axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sh_santosh <santosh.nc...@gmail.com>
Subject Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Date Sat, 19 Jul 2008 13:51:27 GMT

Hi Jose / all,

just one word away.

I am NOT able generate 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3'  
inside the wsse:UsernameToken tag.
In place of this i am able to generate only ' wsu:Id="UsernameToken-2691004"
'

<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">

What is this 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' ?

How can I generate it in Java (using Axis 1.3 and wss4j) ?

Required Security Header by other end( .Net WSE 3.0) ----

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"

xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
	<soap:Header>
		<wsa:Action>
			http://www.test.com/api/ws/internal/testInfo
		</wsa:Action>
		<wsa:MessageID>
			urn:uuid:ca7e475b-484a-4bb8-974f-eb573438bb43
		</wsa:MessageID>
		<wsa:ReplyTo>
			<wsa:Address>
				http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
			</wsa:Address>
		</wsa:ReplyTo>
		<wsa:To>
			http://localhost:8080/testapi/testwsapi.asmx
		</wsa:To>
		<wsse:Security soap:mustUnderstand="1">
			<wsu:Timestamp
				wsu:Id="Timestamp-c70b72e2-561c-4b18-bc4b-acf8c3896b14">
				<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
				<wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
			</wsu:Timestamp>
			<wsse:UsernameToken
			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">
				<wsse:Username>santosh.ncstk@gmail.com</wsse:Username>
				<wsse:Password
				
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
					SomePassword
				</wsse:Password>
				<wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
				<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
			</wsse:UsernameToken>
		</wsse:Security>
	</soap:Header>
	<soap:Body>	
		<SAN_Info
			xmlns="http://www.test.com/api/testing/ws/internal">
			<SAN_Request VendorId="TestVendor"
				VendorPassword="SomePassword"
				xmlns="http://www.test.com/api/testing/testinforequest">
				<Brand>SANBUS</Brand>
				<TourCode>GE</TourCode>
				<Code>80135</Code>
			</SAN_Request>
		</SAN_Info>
	</soap:Body>
</soap:Envelope>

Generated Security header By my side (Java- Axis 1.3 and wss4j
)----------------- 

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
	xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<soapenv:Header>
		<wsse:Security
		
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
			soapenv:mustUnderstand="1">
			<wsse:UsernameToken
			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="UsernameToken-2691004">
				<wsse:Username>
					santosh.ncstk@gmail.com
				</wsse:Username>
				<wsse:Password
				
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
					SomePassword
				</wsse:Password>
				<wsse:Nonce>bGmGuPDxQw2kkR5R0zC/hA==</wsse:Nonce>
				<wsu:Created>2008-07-10T16:46:47.046Z</wsu:Created>
			</wsse:UsernameToken>
			<wsu:Timestamp
			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="Timestamp-25899876">
				<wsu:Created>2008-07-10T16:46:47.015Z</wsu:Created>
				<wsu:Expires>2008-07-10T16:51:47.015Z</wsu:Expires>
			</wsu:Timestamp>
		</wsse:Security>
		<wsa:MessageID soapenv:mustUnderstand="0">
			uuid:c83b29b0-4e9f-11dd-8e1f-d019b0e90563
		</wsa:MessageID>
		<wsa:To soapenv:mustUnderstand="0">
			http://localhost:8080/testapi/testwsapi.asmx
		</wsa:To>
		<wsa:Action soapenv:mustUnderstand="0">
			http://www.test.com/api/testing/testinforequest
		</wsa:Action>
		<wsa:From soapenv:mustUnderstand="0">
			<wsa:Address>
				http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
			</wsa:Address>
		</wsa:From>
		<wsa:ReplyTo soapenv:mustUnderstand="0">
			<wsa:Address>
				http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
			</wsa:Address>
		</wsa:ReplyTo>
	</soapenv:Header>
	<soapenv:Body>
		<SAN_Info
			xmlns="http://www.test.com/api/testing/ws/internal">
			<SAN_Request VendorId="TestVendor"
				VendorPassword="SomePassword"
				xmlns="http://www.test.com/api/testing/testinforequest">
				<Brand>SANBUS</Brand>
				<TourCode>GE</TourCode>
				<Code>80135</Code>
			</SAN_Request>
		</SAN_Info>
	</soapenv:Body>
</soapenv:Envelope>


My client-config.wsdd ---------

<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
 <transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
  <globalConfiguration>
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
     <parameter name="action" value="Timestamp UsernameToken"/>
     <parameter name="user" value="santosh.ncstk@gmail.com"/>
     <parameter name="passwordCallbackClass"
value="com.api.testing.ws.internal.PWCallback"/>
     <parameter name="passwordType" value="PasswordText"/>
     <parameter name="password" value="ppx13Z11"/>
     <parameter name="mustUnderstand" value="true" />
     <parameter name="addUTElements" value="Nonce Created"/>
    </handler>
   </requestFlow>
  </globalConfiguration>
</deployment>


By seeing the security header, we can say that it is
username-token-profile-1.0.

How to solve this.



Please help me.



Regards
Santosh



José Ferreiro wrote:
> 
> Hello,
> 
> First you have to determine which Token profile you need to use[1]:
> Is it:
> - Username Token Profile
> -X.509 Token Profile
> - SAML Token profile
> - Kerberos Token Profile
> 
> most probably I will be Username Token Profile or X.509 Token Profile
> 
>  You will have two ways to do add the security header to your soap
> message:
> 
> Either you use Axis2 and rampart module to generate a client (stubs, etc,
> etc).
> You don't need to add a security header. The module will do the work for
> you.
> Obviously you have to add the right configuration files.
> You may download Axis2 and Rampart and there should be some examples in
> the
> package.
> 
> 
> Or you user Axis 1.3 with WSS4J.
> Same thing as above the security header of your SOAP message will be added
> by WSS4J according to
> the deployement files (extension is wsdd, which measn web service
> deployement descriptor)
> You may find examples in the package WSS4J.
> 
> Also this link [2] in the URL source code in the book you may download
> some
> examples.
> They show you the configuration of a such project with WSS4J.
> Please note that the author is using *X.509 Token profile*.
> 
> As you need to interoperate with donet. I will suggest you to read this
> article from Anne Thomas Manes [3].
> Dot net requires the "wrapped" style.
> 
> Hope this helps.
> 
> Jose FERREIRO
> 
> 
> [1] -
> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview
> [2] - http://www.agileskills2.org/DWSAA/v10pub/index.html
> [3] -
> http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html
> 
> 
> On 6/18/08, sh_santosh <santosh.ncstk@gmail.com> wrote:
>>
>>
>> Hi Jose,
>>
>> Thanks for your reply,
>>
>> Problem with my Java Client Code is that I have a Limitation that either
>> I
>> can add Security headers to my org.apache.axis.client.Call class object
>> or
>> in the Stub class object.
>>
>> Can you guide me about, how I can use WSS4J classes and method with my
>> Call
>> or Stub's Class Object.so that i can set the security headers.
>>
>> Can you provide me some sample Java code or example ,from where I can get
>> the idea that how should go further ,because right now I am totally
>> stucked
>> because of this.
>>
>> Thanks,
>> Ritesh.
>>
>>
>>
>> José Ferreiro wrote:
>> >
>> > Hello Ritesh,
>> >
>> > If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
>> > should use
>> > the library Apache WSS4J [2] and not "Rampart"
>> >
>> > "Rampart" is a module based on Apache WSS4J that provides the
>> WS-Security
>> > features for Axis2 [3][4].
>> >
>> > Hope this helps:
>> >
>> > José Ferreiro
>> >
>> > [1] - http://ws.apache.org/axis/
>> > [2] - http://ws.apache.org/wss4j/
>> > [3] -
>> http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
>> > [4] - http://ws.apache.org/axis2/
>> >
>> >
>> > On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <santosh.ncstk@gmail.com>
>> > wrote:
>> >
>> >>
>> >> Hi Keith,
>> >>
>> >> I am using Axis1.3 version not Axis2.
>> >> So,is Rampart will work with Axis1.3 or it will work with only with
>> Axis2
>> >> and higher versions.
>> >>
>> >> Thanks,
>> >> Ritesh.
>> >>
>> >> sh_santosh wrote:
>> >> >
>> >> > Dear All,
>> >> >
>> >> > I have a Java Client generated by using Axis1.3.By use of my Java
>> >> Client
>> >> I
>> >> > want to access a Web Service Implemented in .NET using WSE3.0
>> >> Standards.
>> >> >
>> >> > When I tried to submit my Request using a method available in my
>> Client
>> >> > Class ,I am getting Exception that "Security requirements are not
>> >> > satisfied because the security header is not present in the incoming
>> >> > message".
>> >> >
>> >> > Then I have added the SOAP Security Headers(which are not available
>> in
>> >> my
>> >> > Java Client Code) in my Stub Object  by using SOAPHeaderElement
>> Class's
>> >> > Object and Tried to submit the Request ,but still I got the Same
>> >> > Exception.
>> >> >
>> >> > Note : - That the Java Client Code Pass an Object as Request having
>> >> > required Parameters and Gets the User Defined Object in Response.
>> >> >
>> >> > I have to generate a Structure Like below inside my SOAPHeader Tag
:
>> >> >
>> >> > <soap:Header>
>> >> > <wsa:Action>http://www.test/info</wsa:Action>
>> >> >
>> >>
>> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
>> >> > <wsa:ReplyTo>
>> >> > <wsa:Address>
>> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
>> >> </wsa:Address>
>> >> > </wsa:ReplyTo>
>> >> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
>> >> > <wsse:Security soap:mustUnderstand="1">
>> >> > <wsu:Timestamp
>> wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
>> >> > </wsu:Timestamp>
>> >> > <wsse:UsernameToken
>> >> > xmlns:wsu="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> >> "
>> >> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
>> >> > <wsse:Username>stuart@testme.com</wsse:Username>
>> >> > <wsse:Password
>> >> > Type="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> >> ">SomePassword</wsse:Password>
>> >> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > </wsse:UsernameToken>
>> >> > </wsse:Security>
>> >> > </soap:Header>
>> >> >
>> >> >
>> >> >
>> >> > Any Help at Java Code Level or any Guidance/Example will be highly
>> >> > appreciated.
>> >> >
>> >> > Thanks,
>> >> > Ritesh.
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
>> >> Sent from the Axis - User mailing list archive at Nabble.com.
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
> 
> 
> -- 
> José Ferreiro
> EPFL Communication Systems engineer
> ing.sys.com.dipl.EPFL
> 
> "Think little goals and expect little achievements. Think big goals and
> win
> big success."  David Joseph Schwartz
> 
> 

-- 
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p18544790.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message