You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by sh_santosh <sa...@gmail.com> on 2008/06/18 08:56:38 UTC
Security requirements are not satisfied because the security header
is
>> not
Security Header is not present in the incoming message
Exception.
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Nabble-From: santosh.ncstk@gmail.com
Dear All,
I have a Java Client generated by using Axis1.3.By use of my Java Client I
want to access a Web Service Implemented in .NET using WSE3.0 Standards.
When I tried to submit my Request using a method available in my Client
Class ,I am getting Exception that "Security requirements are not satisfied
because the security header is not present in the incoming message".
Then I have added the SOAP Security Headers(which are not available in my
Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
Object and Tried to submit the Request ,but still I got the Same Exception.
Note : - That the Java Client Code Pass an Object as Request having required
Parameters and Gets the User Defined Object in Response.
I have to generate a Structure Like below inside my SOAPHeader Tag :
<soap:Header>
<wsa:Action>http://www.test/info</wsa:Action>
<wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
<wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
<wsse:Username>stuart@testme.com</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SomePassword</wsse:Password>
<wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
Any Help at Java Code Level or any Guidance/Example will be highly
appreciated.
Thanks,
Ritesh.
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is%0D%0A%3E%3E-not%0D%0ASecurity-Header-is-not-present-in-the-incoming-message-Exception.-tp17960865p17960865.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security
header is not present in the incoming message.
Posted by sh_santosh <sa...@gmail.com>.
Hi Nandana,
Sorry for replying late ,
In my security header the password is a plain text as like what you have
mentioned in your security header format pasted below.
And I have a limitation that I cannot use the Axis2 with Rampart as I have
to migrate all of my web services to Axis2 from Axis 1.3 ,which requires
tons of testings for the whole project(as it is very big one).
Can you give some idea or code that how can i generate soap security headers
by using Axis1.3 and WSS4J.
Thanks in Advance.
Ritesh.
sh_santosh wrote:
>
> Dear All,
>
> I have a Java Client generated by using Axis1.3.By use of my Java Client I
> want to access a Web Service Implemented in .NET using WSE3.0 Standards.
>
> When I tried to submit my Request using a method available in my Client
> Class ,I am getting Exception that "Security requirements are not
> satisfied because the security header is not present in the incoming
> message".
>
> Then I have added the SOAP Security Headers(which are not available in my
> Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
> Object and Tried to submit the Request ,but still I got the Same
> Exception.
>
> Note : - That the Java Client Code Pass an Object as Request having
> required Parameters and Gets the User Defined Object in Response.
>
> I have to generate a Structure Like below inside my SOAPHeader Tag :
>
> <soap:Header>
> <wsa:Action>http://www.test/info</wsa:Action>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> <wsa:ReplyTo>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
> </wsa:ReplyTo>
> <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> <wsse:Username>stuart@testme.com</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SomePassword</wsse:Password>
> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
>
>
>
> Any Help at Java Code Level or any Guidance/Example will be highly
> appreciated.
>
> Thanks,
> Ritesh.
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p18087173.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi Santosh,
<wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> <wsse:Username>stuart@testme.com</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">SomePassword</wsse:Password>
> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
wsse prefix is missing a namespace declaration in wsse:Security element and
I hope that you have explicitly omitted it when you are coping the SOAP
message to the mail. The more important thing is about your Username Token
element. What type of password does your service expect ? Plain Text ? If it
is plain text, then the Username Token should look like the one below.
<wsse:UsernameToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
wsu:Id="UsernameToken-26613121">
<wsse:Username>bob</wsse:Username>
<wsse:Password Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">bobPW</wsse:Password>
</wsse:UsernameToken>
and if the service requires digested password, then the Username Token
should look like something like this.
<wsse:UsernameToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
"
wsu:Id="UsernameToken-22375698">
<wsse:Username>bob</wsse:Username>
<wsse:Password Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
">VE8/Xc7rVQUYENjqY08A3qItW5Q=</wsse:Password>
<wsse:Nonce>PLlyaMav46GYqKZDuebNBg==</wsse:Nonce>
<wsu:Created>2008-06-19T12:41:30.870Z</wsu:Created>
</wsse:UsernameToken>
Your Username Token seems a mix of both :) . Not sure whether this the
problem though.
If you are using Axis2 , you can use Apache Rampart to generate the Security
header for you.
thanks,
nandana
--
Nandana Mihindukulasooriya
Software Engineer
WSO2 inc.
http://nandana83.blogspot.com/
Re: Security requirements are not satisfied because the security
header is not present in the incoming message.
Posted by sh_santosh <sa...@gmail.com>.
Hi Jose,
Thanks for your detailed reply,
As I am very new to Web services,It will take bit time to check out the
links(that I have already Started) mentioned by you.Will Come back to you
soon once I finished the R&D on the suggestions mentioned by you.
Thanks,
Ritesh.
José Ferreiro wrote:
>
> Hello,
>
> First you have to determine which Token profile you need to use[1]:
> Is it:
> - Username Token Profile
> -X.509 Token Profile
> - SAML Token profile
> - Kerberos Token Profile
>
> most probably I will be Username Token Profile or X.509 Token Profile
>
> You will have two ways to do add the security header to your soap
> message:
>
> Either you use Axis2 and rampart module to generate a client (stubs, etc,
> etc).
> You don't need to add a security header. The module will do the work for
> you.
> Obviously you have to add the right configuration files.
> You may download Axis2 and Rampart and there should be some examples in
> the
> package.
>
>
> Or you user Axis 1.3 with WSS4J.
> Same thing as above the security header of your SOAP message will be added
> by WSS4J according to
> the deployement files (extension is wsdd, which measn web service
> deployement descriptor)
> You may find examples in the package WSS4J.
>
> Also this link [2] in the URL source code in the book you may download
> some
> examples.
> They show you the configuration of a such project with WSS4J.
> Please note that the author is using *X.509 Token profile*.
>
> As you need to interoperate with donet. I will suggest you to read this
> article from Anne Thomas Manes [3].
> Dot net requires the "wrapped" style.
>
> Hope this helps.
>
> Jose FERREIRO
>
>
> [1] -
> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview
> [2] - http://www.agileskills2.org/DWSAA/v10pub/index.html
> [3] -
> http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html
>
>
> On 6/18/08, sh_santosh <sa...@gmail.com> wrote:
>>
>>
>> Hi Jose,
>>
>> Thanks for your reply,
>>
>> Problem with my Java Client Code is that I have a Limitation that either
>> I
>> can add Security headers to my org.apache.axis.client.Call class object
>> or
>> in the Stub class object.
>>
>> Can you guide me about, how I can use WSS4J classes and method with my
>> Call
>> or Stub's Class Object.so that i can set the security headers.
>>
>> Can you provide me some sample Java code or example ,from where I can get
>> the idea that how should go further ,because right now I am totally
>> stucked
>> because of this.
>>
>> Thanks,
>> Ritesh.
>>
>>
>>
>> José Ferreiro wrote:
>> >
>> > Hello Ritesh,
>> >
>> > If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
>> > should use
>> > the library Apache WSS4J [2] and not "Rampart"
>> >
>> > "Rampart" is a module based on Apache WSS4J that provides the
>> WS-Security
>> > features for Axis2 [3][4].
>> >
>> > Hope this helps:
>> >
>> > José Ferreiro
>> >
>> > [1] - http://ws.apache.org/axis/
>> > [2] - http://ws.apache.org/wss4j/
>> > [3] -
>> http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
>> > [4] - http://ws.apache.org/axis2/
>> >
>> >
>> > On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <sa...@gmail.com>
>> > wrote:
>> >
>> >>
>> >> Hi Keith,
>> >>
>> >> I am using Axis1.3 version not Axis2.
>> >> So,is Rampart will work with Axis1.3 or it will work with only with
>> Axis2
>> >> and higher versions.
>> >>
>> >> Thanks,
>> >> Ritesh.
>> >>
>> >> sh_santosh wrote:
>> >> >
>> >> > Dear All,
>> >> >
>> >> > I have a Java Client generated by using Axis1.3.By use of my Java
>> >> Client
>> >> I
>> >> > want to access a Web Service Implemented in .NET using WSE3.0
>> >> Standards.
>> >> >
>> >> > When I tried to submit my Request using a method available in my
>> Client
>> >> > Class ,I am getting Exception that "Security requirements are not
>> >> > satisfied because the security header is not present in the incoming
>> >> > message".
>> >> >
>> >> > Then I have added the SOAP Security Headers(which are not available
>> in
>> >> my
>> >> > Java Client Code) in my Stub Object by using SOAPHeaderElement
>> Class's
>> >> > Object and Tried to submit the Request ,but still I got the Same
>> >> > Exception.
>> >> >
>> >> > Note : - That the Java Client Code Pass an Object as Request having
>> >> > required Parameters and Gets the User Defined Object in Response.
>> >> >
>> >> > I have to generate a Structure Like below inside my SOAPHeader Tag :
>> >> >
>> >> > <soap:Header>
>> >> > <wsa:Action>http://www.test/info</wsa:Action>
>> >> >
>> >>
>> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
>> >> > <wsa:ReplyTo>
>> >> > <wsa:Address>
>> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
>> >> </wsa:Address>
>> >> > </wsa:ReplyTo>
>> >> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
>> >> > <wsse:Security soap:mustUnderstand="1">
>> >> > <wsu:Timestamp
>> wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
>> >> > </wsu:Timestamp>
>> >> > <wsse:UsernameToken
>> >> > xmlns:wsu="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> >> "
>> >> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
>> >> > <wsse:Username>stuart@testme.com</wsse:Username>
>> >> > <wsse:Password
>> >> > Type="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> >> ">SomePassword</wsse:Password>
>> >> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > </wsse:UsernameToken>
>> >> > </wsse:Security>
>> >> > </soap:Header>
>> >> >
>> >> >
>> >> >
>> >> > Any Help at Java Code Level or any Guidance/Example will be highly
>> >> > appreciated.
>> >> >
>> >> > Thanks,
>> >> > Ritesh.
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
>> >> Sent from the Axis - User mailing list archive at Nabble.com.
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
> --
> José Ferreiro
> EPFL Communication Systems engineer
> ing.sys.com.dipl.EPFL
>
> "Think little goals and expect little achievements. Think big goals and
> win
> big success." David Joseph Schwartz
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17982724.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Posted by José Ferreiro <jo...@gmail.com>.
Santosh,
As Werner (refer to related mail) said you do not need to generate the
SecurityTokens, this is done by the Axis Framework or in the case of .net by
Web Services Enhancements (WSE).
But on the other hand you need to say in the configuration files what type
of token you are using.
In your case it seems to be UsernameToken and Timestamp.
Hope this helps.
Jose Ferreiro
On 7/19/08, sh_santosh <sa...@gmail.com> wrote:
>
>
> Hi Jose / all,
>
> just one word away.
>
> I am NOT able generate 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3'
> inside the wsse:UsernameToken tag.
> In place of this i am able to generate only '
> wsu:Id="UsernameToken-2691004"
> '
>
> <wsse:UsernameToken
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
>
> wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">
>
> What is this 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' ?
>
> How can I generate it in Java (using Axis 1.3 and wss4j) ?
>
> Required Security Header by other end( .Net WSE 3.0) ----
>
> <?xml version="1.0" encoding="utf-8"?>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <soap:Header>
> <wsa:Action>
> http://www.test.com/api/ws/internal/testInfo
> </wsa:Action>
> <wsa:MessageID>
> urn:uuid:ca7e475b-484a-4bb8-974f-eb573438bb43
> </wsa:MessageID>
> <wsa:ReplyTo>
> <wsa:Address>
>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> </wsa:ReplyTo>
> <wsa:To>
> http://localhost:8080/testapi/testwsapi.asmx
> </wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp
>
> wsu:Id="Timestamp-c70b72e2-561c-4b18-bc4b-acf8c3896b14">
>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>
> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
>
> wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">
> <wsse:Username>santosh.ncstk@gmail.com
> </wsse:Username>
> <wsse:Password
>
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">
> SomePassword
> </wsse:Password>
>
> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
> <soap:Body>
> <SAN_Info
> xmlns="http://www.test.com/api/testing/ws/internal
> ">
> <SAN_Request VendorId="TestVendor"
> VendorPassword="SomePassword"
> xmlns="
> http://www.test.com/api/testing/testinforequest">
> <Brand>SANBUS</Brand>
> <TourCode>GE</TourCode>
> <Code>80135</Code>
> </SAN_Request>
> </SAN_Info>
> </soap:Body>
> </soap:Envelope>
>
> Generated Security header By my side (Java- Axis 1.3 and wss4j
> )-----------------
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
>
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> soapenv:mustUnderstand="1">
> <wsse:UsernameToken
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="UsernameToken-2691004">
> <wsse:Username>
> santosh.ncstk@gmail.com
> </wsse:Username>
> <wsse:Password
>
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">
> SomePassword
> </wsse:Password>
>
> <wsse:Nonce>bGmGuPDxQw2kkR5R0zC/hA==</wsse:Nonce>
>
> <wsu:Created>2008-07-10T16:46:47.046Z</wsu:Created>
> </wsse:UsernameToken>
> <wsu:Timestamp
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="Timestamp-25899876">
>
> <wsu:Created>2008-07-10T16:46:47.015Z</wsu:Created>
>
> <wsu:Expires>2008-07-10T16:51:47.015Z</wsu:Expires>
> </wsu:Timestamp>
> </wsse:Security>
> <wsa:MessageID soapenv:mustUnderstand="0">
> uuid:c83b29b0-4e9f-11dd-8e1f-d019b0e90563
> </wsa:MessageID>
> <wsa:To soapenv:mustUnderstand="0">
> http://localhost:8080/testapi/testwsapi.asmx
> </wsa:To>
> <wsa:Action soapenv:mustUnderstand="0">
> http://www.test.com/api/testing/testinforequest
> </wsa:Action>
> <wsa:From soapenv:mustUnderstand="0">
> <wsa:Address>
>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> </wsa:From>
> <wsa:ReplyTo soapenv:mustUnderstand="0">
> <wsa:Address>
>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> </wsa:ReplyTo>
> </soapenv:Header>
> <soapenv:Body>
> <SAN_Info
> xmlns="http://www.test.com/api/testing/ws/internal
> ">
> <SAN_Request VendorId="TestVendor"
> VendorPassword="SomePassword"
> xmlns="
> http://www.test.com/api/testing/testinforequest">
> <Brand>SANBUS</Brand>
> <TourCode>GE</TourCode>
> <Code>80135</Code>
> </SAN_Request>
> </SAN_Info>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
> My client-config.wsdd ---------
>
> <?xml version="1.0" encoding="UTF-8"?>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
> <parameter name="action" value="Timestamp UsernameToken"/>
> <parameter name="user" value="santosh.ncstk@gmail.com"/>
> <parameter name="passwordCallbackClass"
> value="com.api.testing.ws.internal.PWCallback"/>
> <parameter name="passwordType" value="PasswordText"/>
> <parameter name="password" value="ppx13Z11"/>
> <parameter name="mustUnderstand" value="true" />
> <parameter name="addUTElements" value="Nonce Created"/>
> </handler>
> </requestFlow>
> </globalConfiguration>
> </deployment>
>
>
> By seeing the security header, we can say that it is
> username-token-profile-1.0.
>
> How to solve this.
>
>
>
> Please help me.
>
>
>
> Regards
> Santosh
>
>
>
> José Ferreiro wrote:
> >
> > Hello,
> >
> > First you have to determine which Token profile you need to use[1]:
> > Is it:
> > - Username Token Profile
> > -X.509 Token Profile
> > - SAML Token profile
> > - Kerberos Token Profile
> >
> > most probably I will be Username Token Profile or X.509 Token Profile
> >
> > You will have two ways to do add the security header to your soap
> > message:
> >
> > Either you use Axis2 and rampart module to generate a client (stubs, etc,
> > etc).
> > You don't need to add a security header. The module will do the work for
> > you.
> > Obviously you have to add the right configuration files.
> > You may download Axis2 and Rampart and there should be some examples in
> > the
> > package.
> >
> >
> > Or you user Axis 1.3 with WSS4J.
> > Same thing as above the security header of your SOAP message will be
> added
> > by WSS4J according to
> > the deployement files (extension is wsdd, which measn web service
> > deployement descriptor)
> > You may find examples in the package WSS4J.
> >
> > Also this link [2] in the URL source code in the book you may download
> > some
> > examples.
> > They show you the configuration of a such project with WSS4J.
> > Please note that the author is using *X.509 Token profile*.
> >
> > As you need to interoperate with donet. I will suggest you to read this
> > article from Anne Thomas Manes [3].
> > Dot net requires the "wrapped" style.
> >
> > Hope this helps.
> >
> > Jose FERREIRO
> >
> >
> > [1] -
> > http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview
> > [2] - http://www.agileskills2.org/DWSAA/v10pub/index.html
> > [3] -
> >
> http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html
> >
> >
> > On 6/18/08, sh_santosh <sa...@gmail.com> wrote:
> >>
> >>
> >> Hi Jose,
> >>
> >> Thanks for your reply,
> >>
> >> Problem with my Java Client Code is that I have a Limitation that either
> >> I
> >> can add Security headers to my org.apache.axis.client.Call class object
> >> or
> >> in the Stub class object.
> >>
> >> Can you guide me about, how I can use WSS4J classes and method with my
> >> Call
> >> or Stub's Class Object.so that i can set the security headers.
> >>
> >> Can you provide me some sample Java code or example ,from where I can
> get
> >> the idea that how should go further ,because right now I am totally
> >> stucked
> >> because of this.
> >>
> >> Thanks,
> >> Ritesh.
> >>
> >>
> >>
> >> José Ferreiro wrote:
> >> >
> >> > Hello Ritesh,
> >> >
> >> > If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
> >> > should use
> >> > the library Apache WSS4J [2] and not "Rampart"
> >> >
> >> > "Rampart" is a module based on Apache WSS4J that provides the
> >> WS-Security
> >> > features for Axis2 [3][4].
> >> >
> >> > Hope this helps:
> >> >
> >> > José Ferreiro
> >> >
> >> > [1] - http://ws.apache.org/axis/
> >> > [2] - http://ws.apache.org/wss4j/
> >> > [3] -
> >> http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
> >> > [4] - http://ws.apache.org/axis2/
> >> >
> >> >
> >> > On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <santosh.ncstk@gmail.com
> >
> >> > wrote:
> >> >
> >> >>
> >> >> Hi Keith,
> >> >>
> >> >> I am using Axis1.3 version not Axis2.
> >> >> So,is Rampart will work with Axis1.3 or it will work with only with
> >> Axis2
> >> >> and higher versions.
> >> >>
> >> >> Thanks,
> >> >> Ritesh.
> >> >>
> >> >> sh_santosh wrote:
> >> >> >
> >> >> > Dear All,
> >> >> >
> >> >> > I have a Java Client generated by using Axis1.3.By use of my Java
> >> >> Client
> >> >> I
> >> >> > want to access a Web Service Implemented in .NET using WSE3.0
> >> >> Standards.
> >> >> >
> >> >> > When I tried to submit my Request using a method available in my
> >> Client
> >> >> > Class ,I am getting Exception that "Security requirements are not
> >> >> > satisfied because the security header is not present in the
> incoming
> >> >> > message".
> >> >> >
> >> >> > Then I have added the SOAP Security Headers(which are not available
> >> in
> >> >> my
> >> >> > Java Client Code) in my Stub Object by using SOAPHeaderElement
> >> Class's
> >> >> > Object and Tried to submit the Request ,but still I got the Same
> >> >> > Exception.
> >> >> >
> >> >> > Note : - That the Java Client Code Pass an Object as Request having
> >> >> > required Parameters and Gets the User Defined Object in Response.
> >> >> >
> >> >> > I have to generate a Structure Like below inside my SOAPHeader Tag
> :
> >> >> >
> >> >> > <soap:Header>
> >> >> > <wsa:Action>http://www.test/info</wsa:Action>
> >> >> >
> >> >>
> >>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> >> >> > <wsa:ReplyTo>
> >> >> > <wsa:Address>
> >> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> >> >> </wsa:Address>
> >> >> > </wsa:ReplyTo>
> >> >> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> >> >> > <wsse:Security soap:mustUnderstand="1">
> >> >> > <wsu:Timestamp
> >> wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> >> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> >> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> >> >> > </wsu:Timestamp>
> >> >> > <wsse:UsernameToken
> >> >> > xmlns:wsu="
> >> >>
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> >> "
> >> >> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> >> >> > <wsse:Username>stuart@testme.com</wsse:Username>
> >> >> > <wsse:Password
> >> >> > Type="
> >> >>
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> >> >> ">SomePassword</wsse:Password>
> >> >> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> >> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> >> > </wsse:UsernameToken>
> >> >> > </wsse:Security>
> >> >> > </soap:Header>
> >> >> >
> >> >> >
> >> >> >
> >> >> > Any Help at Java Code Level or any Guidance/Example will be highly
> >> >> > appreciated.
> >> >> >
> >> >> > Thanks,
> >> >> > Ritesh.
> >> >> >
> >> >> >
> >> >>
> >> >> --
> >> >> View this message in context:
> >> >>
> >>
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
> >> >> Sent from the Axis - User mailing list archive at Nabble.com.
> >> >>
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >> >>
> >> >>
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
> >> Sent from the Axis - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >>
> >>
> >
> >
> > --
> > José Ferreiro
> > EPFL Communication Systems engineer
> > ing.sys.com.dipl.EPFL
> >
> > "Think little goals and expect little achievements. Think big goals and
> > win
> > big success." David Joseph Schwartz
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p18544790.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL
Re: Security requirements are not satisfied because the security
header is not present in the incoming message.
Posted by sh_santosh <sa...@gmail.com>.
Hi Jose / all,
just one word away.
I am NOT able generate 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3'
inside the wsse:UsernameToken tag.
In place of this i am able to generate only ' wsu:Id="UsernameToken-2691004"
'
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">
What is this 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' ?
How can I generate it in Java (using Axis 1.3 and wss4j) ?
Required Security Header by other end( .Net WSE 3.0) ----
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>
http://www.test.com/api/ws/internal/testInfo
</wsa:Action>
<wsa:MessageID>
urn:uuid:ca7e475b-484a-4bb8-974f-eb573438bb43
</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
</wsa:Address>
</wsa:ReplyTo>
<wsa:To>
http://localhost:8080/testapi/testwsapi.asmx
</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-c70b72e2-561c-4b18-bc4b-acf8c3896b14">
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
<wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3">
<wsse:Username>santosh.ncstk@gmail.com</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
SomePassword
</wsse:Password>
<wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<SAN_Info
xmlns="http://www.test.com/api/testing/ws/internal">
<SAN_Request VendorId="TestVendor"
VendorPassword="SomePassword"
xmlns="http://www.test.com/api/testing/testinforequest">
<Brand>SANBUS</Brand>
<TourCode>GE</TourCode>
<Code>80135</Code>
</SAN_Request>
</SAN_Info>
</soap:Body>
</soap:Envelope>
Generated Security header By my side (Java- Axis 1.3 and wss4j
)-----------------
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-2691004">
<wsse:Username>
santosh.ncstk@gmail.com
</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
SomePassword
</wsse:Password>
<wsse:Nonce>bGmGuPDxQw2kkR5R0zC/hA==</wsse:Nonce>
<wsu:Created>2008-07-10T16:46:47.046Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-25899876">
<wsu:Created>2008-07-10T16:46:47.015Z</wsu:Created>
<wsu:Expires>2008-07-10T16:51:47.015Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<wsa:MessageID soapenv:mustUnderstand="0">
uuid:c83b29b0-4e9f-11dd-8e1f-d019b0e90563
</wsa:MessageID>
<wsa:To soapenv:mustUnderstand="0">
http://localhost:8080/testapi/testwsapi.asmx
</wsa:To>
<wsa:Action soapenv:mustUnderstand="0">
http://www.test.com/api/testing/testinforequest
</wsa:Action>
<wsa:From soapenv:mustUnderstand="0">
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
</wsa:Address>
</wsa:From>
<wsa:ReplyTo soapenv:mustUnderstand="0">
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
</wsa:Address>
</wsa:ReplyTo>
</soapenv:Header>
<soapenv:Body>
<SAN_Info
xmlns="http://www.test.com/api/testing/ws/internal">
<SAN_Request VendorId="TestVendor"
VendorPassword="SomePassword"
xmlns="http://www.test.com/api/testing/testinforequest">
<Brand>SANBUS</Brand>
<TourCode>GE</TourCode>
<Code>80135</Code>
</SAN_Request>
</SAN_Info>
</soapenv:Body>
</soapenv:Envelope>
My client-config.wsdd ---------
<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Timestamp UsernameToken"/>
<parameter name="user" value="santosh.ncstk@gmail.com"/>
<parameter name="passwordCallbackClass"
value="com.api.testing.ws.internal.PWCallback"/>
<parameter name="passwordType" value="PasswordText"/>
<parameter name="password" value="ppx13Z11"/>
<parameter name="mustUnderstand" value="true" />
<parameter name="addUTElements" value="Nonce Created"/>
</handler>
</requestFlow>
</globalConfiguration>
</deployment>
By seeing the security header, we can say that it is
username-token-profile-1.0.
How to solve this.
Please help me.
Regards
Santosh
José Ferreiro wrote:
>
> Hello,
>
> First you have to determine which Token profile you need to use[1]:
> Is it:
> - Username Token Profile
> -X.509 Token Profile
> - SAML Token profile
> - Kerberos Token Profile
>
> most probably I will be Username Token Profile or X.509 Token Profile
>
> You will have two ways to do add the security header to your soap
> message:
>
> Either you use Axis2 and rampart module to generate a client (stubs, etc,
> etc).
> You don't need to add a security header. The module will do the work for
> you.
> Obviously you have to add the right configuration files.
> You may download Axis2 and Rampart and there should be some examples in
> the
> package.
>
>
> Or you user Axis 1.3 with WSS4J.
> Same thing as above the security header of your SOAP message will be added
> by WSS4J according to
> the deployement files (extension is wsdd, which measn web service
> deployement descriptor)
> You may find examples in the package WSS4J.
>
> Also this link [2] in the URL source code in the book you may download
> some
> examples.
> They show you the configuration of a such project with WSS4J.
> Please note that the author is using *X.509 Token profile*.
>
> As you need to interoperate with donet. I will suggest you to read this
> article from Anne Thomas Manes [3].
> Dot net requires the "wrapped" style.
>
> Hope this helps.
>
> Jose FERREIRO
>
>
> [1] -
> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview
> [2] - http://www.agileskills2.org/DWSAA/v10pub/index.html
> [3] -
> http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html
>
>
> On 6/18/08, sh_santosh <sa...@gmail.com> wrote:
>>
>>
>> Hi Jose,
>>
>> Thanks for your reply,
>>
>> Problem with my Java Client Code is that I have a Limitation that either
>> I
>> can add Security headers to my org.apache.axis.client.Call class object
>> or
>> in the Stub class object.
>>
>> Can you guide me about, how I can use WSS4J classes and method with my
>> Call
>> or Stub's Class Object.so that i can set the security headers.
>>
>> Can you provide me some sample Java code or example ,from where I can get
>> the idea that how should go further ,because right now I am totally
>> stucked
>> because of this.
>>
>> Thanks,
>> Ritesh.
>>
>>
>>
>> José Ferreiro wrote:
>> >
>> > Hello Ritesh,
>> >
>> > If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
>> > should use
>> > the library Apache WSS4J [2] and not "Rampart"
>> >
>> > "Rampart" is a module based on Apache WSS4J that provides the
>> WS-Security
>> > features for Axis2 [3][4].
>> >
>> > Hope this helps:
>> >
>> > José Ferreiro
>> >
>> > [1] - http://ws.apache.org/axis/
>> > [2] - http://ws.apache.org/wss4j/
>> > [3] -
>> http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
>> > [4] - http://ws.apache.org/axis2/
>> >
>> >
>> > On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <sa...@gmail.com>
>> > wrote:
>> >
>> >>
>> >> Hi Keith,
>> >>
>> >> I am using Axis1.3 version not Axis2.
>> >> So,is Rampart will work with Axis1.3 or it will work with only with
>> Axis2
>> >> and higher versions.
>> >>
>> >> Thanks,
>> >> Ritesh.
>> >>
>> >> sh_santosh wrote:
>> >> >
>> >> > Dear All,
>> >> >
>> >> > I have a Java Client generated by using Axis1.3.By use of my Java
>> >> Client
>> >> I
>> >> > want to access a Web Service Implemented in .NET using WSE3.0
>> >> Standards.
>> >> >
>> >> > When I tried to submit my Request using a method available in my
>> Client
>> >> > Class ,I am getting Exception that "Security requirements are not
>> >> > satisfied because the security header is not present in the incoming
>> >> > message".
>> >> >
>> >> > Then I have added the SOAP Security Headers(which are not available
>> in
>> >> my
>> >> > Java Client Code) in my Stub Object by using SOAPHeaderElement
>> Class's
>> >> > Object and Tried to submit the Request ,but still I got the Same
>> >> > Exception.
>> >> >
>> >> > Note : - That the Java Client Code Pass an Object as Request having
>> >> > required Parameters and Gets the User Defined Object in Response.
>> >> >
>> >> > I have to generate a Structure Like below inside my SOAPHeader Tag :
>> >> >
>> >> > <soap:Header>
>> >> > <wsa:Action>http://www.test/info</wsa:Action>
>> >> >
>> >>
>> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
>> >> > <wsa:ReplyTo>
>> >> > <wsa:Address>
>> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
>> >> </wsa:Address>
>> >> > </wsa:ReplyTo>
>> >> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
>> >> > <wsse:Security soap:mustUnderstand="1">
>> >> > <wsu:Timestamp
>> wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
>> >> > </wsu:Timestamp>
>> >> > <wsse:UsernameToken
>> >> > xmlns:wsu="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> >> "
>> >> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
>> >> > <wsse:Username>stuart@testme.com</wsse:Username>
>> >> > <wsse:Password
>> >> > Type="
>> >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> >> ">SomePassword</wsse:Password>
>> >> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> >> > </wsse:UsernameToken>
>> >> > </wsse:Security>
>> >> > </soap:Header>
>> >> >
>> >> >
>> >> >
>> >> > Any Help at Java Code Level or any Guidance/Example will be highly
>> >> > appreciated.
>> >> >
>> >> > Thanks,
>> >> > Ritesh.
>> >> >
>> >> >
>> >>
>> >> --
>> >> View this message in context:
>> >>
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
>> >> Sent from the Axis - User mailing list archive at Nabble.com.
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
> --
> José Ferreiro
> EPFL Communication Systems engineer
> ing.sys.com.dipl.EPFL
>
> "Think little goals and expect little achievements. Think big goals and
> win
> big success." David Joseph Schwartz
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p18544790.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Posted by José Ferreiro <jo...@gmail.com>.
Hello,
First you have to determine which Token profile you need to use[1]:
Is it:
- Username Token Profile
-X.509 Token Profile
- SAML Token profile
- Kerberos Token Profile
most probably I will be Username Token Profile or X.509 Token Profile
You will have two ways to do add the security header to your soap message:
Either you use Axis2 and rampart module to generate a client (stubs, etc,
etc).
You don't need to add a security header. The module will do the work for
you.
Obviously you have to add the right configuration files.
You may download Axis2 and Rampart and there should be some examples in the
package.
Or you user Axis 1.3 with WSS4J.
Same thing as above the security header of your SOAP message will be added
by WSS4J according to
the deployement files (extension is wsdd, which measn web service
deployement descriptor)
You may find examples in the package WSS4J.
Also this link [2] in the URL source code in the book you may download some
examples.
They show you the configuration of a such project with WSS4J.
Please note that the author is using *X.509 Token profile*.
As you need to interoperate with donet. I will suggest you to read this
article from Anne Thomas Manes [3].
Dot net requires the "wrapped" style.
Hope this helps.
Jose FERREIRO
[1] -
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss#overview
[2] - http://www.agileskills2.org/DWSAA/v10pub/index.html
[3] -
http://atmanes.blogspot.com/2005/03/wrapped-documentliteral-convention.html
On 6/18/08, sh_santosh <sa...@gmail.com> wrote:
>
>
> Hi Jose,
>
> Thanks for your reply,
>
> Problem with my Java Client Code is that I have a Limitation that either I
> can add Security headers to my org.apache.axis.client.Call class object or
> in the Stub class object.
>
> Can you guide me about, how I can use WSS4J classes and method with my Call
> or Stub's Class Object.so that i can set the security headers.
>
> Can you provide me some sample Java code or example ,from where I can get
> the idea that how should go further ,because right now I am totally stucked
> because of this.
>
> Thanks,
> Ritesh.
>
>
>
> José Ferreiro wrote:
> >
> > Hello Ritesh,
> >
> > If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
> > should use
> > the library Apache WSS4J [2] and not "Rampart"
> >
> > "Rampart" is a module based on Apache WSS4J that provides the WS-Security
> > features for Axis2 [3][4].
> >
> > Hope this helps:
> >
> > José Ferreiro
> >
> > [1] - http://ws.apache.org/axis/
> > [2] - http://ws.apache.org/wss4j/
> > [3] -
> http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
> > [4] - http://ws.apache.org/axis2/
> >
> >
> > On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <sa...@gmail.com>
> > wrote:
> >
> >>
> >> Hi Keith,
> >>
> >> I am using Axis1.3 version not Axis2.
> >> So,is Rampart will work with Axis1.3 or it will work with only with
> Axis2
> >> and higher versions.
> >>
> >> Thanks,
> >> Ritesh.
> >>
> >> sh_santosh wrote:
> >> >
> >> > Dear All,
> >> >
> >> > I have a Java Client generated by using Axis1.3.By use of my Java
> >> Client
> >> I
> >> > want to access a Web Service Implemented in .NET using WSE3.0
> >> Standards.
> >> >
> >> > When I tried to submit my Request using a method available in my
> Client
> >> > Class ,I am getting Exception that "Security requirements are not
> >> > satisfied because the security header is not present in the incoming
> >> > message".
> >> >
> >> > Then I have added the SOAP Security Headers(which are not available in
> >> my
> >> > Java Client Code) in my Stub Object by using SOAPHeaderElement
> Class's
> >> > Object and Tried to submit the Request ,but still I got the Same
> >> > Exception.
> >> >
> >> > Note : - That the Java Client Code Pass an Object as Request having
> >> > required Parameters and Gets the User Defined Object in Response.
> >> >
> >> > I have to generate a Structure Like below inside my SOAPHeader Tag :
> >> >
> >> > <soap:Header>
> >> > <wsa:Action>http://www.test/info</wsa:Action>
> >> >
> >>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> >> > <wsa:ReplyTo>
> >> > <wsa:Address>
> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> >> </wsa:Address>
> >> > </wsa:ReplyTo>
> >> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> >> > <wsse:Security soap:mustUnderstand="1">
> >> > <wsu:Timestamp
> wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> >> > </wsu:Timestamp>
> >> > <wsse:UsernameToken
> >> > xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> "
> >> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> >> > <wsse:Username>stuart@testme.com</wsse:Username>
> >> > <wsse:Password
> >> > Type="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> >> ">SomePassword</wsse:Password>
> >> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> >> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> > </wsse:UsernameToken>
> >> > </wsse:Security>
> >> > </soap:Header>
> >> >
> >> >
> >> >
> >> > Any Help at Java Code Level or any Guidance/Example will be highly
> >> > appreciated.
> >> >
> >> > Thanks,
> >> > Ritesh.
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
> >> Sent from the Axis - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL
"Think little goals and expect little achievements. Think big goals and win
big success." David Joseph Schwartz
Re: Security requirements are not satisfied because the security
header is not present in the incoming message.
Posted by sh_santosh <sa...@gmail.com>.
Hi Jose,
Thanks for your reply,
Problem with my Java Client Code is that I have a Limitation that either I
can add Security headers to my org.apache.axis.client.Call class object or
in the Stub class object.
Can you guide me about, how I can use WSS4J classes and method with my Call
or Stub's Class Object.so that i can set the security headers.
Can you provide me some sample Java code or example ,from where I can get
the idea that how should go further ,because right now I am totally stucked
because of this.
Thanks,
Ritesh.
José Ferreiro wrote:
>
> Hello Ritesh,
>
> If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
> should use
> the library Apache WSS4J [2] and not "Rampart"
>
> "Rampart" is a module based on Apache WSS4J that provides the WS-Security
> features for Axis2 [3][4].
>
> Hope this helps:
>
> José Ferreiro
>
> [1] - http://ws.apache.org/axis/
> [2] - http://ws.apache.org/wss4j/
> [3] - http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
> [4] - http://ws.apache.org/axis2/
>
>
> On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <sa...@gmail.com>
> wrote:
>
>>
>> Hi Keith,
>>
>> I am using Axis1.3 version not Axis2.
>> So,is Rampart will work with Axis1.3 or it will work with only with Axis2
>> and higher versions.
>>
>> Thanks,
>> Ritesh.
>>
>> sh_santosh wrote:
>> >
>> > Dear All,
>> >
>> > I have a Java Client generated by using Axis1.3.By use of my Java
>> Client
>> I
>> > want to access a Web Service Implemented in .NET using WSE3.0
>> Standards.
>> >
>> > When I tried to submit my Request using a method available in my Client
>> > Class ,I am getting Exception that "Security requirements are not
>> > satisfied because the security header is not present in the incoming
>> > message".
>> >
>> > Then I have added the SOAP Security Headers(which are not available in
>> my
>> > Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
>> > Object and Tried to submit the Request ,but still I got the Same
>> > Exception.
>> >
>> > Note : - That the Java Client Code Pass an Object as Request having
>> > required Parameters and Gets the User Defined Object in Response.
>> >
>> > I have to generate a Structure Like below inside my SOAPHeader Tag :
>> >
>> > <soap:Header>
>> > <wsa:Action>http://www.test/info</wsa:Action>
>> >
>> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
>> > <wsa:ReplyTo>
>> > <wsa:Address>
>> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
>> </wsa:Address>
>> > </wsa:ReplyTo>
>> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
>> > <wsse:Security soap:mustUnderstand="1">
>> > <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
>> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
>> > </wsu:Timestamp>
>> > <wsse:UsernameToken
>> > xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> "
>> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
>> > <wsse:Username>stuart@testme.com</wsse:Username>
>> > <wsse:Password
>> > Type="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> ">SomePassword</wsse:Password>
>> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> > </wsse:UsernameToken>
>> > </wsse:Security>
>> > </soap:Header>
>> >
>> >
>> >
>> > Any Help at Java Code Level or any Guidance/Example will be highly
>> > appreciated.
>> >
>> > Thanks,
>> > Ritesh.
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17980220.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is not present in the incoming message.
Posted by José Ferreiro <jo...@gmail.com>.
Hello Ritesh,
If you are using Axis 1.x (i.e Axis 1.1, 1.2, 1.3 or 1.4) [1] then you
should use
the library Apache WSS4J [2] and not "Rampart"
"Rampart" is a module based on Apache WSS4J that provides the WS-Security
features for Axis2 [3][4].
Hope this helps:
José Ferreiro
[1] - http://ws.apache.org/axis/
[2] - http://ws.apache.org/wss4j/
[3] - http://ws.apache.org/axis2/modules/rampart/1_0/security-module.html
[4] - http://ws.apache.org/axis2/
On Wed, Jun 18, 2008 at 11:12 AM, sh_santosh <sa...@gmail.com>
wrote:
>
> Hi Keith,
>
> I am using Axis1.3 version not Axis2.
> So,is Rampart will work with Axis1.3 or it will work with only with Axis2
> and higher versions.
>
> Thanks,
> Ritesh.
>
> sh_santosh wrote:
> >
> > Dear All,
> >
> > I have a Java Client generated by using Axis1.3.By use of my Java Client
> I
> > want to access a Web Service Implemented in .NET using WSE3.0 Standards.
> >
> > When I tried to submit my Request using a method available in my Client
> > Class ,I am getting Exception that "Security requirements are not
> > satisfied because the security header is not present in the incoming
> > message".
> >
> > Then I have added the SOAP Security Headers(which are not available in my
> > Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
> > Object and Tried to submit the Request ,but still I got the Same
> > Exception.
> >
> > Note : - That the Java Client Code Pass an Object as Request having
> > required Parameters and Gets the User Defined Object in Response.
> >
> > I have to generate a Structure Like below inside my SOAPHeader Tag :
> >
> > <soap:Header>
> > <wsa:Action>http://www.test/info</wsa:Action>
> >
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> > <wsa:ReplyTo>
> > <wsa:Address>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> > </wsa:ReplyTo>
> > <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> > <wsse:Security soap:mustUnderstand="1">
> > <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> > <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> > </wsu:Timestamp>
> > <wsse:UsernameToken
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> > <wsse:Username>stuart@testme.com</wsse:Username>
> > <wsse:Password
> > Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">SomePassword</wsse:Password>
> > <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> > <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> > </wsse:UsernameToken>
> > </wsse:Security>
> > </soap:Header>
> >
> >
> >
> > Any Help at Java Code Level or any Guidance/Example will be highly
> > appreciated.
> >
> > Thanks,
> > Ritesh.
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
Re: Security requirements are not satisfied because the security
header is not present in the incoming message.
Posted by sh_santosh <sa...@gmail.com>.
Hi Keith,
I am using Axis1.3 version not Axis2.
So,is Rampart will work with Axis1.3 or it will work with only with Axis2
and higher versions.
Thanks,
Ritesh.
sh_santosh wrote:
>
> Dear All,
>
> I have a Java Client generated by using Axis1.3.By use of my Java Client I
> want to access a Web Service Implemented in .NET using WSE3.0 Standards.
>
> When I tried to submit my Request using a method available in my Client
> Class ,I am getting Exception that "Security requirements are not
> satisfied because the security header is not present in the incoming
> message".
>
> Then I have added the SOAP Security Headers(which are not available in my
> Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
> Object and Tried to submit the Request ,but still I got the Same
> Exception.
>
> Note : - That the Java Client Code Pass an Object as Request having
> required Parameters and Gets the User Defined Object in Response.
>
> I have to generate a Structure Like below inside my SOAPHeader Tag :
>
> <soap:Header>
> <wsa:Action>http://www.test/info</wsa:Action>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> <wsa:ReplyTo>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
> </wsa:ReplyTo>
> <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> <wsse:Username>stuart@testme.com</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">SomePassword</wsse:Password>
> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
>
>
>
> Any Help at Java Code Level or any Guidance/Example will be highly
> appreciated.
>
> Thanks,
> Ritesh.
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17976896.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is
Posted by keith chapman <ke...@gmail.com>.
Just to clarify are you using Axis2 1.3? or Axis?
Rampart works with Axis2.
Thanks,
Keith.
On Wed, Jun 18, 2008 at 1:17 PM, sh_santosh <sa...@gmail.com> wrote:
>
> Hi Keith,
> Firstly,thanks for reply.
>
> I tell you some more things like,
>
> I am a Service Requester(i.e. I want to consume the web service.).Also, the
> WSDL provided to me does not contain any policy stating that what security
> measures should be taken to access the service.Neither it contains any
> security headers Information.
> I have added security headers by hand because there is no provision in my
> Java Client Code(Generated from the given WSDL) to add security headers in
> the Stub or Call Object.I searched and saw over internet about Rampart,but
> is Rampart is Compatible with Axis1.3 ,if yes that how can I engage Rampart
> with my Client Code?.
>
> Any example,sample code or link will be helpful.
>
> Thanks.
>
> keith chapman wrote:
> >
> > Hi Santosh,
> >
> > Why are you adding the security header by hand? Didn't you engage rampart
> > on
> > the client side with the required security policy so that rampart will
> add
> > these security headers for you? Does the WSDL include a policy stating
> > what
> > security measures should be taken to access the service?
> >
> > Thanks,
> > Keith.
> >
> > On Wed, Jun 18, 2008 at 12:26 PM, sh_santosh <sa...@gmail.com>
> > wrote:
> >
> >> >> not
> >> Security Header is not present in the incoming message
> >> Exception.
> >> MIME-Version: 1.0
> >> Content-Type: text/plain; charset=us-ascii
> >> Content-Transfer-Encoding: 7bit
> >> X-Nabble-From: santosh.ncstk@gmail.com
> >>
> >>
> >> Dear All,
> >>
> >> I have a Java Client generated by using Axis1.3.By use of my Java
> Client
> >> I
> >> want to access a Web Service Implemented in .NET using WSE3.0 Standards.
> >>
> >> When I tried to submit my Request using a method available in my Client
> >> Class ,I am getting Exception that "Security requirements are not
> >> satisfied
> >> because the security header is not present in the incoming message".
> >>
> >> Then I have added the SOAP Security Headers(which are not available in
> my
> >> Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
> >> Object and Tried to submit the Request ,but still I got the Same
> >> Exception.
> >>
> >> Note : - That the Java Client Code Pass an Object as Request having
> >> required
> >> Parameters and Gets the User Defined Object in Response.
> >>
> >> I have to generate a Structure Like below inside my SOAPHeader Tag :
> >>
> >> <soap:Header>
> >> <wsa:Action>http://www.test/info</wsa:Action>
> >>
> >>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> >> <wsa:ReplyTo>
> >> <wsa:Address>
> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> >> </wsa:Address>
> >> </wsa:ReplyTo>
> >> <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> >> <wsse:Security soap:mustUnderstand="1">
> >> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> >> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <wsse:UsernameToken
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> "
> >> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> >> <wsse:Username>stuart@testme.com</wsse:Username>
> >> <wsse:Password
> >> Type="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> >> ">SomePassword</wsse:Password>
> >> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> >> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> >> </wsse:UsernameToken>
> >> </wsse:Security>
> >> </soap:Header>
> >>
> >>
> >>
> >> Any Help at Java Code Level or any Guidance/Example will be highly
> >> appreciated.
> >>
> >> Thanks,
> >> Ritesh.
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is%0D%0A%3E%3E-not%0D%0ASecurity-Header-is-not-present-in-the-incoming-message-Exception.-tp17960865p17960865.html
> >> Sent from the Axis - User mailing list archive at Nabble.com.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >>
> >>
> >
> >
> > --
> > Keith Chapman
> > Senior Software Engineer
> > WSO2 Inc.
> > Oxygenating the Web Service Platform.
> > http://wso2.org/
> >
> > blog: http://www.keith-chapman.org
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17961464.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
Re: Security requirements are not satisfied because the security
header is
Posted by sh_santosh <sa...@gmail.com>.
Hi Keith,
Firstly,thanks for reply.
I tell you some more things like,
I am a Service Requester(i.e. I want to consume the web service.).Also, the
WSDL provided to me does not contain any policy stating that what security
measures should be taken to access the service.Neither it contains any
security headers Information.
I have added security headers by hand because there is no provision in my
Java Client Code(Generated from the given WSDL) to add security headers in
the Stub or Call Object.I searched and saw over internet about Rampart,but
is Rampart is Compatible with Axis1.3 ,if yes that how can I engage Rampart
with my Client Code?.
Any example,sample code or link will be helpful.
Thanks.
keith chapman wrote:
>
> Hi Santosh,
>
> Why are you adding the security header by hand? Didn't you engage rampart
> on
> the client side with the required security policy so that rampart will add
> these security headers for you? Does the WSDL include a policy stating
> what
> security measures should be taken to access the service?
>
> Thanks,
> Keith.
>
> On Wed, Jun 18, 2008 at 12:26 PM, sh_santosh <sa...@gmail.com>
> wrote:
>
>> >> not
>> Security Header is not present in the incoming message
>> Exception.
>> MIME-Version: 1.0
>> Content-Type: text/plain; charset=us-ascii
>> Content-Transfer-Encoding: 7bit
>> X-Nabble-From: santosh.ncstk@gmail.com
>>
>>
>> Dear All,
>>
>> I have a Java Client generated by using Axis1.3.By use of my Java Client
>> I
>> want to access a Web Service Implemented in .NET using WSE3.0 Standards.
>>
>> When I tried to submit my Request using a method available in my Client
>> Class ,I am getting Exception that "Security requirements are not
>> satisfied
>> because the security header is not present in the incoming message".
>>
>> Then I have added the SOAP Security Headers(which are not available in my
>> Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
>> Object and Tried to submit the Request ,but still I got the Same
>> Exception.
>>
>> Note : - That the Java Client Code Pass an Object as Request having
>> required
>> Parameters and Gets the User Defined Object in Response.
>>
>> I have to generate a Structure Like below inside my SOAPHeader Tag :
>>
>> <soap:Header>
>> <wsa:Action>http://www.test/info</wsa:Action>
>>
>> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
>> <wsa:ReplyTo>
>> <wsa:Address>
>> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
>> </wsa:Address>
>> </wsa:ReplyTo>
>> <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
>> <wsse:Security soap:mustUnderstand="1">
>> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
>> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
>> </wsu:Timestamp>
>> <wsse:UsernameToken
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> "
>> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
>> <wsse:Username>stuart@testme.com</wsse:Username>
>> <wsse:Password
>> Type="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
>> ">SomePassword</wsse:Password>
>> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
>> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
>> </wsse:UsernameToken>
>> </wsse:Security>
>> </soap:Header>
>>
>>
>>
>> Any Help at Java Code Level or any Guidance/Example will be highly
>> appreciated.
>>
>> Thanks,
>> Ritesh.
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is%0D%0A%3E%3E-not%0D%0ASecurity-Header-is-not-present-in-the-incoming-message-Exception.-tp17960865p17960865.html
>> Sent from the Axis - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
> --
> Keith Chapman
> Senior Software Engineer
> WSO2 Inc.
> Oxygenating the Web Service Platform.
> http://wso2.org/
>
> blog: http://www.keith-chapman.org
>
>
--
View this message in context: http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is-not-present-in-the-incoming-message.-tp17960865p17961464.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Security requirements are not satisfied because the security header is
Posted by keith chapman <ke...@gmail.com>.
Hi Santosh,
Why are you adding the security header by hand? Didn't you engage rampart on
the client side with the required security policy so that rampart will add
these security headers for you? Does the WSDL include a policy stating what
security measures should be taken to access the service?
Thanks,
Keith.
On Wed, Jun 18, 2008 at 12:26 PM, sh_santosh <sa...@gmail.com>
wrote:
> >> not
> Security Header is not present in the incoming message
> Exception.
> MIME-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> X-Nabble-From: santosh.ncstk@gmail.com
>
>
> Dear All,
>
> I have a Java Client generated by using Axis1.3.By use of my Java Client I
> want to access a Web Service Implemented in .NET using WSE3.0 Standards.
>
> When I tried to submit my Request using a method available in my Client
> Class ,I am getting Exception that "Security requirements are not satisfied
> because the security header is not present in the incoming message".
>
> Then I have added the SOAP Security Headers(which are not available in my
> Java Client Code) in my Stub Object by using SOAPHeaderElement Class's
> Object and Tried to submit the Request ,but still I got the Same Exception.
>
> Note : - That the Java Client Code Pass an Object as Request having
> required
> Parameters and Gets the User Defined Object in Response.
>
> I have to generate a Structure Like below inside my SOAPHeader Tag :
>
> <soap:Header>
> <wsa:Action>http://www.test/info</wsa:Action>
>
> <wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:MessageID>
> <wsa:ReplyTo>
> <wsa:Address>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> </wsa:ReplyTo>
> <wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
> <wsse:Username>stuart@testme.com</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">SomePassword</wsse:Password>
> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
>
>
>
> Any Help at Java Code Level or any Guidance/Example will be highly
> appreciated.
>
> Thanks,
> Ritesh.
>
> --
> View this message in context:
> http://www.nabble.com/Security-requirements-are-not-satisfied-because-the-security-header-is%0D%0A%3E%3E-not%0D%0ASecurity-Header-is-not-present-in-the-incoming-message-Exception.-tp17960865p17960865.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
RE: Security requirements are not satisfied because the security header is
Posted by "Vinh Nguyen (vinguye2)" <vi...@cisco.com>.
The SOAP you posted below is missing the namespace for the "wsse"
prefix. Other than that, seems like you are using the
UsernameTokenProfile, and the structure looks ok to me. You need to
check though what profile is expected by the server because they need to
match.
-----Original Message-----
From: sh_santosh [mailto:santosh.ncstk@gmail.com]
Sent: Tuesday, June 17, 2008 11:57 PM
To: axis-user@ws.apache.org
Subject: Security requirements are not satisfied because the security
header is
>> not
Security Header is not present in the incoming message Exception.
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Nabble-From: santosh.ncstk@gmail.com
Dear All,
I have a Java Client generated by using Axis1.3.By use of my Java Client
I want to access a Web Service Implemented in .NET using WSE3.0
Standards.
When I tried to submit my Request using a method available in my Client
Class ,I am getting Exception that "Security requirements are not
satisfied because the security header is not present in the incoming
message".
Then I have added the SOAP Security Headers(which are not available in
my Java Client Code) in my Stub Object by using SOAPHeaderElement
Class's Object and Tried to submit the Request ,but still I got the Same
Exception.
Note : - That the Java Client Code Pass an Object as Request having
required Parameters and Gets the User Defined Object in Response.
I have to generate a Structure Like below inside my SOAPHeader Tag :
<soap:Header>
<wsa:Action>http://www.test/info</wsa:Action>
<wsa:MessageID>urn:uuid:ca6e465b-484a-4bb5-964f-eb513938bb84</wsa:Messag
eID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony
mous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:8080/bookingapi/bookingapi.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-c90b72e0-541c-4b17-bc0b-acf8c3495b43">
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
<wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
wsu:Id="SecurityToken-9e141575-2400-4c6d-ab86-1d5af61727b2">
<wsse:Username>stuart@testme.com</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">SomePassword</wsse:Password>
<wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce>
<wsu:Created>2008-02-28T15:33:56Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
Any Help at Java Code Level or any Guidance/Example will be highly
appreciated.
Thanks,
Ritesh.
--
View this message in context:
http://www.nabble.com/Security-requirements-are-not-satisfied-because-th
e-security-header-is%0D%0A%3E%3E-not%0D%0ASecurity-Header-is-not-present
-in-the-incoming-message-Exception.-tp17960865p17960865.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org