Return-Path: Delivered-To: apmail-ws-axis-c-user-archive@www.apache.org Received: (qmail 81895 invoked from network); 12 May 2005 18:13:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 12 May 2005 18:13:28 -0000 Received: (qmail 14233 invoked by uid 500); 12 May 2005 18:17:18 -0000 Delivered-To: apmail-ws-axis-c-user-archive@ws.apache.org Received: (qmail 14151 invoked by uid 500); 12 May 2005 18:17:17 -0000 Mailing-List: contact axis-c-user-help@ws.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: "Apache AXIS C User List" Reply-To: "Apache AXIS C User List" Delivered-To: mailing list axis-c-user@ws.apache.org Received: (qmail 14105 invoked by uid 99); 12 May 2005 18:17:16 -0000 X-ASF-Spam-Status: No, hits=0.2 required=10.0 tests=HTML_MESSAGE,HTML_TAG_EXIST_TBODY X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from Unknown (HELO penguin.pioneerdigital.com) (198.182.200.63) by apache.org (qpsmtpd/0.28) with ESMTP; Thu, 12 May 2005 11:17:15 -0700 Received: from heffernan (173.pioneerdigital.com [198.182.200.173]) by penguin.pioneerdigital.com (8.12.11/8.12.11) with ESMTP id j4CIC2V6020176 for ; Thu, 12 May 2005 11:12:03 -0700 From: "Patrick Heffernan" To: "'Apache AXIS C User List'" Subject: RE: WS-Security Date: Thu, 12 May 2005 11:11:58 -0700 Message-ID: <002901c5571e$197e2520$adc8b6c6@heffernan> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_002A_01C556E3.6D1F4D20" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Scanned-By: MIMEDefang 2.49 on 198.182.200.63 X-Virus-Checked: Checked X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N This is a multi-part message in MIME format. ------=_NextPart_000_002A_01C556E3.6D1F4D20 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Samisa, Dinesh, and John, Thanks for taking on my WS-Security question. I've got a Linux C++ application that I'm modifying to send web services requests to a Microsoft WS server that is implementing the Web Services Enhancements (WSE) package that includes WS-Security. I have no choice in the server as we are a third party developer that is integrating our product into an existing system (and we're not a Microsoft shop to boot -- so not taking on a MS WS client!). I've had them turn off the security stuff on the dev system we're testing against so I can continue my application dev/testing but the WS-Security obviously needs to be in place for us to go to production. This is the format of soap messages I am required to support: http://webserv ices.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId http://iwslib/ cox.web.services.profile/ServiceCustomer.asmx uuid:0c58b657- 0242-4e43-9bf7-68904b9e6294 2005-05-11T14:41:07Z 2005-05-11T14:46:07Z webserviceuser aa xmOrtuc7SgN2QoFJgBk8uw== 2005-05-11T14:41:07Z qRU8kf9YQDtevGGRLqbJ7k5biuc= FMEJoIBD7T0uXY3eizSz0oiwzRE= wdST6LxVV+0XOZ7xqhVe9zIJ2G4= 2MJUGSiUzDLBFyDAH0OrJP46R6k= cqRYyBRHatKNRvAQM01OrvBERyw= j6AxeTlBcpfKuVJHD1TvoMuEaes= IwEDjgV/jC/HjyXPxyzaF738eZc= 0 It sounds like you guys have done alot of good work on this. What are the chances of getting it completed in the near future? Other than me trying to hack something to make it work, do I have any other options? Thanks again, pat -----Original Message----- From: John Hawkins [mailto:HAWKINSJ@uk.ibm.com] Sent: Thursday, May 12, 2005 3:30 AM To: Apache AXIS C User List Subject: Re: WS-Security So, it doesn't sound like we're that far off - if we just implement the getSOAPBodyAsString() method then we would be able to have ws-security on client-side (at least)? Din%$h 12/05/2005 10:21 Please respond to "Apache AXIS C User List" To Apache AXIS C User List cc Subject Re: WS-Security Hi John, Let me breif what we tried to do. When Client make a request , we get the Body from the serializer and Encrypt it again set those encrypted Body to the message. At the server end we got the encrypted message from the deserializer and decrypted it. and get the original message. For the response flow also scenario remains same. We hoped to do it using an handler. Since there was a method called getBodyAsString(), (as I remember). We creadted DOM tree using that body. ( If we could get Object Model that was easier). giving soap message as a String I was able to Encrypt it and Giving that Encrypt message I was able to got that original message too. Since there wasn't a way to get acess to the Body( getSoapBodyAsString () or any other method which can access body didn't implemented at that time). We didn't able to integrate it with axis using a handler. regards, Dinesh On 5/12/05, John Hawkins < HAWKINSJ@uk.ibm.com> wrote: Hi Dinesh, Can I ask - how you wanted that soap body? Would you need a byte stream or an object model? Was this client or server side or both? Was it on the outgoing or incoming message or both? cheers, John. Din%$h < xydinesh@gmail.com> 12/05/2005 08:07 Please respond to "Apache AXIS C User List" To Apache AXIS C User List < axis-c-user@ws.apache.org > cc Subject Re: WS-Security Hi, Both Sameera and my self had worked on this (WSS4C). We needed to get body of Soap Message through a handler.( from Serilizer). But Unfortunately It was not implemented at that time.( It was commented /* To do */). There were some threads discussing about those methods. We were unable to get access to the Body of the Soap message through a handler.So we stopped at that point. ( Until those methods are implemented ) http://wiki.apache.org/ws/WSS4C I don't know whether some one is working on this Project now. thanx, Dinesh On 5/12/05, Samisa Abeysinghe < SAbeysinghe@virtusa.com > wrote: There were some efforts and there were some improvements proposed to the current engine to help implement WS-Security ,like opening up the SOAP body in handlers. But we did not hear from anyone on this lately. Is there anyone working on WS-Sec at the moment? Thanks, Samisa... -----Original Message----- From: Patrick Heffernan [mailto: patrick.heffernan@pioneerdigital.com ] Sent: Thursday, May 12, 2005 12:14 PM To: axis-c-user@ws.apache.org Subject: WS-Security I apologize if I've missed this in some publication. What is the plan for Axis C++ support WS-Security? I've got a project that requires the WSE Username/Password token and I'm trying to determine what options are available to me. Thanks, pat -- W.Dinesh Premalal premalwd@cse.mrt.ac.lk http://www.cse.mrt.ac.lk/~premalwd/ -- W.Dinesh Premalal premalwd@cse.mrt.ac.lk http://www.cse.mrt.ac.lk/~premalwd/ ------=_NextPart_000_002A_01C556E3.6D1F4D20 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Message
Hi=20 Samisa, Dinesh, and John,
 
Thanks=20 for taking on my WS-Security question.
 
I've=20 got a Linux C++ application that I'm modifying to send web services = requests to=20 a Microsoft WS server that is implementing the Web Services Enhancements = (WSE)=20 package that includes WS-Security.  I have no choice in the server = as we=20 are a third party developer that is integrating our product into an = existing=20 system (and we're not a Microsoft shop to boot -- so not taking on a MS = WS=20 client!).  I've had them turn off the security stuff on the dev = system=20 we're testing against so I can continue my application dev/testing but = the=20 WS-Security obviously needs to be in place for us to go to=20 production.
 
This=20 is the format of soap messages I am required to = support:
 
<?xml=20 version=3D"1.0" encoding=3D"utf-16"?>
<soap:Envelope=20 xmlns:soap=3D"http://schemas.xmlsoap.org/soap/envelope/"=20 xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance"=20 xmlns:xsd=3D"http://www.w3.org/2001/XMLSchema">
 =20 <soap:Header>
   =20 <wsrp:path soap:actor=3D"http://schemas.xmlsoap.org/soap/actor/next"=20 soap:mustUnderstand=3D"1"=20 xmlns:wsrp=3D"http://schemas.xmlsoap.org/rp">
     =20 <wsrp:action wsu:Id=3D"Id-d579335c-2dd7-456c-8858-7ef6942b5de1"=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility">http://web= services.cox.com/CustomerProfile/GetProfileByAccountNumberAndSiteId</w= srp:action>
     =20 <wsrp:to wsu:Id=3D"Id-82b10467-2f1d-49ca-a473-51f5322ccba9"=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility">http://iws= lib/cox.web.services.profile/ServiceCustomer.asmx</wsrp:to><= /FONT>
     =20 <wsrp:id wsu:Id=3D"Id-ff1f9f68-3c2c-4241-9dde-13615792f440"=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility">uuid:0c58b= 657-0242-4e43-9bf7-68904b9e6294</wsrp:id>
   =20 </wsrp:path>
   =20 <wsu:Timestamp=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility">
     =20 <wsu:Created=20 wsu:Id=3D"Id-d76e05cc-0cfc-4bb4-b488-fbbab35f3f78">2005-05-11T14:41:07= Z</wsu:Created>
     =20 <wsu:Expires=20 wsu:Id=3D"Id-0519fa62-4a7f-4c78-bfaf-770819003582">2005-05-11T14:46:07= Z</wsu:Expires>
   =20 </wsu:Timestamp>
   =20 <wsse:Security soap:mustUnderstand=3D"1"=20 xmlns:wsse=3D"http://schemas.xmlsoap.org/ws/2002/07/secext">
      <wsse:UsernameToken=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility"=20 wsu:Id=3D"SecurityToken-9d8ff073-b0ea-41a7-ae7f-c76f5b6558b0"><= /FONT>
       =20 <wsse:Username>webserviceuser</wsse:Username>
       =20 <wsse:Password=20 Type=3D"wsse:PasswordText">aa</wsse:Password>
       =20 <wsse:Nonce>xmOrtuc7SgN2QoFJgBk8uw=3D=3D</wsse:Nonce><= /FONT>
       =20 <wsu:Created>2005-05-11T14:41:07Z</wsu:Created>=
     =20 </wsse:UsernameToken>
     =20 <Signature = xmlns=3D"http://www.w3.org/2000/09/xmldsig#">
       =20 <SignedInfo>
         =20 <CanonicalizationMethod = Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
         =20 <SignatureMethod = Algorithm=3D"http://www.w3.org/2000/09/xmldsig#hmac-sha1"=20 />
         =20 <Reference=20 URI=3D"#Id-da5e3a0c-295a-4cb3-80cc-7d823fc48e3a">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>qRU8kf9YQDtevGGRLqbJ7k5biuc=3D</DigestValue>
         =20 </Reference>
         =20 <Reference=20 URI=3D"#Id-d579335c-2dd7-456c-8858-7ef6942b5de1">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>FMEJoIBD7T0uXY3eizSz0oiwzRE=3D</DigestValue>
         =20 </Reference>
         =20 <Reference=20 URI=3D"#Id-82b10467-2f1d-49ca-a473-51f5322ccba9">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>wdST6LxVV+0XOZ7xqhVe9zIJ2G4=3D</DigestValue>
         =20 </Reference>
         =20 <Reference=20 URI=3D"#Id-ff1f9f68-3c2c-4241-9dde-13615792f440">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>2MJUGSiUzDLBFyDAH0OrJP46R6k=3D</DigestValue>
         =20 </Reference>
         =20 <Reference=20 URI=3D"#Id-d76e05cc-0cfc-4bb4-b488-fbbab35f3f78">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>cqRYyBRHatKNRvAQM01OrvBERyw=3D</DigestValue>
         =20 </Reference>
         =20 <Reference=20 URI=3D"#Id-0519fa62-4a7f-4c78-bfaf-770819003582">
          &nb= sp;=20 <Transforms>
          &nb= sp;  =20 <Transform Algorithm=3D"http://www.w3.org/2001/10/xml-exc-c14n#"=20 />
          &nb= sp;=20 </Transforms>
          &nb= sp;=20 <DigestMethod Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"=20 />
          &nb= sp;=20 <DigestValue>j6AxeTlBcpfKuVJHD1TvoMuEaes=3D</DigestValue>
 =20         </Reference>=
       =20 </SignedInfo>
       =20 <SignatureValue>IwEDjgV/jC/HjyXPxyzaF738eZc=3D</SignatureValue&g= t;
       =20 <KeyInfo>
         =20 <wsse:SecurityTokenReference>
          &nb= sp;=20 <wsse:Reference = URI=3D"#SecurityToken-9d8ff073-b0ea-41a7-ae7f-c76f5b6558b0"=20 />
         =20 </wsse:SecurityTokenReference>
       =20 </KeyInfo>
     =20 </Signature>
   =20 </wsse:Security>
 =20 </soap:Header>
  = <soap:Body=20 wsu:Id=3D"Id-da5e3a0c-295a-4cb3-80cc-7d823fc48e3a"=20 xmlns:wsu=3D"http://schemas.xmlsoap.org/ws/2002/07/utility">
   =20 <GetProfileByAccountNumberAndSiteId=20 xmlns=3D"http://webservices.cox.com/CustomerProfile">
     =20 <accountNumber9 />
     =20 <siteId>0</siteId>
   =20 </GetProfileByAccountNumberAndSiteId>
 =20 </soap:Body>
</soap:Envelope>
 
It sounds like you guys have done alot of = good work on=20 this.  What are the chances of getting it completed in the near=20 future?  Other than me trying to hack something to make it work, do = I have=20 any other options?
 
Thanks again,
 
pat
-----Original Message-----
From: John = Hawkins=20 [mailto:HAWKINSJ@uk.ibm.com]
Sent: Thursday, May 12, 2005 = 3:30=20 AM
To: Apache AXIS C User List
Subject: Re:=20 WS-Security


So, it=20 doesn't sound like we're that far off - if we just implement the=20 getSOAPBodyAsString() method then we would be able to have ws-security = on=20 client-side (at least)?






Din%$h=20 <xydinesh@gmail.com>

12/05/2005 10:21=20
Please respond=20 to
"Apache AXIS C User=20 List"
To
Apache = AXIS C User=20 List <axis-c-user@ws.apache.org>=20
cc
Subject
Re:=20 WS-Security

=




Hi=20 John,

    Let me breif what we tried to = do.

 =20 When Client make a request ,  we get the Body from the serializer = and=20 Encrypt it again set those encrypted Body to the message. At the = server end we=20 got the encrypted message from the deserializer and decrypted it. and = get the=20 original message. For the response flow also scenario remains same. We = hoped=20 to do it using an handler.

Since there was a method called=20 getBodyAsString(), (as I remember). We creadted DOM tree using that = body. ( If=20 we could get Object Model that was easier).

giving soap = message as a=20 String I was able to Encrypt it and Giving that Encrypt message I was = able to=20 got that  original message too.

Since there wasn't a way = to get=20 acess to the Body( getSoapBodyAsString ()  or any other method = which can=20 access body didn't implemented at that time). We didn't able to = integrate it=20 with axis using a = handler.

regards,
Dinesh


On 5/12/05, John Hawkins <HAWKINSJ@uk.ibm.com> = wrote:=20

Hi Dinesh,=20

Can I ask - how you = wanted that=20 soap body?

Would you need a byte stream or an object = model?

Was this = client or server=20 side or both?

Was it on the outgoing or incoming message or = both?


cheers,
John.=20



Din%$h = <xydinesh@gmail.com>

12/05/2005 08:07=20
Please respond=20 to
"Apache AXIS C User = List"


To
Apache=20 AXIS C User List <axis-c-user@ws.apache.org=20 >
cc
Subject
Re:=20 WS-Security







Hi,
   
    Both = Sameera and my=20 self had worked on this (WSS4C). We needed to get body of Soap Message = through=20 a handler.( from Serilizer). But Unfortunately It was not implemented = at that=20 time.( It was commented /* To do */). There were some threads = discussing about=20 those methods.

We were unable to get access to the Body of the = Soap=20 message through a handler.So we
stopped at that point. ( Until = those=20 methods are implemented )

http://wiki.apache.org/ws/WSS4C

I=20 don't know whether some one is working on this Project=20 now.

thanx,
Dinesh

On 5/12/05, Samisa = Abeysinghe=20 <SAbeysinghe@virtusa.com >=20 wrote:
There were some efforts and there were some improvements = proposed=20 to the
current engine to help implement WS-Security ,like opening = up the=20 SOAP
body in handlers. But we did not hear from anyone on this=20 lately.

Is there anyone working on WS-Sec at the=20 moment?

Thanks,
Samisa...


-----Original=20 Message-----
From: Patrick Heffernan [mailto:patrick.heffernan@pioneerdigital.com = ]
Sent: Thursday, May 12, 2005 12:14 PM
To: axis-c-user@ws.apache.org
Subject:=20 WS-Security

I apologize if I've missed this in some = publication.=20  What is the plan
for Axis C++ support WS-Security? =  I've got a=20 project that requires the
WSE Username/Password token and I'm = trying to=20 determine what options are
available to me.

Thanks,=20 pat




--
W.Dinesh Premalal
premalwd@cse.mrt.ac.lk=20
http://www.cse.mrt.ac.lk/~premalwd/=20



--
W.Dinesh = Premalal
premalwd@cse.mrt.ac.lk
http://www.cse.mrt.ac.lk/~premalwd/=20
------=_NextPart_000_002A_01C556E3.6D1F4D20--