You are right - many thanks! I can see the ws-sec headers now.
Cheers,
Ash
On 10/12/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote:
Abdul,as a first guess: you placed the SOAP Monitor _before_ the WS Securityhandler in the resposne chain - thus you don't see all the security headers.Best way to monitor the real data flow is to use the Axis tcpmon utility.Regards,Werner-----Ursprüngliche Nachricht-----
Von: Abdul Ashik [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 12. Oktober 2005 00:07
An: [email protected]
Betreff: Verifying SOAP response headersHi guys,
I've got "Signature Encrypt" set up both-ways on client/server. Keys, certs and keystores also sorted out (see attached file on how I went about it). Everything seems to be working but when using the Axis SOAP Monitor app, I can see the ws-sec headers in the outgoing request message, but when response from the Server only shows SOAP header & body *without* the ws-sec stuff.
Yet my client is reporting that all is working e.g.:
- Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]
- Verification successful for URI "#id-15140795"
The server WSDD has got the :
<handler name="soapmonitor" type="java:org.apache.axis.handlers.SOAPMonitorHandler"/>
on global config area and also in the request and response flow areas: <handler type="soapmonitor"/>
I mean, both server and client are telling me that all is fine, but unless I can see the server's response with the signature and encrypted elements, I can't say it is. What I'm I doing wrong...?
Thanks in advance.
Ash
PS. the server is running on JBoss 3.2.5 (Axis war file) and client is running as java app running from Eclipse.
