You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Hamidreza sahlolbey <sa...@gmail.com> on 2009/01/04 20:17:51 UTC
Rampart Problem With wrong headers axis2.1.3
Hi;
I 've developed a webservice using axis2 and enable a username/password
authentication using rampart.Everything is ok when I use a java client to
call the service but the problem occures when I use PHP as client the php
client could pass my authentication with an invalid username/password where
as the java client couldn't pass it with an invalid user/pass.
I monitor my php request using TCPMON and the message it sends is as
follows:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="
http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://vaya.jiva/xsd"
xmlns:ns2="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
">
<SOAP-ENV:Header>
<ns2:Security SOAP-ENV:mustUnderstand="1">
<UsernameToken>
<Username>admin</Username>
<Password>99572</Password>
<Nonce>c</Nonce>
<Created>d</Created>
</UsernameToken>
</ns2:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<ns1:getContentTemplate>
<ns1:containerHandle>test</ns1:containerHandle>
</ns1:getContentTemplate>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
---
where as the correct message should be:
<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="
http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-7459482">
<wsu:Created>2009-01-04T02:47:41.640Z</wsu:Created>
<wsu:Expires>2009-01-04T02:52:41.640Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-9740942">
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
">riVthY8vBnuF8fbKWGHHW4m0KcU=</wsse:Password>
<wsse:Nonce>Gc8kSf3Fqz6A/BLF0w+b6w==</wsse:Nonce>
<wsu:Created>2009-01-04T02:47:41.640Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<getContentTemplate xmlns="http://vaya.jiva/xsd">
<arg0 xmlns="">test</arg0>
</getContentTemplate>
</soapenv:Body>
</soapenv:Envelope>0
-----
my question is that why the rampart does not check the username password
when the wrong security headers is included in message and let it pass the
security.
my services.xml is as follows:
<service name="ContentService">
<description>
jiva-ws
</description>
<module ref="rampart"/>
<parameter name="OutflowSecurity" >
<action>
<items>UsernameToken Timestamp</items>
<user>admin</user>
<passwordCallbackClass>com.vayasoft.eai.ws.authentication.PWHandlerServer</passwordCallbackClass>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<passwordCallbackClass>com.vayasoft.eai.ws.authentication.PWHandlerServer</passwordCallbackClass>
</action>
</parameter>
<parameter
name="ServiceObjectSupplier">org.apache.axis2.extensions.spring.receivers.SpringServletContextObjectSupplier</parameter>
<parameter name="SpringBeanName">contentService</parameter>
<!-- <operation name="getValue">
<messageReceiver
mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>-->
<operation name="getContentTemplate">
<messageReceiver
mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>
<operation name="loadContent">
<messageReceiver
mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>
<operation name="findContent">
<messageReceiver
mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>
<operation name="addContent">
<messageReceiver
mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
</operation>
</service>
and axis2.xml serverside is as follows:
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<axisconfig name="AxisJava2.0">
<!-- ================================================= -->
<!-- Parameters -->
<!-- ================================================= -->
<parameter name="hotdeployment">true</parameter>
<parameter name="hotupdate">false</parameter>
<parameter name="enableMTOM">false</parameter>
<parameter name="enableSwA">false</parameter>
<!--Uncomment if you want to enable file caching for fileValues -->
<!--parameter name="cacheAttachments">true</parameter>
<parameter name="attachmentDIR"></parameter>
<parameter name="sizeThreshold">4000</parameter-->
<!--This will give out the timout of the configuration contexts, in
milliseconds-->
<parameter name="ConfigContextTimeoutInterval">30000</parameter>
<!--During a fault, stack trace can be sent with the fault message. The
following flag will control -->
<!--that behavior.-->
<parameter name="sendStacktraceDetailsWithFaults">true</parameter>
<!--If there aren't any information available to find out the fault
reason, we set the message of the exception-->
<!--as the faultreason/Reason. But when a fault is thrown from a service
or some where, it will be -->
<!--wrapped by different levels. Due to this the initial exception
message can be lost. If this flag-->
<!--is set, then Axis2 tries to get the first exception and set its
message as the faultreason/Reason.-->
<parameter name="DrillDownToRootCauseForFaultReason">false</parameter>
<parameter name="userName">admin</parameter>
<parameter name="password">axis2</parameter>
<!--To override repository/services you need to uncomment following
parameter and value SHOULD be absolute file path.-->
<!--ServicesDirectory only works on the following cases-->
<!---File based configurator and in that case the value should be a file
URL (http:// not allowed)-->
<!---When creating URL Based configurator with URL "file://" -->
<!--- War based configurator with expanded case , -->
<!--All the other scenarios it will be ignored.-->
<!--<parameter name="ServicesDirectory">service</parameter>-->
<!--To override repository/modules you need to uncomment following
parameter and value SHOULD be absolute file path-->
<!--<parameter name="ModulesDirectory">modules</parameter>-->
<!--Following params will set the proper context paths for invocations.
All the endpoints will have a commons context-->
<!--root which can configured using the following contextRoot
parameter-->
<!--<parameter name="contextRoot">axis2</parameter>-->
<!--Our HTTP endpoints can handle both REST and SOAP. Following
parameters can be used to distinguiush those endpoints-->
<!--In case of a servlet, if you change this you have to manually change
the settings of your servlet container to map this -->
<!--context path to proper Axis2 servlets-->
<!--<parameter name="servicePath">services</parameter>-->
<!--<parameter name="restPath">rest</parameter>-->
<!-- Following parameter will completely disable REST handling in
Axis2-->
<parameter name="disableREST" locked="true">true</parameter>
<!--POJO deployer , this will alow users to drop .class file and make
that into a service-->
<deployer extension=".class" directory="pojo"
class="org.apache.axis2.deployment.POJODeployer"/>
<!-- Following parameter will set the host name for the epr-->
<!--<parameter name="hostname" locked="true">myhost.com</parameter>-->
<!-- If you have a front end host which exposes this webservice using a
different public URL -->
<!-- use this parameter to override autodetected url -->
<!--<parameter name="httpFrontendHostUrl">https://someotherhost/context
</parameter>-->
<!-- The way of adding listener to the system-->
<!-- <listener class="org.apache.axis2.ObserverIMPL">-->
<!-- <parameter name="RSS_URL">http://127.0.0.1/rss
</parameter>-->
<!-- </listener>-->
<!-- ================================================= -->
<!-- Message Receivers -->
<!-- ================================================= -->
<!--This is the deafult MessageReceiver for the system , if you want to
have MessageReceivers for -->
<!--all the other MEP implement it and add the correct entry to here ,
so that you can refer from-->
<!--any operation -->
<!--Note : You can ovrride this for a particular service by adding the
same element with your requirement-->
<messageReceivers>
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"
class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
<messageReceiver mep="http://www.w3.org/2006/01/wsdl/in-only"
class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
<messageReceiver mep="http://www.w3.org/2006/01/wsdl/in-out"
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
</messageReceivers>
<!-- ================================================= -->
<!-- Message Formatter -->
<!-- ================================================= -->
<!--Following content type to message formatter mapping can be used to
implement support for different message -->
<!--format serialization in Axis2. These message formats are expected
to be resolved based on the content type. -->
<messageFormatters>
<messageFormatter contentType="application/x-www-form-urlencoded"
class="org.apache.axis2.transport.http.XFormURLEncodedFormatter"/>
<messageFormatter contentType="multipart/form-data"
class="org.apache.axis2.transport.http.MultipartFormDataFormatter"/>
<messageFormatter contentType="application/xml"
class="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
</messageFormatters>
<!-- ================================================= -->
<!-- Message Builders -->
<!-- ================================================= -->
<!--Following content type to builder mapping can be used to implement
support for different message -->
<!--formats in Axis2. These message formats are expected to be resolved
based on the content type. -->
<messageBuilders>
<messageBuilder contentType="application/xml"
class="org.apache.axis2.builder.ApplicationXMLBuilder"/>
<messageBuilder contentType="application/x-www-form-urlencoded"
class="org.apache.axis2.builder.XFormURLEncodedBuilder"/>
<messageBuilder contentType="multipart/form-data"
class="org.apache.axis2.builder.MultipartFormDataBuilder"/>
</messageBuilders>
<!-- ================================================= -->
<!-- Transport Ins -->
<!-- ================================================= -->
<transportReceiver name="http"
class="org.apache.axis2.transport.http.SimpleHTTPServer">
<parameter name="port">8080</parameter>
<!-- Here is the complete list of supported parameters (see example
settings further below):
port: the port to listen on (default 6060)
hostname: if non-null, url prefix used in reply-to endpoint
references (default null)
originServer: value of http Server header in outgoing
messages (default
"Simple-Server/1.1")
requestTimeout: value in millis of time that requests can wait
for data (default 20000)
requestTcpNoDelay: true to maximize performance and minimize
latency (default true)
false to minimize bandwidth consumption by
combining segments
requestCoreThreadPoolSize: number of threads available for
request processing (unless queue fills up) (default 25)
requestMaxThreadPoolSize: number of threads available for
request processing if queue fills up (default 150)
note that default queue never fills
up: see HttpFactory
threadKeepAliveTime: time to keep threads in excess of core
size alive while inactive (default 180)
note that no such threads can exist with
default unbounded request queue
threadKeepAliveTimeUnit: TimeUnit of value in
threadKeepAliveTime (default SECONDS) (default SECONDS)
-->
<!-- <parameter name="hostname">http://www.myApp.com/ws</parameter>
-->
<!-- <parameter
name="originServer">My-Server/1.1</parameter> -->
<!-- <parameter
name="requestTimeout">10000</parameter> -->
<!-- <parameter
name="requestTcpNoDelay">false</parameter> -->
<!-- <parameter
name="requestCoreThreadPoolSize">50</parameter> -->
<!-- <parameter
name="RequestMaxThreadPoolSize">100</parameter> -->
<!-- <parameter
name="threadKeepAliveTime">240000</parameter> -->
<!-- <parameter
name="threadKeepAliveTimeUnit">MILLISECONDS</parameter> -->
</transportReceiver>
<!--Uncomment this and configure as appropriate for JMS transport
support, after setting up your JMS environment (e.g. ActiveMQ)
<transportReceiver name="jms"
class="org.apache.axis2.transport.jms.JMSListener">
<parameter name="myTopicConnectionFactory">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">TopicConnectionFactory</parameter>
</parameter>
<parameter name="myQueueConnectionFactory">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">QueueConnectionFactory</parameter>
</parameter>
<parameter name="default">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">QueueConnectionFactory</parameter>
</parameter>
</transportReceiver>-->
<!-- ================================================= -->
<!-- Non-blocking http/s Transport Listener -->
<!-- the non blocking http transport based on HttpCore + NIO extensions
<transportReceiver name="http"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOListener">
<parameter name="port" locked="false">9000</parameter>
<parameter name="non-blocking" locked="false">true</parameter>
</transportReceiver>-->
<!-- the non blocking https transport based on HttpCore + SSL-NIO
extensions
<transportReceiver name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
<parameter name="port" locked="false">9002</parameter>
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="keystore" locked="false">
<KeyStore>
<Location>identity.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
<KeyPassword>password</KeyPassword>
</KeyStore>
</parameter>
<parameter name="truststore" locked="false">
<TrustStore>
<Location>trust.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
</TrustStore>
</parameter>-->
<!--<parameter name="SSLVerifyClient">require</parameter>
supports optional|require or defaults to none -->
<!--</transportReceiver>-->
<!-- ================================================= -->
<!-- Mail Transport Listener -->
<!-- This is a sample configuration. It assumes a mail server running in
localhost.
Listener pops messages that comes to the email address
red@localhost. Users
password is red. Listener connect to the server every 3000
milliseconds.
Parameters with "transport." prefix is Axis2 specific. Others are
all from Java Mail API.
http://people.apache.org/~pzf/SMTPBase64Binding-0.2.html
-->
<!-- ================================================= -->
<!--<transportReceiver name="mailto"
class="org.apache.axis2.transport.mail.SimpleMailListener">
<parameter name="mail.pop3.host">localhost</parameter>
<parameter name="mail.pop3.user">red</parameter>
<parameter name="mail.store.protocol">pop3</parameter>
<parameter name="transport.mail.pop3.password">red</parameter>
<parameter name="transport.mail.replyToAddress">red@localhost
</parameter>
<parameter name="transport.listener.interval">3000</parameter>
</transportReceiver>-->
<!--Uncomment if you want to have TCP transport support-->
<!--transportReceiver name="tcp"
class="org.apache.axis2.transport.tcp.TCPServer">
<parameter name="port">6060</parameter-->>
<!--If you want to give your own host address for EPR generation-->
<!--uncomment the following paramter , and set it as you
required.-->
<!--<parameter name="hostname">tcp://myApp.com/ws</parameter>-->
<!-- /transportReceiver -->
<!-- ================================================= -->
<!-- Transport Outs -->
<!-- ================================================= -->
<transportSender name="tcp"
class="org.apache.axis2.transport.tcp.TCPTransportSender"/>
<transportSender name="local"
class="org.apache.axis2.transport.local.LocalTransportSender"/>
<transportSender name="http"
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
<parameter name="PROTOCOL">HTTP/1.1</parameter>
<parameter name="Transfer-Encoding">chunked</parameter>
<!-- If following is set to 'true', optional action part of the
Content-Type will not be added to the SOAP 1.2 messages -->
<!-- <parameter name="OmitSOAP12Action">true</parameter> -->
</transportSender>
<transportSender name="https"
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
<parameter name="PROTOCOL">HTTP/1.1</parameter>
<parameter name="Transfer-Encoding">chunked</parameter>
</transportSender>
<!--<transportSender name="jms"-->
<!--class="org.apache.axis2.transport.jms.JMSSender"/>-->
<!-- ================================================= -->
<!-- Non-blocking http/s Transport Sender -->
<!-- the non-blocking http transport sender based on HttpCore + NIO
extensions
<transportSender name="http"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSender">
<parameter name="non-blocking" locked="false">true</parameter>
</transportSender>-->
<!-- the non-blocking https transport sender based on HttpCore + NIO SSL
extensions
<transportSender name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLSender">
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="keystore" locked="false">
<KeyStore>
<Location>identity.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
<KeyPassword>password</KeyPassword>
</KeyStore>
</parameter>
<parameter name="truststore" locked="false">
<TrustStore>
<Location>trust.jks</Location>
<Type>JKS</Type>
<Password>password</Password>
</TrustStore>
</parameter>-->
<!--<parameter
name="HostnameVerifier">DefaultAndLocalhost</parameter>
supports Strict|AllowAll|DefaultAndLocalhost or the default if
none specified -->
<!--</transportSender>-->
<!-- ================================================= -->
<!-- Mail Transport Sender -->
<!--Only need to uncomment the sender. Configuration is achieved with
every client.
At any instant mail host should be given. Sample configuration has
been given.
http://people.apache.org/~pzf/SMTPBase64Binding-0.2.html
-->
<!-- ================================================= -->
<!--<transportSender name="mailto"
class="org.apache.axis2.transport.mail.MailTransportSender">
<parameter name="mail.smtp.host">localhost</parameter>
</transportSender>-->
<!-- ================================================= -->
<!-- Global Modules -->
<!-- ================================================= -->
<!-- Comment this to disable Addressing -->
<module ref="rampart" />
<module ref="soapmonitor"/>
<module ref="addressing"/>
<!--Configuring module , providing parameters for modules whether they
refer or not-->
<!--<moduleConfig name="addressing">-->
<!--<parameter name="addressingPara">N/A</parameter>-->
<!--</moduleConfig>-->
<!-- ================================================= -->
<!-- Clustering -->
<!-- ================================================= -->
<!-- Configure and uncomment following for preparing Axis2 to a
clustered environment -->
<!--
<cluster class="org.apache.axis2.cluster.tribes.TribesClusterManager">
<parameter name="param1">value1</parameter>
<parameter name="domain">apache.axis2.domain</parameter>
<configurationManager
class="org.apache.axis2.cluster.configuration.TribesConfigurationManager">
<listener
class="org.apache.axis2.cluster.configuration.DefaultConfigurationManagerListener"/>
</configurationManager>
<contextManager
class="org.apache.axis2.cluster.context.TribesContextManager">
<listener
class="org.apache.axis2.cluster.context.DefaultContextManagerListener"/>
</contextManager>
</cluster>
-->
<!-- ================================================= -->
<!-- Phases -->
<!-- ================================================= -->
<phaseOrder type="InFlow">
<!-- System predefined phases -->
<phase name="Transport">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher">
<order phase="Transport"/>
</handler>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher">
<order phase="Transport"/>
</handler>
</phase>
<phase name="Security"/>
<phase name="Addressing">
<handler name="AddressingBasedDispatcher"
class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
<order phase="Addressing"/>
</handler>
</phase>
<phase name="PreDispatch"/>
<phase name="Dispatch"
class="org.apache.axis2.engine.DispatchPhase">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
<handler name="RequestURIOperationDispatcher"
class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
<handler name="SOAPMessageBodyBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
<handler name="HTTPLocationBasedDispatcher"
class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
</phase>
<phase name="RMPhase"/>
<!-- System predefined phases -->
<!-- After Postdispatch phase module author or service author can
add any phase he want -->
<phase name="OperationInPhase"/>
<phase name="soapmonitorPhase"/>
</phaseOrder>
<phaseOrder type="OutFlow">
<!-- user can add his own phases to this area -->
<phase name="soapmonitorPhase"/>
<phase name="OperationOutPhase"/>
<!--system predefined phase-->
<!--these phase will run irrespective of the service-->
<phase name="RMPhase"/>
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
<phase name="Security"/>
</phaseOrder>
<phaseOrder type="InFaultFlow">
<phase name="Addressing">
<handler name="AddressingBasedDispatcher"
class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
<order phase="Addressing"/>
</handler>
</phase>
<phase name="Security"/>
<phase name="PreDispatch"/>
<phase name="Dispatch"
class="org.apache.axis2.engine.DispatchPhase">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
<handler name="RequestURIOperationDispatcher"
class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
<handler name="SOAPMessageBodyBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
<handler name="HTTPLocationBasedDispatcher"
class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
</phase>
<phase name="RMPhase"/>
<!-- user can add his own phases to this area -->
<phase name="OperationInFaultPhase"/>
<phase name="soapmonitorPhase"/>
</phaseOrder>
<phaseOrder type="OutFaultFlow">
<!-- user can add his own phases to this area -->
<phase name="soapmonitorPhase"/>
<phase name="OperationOutFaultPhase"/>
<phase name="RMPhase"/>
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
</phaseOrder>
</axisconfig>