axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <mgai...@hotmail.com>
Subject RE: No headers in response
Date Fri, 28 Sep 2012 21:27:48 GMT

Yes..I always hardcoded those values in the descriptor...but the maven-mar-plugin should reconfigure
axis2.xml to include  <module ref="addressing"/> 
and any associated module specific parameters

cross posting to maven-users

feel free to go ahead and post your question
Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.


From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: RE: No headers in response
Date: Fri, 28 Sep 2012 14:40:14 -0400


Martin, I’ll take a look at the Rampart checks but I am also having a problem with no ws-addressing
in the response and that’s in Axis2 which I can’t get loaded because of maven problems.
I do see success in the older versions (1.5.1). Brian From: Martin Gainty [mailto:mgainty@hotmail.com]

Sent: Friday, September 28, 2012 10:30 AM
To: java-dev@axis.apache.org
Subject: RE: No headers in response these are the (secure) headers that are supported by xmlsoap
securitypolicy
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy

if you dont see the secure header defined in this xsd then Rampart (or any other securitypolicy
implementor) does'nt implement it
Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié.
Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire
informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement
obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation,
nous ne pouvons accepter aucune responsabilité pour le contenu fourni.

From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: RE: No headers in response
Date: Fri, 28 Sep 2012 04:42:48 -0400Martin, This looks like client side testing. I have no
problem on the client. It’s my service whose response has no headers. The client is much
easier to deal with as one tends to use code and for that there is great help from Eclipse
and javadoc. The service, on the other hand, one usually has to use xml to control all behaviors
and that is very difficult (difficult in the sense one has no idea what, for example, the
possible parameters, elements, attributes, etc. are and what they do…and no help from Eclipse
like there is with code). Brian From: Martin Gainty [mailto:mgainty@hotmail.com] 
Sent: Thursday, September 27, 2012 10:59 PM
To: java-dev@axis.apache.org
Subject: RE: No headers in response try it like this
         MessageContext ctx = getMsgCtx12();

//none of these tests contain mustUnderstand attribute so we will need to reconstruct our
mustUnderstand later on
        String policyXml = "test-resources/policy/rampart-asymm-binding-6-3des-r15.xml";
        Policy policy = loadPolicy(policyXml);

        ctx.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);

        MessageBuilder builder = new MessageBuilder();
        builder.build(ctx);

        // Building the SOAP envelope from the OMElement
        buildSOAPEnvelope(ctx);

        RampartEngine engine = new RampartEngine();
        List<org.apache.ws.security.WSSecurityEngineResult> results = engine.process(ctx);

MG>notice that inside org.apache.rampart.MessageBuilder we have RampartMessageData build()
method *which has access to the security Headers*

  public void build(MessageContext msgCtx) throws WSSPolicyException,
            RampartException, WSSecurityException, AxisFault {
        Axis2Util.useDOOM(true);
        RampartMessageData rmd = new RampartMessageData(msgCtx, true);
        
        
        RampartPolicyData rpd = rmd.getPolicyData();
        if(rpd == null || isSecurityValidationFault(msgCtx) || 
                !RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false)) {
            
            Document doc = rmd.getDocument();
            WSSecHeader secHeader = rmd.getSecHeader();
MG>start mods...         check here to make sure mustUnderstand is turned  on 
           if(secHeader!=null) && (secHeader.getMustUnderstand()==true)
           {
MG>normal
           }
           else
{
MG>remove the bad one ,reconstruct WSSecHeader and add to RampartMessageData
            if ( secHeader != null ) {
                secHeader.removeSecurityHeader(doc);
            }
           secHeader = new WSSecHeader("actor",true);
           rmd.setSecHeader(secHeader);    
      }
MG>end mods MG

            return;
        }
        
        //Copy the RECV_RESULTS if available
        if(!rmd.isInitiator()) {
            OperationContext opCtx = msgCtx.getOperationContext();
            MessageContext inMsgCtx;
            if(opCtx != null && 
                    (inMsgCtx = opCtx.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE))
!= null) {
                msgCtx.setProperty(WSHandlerConstants.RECV_RESULTS, 
                        inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
            }
        }
        
        
        String isCancelreq = (String)msgCtx.getProperty(RampartMessageData.CANCEL_REQUEST);
        if(isCancelreq != null && Constants.VALUE_TRUE.equals(isCancelreq)) {
            try {
                
                String cancelAction = TrustUtil.getWSTNamespace(rmd.getWstVersion()) + RahasConstants.RST_ACTION_CANCEL_SCT;
                //Set action
                msgCtx.getOptions().setAction(cancelAction);
                
                //Change the wsa:Action header
                String wsaNs = Final.WSA_NAMESPACE;
                Object addressingVersionFromCurrentMsgCtxt = msgCtx.getProperty(AddressingConstants.WS_ADDRESSING_VERSION);
                if (Submission.WSA_NAMESPACE.equals(addressingVersionFromCurrentMsgCtxt))
{
                    wsaNs = Submission.WSA_NAMESPACE;
                }
                OMElement header = msgCtx.getEnvelope().getHeader();
                if(header != null) {
                    OMElement actionElem = header.getFirstChildWithName(new QName(wsaNs, AddressingConstants.WSA_ACTION));
                    if(actionElem != null) {
                        actionElem.setText(cancelAction);
                    }
                }
                
                //set payload to a cancel request
                String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);
                String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);
                
                if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) {
                    OMElement bodyElem = msgCtx.getEnvelope().getBody();
                    OMElement child = bodyElem.getFirstElement();
                    SecurityContextToken sct = new SecurityContextToken(
                            (Element) rmd.getTokenStorage().getToken(tokenId)
                                    .getToken());
                    OMElement newChild = TrustUtil.createCancelRequest(sct
                            .getIdentifier(), rmd.getWstVersion());
                    Element newDomChild = XMLUtils.toDOM(newChild);
                    Node importedNode = rmd.getDocument().importNode((Element) newDomChild,
true);
                    ((Element) bodyElem).replaceChild(importedNode, (Element) child);
                } else {
                    throw new RampartException("tokenToBeCancelledInvalid");
                }
                
            } catch (Exception e) {
                e.printStackTrace();
                throw new RampartException("errorInTokenCancellation");
            }
        }
        
       if(rpd.isTransportBinding()) {
           log.debug("Building transport binding");
           TransportBindingBuilder building = new TransportBindingBuilder();
           building.build(rmd);
        } else if(rpd.isSymmetricBinding()) {
           log.debug("Building SymmetricBinding");
           SymmetricBindingBuilder builder = new SymmetricBindingBuilder();
           builder.build(rmd);
        } else {
            AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder();
            builder.build(rmd);
        }
       
       //TODO remove following check, we don't need this check here as we do a check to see
whether 
       // security header required 
       
       Document doc = rmd.getDocument();
       WSSecHeader secHeader = rmd.getSecHeader();
       
       if ( secHeader != null && secHeader.isEmpty(doc) ) {
           secHeader.removeSecurityHeader(doc);
       }
        got

       /*
        * Checking whether MTOMSerializable is there. If so set optimizeElement.
        * */
        if(rpd.isMTOMSerialize()){
            msgCtx.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
            OptimizePartsConfig config= rpd.getOptimizePartsConfig();
            if(config != null){
                MessageOptimizer.optimize(msgCtx.getEnvelope(), config.getExpressions(), config.getNamespaces());
            }
        }
    }
//end RampartMessageData build method

// download wss4j and and make mod to low access to mustunderstand
// http://ws.apache.org/wss4j/source-repository.html
public class WSSecHeader {
    private String actor = null;

    private boolean mustunderstand = true;
//accessor that werner forgot
    public boolean getMustUnderstand() { return this.mustunderstand; }
...
}
compile and package with maven pom.xml

Martin Gainty 
______________________________________________ 
Jogi és Bizalmassági kinyilatkoztatás/Verzicht und Vertraulichkeitanmerkung/Note de déni
et de confidentialité Ez az üzenet bizalmas.  Ha nem ön az akinek szánva volt, akkor kérjük,
hogy jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának készítése
nem megengedett.  Ez az üzenet csak ismeret cserét szolgál és semmiféle jogi alkalmazhatósága
sincs.  Mivel az electronikus üzenetek könnyen megváltoztathatóak, ezért minket semmi
felelöség nem terhelhet ezen üzenet tartalma miatt.

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié.
Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire
informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement
obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation,
nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: RE: No headers in response
Date: Thu, 27 Sep 2012 19:11:27 -0400Martin, I tried that as well and the response still came
back with no headers. Somehow the STS service manages to get a header in the response (missing
must understand in the addressing); but it’s a start.  Brian From: Martin Gainty [mailto:mgainty@hotmail.com]

Sent: Thursday, September 27, 2012 9:30 AM
To: java-dev@axis.apache.org
Subject: RE: No headers in response Hi Brian
i'll take the last question.. from axis2.xml i assume you have included optional Headers
axis2.xml contains:
 <moduleConfig name="addressing">
        <parameter name="includeOptionalHeaders">true</parameter>
    </moduleConfig>

run this test where
axis2-IncludeOptionalHeadersTrue.xml contains

<axisconfig name="AxisJava2.0">
    <!-- Comment this to disable Addressing -->
    <module ref="addressing"/>

    <!--Configuring module , providing parameters for modules whether they refer or not-->
    <moduleConfig name="addressing">
        <parameter name="includeOptionalHeaders">true</parameter>
    </moduleConfig>
    
    <!-- ================================================= -->
    <!-- Phases  -->
    <!-- ================================================= -->
    <phaseOrder type="InFlow">
        <!--  System predefined phases       -->
        <phase name="Transport">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher">
                <order phase="Transport"/>
            </handler>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher">
                <order phase="Transport"/>
            </handler>
        </phase>
        <phase name="Addressing">
            <handler name="AddressingBasedDispatcher"
                     class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
            <handler name="HTTPLocationBasedDispatcher"
                     class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
            <handler name="GenericProviderDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/>
            <handler name="MustUnderstandValidationDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <!--  System predefined phases       -->
        <!--   After Postdispatch phase module author or service author can add any phase
he want      -->
        <phase name="OperationInPhase">
            <handler name="MustUnderstandChecker"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandChecker">
                <order phase="OperationInPhase"/>
            </handler>
        </phase>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFlow">
        <!--      user can add his own phases to this area  -->
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutPhase"/>
        <!--system predefined phase-->
        <!--these phase will run irrespective of the service-->
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
    <phaseOrder type="InFaultFlow">
        <phase name="Addressing">
            <handler name="AddressingBasedDispatcher"
                     class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
                <order phase="Addressing"/>
            </handler>
        </phase>
        <phase name="Security"/>
        <phase name="PreDispatch"/>
        <phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
            <handler name="RequestURIBasedDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
            <handler name="SOAPActionBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
            <handler name="RequestURIOperationDispatcher"
                     class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
            <handler name="SOAPMessageBodyBasedDispatcher"
                     class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
            <handler name="HTTPLocationBasedDispatcher"
                     class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
            <handler name="GenericProviderDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.GenericProviderDispatcher"/>
            <handler name="MustUnderstandValidationDispatcher"
                     class="org.apache.axis2.jaxws.dispatchers.MustUnderstandValidationDispatcher"/>
        </phase>
        <phase name="RMPhase"/>
        <!--      user can add his own phases to this area  -->
        <phase name="OperationInFaultPhase"/>
        <phase name="soapmonitorPhase"/>
    </phaseOrder>
    <phaseOrder type="OutFaultFlow">
        <!--      user can add his own phases to this area  -->
        <phase name="soapmonitorPhase"/>
        <phase name="OperationOutFaultPhase"/>
        <phase name="RMPhase"/>
        <phase name="PolicyDetermination"/>
        <phase name="MessageOut"/>
        <phase name="Security"/>
    </phaseOrder>
</axisconfig>

//now run the TestCase org.apache.axis2.handlers.addressing.AddressingOutHandlerTest.java:
        java.io.File configFile = new java.io.File(System.getProperty("basedir",".") + "/test-resources/axis2-IncludeOptionalHeadersTrue.xml");
        org.apache.axis2.context.ConfigurationContext cfgCtx =org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContextFromFileSystem("target/test-classes",configFile.getAbsolutePath());
//<parameter name="includeOptionalHeaders">true</parameter> in addressing module
should now be true

        msgCtxt = cfgCtx.createMessageContext();
        msgCtxt.setEnvelope(OMAbstractFactory.getSOAP11Factory().getDefaultEnvelope());
        msgCtxt.setTo(new EndpointReference("http://www.to.org/service/"));
        msgCtxt.setFrom(new EndpointReference("http://www.from.org/service/"));
        msgCtxt.setReplyTo(new EndpointReference("http://www.replyTo.org/service/"));
        msgCtxt.setFaultTo(new EndpointReference("http://www.faultTo.org/service/"));
        msgCtxt.setWSAAction("http://www.actions.org/action");
        msgCtxt.setMessageID("123456-7890");
        msgCtxt.addRelatesTo(new RelatesTo("http://www.relatesTo.org/service/"));
        msgCtxt.setProperty(WS_ADDRESSING_VERSION, Final.WSA_NAMESPACE);        
        outHandler.invoke(msgCtxt);
        org.custommonkey.xmlunit.XMLUnit.setIgnoreWhitespace(true);
        assertXMLEqual(msgCtxt.getEnvelope().toString(), org.apache.axis2.handlers.util.TestUtil.getOMBuilder("withOptionalHeadersTest.xml").getDocumentElement().toString());
  

//msgCtxt.getEnvelope().toString() should be IDENTICAL to contents of withOptionalHeadersTest.xml
shown here
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
        <wsa:To>http://www.to.org/service/</wsa:To>
        <wsa:From><wsa:Address>http://www.from.org/service/</wsa:Address></wsa:From>
        <wsa:ReplyTo><wsa:Address>http://www.replyTo.org/service/</wsa:Address></wsa:ReplyTo>
        <wsa:FaultTo><wsa:Address>http://www.faultTo.org/service/</wsa:Address></wsa:FaultTo>
        <wsa:Action>http://www.actions.org/action</wsa:Action>
        <wsa:MessageID>123456-7890</wsa:MessageID>
        <wsa:RelatesTo RelationshipType="http://www.w3.org/2005/08/addressing/reply">http://www.relatesTo.org/service/</wsa:RelatesTo>
    </soapenv:Header>
    <soapenv:Body />
</soapenv:Envelope>

is this not the case?
Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.Ce message est confidentiel et peut être privilégié.
Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire
informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement
obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation,
nous ne pouvons accepter aucune responsabilité pour le contenu fourni. From: brianreinhold@lampreynetworks.com
To: java-dev@axis.apache.org
Subject: No headers in response
Date: Thu, 27 Sep 2012 07:35:07 -0400 I am re-opening a question I saw no answer to asked
in this forum quite a while  ago. In the STS service requesting a SMAL20 token the response
is okay.But in the service that needs to have the SAML20 token, the response has no headers
at all. This is in spite of the must understand setting in the client headers in both the
addressing and security part. Everything is 1.6.2; rampart, axis2, and axiom is 1.2.14.  Adding
the <parameter name="includeOptionalHeaders">true</parameter> in the service.xml
does not help (though that is what I used programmatically on the client side to generate
the correct addressing headers).Is this a bug or what am I doing wrong in the configuration?
Thanks, Brian ReinholdNo virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in
this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in
this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5294 - Release Date: 09/27/12No virus found in
this message.
Checked by AVG - www.avg.com
Version: 2012.0.2221 / Virus Database: 2441/5295 - Release Date: 09/27/12 		 	   		  
Mime
View raw message