axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <mgai...@hotmail.com>
Subject RE: No headers in response
Date Fri, 28 Sep 2012 02:58:33 GMT

try it like this

         MessageContext ctx = getMsgCtx12();



//none of these tests contain mustUnderstand attribute so we will need to reconstruct our
mustUnderstand later on

        String policyXml = "test-resources/policy/rampart-asymm-binding-6-3des-r15.xml";

        Policy policy = loadPolicy(policyXml);



        ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);



        MessageBuilder builder = new MessageBuilder();

        builder.build(ctx);



        // Building the SOAP envelope from the OMElement

        buildSOAPEnvelope(ctx);



        RampartEngine engine = new RampartEngine();

        List<org.apache.ws.security.WSSecurityEngineResult> results = engine.process(ctx);


MG>notice that inside org.apache.rampart.MessageBuilder we have 
RampartMessageData build() method *which has access to the security 
Headers*



  public void build(MessageContext msgCtx) throws WSSPolicyException,

            RampartException, WSSecurityException, AxisFault {

        Axis2Util.useDOOM(true);

        RampartMessageData rmd = new RampartMessageData(msgCtx, true);

        

        

        RampartPolicyData rpd = rmd.getPolicyData();

        if(rpd == null || isSecurityValidationFault(msgCtx) || 

                !RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false)) {

            

            Document doc = rmd.getDocument();

            WSSecHeader secHeader = rmd.getSecHeader();

MG>start mods...         check here to make sure mustUnderstand is turned  on 

           if(secHeader!=null) && (secHeader.getMustUnderstand()==true)

           {

MG>normal

           }

           else

{

MG>remove the bad one ,reconstruct WSSecHeader and add to RampartMessageData

            if ( secHeader != null ) {

                secHeader.removeSecurityHeader(doc);

            }

           secHeader = new WSSecHeader("actor",true);

           rmd.setSecHeader(secHeader);    

      }

MG>end mods MG



            return;

        }

        

        //Copy the RECV_RESULTS if available

        if(!rmd.isInitiator()) {

            OperationContext opCtx = msgCtx.getOperationContext();

            MessageContext inMsgCtx;

            if(opCtx != null && 

                    (inMsgCtx = opCtx.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE))
!= null) {

                msgCtx.setProperty(WSHandlerConstants.RECV_RESULTS, 

                        inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));

            }

        }

        

        

        String isCancelreq = (String)msgCtx.getProperty(RampartMessageData.CANCEL_REQUEST);

        if(isCancelreq != null && Constants.VALUE_TRUE.equals(isCancelreq)) {

            try {

                

                String cancelAction = TrustUtil.getWSTNamespace(rmd.getWstVersion()) + RahasConstants.RST_ACTION_CANCEL_SCT;

                //Set action

                msgCtx.getOptions().setAction(cancelAction);

                

                //Change the wsa:Action header

                String wsaNs = Final.WSA_NAMESPACE;

                Object addressingVersionFromCurrentMsgCtxt = msgCtx.getProperty(AddressingConstants.WS_ADDRESSING_VERSION);

                if (Submission.WSA_NAMESPACE.equals(addressingVersionFromCurrentMsgCtxt))
{

                    wsaNs = Submission.WSA_NAMESPACE;

                }

                OMElement header = msgCtx.getEnvelope().getHeader();

                if(header != null) {

                    OMElement actionElem = header.getFirstChildWithName(new QName(wsaNs, AddressingConstants.WSA_ACTION));

                    if(actionElem != null) {

                        actionElem.setText(cancelAction);

                    }

                }

                

                //set payload to a cancel request

                String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);

                String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);

                

                if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) {

                    OMElement bodyElem = msgCtx.getEnvelope().getBody();

                    OMElement child = bodyElem.getFirstElement();

                    SecurityContextToken sct = new SecurityContextToken(

                            (Element) rmd.getTokenStorage().getToken(tokenId)

                                    .getToken());

                    OMElement newChild = TrustUtil.createCancelRequest(sct

                            .getIdentifier(), rmd.getWstVersion());

                    Element newDomChild = XMLUtils.toDOM(newChild);

                    Node importedNode = rmd.getDocument().importNode((Element) newDomChild,
true);

                    ((Element) bodyElem).replaceChild(importedNode, (Element) child);

                } else {

                    throw new RampartException("tokenToBeCancelledInvalid");

                }

                

            } catch (Exception e) {

                e.printStackTrace();

                throw new RampartException("errorInTokenCancellation");

            }

        }

        

       if(rpd.isTransportBinding()) {

           log.debug("Building transport binding");

           TransportBindingBuilder building = new TransportBindingBuilder();

           building.build(rmd);

        } else if(rpd.isSymmetricBinding()) {

           log.debug("Building SymmetricBinding");

           SymmetricBindingBuilder builder = new SymmetricBindingBuilder();

           builder.build(rmd);

        } else {

            AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder();

            builder.build(rmd);

        }

       

       //TODO remove following check, we don't need this check here as we do a check to see
whether 

       // security header required 

       

       Document doc = rmd.getDocument();

       WSSecHeader secHeader = rmd.getSecHeader();

       

       if ( secHeader != null && secHeader.isEmpty(doc) ) {

           secHeader.removeSecurityHeader(doc);

       }

        got



       /*

        * Checking whether MTOMSerializable is there. If so set optimizeElement.

        * */

        if(rpd.isMTOMSerialize()){

            msgCtx.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);

            OptimizePartsConfig config= rpd.getOptimizePartsConfig();

            if(config != null){

                MessageOptimizer.optimize(msgCtx.getEnvelope(), config.getExpressions(), config.getNamespaces());

            }

        }

    }

//end RampartMessageData build method



// download wss4j and and make mod to low access to mustunderstand

// http://ws.apache.org/wss4j/source-repository.html

public class WSSecHeader {

    private String actor = null;



    private boolean mustunderstand = true;

//accessor that werner forgot

    public boolean getMustUnderstand() { return this.mustunderstand; }

...

}

compile and package with maven pom.xml


Martin Gainty 
______________________________________________ 
Jogi és Bizalmassági kinyilatkoztatás/Verzicht und Vertraulichkeitanmerkung/Note de déni
et de confidentialité
 Ez az
üzenet bizalmas.  Ha nem ön az akinek szánva volt, akkor kérjük, hogy
jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának
készítése nem megengedett.  Ez az üzenet csak ismeret cserét szolgál és
semmiféle jogi alkalmazhatósága sincs.  Mivel az electronikus üzenetek
könnyen megváltoztathatóak, ezért minket semmi felelöség nem terhelhet
ezen üzenet tartalma miatt.

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.


From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: RE: No headers in response
Date: Thu, 27 Sep 2012 19:11:27 -0400


Martin, I tried that as well and the response still came back with no headers. Somehow the
STS service manages to get a header in the response (missing must understand in the addressing);
but it’s a start.  Brian From: Martin Gainty [mailto:mgainty@hotmail.com] 
Sent: Thursday, September 27, 2012 9:30 AM
To: java-dev@axis.apache.org
Subject: RE: No headers in response Hi Brian
i'll take the last question.. from axis2.xml i assume you have included optional Headers
axis2.xml contains:
 <moduleConfig name="addressing">
        <parameter name="includeOptionalHeaders">true</parameter>
    </moduleConfig>

run this test where
axis2-IncludeOptionalHeadersTrue.xml contains

<axisconfig name="AxisJava2.0">
    <!-- Comment this to disable Addressing -->
    <module ref="addressing"/>

    <!--Configuring module , providing parameters for modules whether they refer or not-->
    <moduleConfig name="addressing">
        <parameter name="includeOptionalHeaders">true</parameter>
    </moduleConfig>
    
    <!-- ================================================= -->
    <!-- Phases  -->
    <!-- ================================================= -->
    <phaseOrder type="InFlow">
        <!--  System predefined phases       -->
        <phase name="Transport">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher">
                <order phase="Transport"/>
            </handler>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher">
                <order phase="Transport"/>
            </handler>
        </phase>
        <phase name="Addressing">
            <handler name="AddressingBasedDispatcher"
                     class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
            <handler name="HTTPLocationBasedDispatcher"
                     class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
            <handler name="GenericProviderDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/>
            <handler name="MustUnderstandValidationDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <!--  System predefined phases       -->
        <!--   After Postdispatch phase module author or service author can add any phase
he want      -->
        <phase name="OperationInPhase">
            <handler name="MustUnderstandChecker"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandChecker">
                <order phase="OperationInPhase"/>
            </handler>
        </phase>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFlow">
        <!--      user can add his own phases to this area  -->
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutPhase"/>
        <!--system predefined phase-->
        <!--these phase will run irrespective of the service-->
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
    <phaseOrder type="InFaultFlow">
        <phase name="Addressing">
            <handler name="AddressingBasedDispatcher"
                     class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
            <handler name="HTTPLocationBasedDispatcher"
                     class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
            <handler name="GenericProviderDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/>
            <handler name="MustUnderstandValidationDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <!--      user can add his own phases to this area  -->
        <phase name="OperationInFaultPhase"/>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFaultFlow">
        <!--      user can add his own phases to this area  -->
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutFaultPhase"/>
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
</axisconfig>

//now run the TestCase org.apache.axis2.handlers.addressing.AddressingOutHandlerTest.java:
        java.io.File configFile = new java.io.File(System.getProperty("basedir",".") + "/test-resources/axis2-IncludeOptionalHeadersTrue.xml");
        org.apache.axis2.context.ConfigurationContext cfgCtx =org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromFileSystem("target/test-classes",configFile.getAbsolutePath());
//<parameter name="includeOptionalHeaders">true</parameter> in addressing module
should now be true

        msgCtxt = cfgCtx.createMessageContext();
        msgCtxt.setEnvelope(OMAbstractFactory.getSOAP11Factory().getDefaultEnvelope());
        msgCtxt.setTo(new EndpointReference("http://www.to.org/service/"));
        msgCtxt.setFrom(new EndpointReference("http://www.from.org/service/"));
        msgCtxt.setReplyTo(new EndpointReference("http://www.replyTo.org/service/"));
        msgCtxt.setFaultTo(new EndpointReference("http://www.faultTo.org/service/"));
        msgCtxt.setWSAAction("http://www.actions.org/action");
        msgCtxt.setMessageID("123456-7890");
        msgCtxt.addRelatesTo(new RelatesTo("http://www.relatesTo.org/service/"));
        msgCtxt.setProperty(WS_ADDRESSING_VERSION, Final.WSA_NAMESPACE);        
        outHandler.invoke(msgCtxt);
        org.custommonkey.xmlunit.XMLUnit.setIgnoreWhitespace(true);
        assertXMLEqual(msgCtxt.getEnvelope().toString(), org.apache.axis2.handlers.util.TestUtil.getOMBuilder("withOptionalHeadersTest.xml").getDocumentElement().toString());
  

//msgCtxt.getEnvelope().toString() should be IDENTICAL to contents of withOptionalHeadersTest.xml
shown here
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsa:To>http://www.to.org/service/</wsa:To>
        <wsa:From><wsa:Address>http://www.from.org/service/</wsa:Address></wsa:From>
        <wsa:ReplyTo><wsa:Address>http://www.replyTo.org/service/</wsa:Address></wsa:ReplyTo>
        <wsa:FaultTo><wsa:Address>http://www.faultTo.org/service/</wsa:Address></wsa:FaultTo>
        <wsa:Action>http://www.actions.org/action</wsa:Action>
        <wsa:MessageID>123456-7890</wsa:MessageID>
        <wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">http://www.relatesTo.org/service/</wsa:RelatesTo>
    </soapenv:Header>
    <soapenv:Body />
</soapenv:Envelope>

is this not the case?
Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié.
Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire
informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement
obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation,
nous ne pouvons accepter aucune responsabilité pour le contenu fourni.

From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: No headers in response
Date: Thu, 27 Sep 2012 07:35:07 -0400 I am re-opening a question I saw no answer to asked
in this forum quite a while  ago. In the STS service requesting a SMAL20 token the response
is okay.But in the service that needs to have the SAML20 token, the response has no headers
at all. This is in spite of the must understand setting in the client headers in both the
addressing and security part. Everything is 1.6.2; rampart, axis2, and axiom is 1.2.14.  Adding
the <parameter name="includeOptionalHeaders">true</parameter> in the service.xml
does not help (though that is what I used programmatically on the client side to generate
the correct addressing headers).Is this a bug or what am I doing wrong in the configuration?
Thanks, Brian ReinholdNo virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in
this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12 		 	   		  
Mime
View raw message