axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <Tezcan.Dilshener.ext...@HVBIS.com>
Subject AW: can I use use rampart with JAX-WS style webservice
Date Fri, 09 May 2008 08:54:34 GMT
Hi Nandana,
 
>.... you can apply policies in the WSDL. AFAIK, when the service being deployed, Axis2
should pick the policy from the WSDL. So only the services you need to >secure has security
policies.
 
yes, the generated WSDL has than the policy but it still does not work. The service throws
out 
[ERROR] Must Understand check failed for headers:
as I mentioned earlier on my other email to you (see below).
 
So I copied it into the axis2.xml and it resolved the error.
It looks like we are so close but yet so far away from a solution:-)
 
cheers
Tezcan
[ERROR] Must Understand check failed for headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd%7DSecurity>
 

org.apache.axis2.AxisFault: Must Understand check failed for headers: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd%7DSecurity>


        at org.apache.axis2.jaxws.handler.HandlerUtils.checkMustUnderstand(HandlerUtils.java:157)

        at org.apache.axis2.jaxws.server.EndpointController.handleRequest(EndpointController.java:256)

        at org.apache.axis2.jaxws.server.EndpointController.invoke(EndpointController.java:97)

        at org.apache.axis2.jaxws.server.JAXWSMessageReceiver.receive(JAXWSMessageReceiver.java:171)

        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:176) 
        at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)

        at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:131) 
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) 
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) 
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)

        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)

        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)

        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) 
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) 
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)

        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) 
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825) 
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)

        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)

        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)

        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)

        at java.lang.Thread.run(Thread.java:595)

	-----Ursprüngliche Nachricht-----
	Von: Nandana Mihindukulasooriya [mailto:nandana.cse@gmail.com] 
	Gesendet: Freitag, 9. Mai 2008 06:24
	An: axis-user@ws.apache.org
	Betreff: Re: can I use use rampart with JAX-WS style webservice
	
	
	Hi Alex,
	


		Declaring the rampart in axis2.xml global config (and putting the rampart.mar in WEB-INF/modules,
of course) would engage it globally for all services. If you only have one service running,
this might be what you need. I haven't found a way to engage a module ona per-service basis,
though.


	I didn't get the time to try this out, but I think it is worth giving a try. As you have
said, engage rampart globally. But you can apply policies in the WSDL. AFAIK, when the service
being deployed, Axis2 should pick the policy from the WSDL. So only the services you need
to secure has security policies. Even though every service is engaged Rampart, only the ones
having security policies will be effectively secured. This is because, with in the Rampart
module, we check for the presence of security policies before actually securing the messages.
 
	
	thanks,
	nandana
	 


		-----Original Message-----
		
		From: Tezcan.Dilshener.extern@HVBIS.com [mailto:Tezcan.Dilshener.extern@HVBIS.com]
		Sent: May 8, 2008 7:43 AM
		To: axis-user@ws.apache.org
		Subject: AW: can I use use rampart with JAX-WS style webservice
		
		Hi
		thanks for your answer.
		Unfortunately it does not seem to do the trick.
		I am getting the following error.
		
		[ERROR] com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 32 counts of IllegalAnnotationExceptions
org.apache.axiom.attachments.lifecycle.LifecycleManager is an interface, and JAXB can't handle
interfaces.
		
		I am beginning to think that it is not possible to engage Rampart with annotations.
		
		cheers
		Tezcan
		-----Ursprüngliche Nachricht-----
		Von: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
		Gesendet: Dienstag, 6. Mai 2008 09:57
		An: axis-user@ws.apache.org
		Betreff: Re: can I use use rampart with JAX-WS style webservice
		
		
		I haven't tried this but I think the following solution will work:
		
		- first implement lifecycle management on the service [1]
		- now in the "init" method you can get hold of the AxisService instance and then you can
engage the rampart module on it.
		- Finally you can load the policy from a file as an org.apache.neethi.Policy object and
add that to the AxisService instance as well.
		
		Now you have a WS-Sec enabled service :-)
		
		HTH
		
		Thanks,
		Ruchith
		
		p.s. You can also try WSO2 WSAS [2] and try the WS-Sec support available as well!
		
		1. http://ws.apache.org/axis2/1_3/api/org/apache/axis2/service/Lifecycle.html
		2. http://wso2.org/downloads/wsas
		On Wed, Apr 30, 2008 at 8:39 PM,  <Tezcan.Dilshener.extern@hvbis.com> wrote:
		>
		>
		>
		> Hi
		>
		> I have a web service developed using jax-ws style annotations. So it
		> does not require a services.xml, It is deployed to axis2 as jar file
		> under WEB-INF\servicejars directory.
		>
		> Now if I want to secure this service using rampart how do I link the
		> policy.xml?
		>
		> Where do I add the stuff such as <module ref="rampart"> that one
		> usually adds into services.xml ?
		>
		>
		> cheers
		> Tezcan
		
		
		
		--
		http://blog.ruchith.org
		http://wso2.org
		
		---------------------------------------------------------------------
		To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
		For additional commands, e-mail: axis-user-help@ws.apache.org
		
		
		---------------------------------------------------------------------
		To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
		For additional commands, e-mail: axis-user-help@ws.apache.org
		
		
		
		********************
		NOTICE OF CONFIDENTIALITY
		This communication including any information transmitted with it is
		intended only for the use of the addressees and is confidential.
		If you are not an intended recipient or responsible for delivering
		the message to an intended recipient, any review, disclosure,
		conversion to hard copy, dissemination, reproduction or other use
		of any part of this communication is strictly prohibited, as is the
		taking or omitting of any action in reliance upon this communication.
		If you receive this communication in error or without authorization
		please notify us immediately by return e-mail or otherwise and
		permanently delete the entire communication from any computer,
		disk drive, or other storage medium.
		
		If the above disclaimer is not properly readable, it can be found at
		www.td.com/legal
		
		AVERTISSEMENT DE CONFIDENTIALITE
		Ce courriel, ainsi que tout renseignement ci-inclus, destiné uniquement
		aux destinataires susmentionnés,  est confidentiel.  Si vous
		n'êtes pas le destinataire prévu ou un agent responsable de la
		livraison de ce courriel, tout examen, divulgation, copie, impression,
		reproduction, distribution, ou autre utilisation d'une partie de ce
		courriel est strictement interdit de même que toute intervention ou
		abstraction à cet égard.  Si vous avez reçu ce message par erreur ou
		sans autorisation, veuillez en aviser immédiatement l'expéditeur par
		retour de courriel ou par un autre moyen et supprimer immédiatement
		cette communication entière de tout système électronique.
		
		Si l'avis de non-responsabilité ci-dessus n'est pas lisible, vous
		pouvez le consulter à www.td.com/francais/legale
		

		---------------------------------------------------------------------
		To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
		For additional commands, e-mail: axis-user-help@ws.apache.org
		
		


Mime
View raw message