Hello everyone, I was referred here from the Axis2 user group. I am currently trying to add WS-Security to an existing web service (AsymmetricBinding/Signature Only) using Apache AXIS2 with Rampart. There's a sample in the rampart distribution that theoretically illustrates how to do this, so I started with the policy.xml and service.xml files from that and attempted to add this to my service code, which was autogenerated using WSDL2Java.
I've been unable to get this working, and I have run out of ideas. Has anyone actually used Rampart policy files to successfully provide certificate-based authentication, and if so, would you mind sharing your policy.xml file? Also: I am seeing the following error in the logs: 2007-08-08 15:51:56,983 DEBUG org.apache.ws.security.WSSecurityEngine - Unknown Element: BinarySecurityToken http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex t-1.0.xsd That seems like probable cause for this to fail. I looked up that error on Google, and I see a lot of references to XML Pretty Printing (which I now have disabled in my client axis2.xml, although it does not appear to have made a difference in the output) and most of those messages were using Axis 1.3, not Axis2 as I am using. The other thing I am struggling with are the X509 token types and the decryption algorithm. Is it possible to find that information on the certificate itself? I was unable to find it, but I am thinking if I were wrong that would be another reason why my signature validation would fail. Thanks so much for your time, Jennifer Ford Energy Management Systems --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
