axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tirtza Bernstein" <tirtza.bernst...@corp.idt.net>
Subject RE: Rampart signature
Date Thu, 18 Oct 2007 14:14:14 GMT
I meant 1.x.  With upgrade to axis2 rampart is necessary for client
certificates.

  _____  

From: Senthivel U S [mailto:senthivel.usilappan@uaeexchange.com] 
Sent: Thursday, October 18, 2007 4:08 PM
To: axis-user@ws.apache.org
Subject: RE: Rampart signature



Actually I am using Axis/1.3 but I have used this for signing since I could
not make it with rampart.

 

  _____  

From: Tirtza Bernstein [mailto:tirtza.bernstein@corp.idt.net] 
Sent: Thursday, October 18, 2007 6:02 PM
To: axis-user@ws.apache.org
Subject: RE: Rampart signature

 

It look slike you are using axis1.  I need a solution for axis2.

I have Rampart set up properly I just need a policy.xml which will allow me
to send a client certificate. (no encryption and no timestamp)

 

Does anyone have a policy.xml  that defines this?

 

  _____  

From: Senthivel U S [mailto:senthivel.usilappan@uaeexchange.com] 
Sent: Thursday, October 18, 2007 1:17 PM
To: axis-user@ws.apache.org
Subject: RE: Rampart signature

Hi,

 

Couple of days back I had the same problem but I could not make it using
rampart but solved the problem.  Find below the working code. I have created
the stub using wsdl with Eclipse IDE.

 

URL endPointURL = new URL("http:// ");

EngineConfiguration config = new FileProvider("client_deploy.wsdd");

Service service = new Service(config);

TestSoapStub stub = new TestSoapStub(endPointURL, service);

 

            stub._setProperty(WSHandlerConstants.ACTION,
WSHandlerConstants.SIGNATURE);

            stub._setProperty(WSHandlerConstants.SIG_PROP_FILE,
"client_crypto.properties");

            stub._setProperty(WSHandlerConstants.USER, "client");

 
stub._setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,"com.unistream.client
.ServiceSecurityHandler");

 
stub._setProperty(WSHandlerConstants.SIG_KEY_ID,"DirectReference");

 

          stub.login(userID,password);

 

client.deploy.wsdd file         (just copy the same contents)

 

<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

 <transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>

  <globalConfiguration >

   <requestFlow >

    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >

    </handler>

   </requestFlow >

  </globalConfiguration >

</deployment>

 

client_crypto.properties file  (just copy  the same contents and change the
keystore.password, keystore.alias, alias.password, merlin.file according to
ur spec)

 

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
pto.Merlin

org.apache.ws.security.crypto.merlin.keystore.type=jks

org.apache.ws.security.crypto.merlin.keystore.password=xyzabc

org.apache.ws.security.crypto.merlin.keystore.alias=client

org.apache.ws.security.crypto.merlin.alias.password= xyzabc

org.apache.ws.security.crypto.merlin.file=client.jks

 

If you find any other better solution, please let me know.

 

Regards,

 

-senthil

 

  _____  

From: Tirtza Bernstein [mailto:tirtza.bernstein@corp.idt.net] 
Sent: Wednesday, October 17, 2007 7:54 PM
To: axis-user@ws.apache.org
Subject: Rampart signature

 

I am using Axis2-1.3 and Rampart 1.3.

I am the client and my requests need to be signed.

 

My axis.client.xml includes the following

 

 <module ref="rampart" />

 

 <parameter name="OutflowSecurity">
      <action>
        <items>Signature</items>
        <user>wally</user>
        <signaturePropFile>crypto.properties</signaturePropFile>
 
<passwordCallbackClass>net.idt.svp.security.PWCallback</passwordCallbackClas
s>
        <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
      </action>
    </parameter>

 

    <parameter name="InflowSecurity">
       <action>
         <items>Signature</items>
         <signaturePropFile>crypto.properties</signaturePropFile>
       </action>
    </parameter>

 

My crypto.properties 

 

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
pto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.file=J:\svp_prime\trunk\security\test.j
ks
org.apache.ws.security.crypto.merlin.keystore.password=pswd

My Client includes the following:

        _serviceClient.getOptions().setTo(new
org.apache.axis2.addressing.EndpointReference(targetEndpoint));
 
_serviceClient.getOptions().setUseSeparateListener(useSeparateListener);

 

        StAXOMBuilder builder = new StAXOMBuilder("resources/policy.xml");

        Policy clientPolicy =
PolicyEngine.getPolicy(builder.getDocumentElement());
 
_serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLIC
Y, clientPolicy);
        _serviceClient.engageModule("rampart");

My problem is that I have no clue how to set up the policy.xml.  Rampart's
examples do not include an example of pure signature only (no timestamp).

 

 

Can someone supply me with an example?

Thanks.


Mime
View raw message