You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "Philippe A." <fu...@gmail.com> on 2012/04/02 18:38:06 UTC
Re: [axis2 or rampart?] client not including username and password in header
Sorry for the missing subject. I posted in a hurry.
2012/4/2 Philippe A. <fu...@gmail.com>
> Hello,
>
> I have compiled Axis2 & rampart from trunk in order to workaround a bug
> with wsdl2java. The client I developed back with Axis 1.4.1 no longer
> works. More specifically, the username and password token does not get
> added by the client in the soap header (confirmed with tcpdump). Client
> requests are rejected by the server with "org.apache.axis2.AxisFault: SOAP
> header missing".
>
> I also see the following in my server logs (not sure if it is related or
> not):
> [WARN] Deprecated usage of OMElement#declareNamespace(String,String) with
> empty prefix
>
> My client is generated by wsdl2java and I wrote a simple wrapper class
> around it. The wrapper closely matches this example:
> http://blog.facilelogin.com/2008/11/security-policy-with-rampart.html
>
> I invoke wsdl2java with the following options: -s -uw.
>
> Debug traces show that rampart is being loaded by the client. I am not
> using any other security for now (encryption or other). I am using
> standalone axis server and I am in the process of replacing https transport
> security for ws-security encryption.
>
> All ideas welcome. Thank you!
>
Re: [axis2 or rampart?] client not including username and password in header
Posted by "Philippe A." <fu...@gmail.com>.
2012/4/2 Philippe A. <fu...@gmail.com>
> My problem seems to relate to UsernameToken assertion. Looks like this
> token cannot be used alone -- I oversimplified. It is the conclusion I draw
> after encountering the same issue with code generated in 1.4.1.
>
It is entirely possible to create a policy containing a single
UsernameToken (though of no real practical unless using additional
security). It works in Axis 1.5.6. I am not sure what my issue was. It no
longer matters since it works and I will be using 1.5.6 for now.
Re: [axis2 or rampart?] client not including username and password in header
Posted by "Philippe A." <fu...@gmail.com>.
My problem seems to relate to UsernameToken assertion. Looks like this
token cannot be used alone -- I oversimplified. It is the conclusion I draw
after encountering the same issue with code generated in 1.4.1.
2012/4/2 Philippe A. <fu...@gmail.com>
> I did a quick comparison of the generated code and found a few important
> differences. No wonder it does not work.
>
> No calls to attachPolicy in populateAxisService
> No call to _service.applyPolicy(); in ctor
> No generated function getPolicy
>
> It looks like I should have a look towards my policy / wsdl2java. I took
> the policy I use in 1.4.1, removed the sp:TransportBinding and left the
> UsernameToken bits.
>
> <wsp:Policy wsu:Id="UsernameTokenOverHTTPS" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
> <wsp:ExactlyOne>
> <wsp:All>
>
> <sp:SupportingTokens xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:Policy>
> <sp:UsernameToken sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
> "/>
> </wsp:Policy>
> </sp:SupportingTokens>
>
> <ramp:RampartConfig xmlns:ramp="
> http://ws.apache.org/rampart/policy">
>
> <ramp:passwordCallbackClass>Service.SimpleUserPassCallback</ramp:passwordCallbackClass>
> </ramp:RampartConfig>
>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
>
>
>
> 2012/4/2 Philippe A. <fu...@gmail.com>
>
> Sorry for the missing subject. I posted in a hurry.
>>
>> 2012/4/2 Philippe A. <fu...@gmail.com>
>>
>>> Hello,
>>>
>>> I have compiled Axis2 & rampart from trunk in order to workaround a bug
>>> with wsdl2java. The client I developed back with Axis 1.4.1 no longer
>>> works. More specifically, the username and password token does not get
>>> added by the client in the soap header (confirmed with tcpdump). Client
>>> requests are rejected by the server with "org.apache.axis2.AxisFault: SOAP
>>> header missing".
>>>
>>> I also see the following in my server logs (not sure if it is related or
>>> not):
>>> [WARN] Deprecated usage of OMElement#declareNamespace(String,String)
>>> with empty prefix
>>>
>>> My client is generated by wsdl2java and I wrote a simple wrapper class
>>> around it. The wrapper closely matches this example:
>>> http://blog.facilelogin.com/2008/11/security-policy-with-rampart.html
>>>
>>> I invoke wsdl2java with the following options: -s -uw.
>>>
>>> Debug traces show that rampart is being loaded by the client. I am not
>>> using any other security for now (encryption or other). I am using
>>> standalone axis server and I am in the process of replacing https transport
>>> security for ws-security encryption.
>>>
>>> All ideas welcome. Thank you!
>>>
>>
>>
>
Re: [axis2 or rampart?] client not including username and password in header
Posted by "Philippe A." <fu...@gmail.com>.
I did a quick comparison of the generated code and found a few important
differences. No wonder it does not work.
No calls to attachPolicy in populateAxisService
No call to _service.applyPolicy(); in ctor
No generated function getPolicy
It looks like I should have a look towards my policy / wsdl2java. I took
the policy I use in 1.4.1, removed the sp:TransportBinding and left the
UsernameToken bits.
<wsp:Policy wsu:Id="UsernameTokenOverHTTPS" xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SupportingTokens xmlns:sp="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
"/>
</wsp:Policy>
</sp:SupportingTokens>
<ramp:RampartConfig xmlns:ramp="
http://ws.apache.org/rampart/policy">
<ramp:passwordCallbackClass>Service.SimpleUserPassCallback</ramp:passwordCallbackClass>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
2012/4/2 Philippe A. <fu...@gmail.com>
> Sorry for the missing subject. I posted in a hurry.
>
> 2012/4/2 Philippe A. <fu...@gmail.com>
>
>> Hello,
>>
>> I have compiled Axis2 & rampart from trunk in order to workaround a bug
>> with wsdl2java. The client I developed back with Axis 1.4.1 no longer
>> works. More specifically, the username and password token does not get
>> added by the client in the soap header (confirmed with tcpdump). Client
>> requests are rejected by the server with "org.apache.axis2.AxisFault: SOAP
>> header missing".
>>
>> I also see the following in my server logs (not sure if it is related or
>> not):
>> [WARN] Deprecated usage of OMElement#declareNamespace(String,String) with
>> empty prefix
>>
>> My client is generated by wsdl2java and I wrote a simple wrapper class
>> around it. The wrapper closely matches this example:
>> http://blog.facilelogin.com/2008/11/security-policy-with-rampart.html
>>
>> I invoke wsdl2java with the following options: -s -uw.
>>
>> Debug traces show that rampart is being loaded by the client. I am not
>> using any other security for now (encryption or other). I am using
>> standalone axis server and I am in the process of replacing https transport
>> security for ws-security encryption.
>>
>> All ideas welcome. Thank you!
>>
>
>