You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Tor-Erik Steinsland <to...@stud.ntnu.no> on 2011/10/24 18:36:11 UTC

[axis2] Problems developing HTTPS based webservices using Rampart and axis2

Hello,

I am trying to create a webservice which uses HTTPS for transport and  
rampart for username and password authentication, but I have some  
problems. I am working on Tomcat 7.0.22, axis2 1.6.0 and rampart 1.6.0.

However, I can't get HTTPS to work. I have followed tutorials for  
setting up HTTPS on tomcat 7, as well as tips and tricks from various  
blogs and web communities. When I try to start my server using the  
configuration I have entered (see below), I get the following errors:

org.apache.axis2.deployment.DeploymentException: Service [ add] is  
trying to expose in a transport : <transports>
		<transport>https</transport>

Followed by multiple "java.net.BindException: Address already in use:  
JVM_Bind" errors.

Can anybody see what I am doing wrong?

I have added the following to tomcat's "server.xml"

    <Connector port="8443" maxHttpHeaderSize="8192"
                maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
                enableLookups="false" disableUploadTimeout="true"
                acceptCount="100" scheme="https" secure="true"
                clientAuth="false" sslProtocol="TLS"
                keystoreFile="C:\keystore\key.keystore"
		    keyAlias="te" keystorePass="password" />

In my "services.xml", the following is added:

	<transports>
		<transport>https</transport>
	</transports>

	<wsp:Policy wsu:Id="UsernameTokenOverHTTPS"
		xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
		xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
		<wsp:ExactlyOne>
			<wsp:All>
				 <sp:TransportBinding
					xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
					<wsp:Policy>
						<sp:TransportToken>
							<wsp:Policy>
								<sp:HttpsToken RequireClientCertificate="false" />
							</wsp:Policy>
						</sp:TransportToken>
						 <sp:AlgorithmSuite>
							<wsp:Policy>
								<sp:Basic256 />
							</wsp:Policy>
						</sp:AlgorithmSuite>
						<sp:Layout>
							<wsp:Policy>
								<sp:Lax />
							</wsp:Policy>
						</sp:Layout>
						<sp:IncludeTimestamp />
					</wsp:Policy>
				</sp:TransportBinding>
				<sp:SignedSupportingTokens
					xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
					<wsp:Policy>
						<sp:UsernameToken
							sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
							<wsp:Policy>
								<sp:HashPassword />
							</wsp:Policy>
						</sp:UsernameToken>
					</wsp:Policy>
				</sp:SignedSupportingTokens>
				<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
					<ramp:PasswordType>Digest</ramp:PasswordType>
					<ramp:passwordCallbackClass>sec.PWCBHandler</ramp:passwordCallbackClass>
				</ramp:RampartConfig>

			</wsp:All>
		</wsp:ExactlyOne>
	</wsp:Policy>

Finally, in axis2.xml (on the client side), I have added the following:

	<wsp:Policy wsu:Id="UsernameTokenOverHTTPS"
		xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
		xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
		<wsp:ExactlyOne>
			<wsp:All>
				 <sp:TransportBinding
					xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
					<wsp:Policy>
						<sp:TransportToken>
							<wsp:Policy>
								<sp:HttpsToken RequireClientCertificate="false" />
							</wsp:Policy>
						</sp:TransportToken>
						 <sp:AlgorithmSuite>
							<wsp:Policy>
								<sp:Basic256 />
							</wsp:Policy>
						</sp:AlgorithmSuite>
						<sp:Layout>
							<wsp:Policy>
								<sp:Lax />
							</wsp:Policy>
						</sp:Layout>
						<sp:IncludeTimestamp />
					</wsp:Policy>
				</sp:TransportBinding>
				<sp:SignedSupportingTokens
					xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
					<wsp:Policy>
						<sp:UsernameToken
							sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
							<wsp:Policy>
								<sp:HashPassword />
							</wsp:Policy>
						</sp:UsernameToken>
					</wsp:Policy>
				</sp:SignedSupportingTokens>
				<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
					<ramp:user>test</ramp:user>
					<ramp:PasswordType>Digest</ramp:PasswordType>
					<ramp:passwordCallbackClass>sec.PWCBHandler</ramp:passwordCallbackClass>
				</ramp:RampartConfig>
			</wsp:All>
		</wsp:ExactlyOne>

	</wsp:Policy>

As well as:

	<transportSender name="https"
		class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
		<parameter name="PROTOCOL">HTTP/1.1</parameter>
		<parameter name="Transfer-Encoding">chunked</parameter>
	</transportSender>

And:

	<transportReceiver name="https"
		class="org.apache.axis2.transport.http.AxisServletListener">
		<parameter name="port">8443</parameter>
	</transportReceiver>


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org