axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sanka Samaranayke <ssa...@gmail.com>
Subject Re: changing security policy on the fly..
Date Fri, 16 Mar 2007 05:18:39 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Please log a JIRA

Thanks,
Sanka


Wynn, Jackson E. wrote:
> Hello,
>
> I'm looking for documentation and/or code examples that show how an
>  Axis2 web service can load and apply different security policies
> at run time. This capability is demonstrated by rampart sample
> client applications as follows:
>
> /StAXOMBuilder builder = /*/new/*/ StAXOMBuilder (policyFilename);
> /
>
> /Policy thePolicy =
> PolicyEngine.getPolicy(builder.getDocumentElement());/
>
> //
>
> /Options options = /*/new/*/ Options();/
>
> //
>
> //
>
> /ServiceClient client = /*/new/*/ ServiceClient(m_configContext,
> *null*//);/
>
> /options.setProperty(RampartMessageData.//KEY_RAMPART_POLICY//,
> thePolicy);/
>
> /client.setOptions(options); /
>
> /.../
>
> Sadly, the approach above does not work for a service, and I have
> not found any code examples that demonstrate how this might be
> done. For the service, I've been trying something along these
> lines:
>
> /StAXOMBuilder builder = *new*// StAXOMBuilder (policyFilename);/
>
> //
>
> /Policy thePolicy =
> PolicyEngine.getPolicy(builder.getDocumentElement());/
>
> //
>
> /ConfigurationContext ctx =
> ConfigurationContextFactory.createConfigurationContextFromFileSystem(
>  Constants.getAxisRepository(), Constants.getAxisConfigFile());/
>
> //
>
> /ctx.getAxisConfiguration().getPolicyInclude().setPolicy(thePolicy);/
>
>
> //
>
> /System.out//.println ("Policy set to: " +
> ctx.getAxisConfiguration().getPolicyInclude().getPolicy().getId()
> );/
>
> ...
>
>
> The setPolicy() call appears to change the policy object in the
> axis configuration, at least getID() returns the new policy ID.
> However, SOAPMonitor shows that service responses do not contain
> any of the policy-required elements, e.g., timestamps or
> signatures. The Axis2 admin page reports that both the addressing
> and rampart modules are enabled for this service...
>
> I've tried variations to the above where I use applyPolicy() in the
>  service and the operation with the same result.. Tracing through
> the code in Eclipse the rampart handler is being called but the
> service policy in the RampartMessageData is not set..
>
> Has anyone done anything like this before?
>
> Any pointers or ideas would be greatly appreciated !!
>
>
> TIA, Jackson Wynn Lead Infosec Engineer - G026 The MITRE
> Corporation Bedford, MA


- --
Sanka Samaranayake
WSO2 Inc.

http://sankas.blogspot.com/
http://www.wso2.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQFF+iiv/Hd0ETKdgNIRAv7oAJ9+KYsQ8YFy85uoCcA/8f1sE/kHaQCgheMv
6NX0oHyo3N8ASCQKBlIcIE0=
=qq4Z
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org


Mime
View raw message