Hi again, I figured out that there are just a couple of classes in wssj4 that depend on axis 1. I removed them, and commented out the code I listed below from WSHandler, rebuilt wss4j, and now it works - I can encode my message without a properties file or keystore file.
cheers, md > -----Original Message----- > From: Davis, Michael > Sent: Tuesday, July 10, 2007 10:05 AM > To: '[EMAIL PROTECTED]' > Cc: '[EMAIL PROTECTED]'; [email protected] > Subject: RE: Rampart configuration question > > > Thanks Ruchith, > > Sorry everyone for crossposting, but I just now became aware > that there is a rampart mailing list. I also realize that the > source of the problem is in wss4j code. So I won't post > further replies to the axis list. And for the people on the > rampart and wss4j lists: should I post replies to both lists? > > Anyway, I did try removing the encryptionPropFile entry, and > it threw an exception. > > org.apache.rampart.handler.WSDoAllHander > extends > org.apache.ws.security.handler.WSHandler > from wss4j, and in that file, at around line 420 is this code: > > else if ((crypto = reqData.getSigCrypto()) == null) { > throw new WSSecurityException( > "WSHandler: Encryption: no crypto property file"); > } > > I tried to comment out that code and rebuild wss4j, but some > of that library's classes depend on axis1, and I'm trying to > compile against axis2, so I'm running into problems. > > cheers, > md > > > > -----Original Message----- > > From: Ruchith Fernando [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, July 10, 2007 5:07 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Rampart configuration question > > > > > > I agree we should not require the > > "<encryptionPropFile>client.properties</encryptionPropFile>" entry. > > > > Can you please try removing it? > > > > Thanks, > > Ruchith > > > > On 7/6/07, [EMAIL PROTECTED] > > <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > I'm trying to use Rampart to encrypt my message body using > > a symetric secret key. > > > > > > Sample 9, included with the Rampart distibution, does just > > this. The actual key is hard-coded in a callback function > > both on the client and the server. My understanding is that > > the key is the only piece of data needed to encode the message. > > > > > > I was wondering why this part of the client config file: > > > > > > <action> > > > <items>Encrypt</items> > > > <user>client</user> > > > > > <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier> > > > > > <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09. > > PWCBHandler</EmbeddedKeyCallbackClass> > > > > > <encryptionPropFile>client.properties</encryptionPropFile> > > > <EmbeddedKeyName>SessionKey</EmbeddedKeyName> > > > </action> > > > > > > contains the encryptionPropFile property. The said property > > file contains this: > > > > > > > > org.apache.ws.security.crypto.provider=org.apache.ws.security. > > components.crypto.Merlin > > > org.apache.ws.security.crypto.merlin.keystore.type=jks > > > org.apache.ws.security.crypto.merlin.keystore.password=apache > > > org.apache.ws.security.crypto.merlin.file=client.jks > > > > > > Now, I can see why we need to configure the provider class. > > But why does Rampart need the keystore? I'm not using > > public/private keys or certificates, just one secret key. > > > > > > The code works, but I'd like to simplify it as much as > > possible. The properties and keystore files shouldn't be > > necessary, unless I'm misunderstanding something. > > > > > > Many thanks > > > Michael Davis > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > -- > > www.ruchith.org > > www.wso2.org > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
