You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Tony Dean <To...@sas.com> on 2007/08/30 03:34:38 UTC

[Axis2] WS-Trust namespace issue on weblogic

Hi,

I have a WS-Trust namespaces issue using Axis2 1.1 / Rampart 1.1
deployed on Weblogic 9.2.

First, the same exact deployment on Jboss 4.2 works just fine.  That
puzzles the heck out of me.  I don't know why there would be any
container-specific code involved.

Here's the issue.

I am using some Rahas utility code to generate a
RequestSecurityTokenResponse.  In particular, I am using
org.apache.rahas.TrustUtil. class.  This basically uses Axiom to
generate appropriate elements to return in the respone.

On Jboss, the response looks like:

<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header></soapenv:Header>
   <soapenv:Body>
      <wst:RequestSecurityTokenResponse
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
         <wst:RequestedSecurityToken>
              ...
         </wst:RequestedSecurityToken>
         <wst:Lifetime>
            <wsu:Created
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd">2007-08-30T00:49:09.791Z</wsu:Created>
            <wsu:Expires
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd">2007-08-30T01:04:09.791Z</wsu:Expires>
         </wst:Lifetime>
         <wst:RequestedProofToken>
 
<wst:BinarySecret>TlL19TASHV4nmpcE5QFcPUAmr2x4bi1c+yjNOj0iQYE=</wst:Bina
rySecret>
         </wst:RequestedProofToken>
      </wst:RequestSecurityTokenResponse>
   </soapenv:Body>
</soapenv:Envelope>


On weblogic, the same code creates the following invalid response:

<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header></soapenv:Header>
   <soapenv:Body>
      <wst:RequestSecurityTokenResponse
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
         <wst:RequestedSecurityToken>
              ...
         </wst:RequestedSecurityToken>
         <wst:Lifetime>
            <wsu:Created
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd">2007-08-30T00:49:09.791Z</wsu:Created>
            <wsu:Expires>2007-08-30T01:04:09.791Z</wsu:Expires>
         </wst:Lifetime>
         <wst:RequestedProofToken>
 
<wst:BinarySecret>TlL19TASHV4nmpcE5QFcPUAmr2x4bi1c+yjNOj0iQYE=</wst:Bina
rySecret>
         </wst:RequestedProofToken>
      </wst:RequestSecurityTokenResponse>
   </soapenv:Body>
</soapenv:Envelope>

Notice in the invalid response the Expires element does not contain the
"wsu" namespace declaration which makes it invalid.  How can the same
code produce different results when the code has no container specific
actions to consider.  It seems to be a bug in Axiom, but why should it
be different on weblogic than on jboss?


I'd appreciate a solution and/or any advice on this matter.

Thanks.

Tony Dean
SAS Institute Inc.
919.531.6704
tony.dean@sas.com

SAS... The Power to Know
http://www.sas.com


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org