Abdul,
as a
first guess: you placed the SOAP Monitor _before_ the WS
Security
handler in the resposne chain - thus you don't see all the security
headers.
Best
way to monitor the real data flow is to use the Axis tcpmon
utility.
Regards,
Werner
-----Ursprüngliche Nachricht-----Hi guys,
Von: Abdul Ashik [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 12. Oktober 2005 00:07
An: [email protected]
Betreff: Verifying SOAP response headers
I've got "Signature Encrypt" set up both-ways on client/server. Keys, certs and keystores also sorted out (see attached file on how I went about it). Everything seems to be working but when using the Axis SOAP Monitor app, I can see the ws-sec headers in the outgoing request message, but when response from the Server only shows SOAP header & body *without* the ws-sec stuff.
Yet my client is reporting that all is working e.g.:
- Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]
- Verification successful for URI "#id-15140795"
The server WSDD has got the :
<handler name="soapmonitor" type="java:org.apache.axis.handlers.SOAPMonitorHandler"/>
on global config area and also in the request and response flow areas: <handler type="soapmonitor"/>
I mean, both server and client are telling me that all is fine, but unless I can see the server's response with the signature and encrypted elements, I can't say it is. What I'm I doing wrong...?
Thanks in advance.
Ash
PS. the server is running on JBoss 3.2.5 (Axis war file) and client is running as java app running from Eclipse.
