You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Priyanka Kapoor <pr...@gmail.com> on 2009/11/18 04:40:10 UTC
AXIS2 Rampart
Hi Everyone,
I am using Rampart 1.4 with axis 1.5.1. I was trying the Rampart samples and
everything was fine. I could able to see the message flows in the TCPMon. I
want to know whether the responses from the server can be a normal soap
message without the WSSE headers and stuffs..? Inshort i am looking for the
following
Original response from the rampart sample02 example:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 18 Nov 2009 03:10:28 GMT
a21
<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="
http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-7050181">
<wsu:Created>2009-11-18T03:10:28.442Z</wsu:Created>
<wsu:Expires>2009-11-18T03:15:28.442Z</wsu:Expires>
</wsu:Timestamp>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-32702517">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#Id-11700608">
<ds:Transforms>
<ds:Transform Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>7/rKSmTf7Qz8bOYFO5QslyTkBcM=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-7050181">
<ds:Transforms>
<ds:Transform Algorithm="
http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="
http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>xy8fI5lMqIsXkcpD5u/KxAsHGTU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>VYr5h4Ovmlh6KKGBfCyow7c7U/OC9GQqMe8ShpQOXpnzP8ZpCm/LqOTx0jsXQxnhUp3mn28TEclzFO1aKRcyjW/aOju3d4ilHAL1pHubtt1Isu4jP0w4YdVnmFQRAf1nFqLaYRxt2pkJN1N1crvs1u9HBqe/TFkvD0p98tqTAf8=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-9613092">
<wsse:SecurityTokenReference xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-2653016">
<wsse:KeyIdentifier EncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1
">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action>urn:echoResponse</wsa:Action>
<wsa:RelatesTo>urn:uuid:F5BB27586B814675051258513827527</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id-11700608">
<ns:echoResponse xmlns:ns="
http://sample02.policy.samples.rampart.apache.org">
<ns:return>Hello world</ns:return>
</ns:echoResponse>
</soapenv:Body>
</soapenv:Envelope>
Needed simple response:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<p1:testHeader xmlns:v1="http://..">
<p1:value>value123</p1:value>
</p1:testHeader>
</soapenv:Header>
<soapenv:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<p2:testResponse xmlns:p2="http://.."/>
<result> success </result>
</p2:testResponse>
</soapenv:Body>
</soapenv:Envelope>
I thought of using a Outflowhandler to detach the header,body as well and
add a new customized SOAP envelope in the same handler..Does it sound
good..? I am in a dilemma since the service would have already secured the
message using the keys and the policies...
Can someone tell me how to proceed to achieve this simple response..?
Regards,
Priyanka
Re: AXIS2 Rampart
Posted by Prabath Siriwardena <pr...@wso2.com>.
You may find [1] helpful.
Thanks & regards.
-Prabath
[1]:http://blog.rampartfaq.com/2009/11/how-to-generate-non-secure-response-to.html
Priyanka Kapoor wrote:
> Hi Everyone,
>
>
> I am using Rampart 1.4 with axis 1.5.1. I was trying the Rampart
> samples and everything was fine. I could able to see the message flows
> in the TCPMon. I want to know whether the responses from the server
> can be a normal soap message without the WSSE headers and stuffs..?
> Inshort i am looking for the following
>
> Original response from the rampart sample02 example:
>
>
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Content-Type: text/xml;charset=UTF-8
> Transfer-Encoding: chunked
> Date: Wed, 18 Nov 2009 03:10:28 GMT
>
> a21
> <?xml version='1.0' encoding='UTF-8'?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Timestamp-7050181">
> <wsu:Created>2009-11-18T03:10:28.442Z</wsu:Created>
> <wsu:Expires>2009-11-18T03:15:28.442Z</wsu:Expires>
> </wsu:Timestamp>
> <ds:Signature
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-32702517">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> <ds:Reference URI="#Id-11700608">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>7/rKSmTf7Qz8bOYFO5QslyTkBcM=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#Timestamp-7050181">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
>
> <ds:DigestValue>xy8fI5lMqIsXkcpD5u/KxAsHGTU=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>VYr5h4Ovmlh6KKGBfCyow7c7U/OC9GQqMe8ShpQOXpnzP8ZpCm/LqOTx0jsXQxnhUp3mn28TEclzFO1aKRcyjW/aOju3d4ilHAL1pHubtt1Isu4jP0w4YdVnmFQRAf1nFqLaYRxt2pkJN1N1crvs1u9HBqe/TFkvD0p98tqTAf8=</ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-9613092">
> <wsse:SecurityTokenReference
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-2653016">
> <wsse:KeyIdentifier
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> <wsa:Action>urn:echoResponse</wsa:Action>
>
> <wsa:RelatesTo>urn:uuid:F5BB27586B814675051258513827527</wsa:RelatesTo>
> </soapenv:Header>
> <soapenv:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Id-11700608">
> <ns:echoResponse
> xmlns:ns="http://sample02.policy.samples.rampart.apache.org">
> <ns:return>Hello world</ns:return>
> </ns:echoResponse>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
> Needed simple response:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
> <p1:testHeader xmlns:v1="http://..">
> <p1:value>value123</p1:value>
> </p1:testHeader>
> </soapenv:Header>
> <soapenv:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
> <p2:testResponse xmlns:p2="http://.."/>
> <result> success </result>
> </p2:testResponse>
> </soapenv:Body>
> </soapenv:Envelope>
>
> I thought of using a Outflowhandler to detach the header,body as well
> and add a new customized SOAP envelope in the same handler..Does it
> sound good..? I am in a dilemma since the service would have already
> secured the message using the keys and the policies...
>
> Can someone tell me how to proceed to achieve this simple response..?
>
> Regards,
> Priyanka
>