You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by gprovost <pr...@fednot.be> on 2008/08/05 10:02:43 UTC
Re: [Axis2/Rampart] Using Rampart for OutFlow, but not for InFlow
Hi,
I'm now using Axis 1.4. Can you tell me how to migrate the code
service.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
servicePolicy);
to Axis 1.4 ? The method attachPolicy does take anymore a PolicyInclude
constant as parameter ?
Thanks
Grégory
Nunny wrote:
>
> Hi Stefan,
> I think you will be able to get over with this problem using
> operational level security. So you apply security policy not at the
> end point level but at the operation level. I think the following code
> snippet will help. But you may have to use Rampart SNAPSHOT not 1.3.
>
> ServiceClient client = new ServiceClient(ctx, null);
>
> AxisService service = client.getAxisService();
>
> service.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY,
> servicePolicy);
>
> AxisOperation operation =
> service.getOperation(ServiceClient.ANON_OUT_IN_OP);
>
> AxisMessage outMessage =
> operation.getMessage(WSDLConstants.MESSAGE_LABEL_OUT_VALUE);
>
> outMessage.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
> outPolicy);
>
> AxisMessage inMessage =
> operation.getMessage(WSDLConstants.MESSAGE_LABEL_IN_VALUE);
>
> inMessage.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
> inPolicy);
>
> thanks,
> /nandana
>
>
> On Tue, Feb 26, 2008 at 5:57 PM, Stefan Lecho <st...@gmail.com> wrote:
>> Hi,
>>
>> In one of our applications, we are contacting a Webservice for which the
>> requests should be signed, but for which the responses are not signed. We
>> do
>> not control this webservice, so on the server side we can not change
>> anything. We are trying to build a client for this webservice, but found
>> some problems in using a policy-based configuration of the client.
>>
>> With Axis2 v1.1.1 and rampart v1.1, we were able to configure Axis2 to
>> accept this kind of requirement by modifying the axis2.xml file. The
>> following modifications were included: <model ref="rampart"/><parameter
>> name="OutflowSecurity"><action><items>Signature</items>...</action></parameter>".
>>
>> With Axis2 v1.3 and Rampart v1.3, we would like to achieve the same
>> result
>> by using the policy-based configuration. Based on the provided
>> samples/policy/sample02/policy.xml file, we tried to only enable
>> signature
>> on the Initiator but not on the Recipient. We have tried several things,
>> but
>> without any success :o(. The response that is received by the client is
>> treated by the Rampart module, which results in a NullPointerException on
>> this code in RampartEngine:
>> "rmd.getMsgContext().getEnvelope().getHeader().getHeaderBlocksWithNSURI(...)"
>> because the SOAP-header element is missing in the response (because the
>> response was not signed).
>>
>> How can we avoid the handling of non-signed responses by Rampart? Any
>> help
>> with this issue would be highly appreciated :o).
>>
>> Regards, Stefan Lecho.
>>
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/-Axis2-Rampart--Using-Rampart-for-OutFlow%2C-but-not-for-InFlow-tp15689307p18826338.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: [Axis2/Rampart] Using Rampart for OutFlow, but not for InFlow
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi,
see the inline comments.
I'm now using Axis 1.4. Can you tell me how to migrate the code
>
>
> service.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
> servicePolicy);
>
> to Axis 1.4 ? The method attachPolicy does take anymore a PolicyInclude
> constant as parameter ?
>
in Axis2 1.4, PolicyInclude is deprecated. Now you attach policies using
Policy subjects.
service.getPolicySubject().attachPolicy(servicePolicy)
for operation and message, it's the same.
thanks,
nandana
> Nunny wrote:
> >
> > Hi Stefan,
> > I think you will be able to get over with this problem using
> > operational level security. So you apply security policy not at the
> > end point level but at the operation level. I think the following code
> > snippet will help. But you may have to use Rampart SNAPSHOT not 1.3.
> >
> > ServiceClient client = new ServiceClient(ctx, null);
> >
> > AxisService service = client.getAxisService();
> >
> >
> service.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY,
> > servicePolicy);
> >
> > AxisOperation operation =
> > service.getOperation(ServiceClient.ANON_OUT_IN_OP);
> >
> > AxisMessage outMessage =
> > operation.getMessage(WSDLConstants.MESSAGE_LABEL_OUT_VALUE);
> >
> >
> outMessage.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
> > outPolicy);
> >
> > AxisMessage inMessage =
> > operation.getMessage(WSDLConstants.MESSAGE_LABEL_IN_VALUE);
> >
> >
> inMessage.getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_MESSAGE_POLICY,
> > inPolicy);
> >
> > thanks,
> > /nandana
> >
> >
> > On Tue, Feb 26, 2008 at 5:57 PM, Stefan Lecho <st...@gmail.com> wrote:
> >> Hi,
> >>
> >> In one of our applications, we are contacting a Webservice for which the
> >> requests should be signed, but for which the responses are not signed.
> We
> >> do
> >> not control this webservice, so on the server side we can not change
> >> anything. We are trying to build a client for this webservice, but found
> >> some problems in using a policy-based configuration of the client.
> >>
> >> With Axis2 v1.1.1 and rampart v1.1, we were able to configure Axis2 to
> >> accept this kind of requirement by modifying the axis2.xml file. The
> >> following modifications were included: <model ref="rampart"/><parameter
> >>
> name="OutflowSecurity"><action><items>Signature</items>...</action></parameter>".
> >>
> >> With Axis2 v1.3 and Rampart v1.3, we would like to achieve the same
> >> result
> >> by using the policy-based configuration. Based on the provided
> >> samples/policy/sample02/policy.xml file, we tried to only enable
> >> signature
> >> on the Initiator but not on the Recipient. We have tried several things,
> >> but
> >> without any success :o(. The response that is received by the client is
> >> treated by the Rampart module, which results in a NullPointerException
> on
> >> this code in RampartEngine:
> >>
> "rmd.getMsgContext().getEnvelope().getHeader().getHeaderBlocksWithNSURI(...)"
> >> because the SOAP-header element is missing in the response (because the
> >> response was not signed).
> >>
> >> How can we avoid the handling of non-signed responses by Rampart? Any
> >> help
> >> with this issue would be highly appreciated :o).
> >>
> >> Regards, Stefan Lecho.
> >>
> >
> > http://nandana83.blogspot.com/
> > http://nandanasm.wordpress.com/
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/-Axis2-Rampart--Using-Rampart-for-OutFlow%2C-but-not-for-InFlow-tp15689307p18826338.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org