Yes..I always hardcoded those values in the descriptor...but the maven-mar-plugin should reconfigure axis2.xml to include <module ref="addressing"/> and any associated module specific parameters
cross posting to maven-users feel free to go ahead and post your question Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinh...@lampreynetworks.com To: java-...@axis.apache.org Subject: RE: No headers in response Date: Fri, 28 Sep 2012 14:40:14 -0400 Martin, I’ll take a look at the Rampart checks but I am also having a problem with no ws-addressing in the response and that’s in Axis2 which I can’t get loaded because of maven problems. I do see success in the older versions (1.5.1). Brian From: Martin Gainty [mailto:mgai...@hotmail.com] Sent: Friday, September 28, 2012 10:30 AM To: java-...@axis.apache.org Subject: RE: No headers in response these are the (secure) headers that are supported by xmlsoap securitypolicy http://schemas.xmlsoap.org/ws/2005/07/securitypolicy if you dont see the secure header defined in this xsd then Rampart (or any other securitypolicy implementor) does'nt implement it Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinh...@lampreynetworks.com To: java-...@axis.apache.org Subject: RE: No headers in response Date: Fri, 28 Sep 2012 04:42:48 -0400Martin, This looks like client side testing. I have no problem on the client. It’s my service whose response has no headers. The client is much easier to deal with as one tends to use code and for that there is great help from Eclipse and javadoc. The service, on the other hand, one usually has to use xml to control all behaviors and that is very difficult (difficult in the sense one has no idea what, for example, the possible parameters, elements, attributes, etc. are and what they do…and no help from Eclipse like there is with code). Brian From: Martin Gainty [mailto:mgai...@hotmail.com] Sent: Thursday, September 27, 2012 10:59 PM To: java-...@axis.apache.org Subject: RE: No headers in response try it like this MessageContext ctx = getMsgCtx12(); //none of these tests contain mustUnderstand attribute so we will need to reconstruct our mustUnderstand later on String policyXml = "test-resources/policy/rampart-asymm-binding-6-3des-r15.xml"; Policy policy = loadPolicy(policyXml); ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy); MessageBuilder builder = new MessageBuilder(); builder.build(ctx); // Building the SOAP envelope from the OMElement buildSOAPEnvelope(ctx); RampartEngine engine = new RampartEngine(); List<org.apache.ws.security.WSSecurityEngineResult> results = engine.process(ctx); MG>notice that inside org.apache.rampart.MessageBuilder we have RampartMessageData build() method *which has access to the security Headers* public void build(MessageContext msgCtx) throws WSSPolicyException, RampartException, WSSecurityException, AxisFault { Axis2Util.useDOOM(true); RampartMessageData rmd = new RampartMessageData(msgCtx, true); RampartPolicyData rpd = rmd.getPolicyData(); if(rpd == null || isSecurityValidationFault(msgCtx) || !RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false)) { Document doc = rmd.getDocument(); WSSecHeader secHeader = rmd.getSecHeader(); MG>start mods... check here to make sure mustUnderstand is turned on if(secHeader!=null) && (secHeader.getMustUnderstand()==true) { MG>normal } else { MG>remove the bad one ,reconstruct WSSecHeader and add to RampartMessageData if ( secHeader != null ) { secHeader.removeSecurityHeader(doc); } secHeader = new WSSecHeader("actor",true); rmd.setSecHeader(secHeader); } MG>end mods MG return; } //Copy the RECV_RESULTS if available if(!rmd.isInitiator()) { OperationContext opCtx = msgCtx.getOperationContext(); MessageContext inMsgCtx; if(opCtx != null && (inMsgCtx = opCtx.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null) { msgCtx.setProperty(WSHandlerConstants.RECV_RESULTS, inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS)); } } String isCancelreq = (String)msgCtx.getProperty(RampartMessageData.CANCEL_REQUEST); if(isCancelreq != null && Constants.VALUE_TRUE.equals(isCancelreq)) { try { String cancelAction = TrustUtil.getWSTNamespace(rmd.getWstVersion()) + RahasConstants.RST_ACTION_CANCEL_SCT; //Set action msgCtx.getOptions().setAction(cancelAction); //Change the wsa:Action header String wsaNs = Final.WSA_NAMESPACE; Object addressingVersionFromCurrentMsgCtxt = msgCtx.getProperty(AddressingConstants.WS_ADDRESSING_VERSION); if (Submission.WSA_NAMESPACE.equals(addressingVersionFromCurrentMsgCtxt)) { wsaNs = Submission.WSA_NAMESPACE; } OMElement header = msgCtx.getEnvelope().getHeader(); if(header != null) { OMElement actionElem = header.getFirstChildWithName(new QName(wsaNs, AddressingConstants.WSA_ACTION)); if(actionElem != null) { actionElem.setText(cancelAction); } } //set payload to a cancel request String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx); String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey); if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) { OMElement bodyElem = msgCtx.getEnvelope().getBody(); OMElement child = bodyElem.getFirstElement(); SecurityContextToken sct = new SecurityContextToken( (Element) rmd.getTokenStorage().getToken(tokenId) .getToken()); OMElement newChild = TrustUtil.createCancelRequest(sct .getIdentifier(), rmd.getWstVersion()); Element newDomChild = XMLUtils.toDOM(newChild); Node importedNode = rmd.getDocument().importNode((Element) newDomChild, true); ((Element) bodyElem).replaceChild(importedNode, (Element) child); } else { throw new RampartException("tokenToBeCancelledInvalid"); } } catch (Exception e) { e.printStackTrace(); throw new RampartException("errorInTokenCancellation"); } } if(rpd.isTransportBinding()) { log.debug("Building transport binding"); TransportBindingBuilder building = new TransportBindingBuilder(); building.build(rmd); } else if(rpd.isSymmetricBinding()) { log.debug("Building SymmetricBinding"); SymmetricBindingBuilder builder = new SymmetricBindingBuilder(); builder.build(rmd); } else { AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder(); builder.build(rmd); } //TODO remove following check, we don't need this check here as we do a check to see whether // security header required Document doc = rmd.getDocument(); WSSecHeader secHeader = rmd.getSecHeader(); if ( secHeader != null && secHeader.isEmpty(doc) ) { secHeader.removeSecurityHeader(doc); } got /* * Checking whether MTOMSerializable is there. If so set optimizeElement. * */ if(rpd.isMTOMSerialize()){ msgCtx.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE); OptimizePartsConfig config= rpd.getOptimizePartsConfig(); if(config != null){ MessageOptimizer.optimize(msgCtx.getEnvelope(), config.getExpressions(), config.getNamespaces()); } } } //end RampartMessageData build method // download wss4j and and make mod to low access to mustunderstand // http://ws.apache.org/wss4j/source-repository.html public class WSSecHeader { private String actor = null; private boolean mustunderstand = true; //accessor that werner forgot public boolean getMustUnderstand() { return this.mustunderstand; } ... } compile and package with maven pom.xml Martin Gainty ______________________________________________ Jogi és Bizalmassági kinyilatkoztatás/Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Ez az üzenet bizalmas. Ha nem ön az akinek szánva volt, akkor kérjük, hogy jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának készítése nem megengedett. Ez az üzenet csak ismeret cserét szolgál és semmiféle jogi alkalmazhatósága sincs. Mivel az electronikus üzenetek könnyen megváltoztathatóak, ezért minket semmi felelöség nem terhelhet ezen üzenet tartalma miatt. Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinh...@lampreynetworks.com To: java-...@axis.apache.org Subject: RE: No headers in response Date: Thu, 27 Sep 2012 19:11:27 -0400Martin, I tried that as well and the response still came back with no headers. Somehow the STS service manages to get a header in the response (missing must understand in the addressing); but it’s a start. Brian From: Martin Gainty [mailto:mgai...@hotmail.com] Sent: Thursday, September 27, 2012 9:30 AM To: java-...@axis.apache.org Subject: RE: No headers in response Hi Brian i'll take the last question.. from axis2.xml i assume you have included optional Headers axis2.xml contains: <moduleConfig name="addressing"> <parameter name="includeOptionalHeaders">true</parameter> </moduleConfig> run this test where axis2-IncludeOptionalHeadersTrue.xml contains <axisconfig name="AxisJava2.0"> <!-- Comment this to disable Addressing --> <module ref="addressing"/> <!--Configuring module , providing parameters for modules whether they refer or not--> <moduleConfig name="addressing"> <parameter name="includeOptionalHeaders">true</parameter> </moduleConfig> <!-- ================================================= --> <!-- Phases --> <!-- ================================================= --> <phaseOrder type="InFlow"> <!-- System predefined phases --> <phase name="Transport"> <handler name="RequestURIBasedDispatcher" class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"> <order phase="Transport"/> </handler> <handler name="SOAPActionBasedDispatcher" class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"> <order phase="Transport"/> </handler> </phase> <phase name="Addressing"> <handler name="AddressingBasedDispatcher" class="org.apache.axis2.dispatchers.AddressingBasedDispatcher"> <order phase="Addressing"/> </handler> </phase> <phase name="Security"/> <phase name="PreDispatch"/> <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase"> <handler name="RequestURIBasedDispatcher" class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/> <handler name="SOAPActionBasedDispatcher" class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/> <handler name="RequestURIOperationDispatcher" class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/> <handler name="SOAPMessageBodyBasedDispatcher" class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/> <handler name="HTTPLocationBasedDispatcher" class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/> <handler name="GenericProviderDispatcher" class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/> <handler name="MustUnderstandValidationDispatcher" class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/> </phase> <phase name="RMPhase"/> <!-- System predefined phases --> <!-- After Postdispatch phase module author or service author can add any phase he want --> <phase name="OperationInPhase"> <handler name="MustUnderstandChecker" class="org.apache.axis2.jaxws.dispatchers.MustUnderstandChecker"> <order phase="OperationInPhase"/> </handler> </phase> <phase name="soapmonitorPhase"/> </phaseOrder> <phaseOrder type="OutFlow"> <!-- user can add his own phases to this area --> <phase name="soapmonitorPhase"/> <phase name="OperationOutPhase"/> <!--system predefined phase--> <!--these phase will run irrespective of the service--> <phase name="RMPhase"/> <phase name="PolicyDetermination"/> <phase name="MessageOut"/> <phase name="Security"/> </phaseOrder> <phaseOrder type="InFaultFlow"> <phase name="Addressing"> <handler name="AddressingBasedDispatcher" class="org.apache.axis2.dispatchers.AddressingBasedDispatcher"> <order phase="Addressing"/> </handler> </phase> <phase name="Security"/> <phase name="PreDispatch"/> <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase"> <handler name="RequestURIBasedDispatcher" class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/> <handler name="SOAPActionBasedDispatcher" class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/> <handler name="RequestURIOperationDispatcher" class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/> <handler name="SOAPMessageBodyBasedDispatcher" class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/> <handler name="HTTPLocationBasedDispatcher" class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/> <handler name="GenericProviderDispatcher" class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/> <handler name="MustUnderstandValidationDispatcher" class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/> </phase> <phase name="RMPhase"/> <!-- user can add his own phases to this area --> <phase name="OperationInFaultPhase"/> <phase name="soapmonitorPhase"/> </phaseOrder> <phaseOrder type="OutFaultFlow"> <!-- user can add his own phases to this area --> <phase name="soapmonitorPhase"/> <phase name="OperationOutFaultPhase"/> <phase name="RMPhase"/> <phase name="PolicyDetermination"/> <phase name="MessageOut"/> <phase name="Security"/> </phaseOrder> </axisconfig> //now run the TestCase org.apache.axis2.handlers.addressing.AddressingOutHandlerTest.java: java.io.File configFile = new java.io.File(System.getProperty("basedir",".") + "/test-resources/axis2-IncludeOptionalHeadersTrue.xml"); org.apache.axis2.context.ConfigurationContext cfgCtx =org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromFileSystem("target/test-classes",configFile.getAbsolutePath()); //<parameter name="includeOptionalHeaders">true</parameter> in addressing module should now be true msgCtxt = cfgCtx.createMessageContext(); msgCtxt.setEnvelope(OMAbstractFactory.getSOAP11Factory().getDefaultEnvelope()); msgCtxt.setTo(new EndpointReference("http://www.to.org/service/")); msgCtxt.setFrom(new EndpointReference("http://www.from.org/service/")); msgCtxt.setReplyTo(new EndpointReference("http://www.replyTo.org/service/")); msgCtxt.setFaultTo(new EndpointReference("http://www.faultTo.org/service/")); msgCtxt.setWSAAction("http://www.actions.org/action"); msgCtxt.setMessageID("123456-7890"); msgCtxt.addRelatesTo(new RelatesTo("http://www.relatesTo.org/service/")); msgCtxt.setProperty(WS_ADDRESSING_VERSION, Final.WSA_NAMESPACE); outHandler.invoke(msgCtxt); org.custommonkey.xmlunit.XMLUnit.setIgnoreWhitespace(true); assertXMLEqual(msgCtxt.getEnvelope().toString(), org.apache.axis2.handlers.util.TestUtil.getOMBuilder("withOptionalHeadersTest.xml").getDocumentElement().toString()); //msgCtxt.getEnvelope().toString() should be IDENTICAL to contents of withOptionalHeadersTest.xml shown here <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsa:To>http://www.to.org/service/</wsa:To> <wsa:From><wsa:Address>http://www.from.org/service/</wsa:Address></wsa:From> <wsa:ReplyTo><wsa:Address>http://www.replyTo.org/service/</wsa:Address></wsa:ReplyTo> <wsa:FaultTo><wsa:Address>http://www.faultTo.org/service/</wsa:Address></wsa:FaultTo> <wsa:Action>http://www.actions.org/action</wsa:Action> <wsa:MessageID>123456-7890</wsa:MessageID> <wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">http://www.relatesTo.org/service/</wsa:RelatesTo> </soapenv:Header> <soapenv:Body /> </soapenv:Envelope> is this not the case? Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinh...@lampreynetworks.com To: java-...@axis.apache.org Subject: No headers in response Date: Thu, 27 Sep 2012 07:35:07 -0400 I am re-opening a question I saw no answer to asked in this forum quite a while ago. In the STS service requesting a SMAL20 token the response is okay.But in the service that needs to have the SAML20 token, the response has no headers at all. This is in spite of the must understand setting in the client headers in both the addressing and security part. Everything is 1.6.2; rampart, axis2, and axiom is 1.2.14. Adding the <parameter name="includeOptionalHeaders">true</parameter> in the service.xml does not help (though that is what I used programmatically on the client side to generate the correct addressing headers).Is this a bug or what am I doing wrong in the configuration? Thanks, Brian ReinholdNo virus found in this message. Checked by AVG - www.avg.com Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in this message. Checked by AVG - www.avg.com Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in this message. Checked by AVG - www.avg.com Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in this message. Checked by AVG - www.avg.com Version: 2012.0.2221 / Virus Database: 2441/5295 - Release Date: 09/27/12