axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Galpin <cgal...@lhsw.com>
Subject Re: ws-security at operation level
Date Thu, 03 Jun 2010 20:05:52 GMT
Wow, thanks for that - solved all my problems! I just wish I'd asked a few hours ago :)

Thanks!
charles

On Jun 3, 2010, at 2:57 PM, Prabath Siriwardena wrote:

> Please move to the ws-security policy based approach and define your policy at the operation
level.
> 
> This [1] by Nandana will be helpful....
> 
> Thanks & regards.
> -Prabath
> http://RampartFAQ.com
> 
> [1]: http://wso2.org/library/3786
> 
> Charles Galpin wrote:
>> I'm running axis2-1.5/rampart1.5 with a POJO based service and can't get ws-security
enabled for specific operations (not the whole service). If I enable rampart for the service,
using the same InflowSecurity parameter it works fine, but if I move it into an operation
block I get
>> 
>>     [java] org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/o
>> asis-200401-wss-wssecurity-secext-1.0.xsd : Security
>>     [java]     at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:517)
>>     [java]     at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:371)
>>     [java]     at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
>>     [java]     at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>>     [java]     at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>>     [java]     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:539)
>>     [java]     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)
>> 
>> The admin tools verify the rampart module is engaged for the operation. Any thoughts
on what I am doing wrong?
>> 
>> Using policies is the next step, but for now I am using the following in services.xml
(or trying to within an operation block)
>> 
>>          <module ref="rampart"/>
>>          <parameter name="InflowSecurity">
>>               <action>
>>                 <items>UsernameToken Timestamp</items>
>>                 <passwordCallbackClass>my.PasswordCallbackHandler</passwordCallbackClass>
>>               </action>
>>           </parameter>
>> 
>> In either case there is no markup in the WSDL which doesn't seem right, and when
I have it at the service level and it worked, my operation got null for
>> 
>> MessageContext.getCurrentMessageContext().getProperty(RampartMessageData.USERNAME);

>> which is even more perplexing. Help!
>> 
>> Thanks,
>> charles
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>> For additional commands, e-mail: java-user-help@axis.apache.org
>> 
>> 
>>  
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-user-help@axis.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org


Mime
View raw message