You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Seshi Patibanda <se...@yahoo.com> on 2009/01/24 03:58:02 UTC
Rampart policy to include generated SAML assertion token!!

Hi all,
 
I am trying to include a SAML token that was generated by the security provider and passed to us as a Session attribute (at Runtime). For testing, I have retrieved the SAML assertion token externally and attempting to include in the SOAP header by hard-coding the token in the mySamlPolicy.xml file. All I need to do (for testing) is just pass the retrieved SAML token to the remote web service (SSL-enabled) via SOAP header in the request.
 
Deployed Apache Rampart 1.4 module correctly as per the samples. Using Axis2 client and stubs generated by WSDL2Java tool. Also, using a policy based approach (mySamlPolicy.xml attached). I can see the <wsse:Security> header but NO assertion token included in the SOAP header. Assertion tag shown in the policy file is truncated (for security reasons). 
 
Any feedback/suggestions in this regard is highly appreciated. 
 
Thanks,
 
Seshi P.
 
 
SOAP request message:
===========================================================================
DEBUG [httpclient.wire.content] >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header>[\n]"
[java] DEBUG [httpclient.wire.content] >> "<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-20735553"><wsu:Created>2009-01-24T00:44:49.546Z</wsu:Created><wsu:Expires>2009-01-24T00:49:49.546Z</wsu:Expires></wsu:Timestamp></wsse:Security></soapenv:Header><soapenv:Body><ns1:echo xmlns:ns1="urn:us.mil.osd.atl.avsoa.echo"><ns1:message>Hello Seshi!</ns1:message></ns1:echo></soapenv:Body></soapenv:Envelope>"
[java] 
==========================================================================
 
SOAP response message received:
==========================================================================
 
DEBUG [org.apache.commons.httpclient.methods.EntityEnclosingMethod] Request body sent
     [java] DEBUG [httpclient.wire.header] << "HTTP/1.1 500 Internal Server Error[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "HTTP/1.1 500 Internal Server Error[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "Server: Apache-Coyote/1.1[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "Content-Type: text/xml;charset=UTF-8[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "Content-Length: 223[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "Date: Sat, 24 Jan 2009 00:44:14 GMT[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "Connection: close[\r][\n]"
     [java] DEBUG [httpclient.wire.header] << "[\r][\n]"
     [java] DEBUG [httpclient.wire.content] << "<soa"
     [java] DEBUG [httpclient.wire.content] << "p:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>No SAML Assertion was found!</faultstring></soap:Fault></soap:Body></soap:Envelope>"
     [java] ERROR [org.apache.axis2.engine.AxisEngine] SOAP header missing
     [java] org.apache.axis2.AxisFault: SOAP header missing
============================================================================