You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-user@axis.apache.org by Adam Edgar <ae...@research.att.com> on 2009/12/04 18:09:02 UTC
rampart/c http tutorial
Is there a good start to finish tutorial for rampart/c for creating a
client starting with a WSDL file? Basically, right no I have written a
WSDL and used wsdl2c to generate the source for the client but it does
not seem to have any rampart code in it. If I run the server without
WSSE it works but not when I try to secure it. I've managed to find
documentation scattered about but nothing comprehensive.
All I'm trying to do is use UserName/Password authentication across
https. This is probably real simple but I can't seem to find the last
little bit of info to get it done.
ASE
Re: rampart/c http tutorial
Posted by Setomidor <se...@home.se>.
You can do this using the Apache TCPmon:
http://ws.apache.org/commons/tcpmon/
I'm also looking for a nice Rampart/C walkthrough, but I have yet to find
one.
Regards,
Daniel
Adam Edgar wrote:
>
> On Fri, 2009-12-04 at 22:59 +0530, Samisa Abeysinghe wrote:
>
>> You need to enable https in the axis2.xml conf file
>>
>
> Ah, thanks one step closer.
>
> I still need to figure out how to see the exact xml that is being sent
> and received from the server. I am getting a fault back and I suspect it
> is because the WSSE header information is not correct. I should be
> sending something like this to the server:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <SOAP-ENV:Envelope
> xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"
> xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401..."
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis..."
> xmlns:negdb="http://secure.negativeaddress.research.att.com/"
> >
> <SOAP-ENV:Header>
> <wsse:Security SOAP-ENV:mustUnderstand="true">
> <wsse:UsernameToken
> wsu:Id="apache"
> >
> <wsse:Username>apache</wsse:Username>
> <wsse:Password Type="http://docs.oasis-open.org/wss...">
> password
> </wsse:Password>
> </wsse:UsernameToken>
> </wsse:Security>
> </SOAP-ENV:Header>
> <SOAP-ENV:Body>
> ...
> While I think I've engaged rampart properly to add the header
> information, the debugging log does not include the data sent to the
> server.
>
> ASE
>
>
>
>
--
View this message in context: http://old.nabble.com/rampart-c-http-tutorial-tp26645784p27702942.html
Sent from the Axis - C++ - User mailing list archive at Nabble.com.
Re: rampart/c http tutorial
Posted by Adam Edgar <ae...@research.att.com>.
On Fri, 2009-12-04 at 22:59 +0530, Samisa Abeysinghe wrote:
> You need to enable https in the axis2.xml conf file
>
Ah, thanks one step closer.
I still need to figure out how to see the exact xml that is being sent
and received from the server. I am getting a fault back and I suspect it
is because the WSSE header information is not correct. I should be
sending something like this to the server:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"
xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401..."
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis..."
xmlns:negdb="http://secure.negativeaddress.research.att.com/"
>
<SOAP-ENV:Header>
<wsse:Security SOAP-ENV:mustUnderstand="true">
<wsse:UsernameToken
wsu:Id="apache"
>
<wsse:Username>apache</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss...">
password
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
...
While I think I've engaged rampart properly to add the header
information, the debugging log does not include the data sent to the
server.
ASE
Re: rampart/c http tutorial
Posted by Samisa Abeysinghe <sa...@wso2.com>.
On Fri, Dec 4, 2009 at 10:53 PM, Adam Edgar <ae...@research.att.com> wrote:
> I think I've managed to get some of it working but can't tell if the
> proper headers are being generated. Is there a way to dump the traffic
> being sent to the server?
>
> Also when I try :
>
> url="https://localhost:8443/axis2/services/NegativeAddressSecureService";
> stub = axis2_stub_create_NegativeAddressSecureService(env,home,url);
>
> I get :
>
> op_client.c(949) Cannot infer transport
> op_client.c(954) End:axis2_op_client_infer_transport
> op_client.c(407) Op client execute failed. Cannot find transport out.
>
>
> Is there something I need to do to enable https as it doesn't fail for
> http?
>
You need to enable https in the axis2.xml conf file
Samisa...
> ASE
>
>
> On Fri, 2009-12-04 at 22:42 +0530, Samisa Abeysinghe wrote:
> > Rampart is an independent project. Hence, the generated code does not
> > have Rampart specific stuff.
> >
> >
> > For Rampart stuff, you have to engage the module and provide the
> > security policies etc at client level programatically.
> >
> >
> > Samisa...
> >
> > On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <ae...@research.att.com>
> > wrote:
> > Is there a good start to finish tutorial for rampart/c for
> > creating a
> > client starting with a WSDL file? Basically, right no I have
> > written a
> > WSDL and used wsdl2c to generate the source for the client but
> > it does
> > not seem to have any rampart code in it. If I run the server
> > without
> > WSSE it works but not when I try to secure it. I've managed to
> > find
> > documentation scattered about but nothing comprehensive.
> >
> > All I'm trying to do is use UserName/Password authentication
> > across
> > https. This is probably real simple but I can't seem to find
> > the last
> > little bit of info to get it done.
> >
> > ASE
> >
> >
> >
> >
> > --
> > Samisa Abeysinghe
> > Director, Engineering - WSO2 Inc.
> >
> > http://www.wso2.com/ - "The Open Source SOA Company"
> >
>
>
>
--
Samisa Abeysinghe
Director, Engineering - WSO2 Inc.
http://www.wso2.com/ - "The Open Source SOA Company"
Re: rampart/c http tutorial
Posted by Adam Edgar <ae...@research.att.com>.
I think I've managed to get some of it working but can't tell if the
proper headers are being generated. Is there a way to dump the traffic
being sent to the server?
Also when I try :
url="https://localhost:8443/axis2/services/NegativeAddressSecureService";
stub = axis2_stub_create_NegativeAddressSecureService(env,home,url);
I get :
op_client.c(949) Cannot infer transport
op_client.c(954) End:axis2_op_client_infer_transport
op_client.c(407) Op client execute failed. Cannot find transport out.
Is there something I need to do to enable https as it doesn't fail for
http?
ASE
On Fri, 2009-12-04 at 22:42 +0530, Samisa Abeysinghe wrote:
> Rampart is an independent project. Hence, the generated code does not
> have Rampart specific stuff.
>
>
> For Rampart stuff, you have to engage the module and provide the
> security policies etc at client level programatically.
>
>
> Samisa...
>
> On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <ae...@research.att.com>
> wrote:
> Is there a good start to finish tutorial for rampart/c for
> creating a
> client starting with a WSDL file? Basically, right no I have
> written a
> WSDL and used wsdl2c to generate the source for the client but
> it does
> not seem to have any rampart code in it. If I run the server
> without
> WSSE it works but not when I try to secure it. I've managed to
> find
> documentation scattered about but nothing comprehensive.
>
> All I'm trying to do is use UserName/Password authentication
> across
> https. This is probably real simple but I can't seem to find
> the last
> little bit of info to get it done.
>
> ASE
>
>
>
>
> --
> Samisa Abeysinghe
> Director, Engineering - WSO2 Inc.
>
> http://www.wso2.com/ - "The Open Source SOA Company"
>
Re: rampart/c http tutorial
Posted by Samisa Abeysinghe <sa...@wso2.com>.
Rampart is an independent project. Hence, the generated code does not have
Rampart specific stuff.
For Rampart stuff, you have to engage the module and provide the security
policies etc at client level programatically.
Samisa...
On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <ae...@research.att.com> wrote:
> Is there a good start to finish tutorial for rampart/c for creating a
> client starting with a WSDL file? Basically, right no I have written a
> WSDL and used wsdl2c to generate the source for the client but it does
> not seem to have any rampart code in it. If I run the server without
> WSSE it works but not when I try to secure it. I've managed to find
> documentation scattered about but nothing comprehensive.
>
> All I'm trying to do is use UserName/Password authentication across
> https. This is probably real simple but I can't seem to find the last
> little bit of info to get it done.
>
> ASE
>
>
--
Samisa Abeysinghe
Director, Engineering - WSO2 Inc.
http://www.wso2.com/ - "The Open Source SOA Company"