axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Samisa Abeysinghe" <SAbeysin...@virtusa.com>
Subject RE: WS-Security
Date Fri, 13 May 2005 03:13:31 GMT
Hi Pat,
            Looks like you just need username/password token support as
of now, and no encryption is required.
            Hence, to deal with this security header, you may be able to
develop a handler. Using the handler, you would be able to set the
required SOAP headers. This would be a workaround for the time being.
Thanks,
Samisa...
 
-----Original Message-----
From: Patrick Heffernan [mailto:patrick.heffernan@pioneerdigital.com] 
Sent: Friday, May 13, 2005 12:12 AM
To: 'Apache AXIS C User List'
Subject: RE: WS-Security
 
Hi Samisa, Dinesh, and John,
 
Thanks for taking on my WS-Security question.
 
I've got a Linux C++ application that I'm modifying to send web services
requests to a Microsoft WS server that is implementing the Web Services
Enhancements (WSE) package that includes WS-Security.  I have no choice
in the server as we are a third party developer that is integrating our
product into an existing system (and we're not a Microsoft shop to boot
-- so not taking on a MS WS client!).  I've had them turn off the
security stuff on the dev system we're testing against so I can continue
my application dev/testing but the WS-Security obviously needs to be in
place for us to go to production.
 
This is the format of soap messages I am required to support:
 
<?xml version="1.0" encoding="utf-16"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <soap:Header>
    <wsrp:path soap:actor="http://schemas.xmlsoap.org/soap/actor/next"
soap:mustUnderstand="1" xmlns:wsrp="http://schemas.xmlsoap.org/rp">
      <wsrp:action wsu:Id="Id-d579335c-2dd7-456c-8858-7ef6942b5de1"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">http://webserv
ices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId</wsrp:ac
tion>
      <wsrp:to wsu:Id="Id-82b10467-2f1d-49ca-a473-51f5322ccba9"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">http://iwslib/
cox.web.services.profile/ServiceCustomer.asmx</wsrp:to>
      <wsrp:id wsu:Id="Id-ff1f9f68-3c2c-4241-9dde-13615792f440"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">uuid:0c58b657-
0242-4e43-9bf7-68904b9e6294</wsrp:id>
    </wsrp:path>
    <wsu:Timestamp
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
      <wsu:Created
wsu:Id="Id-d76e05cc-0cfc-4bb4-b488-fbbab35f3f78">2005-05-11T14:41:07Z</w
su:Created>
      <wsu:Expires
wsu:Id="Id-0519fa62-4a7f-4c78-bfaf-770819003582">2005-05-11T14:46:07Z</w
su:Expires>
    </wsu:Timestamp>
    <wsse:Security soap:mustUnderstand="1"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
      <wsse:UsernameToken
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"
wsu:Id="SecurityToken-9d8ff073-b0ea-41a7-ae7f-c76f5b6558b0">
        <wsse:Username>webserviceuser</wsse:Username>
        <wsse:Password Type="wsse:PasswordText">aa</wsse:Password>
        <wsse:Nonce>xmOrtuc7SgN2QoFJgBk8uw==</wsse:Nonce>
        <wsu:Created>2005-05-11T14:41:07Z</wsu:Created>
      </wsse:UsernameToken>
      <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
          <CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
          <SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
          <Reference URI="#Id-da5e3a0c-295a-4cb3-80cc-7d823fc48e3a">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>qRU8kf9YQDtevGGRLqbJ7k5biuc=</DigestValue>
          </Reference>
          <Reference URI="#Id-d579335c-2dd7-456c-8858-7ef6942b5de1">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>FMEJoIBD7T0uXY3eizSz0oiwzRE=</DigestValue>
          </Reference>
          <Reference URI="#Id-82b10467-2f1d-49ca-a473-51f5322ccba9">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>wdST6LxVV+0XOZ7xqhVe9zIJ2G4=</DigestValue>
          </Reference>
          <Reference URI="#Id-ff1f9f68-3c2c-4241-9dde-13615792f440">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>2MJUGSiUzDLBFyDAH0OrJP46R6k=</DigestValue>
          </Reference>
          <Reference URI="#Id-d76e05cc-0cfc-4bb4-b488-fbbab35f3f78">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>cqRYyBRHatKNRvAQM01OrvBERyw=</DigestValue>
          </Reference>
          <Reference URI="#Id-0519fa62-4a7f-4c78-bfaf-770819003582">
            <Transforms>
              <Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </Transforms>
            <DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <DigestValue>j6AxeTlBcpfKuVJHD1TvoMuEaes=</DigestValue>
          </Reference>
        </SignedInfo>
        <SignatureValue>IwEDjgV/jC/HjyXPxyzaF738eZc=</SignatureValue>
        <KeyInfo>
          <wsse:SecurityTokenReference>
            <wsse:Reference
URI="#SecurityToken-9d8ff073-b0ea-41a7-ae7f-c76f5b6558b0" />
          </wsse:SecurityTokenReference>
        </KeyInfo>
      </Signature>
    </wsse:Security>
  </soap:Header>
  <soap:Body wsu:Id="Id-da5e3a0c-295a-4cb3-80cc-7d823fc48e3a"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
    <GetProfileByAccountNumberAndSiteId
xmlns="http://webservices.cox.com/CustomerProfile">
      <accountNumber9 />
      <siteId>0</siteId>
    </GetProfileByAccountNumberAndSiteId>
  </soap:Body>
</soap:Envelope>
 
It sounds like you guys have done alot of good work on this.  What are
the chances of getting it completed in the near future?  Other than me
trying to hack something to make it work, do I have any other options?
 
Thanks again,
 
pat
	-----Original Message-----
	From: John Hawkins [mailto:HAWKINSJ@uk.ibm.com] 
	Sent: Thursday, May 12, 2005 3:30 AM
	To: Apache AXIS C User List
	Subject: Re: WS-Security
	
	So, it doesn't sound like we're that far off - if we just
implement the getSOAPBodyAsString() method then we would be able to have
ws-security on client-side (at least)? 
	
	
	
	
	
	
Din%$h <xydinesh@gmail.com> 
12/05/2005 10:21 
Please respond to
"Apache AXIS C User List"
To
Apache AXIS C User List <axis-c-user@ws.apache.org> 
cc
 
Subject
Re: WS-Security
 
 
 
	
	
	
	Hi John,
	
	    Let me breif what we tried to do.
	
	  When Client make a request ,  we get the Body from the
serializer and Encrypt it again set those encrypted Body to the message.
At the server end we got the encrypted message from the deserializer and
decrypted it. and get the original message. For the response flow also
scenario remains same. We hoped to do it using an handler.
	
	Since there was a method called getBodyAsString(), (as I
remember). We creadted DOM tree using that body. ( If we could get
Object Model that was easier). 
	
	giving soap message as a String I was able to Encrypt it and
Giving that Encrypt message I was able to got that  original message
too.
	
	Since there wasn't a way to get acess to the Body(
getSoapBodyAsString ()  or any other method which can access body didn't
implemented at that time). We didn't able to integrate it with axis
using a handler.
	
	regards,
	Dinesh
	
	
	On 5/12/05, John Hawkins <HAWKINSJ@uk.ibm.com> wrote: 
	
	Hi Dinesh, 
	
	Can I ask - how you wanted that soap body? 
	
	Would you need a byte stream or an object model? 
	
	Was this client or server side or both? 
	
	Was it on the outgoing or incoming message or both? 
	
	
	cheers, 
	John. 
	
	
	
Din%$h <xydinesh@gmail.com <mailto:xydinesh@gmail.com> > 
12/05/2005 08:07 
Please respond to
"Apache AXIS C User List"
 
To
Apache AXIS C User List <axis-c-user@ws.apache.org
<mailto:axis-c-user@ws.apache.org> > 
cc
 
Subject
Re: WS-Security
 
 
 
	
	
	
	
	Hi,
	    
	    Both Sameera and my self had worked on this (WSS4C). We
needed to get body of Soap Message through a handler.( from Serilizer).
But Unfortunately It was not implemented at that time.( It was commented
/* To do */). There were some threads discussing about those methods. 
	
	We were unable to get access to the Body of the Soap message
through a handler.So we 
	stopped at that point. ( Until those methods are implemented )
	
	http://wiki.apache.org/ws/WSS4C
	
	I don't know whether some one is working on this Project now.
	
	thanx,
	Dinesh
	
	On 5/12/05, Samisa Abeysinghe <SAbeysinghe@virtusa.com > wrote: 
	There were some efforts and there were some improvements
proposed to the
	current engine to help implement WS-Security ,like opening up
the SOAP
	body in handlers. But we did not hear from anyone on this
lately.
	
	Is there anyone working on WS-Sec at the moment?
	
	Thanks,
	Samisa...
	
	
	-----Original Message-----
	From: Patrick Heffernan
[mailto:patrick.heffernan@pioneerdigital.com ]
	Sent: Thursday, May 12, 2005 12:14 PM
	To: axis-c-user@ws.apache.org
	Subject: WS-Security
	
	I apologize if I've missed this in some publication.  What is
the plan 
	for Axis C++ support WS-Security?  I've got a project that
requires the
	WSE Username/Password token and I'm trying to determine what
options are
	available to me.
	
	Thanks, pat
	
	
	
	
	-- 
	W.Dinesh Premalal
	premalwd@cse.mrt.ac.lk 
	http://www.cse.mrt.ac.lk/~premalwd/
<http://www.cse.mrt.ac.lk/%7Epremalwd/>  
	
	
	
	-- 
	W.Dinesh Premalal
	premalwd@cse.mrt.ac.lk
	http://www.cse.mrt.ac.lk/~premalwd/ 

Mime
View raw message