axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "keith chapman" <keithgchap...@gmail.com>
Subject Re: Rampart - is it usable on client-side when you don't control server side
Date Thu, 02 Oct 2008 15:09:45 GMT
Hi Steve,

Try this. This should work for you (cause I copied it off some of my working
code)

            HttpTransportProperties.Authenticator authenticator = new
HttpTransportProperties.Authenticator();
            authenticator.setUsername(basicAuthUsername);
            authenticator.setPassword(basicAuthPassword);
            authenticator.setPreemptiveAuthentication(true);
            options.setProperty(HTTPConstants.AUTHENTICATE, authenticator);

Thanks,
Keith,

On Thu, Oct 2, 2008 at 6:57 PM, Steve Cohen <scohen@javactivity.org> wrote:

> Nandana:
> Thank you very much.  This clears up a lot.
> However, still a problem.  The Basic HTTP Auth on the referenced page gives
> this code sample:
>
> HttpTransportProperties.BasicAuthentication basicAuthentication =
>                   new HttpTransportProperties().new BasicAuthentication();
> basicAuthentication.setUsername("axis2");
> basicAuthentication.setPassword("axis2");
> options.setProperty(
>        org.apache.axis2.transport.http.HTTPConstants.BASIC_AUTHENTICATION,
>       basicAuthentication);
>
> However the class HttpTransportProperties.BasicAuthentication appears to be
> missing from Axis2 1.4.1 and the sample code will not reply.  What was this
> class replaced with?
>
>
>
>
>
>
> Nandana Mihindukulasooriya wrote:
>
>> Hi Steve,
>>
>>    It looks like this one is a showstopper.  According to the Rampart
>>    1.4 QuickStart guide http://ws.apache.org/rampart/quick-start.html
>>
>>        When securing a SOAP message, the sender must know the
>>        security actions to be performed on the message and the
>>        receiver must know enough details to process and validate the
>>        security of the message. Therefore when using Rampart with
>>        Axis2, it must be engaged at both ends.
>>
>>
>> First part of this is only true if the vendor provided WSDL doesn't
>> contain policies expressing the security requirements of that web service.
>> And Rampart must be engaged at both side only if both sides are Axis2. For
>> example, we successfully interoperate with .NET where they secure their
>> services using WCF. The information the quick start guide seems bit
>> misleading and will update them.
>>
>>        So it sounds like Rampart is useless for my use case:
>>         generating a client side interface for a Web Service from its
>>        vendor-provided WSDL, when this vendor is not using Rampart.
>>         This vendor requires basic HTTP authentication but his web
>>        service is not built with Axis and doesn't use Rampart.
>>
>>    Is this right?  And short of hand-generating the SOAP envelope
>>    with authentication information is there any way of interfacing to
>>    such a WS with Axis?
>>
>>
>> Anyway, to do basic HTTP authentication with Axis2 you don't need Rampart.
>> You need Rampart only if you are doing WS Security stuff. Please look at the
>> tutorial [1] to see how to do http basic authentication with Axis2.
>>
>> [1] - http://wso2.org/library/161
>>
>> thanks,
>> nandana
>>
>>
>>    Steve Cohen wrote:
>>
>>        Thanks, but still a little gnashing of teeth going on.
>>
>>        Rampart 1.4.  Who knew that such a thing existed?  Ah yes,
>>        there it is, if I go to http://ws.apache.org/rampart/.
>>         Unfortunately, this is not the link shown at
>>        http://ws.apache.org/axis2/modules/index.html (accessible from
>>        the axis main page).  Oh well, it's only wasted time.
>>
>>        In general, is the correct thing to assume that an axis module
>>        should have the same version number as axis does and that if
>>        you need that module, you are restricted to using an axis
>>        version no higher than the version number of that module?
>>
>>        And thanks for the pointer on JMS.
>>
>>
>>
>>
>>        keith chapman wrote:
>>
>>            You should use rampart 1.3 with axis2-1.3 and rampart 1.4
>>            with axis2-1.4 or axis2-1.4.1. I answered your JMS
>>            question on the other thread. And no rampart does NOT
>>            depend on JMS.
>>
>>            Thanks,
>>            Keith.
>>
>>            On Thu, Oct 2, 2008 at 5:25 AM, Steve Cohen
>>            <scohen@javactivity.org <mailto:scohen@javactivity.org>
>>            <mailto:scohen@javactivity.org
>>
>>            <mailto:scohen@javactivity.org>>> wrote:
>>
>>               After all day futilely trying to use Rampart I have
>>            some simple
>>               questions that maybe the developers can answer:
>>
>>               What versions of Axis2 is Rampart compatible or
>>            incompatible with?
>>                In particular is it compatible with Axis2-1.4?  If not
>>            what must
>>               be done to make it so?
>>
>>               What undocumented dependencies does Rampart have?  Why
>>            does client
>>               code blow up because of
>>
>>               java.lang.NoClassDefFoundError: javax/jms/BytesMessage
>>
>>               Does Rampart use JMS?
>>
>>               (Note: this happens with the out of the box sample
>>            client code in
>>               sample03).
>>
>>               What I am looking for is a simple solution that allows
>>            me to take
>>               a vendor-provided WSDL for a Web Service that uses
>>            basic HTTP
>>               authentication, and quickly generate a usable client
>>            for it.  All
>>               documentation I have seen for Axis/Rampart seems to
>>            contain an
>>               unhealthy intermingling of client-side and server-side
>>            code with
>>               the client-side code always something of an
>>            afterthought.  This
>>               negates the whole idea of Web Services.
>>
>>               Is there a sample out there or an article that shows
>>            how to work
>>               with Axis2 in the scenario where the developer is in
>>            control only
>>               of the client, not the server?
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>>               To unsubscribe, e-mail:
>>            axis-user-unsubscribe@ws.apache.org
>>            <mailto:axis-user-unsubscribe@ws.apache.org>
>>               <mailto:axis-user-unsubscribe@ws.apache.org
>>            <mailto:axis-user-unsubscribe@ws.apache.org>>
>>               For additional commands, e-mail:
>>            axis-user-help@ws.apache.org
>>            <mailto:axis-user-help@ws.apache.org>
>>               <mailto:axis-user-help@ws.apache.org
>>            <mailto:axis-user-help@ws.apache.org>>
>>
>>
>>
>>
>>            --            Keith Chapman
>>            Senior Software Engineer
>>            WSO2 Inc.
>>            Oxygenating the Web Service Platform.
>>            http://wso2.org/
>>
>>            blog: http://www.keith-chapman.org
>>
>>
>>
>>
>>  ---------------------------------------------------------------------
>>        To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>>        <mailto:axis-user-unsubscribe@ws.apache.org>
>>        For additional commands, e-mail: axis-user-help@ws.apache.org
>>        <mailto:axis-user-help@ws.apache.org>
>>
>>
>>
>>
>>
>>    ---------------------------------------------------------------------
>>    To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>>    <mailto:axis-user-unsubscribe@ws.apache.org>
>>    For additional commands, e-mail: axis-user-help@ws.apache.org
>>    <mailto:axis-user-help@ws.apache.org>
>>
>>
>>
>>
>> --
>> Nandana Mihindukulasooriya  WSO2 inc.
>>
>> http://nandana83.blogspot.com/
>> http://www.wso2.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>


-- 
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/

blog: http://www.keith-chapman.org

Mime
View raw message