You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Ruchith Fernando <ru...@gmail.com> on 2007/11/06 23:21:37 UTC
Re: [Axis2] Services.xml is wrong but when the WSDL queried is corrected somewhere?
Hi Dobri,
Are you using rampart-policy-<version>.jar to create and serialize this policy?
We fixed a lot of policy serialization issues in rampart-policy after
1.3. Can you please try using the rampart-policy-SNAPSHOT.jar from the
latest trunk?
Thanks,
Ruchith
p.s. Please subscribe (rampart-dev-subscribe@ws.apache.org) and post
rampart related issues to rampart-dev@ws.apache.org list.
On 10/31/07, Dobri Kitipov <kd...@googlemail.com> wrote:
> Hi everybody,
> I am using Axis2 1.3 and rampart2 1.2.
> I observed something interesting. I am using a custom tool to generate a
> services.xml. This tool is under development so it did not works perfect at
> the moment. I am testing the symmetric binding and have the following
> services.xml generated:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <serviceGroup>
> <service name="HelloPojo">
> <description>Web Service HelloPojo</description>
> <parameter
> name="ServiceClass">com.mycompany.wsstack.pojo.HelloPojo</parameter>
> <messageReceivers>
> <messageReceiver
>
> class="org.apache.axis2.rpc.receivers.RPCMessageReceiver "
> mep="http://www.w3.org/2004/08/wsdl/in-out"/>
> </messageReceivers>
> <operation name="sayHello"/>
> <wsp:Policy wsu:Id="User defined"
>
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SymmetricBinding xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <sp:ProtectionToken>
> <sp:X509Token sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> <sp:RequireDerivedKeys/>
> </wsp:Policy>
> </sp:X509Token>
> </sp:ProtectionToken>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> <sp:ProtectionToken>
> <sp:ProtectionToken>
> <sp:X509Token sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> <sp:RequireDerivedKeys/>
> </wsp:Policy>
> </sp:X509Token>
> </sp:ProtectionToken>
> </sp:ProtectionToken>
> </wsp:Policy>
> </sp:SymmetricBinding>
> <sp:Wss10 xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <sp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefIssuerSerial/>
> </sp:Policy>
> </sp:Wss10>
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy/>
> </sp:SignedSupportingTokens>
> <ramp:RampartConfig
> xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:user>service</ramp:user>
>
> <ramp:encryptionUser>client</ramp:encryptionUser>
>
> <ramp:passwordCallbackClass>com.mycompany.wsstack.pwcb.PasswordCallbackHandler
> </ramp:passwordCallbackClass>
> <ramp:signatureCrypto>
> <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> <ramp:property name="
> org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.keystore.password">openssl</ramp:property>
> </ramp:crypto>
> </ramp:signatureCrypto>
> <ramp:encryptionCypto>
> <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.keystore.type
> ">JKS</ramp:property>
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property>
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.keystore.password
> ">openssl</ramp:property>
> </ramp:crypto>
> </ramp:encryptionCypto>
> </ramp:RampartConfig>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> <module ref="addressing"/>
> <module ref="rampart"/>
> </service>
> </serviceGroup>
>
> You can see in bold that <sp:ProtectionToken> is not correctly formed. it
> has two opening and closing <sp:ProtectionToken> tags. The second one
> should be replaced by <sp:Policy> tag. Another problem is that
> <sp:ProtectionToken> block is set twice into the file.
> THE interesting thing is that when I deploy the AAR at Tomcat 5.5.20 and
> query the ?wsdl the policy in the wsdl returned is correct and obviously
> fixed at some stage. Here is an excerpt from the wsdl that contains the
> policy:
>
> <wsp:Policy
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="User defined">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SymmetricBinding xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
>
> <sp:WssX509V3Token10/>
>
> <sp:RequireDerivedKeys/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> </wsp:Policy>
> </sp:SymmetricBinding>
> <sp:Wss10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <sp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefIssuerSerial/>
> </sp:Policy>
> </sp:Wss10>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy/>
> </sp:SignedSupportingTokens>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
> In bold you can see that the <sp:ProtectionToken> is somehow corrected and
> normalized. Do you know where this happens?
>
> Thank you in advance!
> Dobri
>
>
>
>
>
>
--
http://blog.ruchith.org
http://wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org