You are viewing a plain text version of this content. The canonical link for it is here.
Posted to muse-user@ws.apache.org by PO...@gmx.net on 2007/10/31 15:32:22 UTC
Webservice Muse Security Problem
Hello
I try to run the ApacheMuse example of the tutorial http://ws.apache.org/muse/docs/2.2.0/tutorial/index.html . The problem is that I deployd it in the OMII tomcat webserver. This server has its own security features (X.509 Certificates and Keystores)
http://www.omii.ac.uk/docs/3.4.0/user_guide/omii_user_guide.htm#security/security2.htm
Now I dont know how configure my Webservice so that it can be run in that webserver. Hopefully someone can help me.
regards pod
--
GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
---------------------------------------------------------------------
To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
For additional commands, e-mail: muse-user-help@ws.apache.org
Re: Webservice Muse Security Problem
Posted by PO...@gmx.net.
Hi
But what about the server-config.wsdd??
Omii has a server-config.wsdd
e.g to deploy that
import uk.ac.omii.security.wss4j.helpers.AuthenticatedCertificateHelper ;
import uk.ac.omii.security.utils.DNParser;
import java.security.cert.X509Certificate;
public class HelloService {
public String hello() throws Exception {
X509Certificate clientCert =
AuthenticatedCertificateHelper.getCurrentUser() ;
DNParser dn = new DNParser(clientCert.getSubjectDN().getName());
return "Hello " + dn.getCN() + "!" ;
}
}
the wsdd file below is needed. It has its own security handlers. The muse war file I deployed didnt have a server-config.wsdd. Am I wrong that I have to make an own server-config.wsdd an put it in the WEB-INF directory of the war file and fill in some security info??
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<service name="HelloService" provider="java:RPC">
<requestFlow>
<handler type= "java:uk.ac.omii.security.wss4j.handler.PolicyEnforcementHandler">
<parameter name="action" value="Timestamp Signature"/>
<parameter name="signaturePropFile" value="crypto.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="passwordCallbackClass"
value="uk.ac.omii.security.utils.PWCallback"/>
<parameter name="signatureParts" value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp"
/>
</handler>
</requestFlow>
<responseFlow>
<handler type=
"java:uk.ac.omii.security.wss4j.handler.WSOutboundHandler">
<parameter name="action" value="Timestamp Signature"/>
<parameter name="signaturePropFile" value="crypto.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="passwordCallbackClass"
value="uk.ac.omii.security.utils.PWCallback"/>
<parameter name="signatureParts" value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
/>
</handler>
</responseFlow>
<parameter name="className" value="HelloService"/>
<parameter name="allowedMethods" value="*"/>
</service>
</deployment>
-------- Original-Nachricht --------
> Datum: Wed, 31 Oct 2007 15:58:58 -0000 (GMT)
> Von: rochfokj@cs.tcd.ie
> An: muse-user@ws.apache.org
> Betreff: Re: Webservice Muse Security Problem
> Hi,
> I dont think you need to do anything different when deploying the service
> but there'll be a few extra things to do on the client side.
>
> Have you tried getting the details of the local certs/keys/truststore from
> the crypto.props file and setting up the client accordingly?
>
> e.g.
>
> System.setProperty("javax.net.ssl.trustStore", "C:\\Documents and
> Settings\\user\\clientTruststore");
> System.setProperty("javax.net.ssl.trustStorePassword", "somePassword");
>
> and
>
> System.setProperty("javax.net.ssl.keyStore", "C:\\Documents and
> Settings\\user\\clientKeystore");
> System.setProperty("javax.net.ssl.keyStorePassword", "someOtherPassword");
>
> regards
> Keith
>
> > Hello
> >
> > I try to run the ApacheMuse example of the tutorial
> > http://ws.apache.org/muse/docs/2.2.0/tutorial/index.html . The problem
> is
> > that I deployd it in the OMII tomcat webserver. This server has its own
> > security features (X.509 Certificates and Keystores)
> >
> http://www.omii.ac.uk/docs/3.4.0/user_guide/omii_user_guide.htm#security/security2.htm
> > Now I dont know how configure my Webservice so that it can be run in
> that
> > webserver. Hopefully someone can help me.
> >
> > regards pod
> >
> > --
> > GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
> > Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: muse-user-help@ws.apache.org
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: muse-user-help@ws.apache.org
--
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
---------------------------------------------------------------------
To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
For additional commands, e-mail: muse-user-help@ws.apache.org
Re: Webservice Muse Security Problem
Posted by ro...@cs.tcd.ie.
Hi,
I dont think you need to do anything different when deploying the service
but there'll be a few extra things to do on the client side.
Have you tried getting the details of the local certs/keys/truststore from
the crypto.props file and setting up the client accordingly?
e.g.
System.setProperty("javax.net.ssl.trustStore", "C:\\Documents and
Settings\\user\\clientTruststore");
System.setProperty("javax.net.ssl.trustStorePassword", "somePassword");
and
System.setProperty("javax.net.ssl.keyStore", "C:\\Documents and
Settings\\user\\clientKeystore");
System.setProperty("javax.net.ssl.keyStorePassword", "someOtherPassword");
regards
Keith
> Hello
>
> I try to run the ApacheMuse example of the tutorial
> http://ws.apache.org/muse/docs/2.2.0/tutorial/index.html . The problem is
> that I deployd it in the OMII tomcat webserver. This server has its own
> security features (X.509 Certificates and Keystores)
> http://www.omii.ac.uk/docs/3.4.0/user_guide/omii_user_guide.htm#security/security2.htm
> Now I dont know how configure my Webservice so that it can be run in that
> webserver. Hopefully someone can help me.
>
> regards pod
>
> --
> GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
> Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: muse-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: muse-user-unsubscribe@ws.apache.org
For additional commands, e-mail: muse-user-help@ws.apache.org