axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dennis Sosnoski <...@sosnoski.com>
Subject Re: question on consuming service with lopsided security
Date Wed, 03 Nov 2010 03:13:53 GMT
If the consensus of the Axis2 developers is to avoid any discussion of
other alternatives on these lists I'll certainly respect that. But
unless there is a policy to that effect I'll continue to mention other
open source alternatives to people if it looks like Axis2 won't fulfill
their requirements.

  - Dennis


On 11/03/2010 03:41 PM, Samisa Abeysinghe wrote:
>
>
> On Wed, Nov 3, 2010 at 5:24 AM, Dennis Sosnoski <dms@sosnoski.com
> <mailto:dms@sosnoski.com>> wrote:
>
>     Hi Thomas,
>
>     I haven't had any luck with one-way security policies using Axis2,
>     though I didn't try this particular combination. You might find my
>     latest Java Web Services article on devWorks of interest:
>     http://www.ibm.com/developerworks/java/library/j-jws18/index.html This
>     one covers WS-Policy in some detail, and includes my tests with some
>     one-way policies. Your case is simpler than the ones I used, so you
>     might find that CXF or Metro would work for what you want.
>
>
> Why are we advertising CFX and Metro on Axis2 list??? Should we not
> use their own lists to do that???
>
>
>     You could also try attaching the policies directly to the actual Axis2
>     message object in your client code (rather than including them in the
>     WSDL for client code generation), and see if that works.
>
>      - Dennis
>
>     --
>     Dennis M. Sosnoski
>     Java SOA and Web Services
>     Axis2/CXF/Metro Training and Consulting
>     http://www.sosnoski.com - http://www.sosnoski.co.nz
>     Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117
>
>
>     On 10/21/2010 07:26 AM, Thomas J Pinkl wrote:
>     > I'm trying to consume a web service using Axis2 1.4.1 and
>     Rampart 1.4.
>     > The service requires WS-Security in the form of a signed request (no
>     > encryption), using x.509 tokens.
>     >
>     > I generated the client code from a WSDL file provided by the
>     service.
>     > Unfortunately, it did not contain any security anotations.
>     >
>     > I am able to send a valid request to the service but I'm having a
>     > problem with the response.
>     >
>     > The response from the web service is NOT signed or encrypted.
>      However,
>     > my attempts at configuring a policy file where the security is
>     one-way,
>     > have been unsuccessful.
>     >
>     > With my current policy, I receive an AxisFault while processing the
>     > response:
>     >
>     >   org.apache.axis2.AxisFault: Missing wsse:Security header in
>     request
>     >     at
>     org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
>     >     at
>     org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
>     >     at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>     >     at
>     org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>     >     at
>     org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
>     >     at
>     org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
>     >     at
>     org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>     >     at
>     org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
>     >     at
>     org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>     >     at ...
>     >
>     > I've tried removing the "Security" phase from InFlow and InFaultFlow
>     > in my axis2.xml file, but it seems that Rampart is still invoked.
>     >
>     > Can anyone suggest how I can consume this lopsided (security-wise)
>     > service?
>     >
>     >
>
>     ---------------------------------------------------------------------
>     To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
>     <mailto:java-user-unsubscribe@axis.apache.org>
>     For additional commands, e-mail: java-user-help@axis.apache.org
>     <mailto:java-user-help@axis.apache.org>
>
> Samisa ...
>
> http://samisa-abeysinghe.blogspot.com/ 
>
>

Mime
View raw message