Technology, > > >>National University of Ireland, > > >>Galway, > > >>Ireland. > > >> > > >> > > >> >
Re: wss4j and axis2
Hi Brian, If you get "the request does not contain the required Security headers" then it seems like the security module is not deployed at the client side OR the configured axis2.xml file is not picked up by the client. You MUST provide this configured axis2.xml file along with a repository containing the security.mar in the 'modules' directory. [1] - Are you providing the repository location to the ServiceClient? - If NOT, please provide an axis2 repository with the 'modules' directory as as sub directory and make sure you have security configured [2] axis2.xml file in the repo directory (if you are using the SVN HEAD axis2.xml file should be in the 'conf' directory in the repo direcotry). - If YES, the please check whether you have the security.mar file in the 'modules' directory of the repo. Thanks, Ruchith Notes: [1] Creating a ServiceClient with a custom repository: ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("/path/to/axis2/repo", "path/to/configured/axis2.xml"); ServiceClient serviceClient = new ServiceClient(ctx, null); [2] Security configured mean that you must have the entry in axis2.xml along with the required inflow/outflow parameters. But if you don't have the entry in the axis2.xml you can engage the security module using the ServiceClient object as shown beow: serviceClient.engageModule(new QName("security")); [3] Make sure you include the commons-codec.jar in the client's and server's classpath (in WEB-INF/lib directory in the case of Tomcat) On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: > Thanks for the reply Ruchith, > What do you mean by the axis2.xml file of the client? Is this the same > axis2.xml file as that of the server if one is calling a service from > localhost? I am using 2 deployments of axis2 on two different machines, > one of which i have the two parameters below included in the axis2. This > is my server. My client machine on the other hand has the same > configurations all down to the axis2.xml file where i have only the > OutflowSecurity parameter included. > When calling the service i get an error saying that the request does not > contain the required Security headers!! I have used tcpmon and the > message is being sent successfully, without the security header! Is it > possible that the client is ignoring the axis2.xml configurations when > calling the service? I presume the axis2.xml replaces the > client_deploy.wsdd file! > Thanks, > Brian. > > Ruchith Fernando wrote: > > >Hi Brian, > > > >Please see my comments below: > > > >On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: > > > > > >>Hello, > >>I am deploying security handlers in axis2. My question may be very > >>simple, apologies if the answer is staring me in the face!! > >>Where is the best place to include security tokens in the client? I have > >>altered the axis2.xml file to include a parameters in the inflow and > >>outflow.. > >> > >> > >>Timestamp > >> > >> > >> > >> > >> > >>Timestamp > >> > >> > >> From what i can make out, the outflowsecurity parmeter refers to any > >>security tokens which will be added in the outflow of a service request > >>and the inflowsecurity parameters are parameters which are expected for > >>the service to be invoked?!? > >> > >> > > > >Correct !!! > > > >The above configuration will ensure that a Timestamp is added to the > >outgoing message and it will require all incoming messages to contain > >a Timestamp header. > > > > > > > >>Where then are they applied to the client? Using the Options parameters? > >> > >> > > > >With the Axis2-0.94 release we support setting the client parameters > >in the axis2.xml of the client. And from the next release you will be > >able to set the configuration via Options parameters (Using > >org.apache.axis2.security.handler.config.InflowConfiguration and > >org.apache.axis2.security.handler.config.OutflowConfiguration). This > >feature is already available in the SVN HEAD. > > > >Thanks, > >Ruchith > > > > > > > >>Thanks, > >>Brian. > >> > >>-- > >>Brian Shields BSc. MSc., > >>PhD Candidate, > >>Department of Information Technology, > >>National University of Ireland, > >>Galway, > >>Ireland. > >> > >> > >> > > > > > > > > > > -- > Brian Shields BSc. MSc., > PhD Candidate, > Department of Information Technology, > National University of Ireland, > Galway, > Ireland. >
Re: wss4j and axis2
Thanks for the reply Ruchith, What do you mean by the axis2.xml file of the client? Is this the same axis2.xml file as that of the server if one is calling a service from localhost? I am using 2 deployments of axis2 on two different machines, one of which i have the two parameters below included in the axis2. This is my server. My client machine on the other hand has the same configurations all down to the axis2.xml file where i have only the OutflowSecurity parameter included. When calling the service i get an error saying that the request does not contain the required Security headers!! I have used tcpmon and the message is being sent successfully, without the security header! Is it possible that the client is ignoring the axis2.xml configurations when calling the service? I presume the axis2.xml replaces the client_deploy.wsdd file! Thanks, Brian. Ruchith Fernando wrote: Hi Brian, Please see my comments below: On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: Hello, I am deploying security handlers in axis2. My question may be very simple, apologies if the answer is staring me in the face!! Where is the best place to include security tokens in the client? I have altered the axis2.xml file to include a parameters in the inflow and outflow.. Timestamp Timestamp From what i can make out, the outflowsecurity parmeter refers to any security tokens which will be added in the outflow of a service request and the inflowsecurity parameters are parameters which are expected for the service to be invoked?!? Correct !!! The above configuration will ensure that a Timestamp is added to the outgoing message and it will require all incoming messages to contain a Timestamp header. Where then are they applied to the client? Using the Options parameters? With the Axis2-0.94 release we support setting the client parameters in the axis2.xml of the client. And from the next release you will be able to set the configuration via Options parameters (Using org.apache.axis2.security.handler.config.InflowConfiguration and org.apache.axis2.security.handler.config.OutflowConfiguration). This feature is already available in the SVN HEAD. Thanks, Ruchith Thanks, Brian. -- Brian Shields BSc. MSc., PhD Candidate, Department of Information Technology, National University of Ireland, Galway, Ireland. -- Brian Shields BSc. MSc., PhD Candidate, Department of Information Technology, National University of Ireland, Galway, Ireland.
Re: wss4j and axis2
Hi Brian, Please see my comments below: On 2/2/06, Brian Shields <[EMAIL PROTECTED]> wrote: > Hello, > I am deploying security handlers in axis2. My question may be very > simple, apologies if the answer is staring me in the face!! > Where is the best place to include security tokens in the client? I have > altered the axis2.xml file to include a parameters in the inflow and > outflow.. > > > Timestamp > > > > > > Timestamp > > > From what i can make out, the outflowsecurity parmeter refers to any > security tokens which will be added in the outflow of a service request > and the inflowsecurity parameters are parameters which are expected for > the service to be invoked?!? Correct !!! The above configuration will ensure that a Timestamp is added to the outgoing message and it will require all incoming messages to contain a Timestamp header. > Where then are they applied to the client? Using the Options parameters? With the Axis2-0.94 release we support setting the client parameters in the axis2.xml of the client. And from the next release you will be able to set the configuration via Options parameters (Using org.apache.axis2.security.handler.config.InflowConfiguration and org.apache.axis2.security.handler.config.OutflowConfiguration). This feature is already available in the SVN HEAD. Thanks, Ruchith > Thanks, > Brian. > > -- > Brian Shields BSc. MSc., > PhD Candidate, > Department of Information Technology, > National University of Ireland, > Galway, > Ireland. >
wss4j and axis2
Hello, I am deploying security handlers in axis2. My question may be very simple, apologies if the answer is staring me in the face!! Where is the best place to include security tokens in the client? I have altered the axis2.xml file to include a parameters in the inflow and outflow.. Timestamp Timestamp From what i can make out, the outflowsecurity parmeter refers to any security tokens which will be added in the outflow of a service request and the inflowsecurity parameters are parameters which are expected for the service to be invoked?!? Where then are they applied to the client? Using the Options parameters? Thanks, Brian. -- Brian Shields BSc. MSc., PhD Candidate, Department of Information Technology, National University of Ireland, Galway, Ireland.