thank you very much for all answer (specially gnodet and Sequy)
I think It's very best reference.
But I don't Know about WS-Security until now..
After running servicemix, I'm testing WS-security load to SOAP Message that
send between servicemix to Webservices.
It's Success to send soap Message except No WS-security.
(I'm sure I complete WS-Security test in Webservices)
but here is some error log by client request
-------------------------------------------------------------------
<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server.generalException</faultcode>
<faultstring>WSDoAllReceiver: Request does not contain
required Security
header</faultstring>
<detail>
<ns1:hostname
xmlns:ns1="http://xml.apache.org/axis/";>xxx</ns1:hostname>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
-------------------------------------------------------------------
I'm check now security.xml and servicemix.xml file in servicemix.
How do I modify servicemix.xml?
or am I modify some different file?
and How to import client-config.wsdd file in servicemix.xml?
I'm add to jar file at classpath.
What can I do for best answer about WS-Security in SOAP Message.
here is servicemix's binding component that client request.
-------------------------------------------------------------------
<sm:activationSpec componentName="consumer">
<sm:component>
<http:component>
<http:endpoints>
<!-- binding Component that for connect ESB
platform -->
<http:endpoint
service="xns:receiver"
endpoint="endpoint"
targetService="xns:receiver"
targetEndpoint="xpto"
role="consumer"
soap="true"
soapVersion="1.1"
locationURI="http://localhost:8082/JmsService/";
defaultMep="http://www.w3.org/2004/08/wsdl/in-out";>
</http:endpoint>
</http:endpoints>
</http:component>
</sm:component>
</sm:activationSpec>
-------------------------------------------------------------------
here is servicemix's binding component that connect to webservice by client
request.
-------------------------------------------------------------------
<sm:activationSpec componentName="provider">
<sm:component>
<http:component>
<http:endpoints>
<!-- binding Component that for connect
WebServices -->
<http:endpoint
service="xns:receiver"
endpoint="xpto"
role="provider"
soap="true"
soapVersion="1.1"
locationURI="http://localhost:8084/OrderWeb/services/OrderProcessor";
wsdlResource="http://localhost:8084/OrderWeb/services/OrderProcessor?wsdl";>
<!-- Enable ws-sec with UsernameToken
-->
<!--
<http:policies>
<soap:ws-addressing />
<soap:ws-security receiveAction="UsernameToken" />
</http:policies>
-->
</http:endpoint>
</http:endpoints>
</http:component>
</sm:component>
</sm:activationSpec>
-------------------------------------------------------------------
here is client-config.wsdd file.
-------------------------------------------------------------------
<?xml version="1.0" encoding="EUC-KR"?>
<deployment xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<service name="OrderProcessor">
<requestFlow>
<handler
name="DoSecuritySender"
type="java:org.apache.ws.axis.security.WSDoAllSender">
<parameter name="user" value="consumer_user"/>
<parameter name="encryptionUser"
value="provider_cert"/>
<parameter name="passwordCallbackClass"
value="com.xxx.xxx.xxx.callback.ConsumerPWCallback"/>
<parameter name="action" value="Signature
Encrypt"/>
<parameter name="signaturePropFile"
value="consumer_crypto.properties"/>
<parameter name="encryptionPropFile"
value="consumer_crypto.properties"/>
</handler>
</requestFlow>
<responseFlow>
<handler
name="DoSecurityReceiver"
type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.xxx.xxx.xxx.callback.ConsumerPWCallback"/>
<parameter name="action" value="Signature
Encrypt"/>
<parameter name="signaturePropFile"
value="consumer_crypto.properties"/>
<parameter name="decryptionPropFile"
value="consumer_crypto.properties"/>
</handler>
</responseFlow>
</service>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
</deployment>
-------------------------------------------------------------------
Seguy wrote:
>
> Ok, I see your point.
>
>
>
> gnodet wrote:
>>
>> The main problem is that the jsr181 component has not been
>> designed to receive soap envelopes. The soap protocol should
>> be handled by the BC. The main reason is that from a JBI point
>> of view, soap is considered as a protocol, and all protocols should
>> be handled by BCs.
>>
>> ServiceMix uses JACC for authentication and while we do not
>> have any LDAP login module, it should be easy to adapt the
>> Geronimo ones on ServiceMix.
>>
>>
>>
>> Seguy wrote:
>>>
>>> Hello,
>>> I wasn't aware that someone was working in this issue.
>>> I have done a slight modification of the Jsr181Endpoint( not http
>>> endpoint)...
>>> only a new attribute to be able of manage a list of security handlers
>>> and then
>>> the descriptor looks like the following code (inside >>> <<<).
>>> Seems that works ok to manage a user token, but I haven't test yet the
>>> encryption
>>> and signature of the envelope.
>>>
>>> With this approximation you can sign and encrypt the envelope with your
>>> response,
>>> not only decrypt and verify the request envelope.
>>> In this way you also can write your customized handler for the user
>>> token,
>>> say for example writing your own code to validate the user against a
>>> ldap server.
>>>
>>> What you think of this way to achieve WSS4J support ?
>>>
>>>>>>
>>> <jsr181:endpoint
>>> pojoClass="org.codehaus.xfire.demo.BookService" annotations="none"
>>> service="demo:simple-service"
>>> endpoint="simple-service">
>>>
>>> <jsr181:inHandlers>
>>> <secure:handler
>>> handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
>>> <bean
>>> class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
>>> <property name="properties">
>>> <props>
>>> <prop key="action">UsernameToken</prop>
>>> <prop
>>> key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
>>> </props>
>>> </property>
>>> </bean>
>>> <secure:handler
>>> handlerClass="org.codehaus.xfire.demo.ValidateUserTokenHandler" />
>>> </jsr181:inHandlers>
>>>
>>> </jsr181:endpoint>
>>> </beans>
>>> <<<
>>>
>>>
>>
>>
>
>
--
View this message in context:
http://www.nabble.com/about-security-question-tf2478893.html#a6988484
Sent from the ServiceMix - User mailing list archive at Nabble.com.
