axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Escamilla Mahecha <pescamil...@gmail.com>
Subject SOAP WS-Security related question
Date Fri, 13 May 2011 15:02:21 GMT
Hi, I would like to ask for some help here, right now I'm trying to develop
a client to consume a webservice which implements WS_Security so I'm using
rampart with axis2 to achieve it, but right now I'm stuck with a problem,
I'm not able to get the right header with the axis2.xml that I'm using and I
was wondering if you could tell me what am I missing, how can avoid the
binary security token to be generated for example, thanks in advance.

Expected XML:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wss="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
"
xmlns:urn="urn:swift:saa:xsd:soapha">
<soapenv:Header>
<wss:Security soapenv:actor="urn:swift:saa" wsu:Id="sec_header">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256" />
<ds:Reference URI="#body_open">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>oV54x70XzSP3CKs+Pcf2t3CvW97NhbiYsprQoIMgGYo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#key_mp">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>C87yBAp/+7T2mkK3P/491jdr1hcWKleh1SMozZ2fIsU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>GBVgmC7PcLUny7RTLXjfNELg5d4u+iJpVgufw4VbLVU=</ds:SignatureValue>
<ds:KeyInfo wsu:Id="key_mp">
<ds:KeyName>SoapMpFrom</ds:KeyName>
</ds:KeyInfo>
</ds:Signature>
</wss:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="body_open">
<urn:Open>
<urn:MessagePartnerName>SoapMpFrom</urn:MessagePartnerName>
<urn:SequenceNumberToSAA>1</urn:SequenceNumberToSAA>
<urn:WindowSize>1</urn:WindowSize>
<urn:FlowDirection>From_MessagePartner</urn:FlowDirection>
</urn:Open>
</soapenv:Body>
</soapenv:Envelope>

Actual XML:

<?xml version='1.0' encoding='UTF-8'?>
   <soapenv:Envelope xmlns:soapenv="
http://schemas.xmlsoap.org/soap/envelope/">
      <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
         <wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
            <wsse:BinarySecurityToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-9C27827243F18C2D5D13052984833551">MIICTzCCAbigAwIBAgIESy9O5zANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJMSzEQMA4GA1UECBMHV2VzdGVybjEQMA4GA1UEBxMHQ29sb21ibzEPMA0GA1UEChMGQXBhY2hlMRAwDgYDVQQLEwdSYW1wYXJ0MRYwFAYDVQQDEw1TYW1wbGUgQ2xpZW50MB4XDTA5MTIyMTEwMzMxMVoXDTM3MDUwNzEwMzMxMVowbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNoZTEQMA4GA1UECxMHUmFtcGFydDEWMBQGA1UEAxMNU2FtcGxlIENsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjBQM+kgC0Wm9hk9v4pjLSg5yK0Em2ulyDmODckWv4mZJ8YwJPVgqEIzwRiOnNBH3s+wFCw297zDsnEgDKSQrsPf1smVUOK/slyDPbqZ47Ewcs07nCPfNigncmpbcaluO3bMw9Oqj9VIYjrUHu5xCp2Fe39ZPbwOzLtAmT8b6iucCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAnjPanrVjFVkxnhsj83RJA2tK//v99KpPf3do9VUI2yEgvBZUzH3q2jk3widwEcsJMHgbRr3VTFL7dNVdCYBcI1KiBY9SMa1XZ4RIHmw7gkJt1JTgjKBzfrout2z614KixRf4w7qkDacGxkNspXG/PSlh03Lfm5sb0vzH1aqBl3g==</wsse:BinarySecurityToken>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-2">
               <ds:SignedInfo>
                  <ds:CanonicalizationMethod Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
                  <ds:SignatureMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                  <ds:Reference URI="#id-3">
                     <ds:Transforms>
                        <ds:Transform Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
                     </ds:Transforms>
                     <ds:DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1" />

 <ds:DigestValue>br11Zm6RhlkFLILOQ1i1R3KNhGA=</ds:DigestValue>
                  </ds:Reference>
               </ds:SignedInfo>

 <ds:SignatureValue>cKeONaxTBIwKsu6LDQlyd9WCDlZ4pbbiZiXovfacLP/GS9SPunMrJk7FhHMVhoVOqfJg5ErAGAaYpI+z1hKduPdj/bVOqil2DRH0Y9nuU/uqVPK4Gn8MEU8l7mSQfiYojWX87y4GpbugA80qgPrI1z9lDtAWkXu5/NHBZ4pWiok=</ds:SignatureValue>
               <ds:KeyInfo Id="KeyId-9C27827243F18C2D5D13052984833702">
                  <wsse:SecurityTokenReference xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-9C27827243F18C2D5D13052984833703">
                     <wsse:Reference
URI="#CertId-9C27827243F18C2D5D13052984833551" ValueType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/>
                  </wsse:SecurityTokenReference>
               </ds:KeyInfo>
            </ds:Signature>
            <wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1">
               <wsu:Created>2011-05-13T14:54:43.355Z</wsu:Created>
               <wsu:Expires>2011-05-13T14:59:43.355Z</wsu:Expires>
            </wsu:Timestamp>
         </wsse:Security>
         <wsa:To>http://192.192.1.126:9185/axis2/services/soapha</wsa:To>

 <wsa:MessageID>urn:uuid:138D8D6589C56362E31305298483011</wsa:MessageID>
         <wsa:Action>urn:swift:saa:wsdl:soapha:Open</wsa:Action>
      </soapenv:Header>
      <soapenv:Body xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-3">
         <ns1:Open xmlns:ns1="urn:swift:saa:xsd:soapha">
            <ns1:MessagePartnerName>SOAInput</ns1:MessagePartnerName>
            <ns1:SequenceNumberToSAA>1</ns1:SequenceNumberToSAA>
            <ns1:WindowSize>1</ns1:WindowSize>
            <ns1:FlowDirection>From_MessagePartner</ns1:FlowDirection>
         </ns1:Open>
      </soapenv:Body>
   </soapenv:Envelope>

Axis2.xml:

<axisconfig name="AxisJava2.0">
    <module ref="rampart" />

    <parameter name="OutflowSecurity">
      <action>
        <items>Timestamp Signature</items>
        <user>client</user>

<passwordCallbackClass>org.apache.rampart.samples.sample07.PWCBHandler</passwordCallbackClass>
        <signaturePropFile>client.properties</signaturePropFile>
        <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
      </action>
    </parameter>

    <parameter name="InflowSecurity">
      <action>
        <items>Timestamp Signature</items>

<passwordCallbackClass>org.apache.rampart.samples.sample07.PWCBHandler</passwordCallbackClass>
        <signaturePropFile>client.properties</signaturePropFile>
      </action>
    </parameter>
    <parameter name="hotdeployment">true</parameter>
    <parameter name="hotupdate">false</parameter>
    <parameter name="enableMTOM">false</parameter>
    <parameter name="enableSwA">false</parameter>
    <parameter name="ConfigContextTimeoutInterval">30000</parameter>
    <parameter name="sendStacktraceDetailsWithFaults">false</parameter>
    <parameter name="DrillDownToRootCauseForFaultReason">false</parameter>
    <parameter name="userName">admin</parameter>
    <parameter name="password">axis2</parameter>
    <parameter name="disableREST" locked="true">false</parameter>
    <parameter name="disableSOAP12" locked="true">false</parameter>
    <deployer extension=".class" directory="pojo"
class="org.apache.axis2.deployment.POJODeployer"/>
     <messageReceivers>
        <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"

 class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
        <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"

 class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
        <messageReceiver mep="http://www.w3.org/2006/01/wsdl/in-only"

 class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
        <messageReceiver mep="http://www.w3.org/2006/01/wsdl/in-out"

 class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
    </messageReceivers>
    <messageFormatters>
        <messageFormatter contentType="application/x-www-form-urlencoded"

 class="org.apache.axis2.transport.http.XFormURLEncodedFormatter"/>
        <messageFormatter contentType="multipart/form-data"

 class="org.apache.axis2.transport.http.MultipartFormDataFormatter"/>
        <messageFormatter contentType="application/xml"

 class="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
        <messageFormatter contentType="text/xml"

 class="org.apache.axis2.transport.http.SOAPMessageFormatter"/>
        <messageFormatter contentType="application/soap+xml"

 class="org.apache.axis2.transport.http.SOAPMessageFormatter"/>
    </messageFormatters>
    <messageBuilders>
        <messageBuilder contentType="application/xml"

 class="org.apache.axis2.builder.ApplicationXMLBuilder"/>
        <messageBuilder contentType="application/xml"

 class="org.apache.axis2.builder.ApplicationXMLBuilder"/>
        <messageBuilder contentType="application/x-www-form-urlencoded"

 class="org.apache.axis2.builder.XFormURLEncodedBuilder"/>
        <messageBuilder contentType="multipart/form-data"

 class="org.apache.axis2.builder.MultipartFormDataBuilder"/>
    </messageBuilders>
    <transportReceiver name="http"

 class="org.apache.axis2.transport.http.SimpleHTTPServer">
        <parameter name="port">8080</parameter>
    </transportReceiver>
    <transportSender name="http"

 class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
        <parameter name="PROTOCOL">HTTP/1.1</parameter>
        <parameter name="Transfer-Encoding">chunked</parameter>
    </transportSender>
    <transportSender name="https"

 class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
        <parameter name="PROTOCOL">HTTP/1.1</parameter>
        <parameter name="Transfer-Encoding">chunked</parameter>
    </transportSender>
    <transportSender name="java"

 class="org.apache.axis2.transport.java.JavaTransportSender"/>
    <module ref="addressing"/>
    <phaseOrder type="InFlow">
        <phase name="Transport">
            <handler name="RequestURIBasedDispatcher"

 class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher">
                <order phase="Transport"/>
            </handler>
            <handler name="SOAPActionBasedDispatcher"

 class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher">
                <order phase="Transport"/>
            </handler>
        </phase>
        <phase name="Addressing">
             <handler name="AddressingBasedDispatcher"

 class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                 <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch"
class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"

 class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"

 class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"

 class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"

 class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>

            <handler name="HTTPLocationBasedDispatcher"

 class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <phase name="OperationInPhase"/>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFlow">
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutPhase"/>
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
    <phaseOrder type="InFaultFlow">
        <phase name="Addressing">
             <handler name="AddressingBasedDispatcher"

 class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                 <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch"
class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"

 class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"

 class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"

 class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"

 class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>

            <handler name="HTTPLocationBasedDispatcher"

 class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <phase name="OperationInFaultPhase"/>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFaultFlow">
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutFaultPhase"/>
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
</axisconfig>

Mime
View raw message