axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ruchith Fernando" <ruchith.ferna...@gmail.com>
Subject Re: [Axis2] WS-Security: Security module isn't doing anything
Date Tue, 23 May 2006 15:27:40 GMT
Hi,

Did you specify the location of the axis2.xml file when you created
the service client or the Stub?

OR

Did you provide the location of the axis2.xml file in the VM argument
named "axis2.xml" (Example: -Daxis2.xml=/path/to/axis2.xml) ?

Thanks,
Ruchith

On 5/23/06, Kar, Sagar (Genworth, Contractor) <Sagar.Kar@genworth.com> wrote:
> Hi,
>
> I am trying to use Axis2 to invoke a secured web service deployed on a
> websphere appserver v 6.0.
> I am a newbie to WS-Security and Axis2.
> The websphere service is working fine and I can hit it with a websphere
> client.
> I just want to configure axis2 so that the rampart module starts to
> create the required security headers.
> The problem is that rampart is not doing anything ..... And I am unable
> to figure out how do I ask it to start generating the headers. Its not
> even throwing up so I don't know if its configured properly or not.
> Do I need to add something in  <phaseOrder type="outflow"> that would
> start it up.
>
>
> Following is my axis2.xml and sec.properties. If the values are
> incorrect then isn't the rampart module supposed to throw some
> exceptions?
> -------------------------------------Axis2.xml--------------------------
> ----------------
> <axisconfig name="AxisJava2.0">
>
>     <!-- Engage the addressing module -->
>     <module ref="addressing"/>
>
>     <!-- Engage the security module -->
>     <module ref="rampart"/>
>
>     <!-- Test with addressing and MTOM: Client's Configuration:START-->
>
>     <parameter name="OutflowSecurity">
>       <action>
>         <items>Timestamp Signature Encrypt</items>
>         <user>esb</user>
>         <passwordCallbackClass>test.PWCallback</passwordCallbackClass>
>         <signaturePropFile>sec.properties</signaturePropFile>
>         <signatureKeyIdentifier>KeyIdentifier</signatureKeyIdentifier>
>
> <signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Eleme
> nt}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://www.w3
> .org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/w
> ss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signat
> ureParts>
>
> <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</op
> timizeParts>
>       </action>
>     </parameter>
>
>     <parameter name="InflowSecurity">
>       <action>
>         <items>Timestamp Signature Encrypt</items>
>
> <passwordCallbackClass>sample.security.PWCallback</passwordCallbackClass
> >
>         <signaturePropFile>sec.properties</signaturePropFile>
>       </action>
>     </parameter>
>
>     <!-- Test with addressing and MTOM: Client's Configuration:END-->
>
>     <!-- ================================================= -->
>     <!-- Parameters -->
>     <!-- ================================================= -->
>     <parameter name="hotdeployment" locked="false">true</parameter>
>     <parameter name="hotupdate" locked="false">false</parameter>
>     <parameter name="enableMTOM" locked="false">true</parameter>
>     <!-- Uncomment this to enable REST support -->
>     <!--    <parameter name="enableREST"
> locked="false">true</parameter>-->
>
>
>     <parameter name="userName" locked="false">admin</parameter>
>     <parameter name="password" locked="false">axis2</parameter>
>
>     <!-- ================================================= -->
>     <!-- Message Receivers -->
>     <!-- ================================================= -->
>     <!--This is the Deafult Message Receiver for the system , if you
> want to have MessageReceivers for -->
>     <!--all the other MEP implement it and add the correct entry to here
> , so that you can refer from-->
>     <!--any operation -->
>     <!--Note : You can ovride this for particular service by adding the
> same element with your requirement-->
>     <messageReceivers>
>         <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"
>
> class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
>         <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"
>
> class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
>     </messageReceivers>
>     <!-- ================================================= -->
>     <!-- Transport Ins -->
>     <!-- ================================================= -->
>     <transportReceiver name="http"
>
> class="org.apache.axis2.transport.http.SimpleHTTPServer">
>         <parameter name="port" locked="false">6060</parameter>
>         <!--If you want to give your own host address for EPR
> generation-->
>         <!--uncommet following paramter , and set as you required.-->
>         <!--<parameter name="hostname"
> locked="false">http://myApp.com/ws</parameter>-->
>     </transportReceiver>
>
>     <transportReceiver name="tcp"
>                        class="org.apache.axis2.transport.tcp.TCPServer">
>         <parameter name="port" locked="false">6061</parameter>
>         <!--If you want to give your own host address for EPR
> generation-->
>         <!--uncommet following paramter , and set as you required.-->
>         <!--<parameter name="hostname"
> locked="false">tcp://myApp.com/ws</parameter>-->
>     </transportReceiver>
>
>     <!-- ================================================= -->
>     <!-- Transport Outs -->
>     <!-- ================================================= -->
>
>     <transportSender name="tcp"
>
> class="org.apache.axis2.transport.tcp.TCPTransportSender"/>
>     <transportSender name="local"
>
> class="org.apache.axis2.transport.local.LocalTransportSender"/>
>     <transportSender name="jms"
>                      class="org.apache.axis2.transport.jms.JMSSender"/>
>     <transportSender name="http"
>
> class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
>         <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>         <parameter name="Transfer-Encoding"
> locked="false">chunked</parameter>
>     </transportSender>
>     <transportSender name="https"
>
> class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
>         <parameter name="PROTOCOL" locked="false">HTTP/1.1</parameter>
>         <parameter name="Transfer-Encoding"
> locked="false">chunked</parameter>
>     </transportSender>
>
>     <!-- ================================================= -->
>     <!-- Phases  -->
>     <!-- ================================================= -->
>     <phaseOrder type="inflow">
>         <!--  System pre defined phases       -->
>          <phase name="Transport">
>             <handler name="RequestURIBasedDispatcher"
>
> class="org.apache.axis2.engine.RequestURIBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>             <handler name="SOAPActionBasedDispatcher"
>
> class="org.apache.axis2.engine.SOAPActionBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>         </phase>
>         <phase name="Security"/>
>         <phase name="PreDispatch"/>
>         <phase name="Dispatch"
> class="org.apache.axis2.engine.DispatchPhase">
>             <handler name="AddressingBasedDispatcher"
>
> class="org.apache.axis2.engine.AddressingBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>
>             <handler name="SOAPMessageBodyBasedDispatcher"
>
> class="org.apache.axis2.engine.SOAPMessageBodyBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>             <handler name="InstanceDispatcher"
>                      class="org.apache.axis2.engine.InstanceDispatcher">
>                 <order phase="PostDispatch"/>
>             </handler>
>         </phase>
>         <!--  System pre defined phases       -->
>         <!--   After Postdispatch phase module author or or service
> author can add any phase he want      -->
>         <phase name="OperationInPhase"/>
>     </phaseOrder>
>     <phaseOrder type="outflow">
>         <!--      user can add his own phases to this area  -->
>         <phase name="OperationOutPhase"/>
>         <!--system predefined phase-->
>         <!--these phase will run irrespective of the service-->
>         <phase name="PolicyDetermination"/>
>         <phase name="MessageOut"/>
>     </phaseOrder>
>     <phaseOrder type="INfaultflow">
>         <phase name="PreDispatch"/>
>         <phase name="Dispatch"
> class="org.apache.axis2.engine.DispatchPhase">
>             <handler name="RequestURIBasedDispatcher"
>
> class="org.apache.axis2.engine.RequestURIBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>
>             <handler name="SOAPActionBasedDispatcher"
>
> class="org.apache.axis2.engine.SOAPActionBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>
>             <handler name="AddressingBasedDispatcher"
>
> class="org.apache.axis2.engine.AddressingBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>
>             <handler name="SOAPMessageBodyBasedDispatcher"
>
> class="org.apache.axis2.engine.SOAPMessageBodyBasedDispatcher">
>                 <order phase="Dispatch"/>
>             </handler>
>             <handler name="InstanceDispatcher"
>                      class="org.apache.axis2.engine.InstanceDispatcher">
>                 <order phase="PostDispatch"/>
>             </handler>
>         </phase>
>         <!--      user can add his own phases to this area  -->
>         <phase name="OperationInFaultPhase"/>
>     </phaseOrder>
>     <phaseOrder type="Outfaultflow">
>         <!--      user can add his own phases to this area  -->
>         <phase name="OperationOutFaultPhase"/>
>         <phase name="PolicyDetermination"/>
>         <phase name="MessageOut"/>
>     </phaseOrder>
>     </axisconfig>
> ------------------------------------------------sec.properties----------
> ----------------
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components
> .crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=clientstore
> org.apache.ws.security.crypto.merlin.file=D:\security\esb_test\clientsto
> re.jks
>
>
>
> Thanks and regards,
> Sagar Kar
> Patni Computer Systems Inc.
> ' 434-845-0911 Ext. 4724
> Visit us at: http://www.patni.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message