You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Ru...@tieto.com on 2012/05/26 22:52:25 UTC
FW: No user value in rampart configuration policy
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Barrdahl Runo
Sent: den 26 maj 2012 18:12
To: 'java-dev@axis.apache.org'
Subject: No user value in rampart configuration policy
Dear Axis2 Specialist:
I have a problem with an axis2-1.6.2 client using UsernameToken and Addressing.
In no way can I avoid an AxisFault to be thrown in the Stub "No user value in the rampart configuration policy".
First, I have added a policy according to the literature in the wsdl file, see enclosed file, and added in the client axis2.xml the following section at the top:
"
<axisconfig name="AxisJava2.0">
<module ref="rampart"/>
<module ref="metadataExchange" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
</action>
</parameter>
"
I use adb binding, but have also tried xmlbeans, see the Java code generation command:
"
@SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java
@SET AXIS2_HOME=C:\axis2-1.6.2
@SET PATH=%JAVA_HOME%\bin;%PATH%
@REM xmlBeans, new WSDL: Axis2-1.6.2
@REM @C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d xmlbeans -g -u -S ./src -R ./resourcesCustomerCreation
@REM ADB - Axis2-1.6.2
@C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d adb -g -u -S ./src -R ./resourcesCustomerCreation
"
After that, I have, as alternatvies, tried to load the policy in the client, instantiating a RampartConfig object in the client, and numerous other different ways to get rid of the AxisFault in the client.
My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service is available or not does not affect the result, i. e. the thrown AxisFault.
I have even run debug mode in Eclipse using Rampart and wss4j source code, only to find that somewhere inside there a userMissing message is displayed.
I have tested using http and SSL, with identical result.
I have tried all possible combinations in the client Java to set user, and in all various combinations, all with negative result:
"
// UsernameToken:
// 2012-05-21, RunoB String policyPath = new String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
// 2012-05-21, RunoB options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyPath));
// 2012-05-23, RunoB options.setUserName("marginalen"); // removing this, results in: "No user value in the rampart configuration policy"
// 2012-05-23, RunoB: options.setPassword("largimanen"); // 2012-05-23, RunoB: this one causes: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E' (code 69) in prolog; expected '<' at [row,col {unknown-source}]: [1,1]
/* 2012-05-23, RunoB: no effect:
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("marginalen");
rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);
*/
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
// options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
// options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
"
The message never reaches the web service on the server, only if I configure the client erroneously, it might arrive to the service, where some other configuration erros message is displayed, telling me more explicitly that something is wrong. But, as soon as I have changed the client to produce a "correct" soap message, the client throws the axisFault "No user value in the rampart configuration policy"..
I have (for http) in all cases intercepted the final SOAP message in the client stub, just after the AxisFault has been thrown, and and used it to execute it in soapUI with success!
This means that the generated soap message is OK. Nevertheless, the axis2 client throws an AxisFault "No user value in the rampart configuration policy".
I have previously, a few years back, successfully implemented an axis2-1.4.1 client (but at the time, I had to manually complement the policy statement in the stub to avoid errors). Now, for my current problem, I have looked back to configure client and axis2.xml analogously, without success.
I am at a loss as to what could possibly cause the error. Please find enclosed the wsdl file.
I hae seen reported on the web the same text error, but not found any conclusive solution (In fact, there was some instruction, that I followed, but it did not resolve my problem).
In case you have experience from this issue, please send me some advice.
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
mail: runo.barrdahl@tieto.com
tel (direct): 0709-790 407 / +46-709 790 407
tel (central): 010 481 00 00 / +46-10 481 00 00
fax: 08-86 30 56 / +46-8 86 30 56
web: www.tieto.com
RE: FW: No user value in rampart configuration policy
Posted by Ru...@tieto.com.
Dear Haisin:
I have now got rid of the "No user value in rampart configuration policy", but, as I apply the RampartConfig, and Policy etc, I seem to not be able to avoid that two sets of usernameToken tags be created in the outgoing soap message, and the error message "org.apache.axis2.AxisFault: The security token could not be authenticated or authorized" results.
I have tried different combinations of setting data in axis2.xml, and in Java as follows:
"
// options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
// options.setUserName("marginalen");
// options.setPassword("largimanen");
// options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
// options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
"
But find, that it is not enough to use solely RampartConfig. Either I need to set user, etc in axis2.xml-client, or I need to set properties above.
Among the alternatives above, however using "options.setPassword("largimanen");" results in an error message complaing about some "E" in prolog... somewhere.
SSL is now used.
Please find enclosed the client java class, client and service axis2.xml, wsdl and outgoing soap message.
.
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Hasini Gunasinghe [mailto:hasi7786@gmail.com]
Sent: den 27 maj 2012 14:26
To: java-dev@axis.apache.org
Subject: Re: FW: No user value in rampart configuration policy
Hi Runo,
The error you have reported occur if the user name is not found either in service client's options or in rampart config at the time of creating User name token.
According to your description, you have used code generated client stub from the wsdl file which embeds the security policy.
In that case you need to programetically add rampart configuration to the policy.
Please refer step 6 (Setting the Rampart specific configuration details) at http://wso2.org/library/3415#securing_the_client for the correct steps to add rampart config at the client side.
HTH & let us know if you encounter further issues.
Thanks,
Hasini.
On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com>> wrote:
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Barrdahl Runo
Sent: den 26 maj 2012 18:12
To: 'java-dev@axis.apache.org<ma...@axis.apache.org>'
Subject: No user value in rampart configuration policy
Dear Axis2 Specialist:
I have a problem with an axis2-1.6.2 client using UsernameToken and Addressing.
In no way can I avoid an AxisFault to be thrown in the Stub "No user value in the rampart configuration policy".
First, I have added a policy according to the literature in the wsdl file, see enclosed file, and added in the client axis2.xml the following section at the top:
"
<axisconfig name="AxisJava2.0">
<module ref="rampart"/>
<module ref="metadataExchange" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
</action>
</parameter>
"
I use adb binding, but have also tried xmlbeans, see the Java code generation command:
"
@SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java
@SET AXIS2_HOME=C:\axis2-1.6.2
@SET PATH=%JAVA_HOME%\bin;%PATH%
@REM xmlBeans, new WSDL: Axis2-1.6.2
@REM @C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d xmlbeans -g -u -S ./src -R ./resourcesCustomerCreation
@REM ADB - Axis2-1.6.2
@C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d adb -g -u -S ./src -R ./resourcesCustomerCreation
"
After that, I have, as alternatvies, tried to load the policy in the client, instantiating a RampartConfig object in the client, and numerous other different ways to get rid of the AxisFault in the client.
My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service is available or not does not affect the result, i. e. the thrown AxisFault.
I have even run debug mode in Eclipse using Rampart and wss4j source code, only to find that somewhere inside there a userMissing message is displayed.
I have tested using http and SSL, with identical result.
I have tried all possible combinations in the client Java to set user, and in all various combinations, all with negative result:
"
// UsernameToken:
// 2012-05-21, RunoB String policyPath = new String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
// 2012-05-21, RunoB options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyPath));
// 2012-05-23, RunoB options.setUserName("marginalen"); // removing this, results in: "No user value in the rampart configuration policy"
// 2012-05-23, RunoB: options.setPassword("largimanen"); // 2012-05-23, RunoB: this one causes: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E' (code 69) in prolog; expected '<' at [row,col {unknown-source}]: [1,1]
/* 2012-05-23, RunoB: no effect:
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("marginalen");
rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);
*/
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
// options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
// options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
"
The message never reaches the web service on the server, only if I configure the client erroneously, it might arrive to the service, where some other configuration erros message is displayed, telling me more explicitly that something is wrong. But, as soon as I have changed the client to produce a "correct" soap message, the client throws the axisFault "No user value in the rampart configuration policy"..
I have (for http) in all cases intercepted the final SOAP message in the client stub, just after the AxisFault has been thrown, and and used it to execute it in soapUI with success!
This means that the generated soap message is OK. Nevertheless, the axis2 client throws an AxisFault "No user value in the rampart configuration policy".
I have previously, a few years back, successfully implemented an axis2-1.4.1 client (but at the time, I had to manually complement the policy statement in the stub to avoid errors). Now, for my current problem, I have looked back to configure client and axis2.xml analogously, without success.
I am at a loss as to what could possibly cause the error. Please find enclosed the wsdl file.
I hae seen reported on the web the same text error, but not found any conclusive solution (In fact, there was some instruction, that I followed, but it did not resolve my problem).
In case you have experience from this issue, please send me some advice.
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
mail: runo.barrdahl@tieto.com<ma...@tieto.com>
tel (direct): 0709-790 407 / +46-709 790 407<tel:%2B46-709%20790%20407>
tel (central): 010 481 00 00 / +46-10 481 00 00<tel:%2B46-10%20481%2000%2000>
fax: 08-86 30 56 / +46-8 86 30 56<tel:%2B46-8%2086%2030%2056>
web: www.tieto.com<http://www.tieto.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org<ma...@axis.apache.org>
For additional commands, e-mail: java-dev-help@axis.apache.org<ma...@axis.apache.org>
RE: No user value in rampart configuration policy
Posted by Martin Gainty <mg...@hotmail.com>.
yes the RequestData object reqData *expects* the property WSHandlerConstants.USER to be populated before RequestData object reqData is sent to the action.. /*
* For every action we need a username, so get this now. The
* username defined in the deployment descriptor takes precedence.
*/
reqData.setUsername((String) getOption(WSHandlerConstants.USER));
if (reqData.getUsername() == null || reqData.getUsername().length() == 0) {
String username = (String) getProperty(reqData.getMsgContext(), WSHandlerConstants.USER);
if (username != null) {
reqData.setUsername(username);
}
}
...later on reqData is sent to the Action...doSenderAction(doAction, doc, reqData, actions, !msgContext.isServerSide()); you have the option of limiting the properties or elements for the Axis Rampart Module in a InflowConfiguration as seen here:InflowConfiguration ifc = new InflowConfiguration();ifc.setUserName( (String) getProperty(reqData.getMsgContext(), WSHandlerConstants.USER)); or OutflowConfiguration as seen here:InflowConfiguration ifc = new InflowConfiguration();ifc.setUserName( (String) getProperty(reqData.getMsgContext(), WSHandlerConstants.USER));
http://oss.org.cn/ossdocs/apache/axis2-1.0-docs/xdocs/modules/wss4j/1_0/security-module.html
Takk,
Martin Gainty
______________________________________________
Jogi és Bizalmassági kinyilatkoztatás/Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Ez az
üzenet bizalmas. Ha nem ön az akinek szánva volt, akkor kérjük, hogy
jelentse azt nekünk vissza. Semmiféle továbbítása vagy másolatának
készítése nem megengedett. Ez az üzenet csak ismeret cserét szolgál és
semmiféle jogi alkalmazhatósága sincs. Mivel az electronikus üzenetek
könnyen megváltoztathatóak, ezért minket semmi felelöség nem terhelhet
ezen üzenet tartalma miatt.
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
From: Runo.Barrdahl@tieto.com
To: java-dev@axis.apache.org
Date: Tue, 5 Jun 2012 15:02:50 +0300
Subject: RE: FW: No user value in rampart configuration policy
Dear Haisini: May I disturb you with a short question? Could you plese tell me if the following is a correct way of setting in the service client’s option the user name for rampart?:“ configurationContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repositoryPath, axis2XmlPath); accountCreationServiceStub = new AccountCreationServiceStub(configurationContext); serviceClient = accountCreationServiceStub._getServiceClient(); options = serviceClient.getOptions(); options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE); options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");“ Med vänlig hälsning, / Best regards,,
Runo Barrdahl, civ. ing, tekn. lic.
Tieto Sweden AB, Financial Services
From: Hasini Gunasinghe [mailto:hasi7786@gmail.com]
Sent: den 27 maj 2012 14:26
To: java-dev@axis.apache.org
Subject: Re: FW: No user value in rampart configuration policy Hi Runo,
The error you have reported occur if the user name is not found either in service client's options or in rampart config at the time of creating User name token.
According to your description, you have used code generated client stub from the wsdl file which embeds the security policy.
In that case you need to programetically add rampart configuration to the policy.
Please refer step 6 (Setting the Rampart specific configuration details) at http://wso2.org/library/3415#securing_the_client for the correct steps to add rampart config at the client side.
HTH & let us know if you encounter further issues.
Thanks,
Hasini.On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com> wrote: Med vänlig hälsning, / Best Regards, Runo Barrdahl, civ ing, tekn lic Tieto Sweden AB, Financial Services From: Barrdahl Runo
Sent: den 26 maj 2012 18:12
To: 'java-dev@axis.apache.org'
Subject: No user value in rampart configuration policy Dear Axis2 Specialist: I have a problem with an axis2-1.6.2 client using UsernameToken and Addressing.In no way can I avoid an AxisFault to be thrown in the Stub “No user value in the rampart configuration policy”. First, I have added a policy according to the literature in the wsdl file, see enclosed file, and added in the client axis2.xml the following section at the top:“<axisconfig name="AxisJava2.0"> <module ref="rampart"/> <module ref="metadataExchange" /> <parameter name="OutflowSecurity"> <action> <items>UsernameToken</items> <passwordType>PasswordText</passwordType> </action> </parameter>“I use adb binding, but have also tried xmlbeans, see the Java code generation command:“@SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java@SET AXIS2_HOME=C:\axis2-1.6.2@SET PATH=%JAVA_HOME%\bin;%PATH% @REM xmlBeans, new WSDL: Axis2-1.6.2@REM @C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d xmlbeans -g -u -S ./src -R ./resourcesCustomerCreation @REM ADB - Axis2-1.6.2@C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d adb -g -u -S ./src -R ./resourcesCustomerCreation“ After that, I have, as alternatvies, tried to load the policy in the client, instantiating a RampartConfig object in the client, and numerous other different ways to get rid of the AxisFault in the client. My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service is available or not does not affect the result, i. e. the thrown AxisFault. I have even run debug mode in Eclipse using Rampart and wss4j source code, only to find that somewhere inside there a userMissing message is displayed.I have tested using http and SSL, with identical result.I have tried all possible combinations in the client Java to set user, and in all various combinations, all with negative result:“// UsernameToken:// 2012-05-21, RunoB String policyPath = new String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");// 2012-05-21, RunoB options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyPath)); // 2012-05-23, RunoB options.setUserName("marginalen"); // removing this, results in: "No user value in the rampart configuration policy"// 2012-05-23, RunoB: options.setPassword("largimanen"); // 2012-05-23, RunoB: this one causes: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E' (code 69) in prolog; expected '<' at [row,col {unknown-source}]: [1,1] /* 2012-05-23, RunoB: no effect: RampartConfig rampartConfig = new RampartConfig(); rampartConfig.setUser("marginalen"); rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager"); options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);*/ options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE); options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");// options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);// options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE); “ The message never reaches the web service on the server, only if I configure the client erroneously, it might arrive to the service, where some other configuration erros message is displayed, telling me more explicitly that something is wrong. But, as soon as I have changed the client to produce a “correct” soap message, the client throws the axisFault “No user value in the rampart configuration policy”.. I have (for http) in all cases intercepted the final SOAP message in the client stub, just after the AxisFault has been thrown, and and used it to execute it in soapUI with success! This means that the generated soap message is OK. Nevertheless, the axis2 client throws an AxisFault “No user value in the rampart configuration policy”. I have previously, a few years back, successfully implemented an axis2-1.4.1 client (but at the time, I had to manually complement the policy statement in the stub to avoid errors). Now, for my current problem, I have looked back to configure client and axis2.xml analogously, without success. I am at a loss as to what could possibly cause the error. Please find enclosed the wsdl file. I hae seen reported on the web the same text error, but not found any conclusive solution (In fact, there was some instruction, that I followed, but it did not resolve my problem). In case you have experience from this issue, please send me some advice. Med vänlig hälsning, / Best Regards, Runo Barrdahl, civ ing, tekn lic Tieto Sweden AB, Financial Servicesmail: runo.barrdahl@tieto.comtel (direct): 0709-790 407 / +46-709 790 407tel (central): 010 481 00 00 / +46-10 481 00 00fax: 08-86 30 56 / +46-8 86 30 56web: www.tieto.com
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
RE: FW: No user value in rampart configuration policy
Posted by Ru...@tieto.com.
Dear Haisini:
May I disturb you with a short question?
Could you plese tell me if the following is a correct way of setting in the service client's option the user name for rampart?:
"
configurationContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repositoryPath, axis2XmlPath);
accountCreationServiceStub = new AccountCreationServiceStub(configurationContext);
serviceClient = accountCreationServiceStub._getServiceClient();
options = serviceClient.getOptions();
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
"
Med vänlig hälsning, / Best regards,,
Runo Barrdahl, civ. ing, tekn. lic.
Tieto Sweden AB, Financial Services
From: Hasini Gunasinghe [mailto:hasi7786@gmail.com]
Sent: den 27 maj 2012 14:26
To: java-dev@axis.apache.org
Subject: Re: FW: No user value in rampart configuration policy
Hi Runo,
The error you have reported occur if the user name is not found either in service client's options or in rampart config at the time of creating User name token.
According to your description, you have used code generated client stub from the wsdl file which embeds the security policy.
In that case you need to programetically add rampart configuration to the policy.
Please refer step 6 (Setting the Rampart specific configuration details) at http://wso2.org/library/3415#securing_the_client for the correct steps to add rampart config at the client side.
HTH & let us know if you encounter further issues.
Thanks,
Hasini.
On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com>> wrote:
Med vänlig hälsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Barrdahl Runo
Sent: den 26 maj 2012 18:12
To: 'java-dev@axis.apache.org<ma...@axis.apache.org>'
Subject: No user value in rampart configuration policy
Dear Axis2 Specialist:
I have a problem with an axis2-1.6.2 client using UsernameToken and Addressing.
In no way can I avoid an AxisFault to be thrown in the Stub "No user value in the rampart configuration policy".
First, I have added a policy according to the literature in the wsdl file, see enclosed file, and added in the client axis2.xml the following section at the top:
"
<axisconfig name="AxisJava2.0">
<module ref="rampart"/>
<module ref="metadataExchange" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
</action>
</parameter>
"
I use adb binding, but have also tried xmlbeans, see the Java code generation command:
"
@SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java
@SET AXIS2_HOME=C:\axis2-1.6.2
@SET PATH=%JAVA_HOME%\bin;%PATH%
@REM xmlBeans, new WSDL: Axis2-1.6.2
@REM @C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d xmlbeans -g -u -S ./src -R ./resourcesCustomerCreation
@REM ADB - Axis2-1.6.2
@C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d adb -g -u -S ./src -R ./resourcesCustomerCreation
"
After that, I have, as alternatvies, tried to load the policy in the client, instantiating a RampartConfig object in the client, and numerous other different ways to get rid of the AxisFault in the client.
My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service is available or not does not affect the result, i. e. the thrown AxisFault.
I have even run debug mode in Eclipse using Rampart and wss4j source code, only to find that somewhere inside there a userMissing message is displayed.
I have tested using http and SSL, with identical result.
I have tried all possible combinations in the client Java to set user, and in all various combinations, all with negative result:
"
// UsernameToken:
// 2012-05-21, RunoB String policyPath = new String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
// 2012-05-21, RunoB options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyPath));
// 2012-05-23, RunoB options.setUserName("marginalen"); // removing this, results in: "No user value in the rampart configuration policy"
// 2012-05-23, RunoB: options.setPassword("largimanen"); // 2012-05-23, RunoB: this one causes: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E' (code 69) in prolog; expected '<' at [row,col {unknown-source}]: [1,1]
/* 2012-05-23, RunoB: no effect:
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("marginalen");
rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);
*/
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
// options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
// options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
"
The message never reaches the web service on the server, only if I configure the client erroneously, it might arrive to the service, where some other configuration erros message is displayed, telling me more explicitly that something is wrong. But, as soon as I have changed the client to produce a "correct" soap message, the client throws the axisFault "No user value in the rampart configuration policy"..
I have (for http) in all cases intercepted the final SOAP message in the client stub, just after the AxisFault has been thrown, and and used it to execute it in soapUI with success!
This means that the generated soap message is OK. Nevertheless, the axis2 client throws an AxisFault "No user value in the rampart configuration policy".
I have previously, a few years back, successfully implemented an axis2-1.4.1 client (but at the time, I had to manually complement the policy statement in the stub to avoid errors). Now, for my current problem, I have looked back to configure client and axis2.xml analogously, without success.
I am at a loss as to what could possibly cause the error. Please find enclosed the wsdl file.
I hae seen reported on the web the same text error, but not found any conclusive solution (In fact, there was some instruction, that I followed, but it did not resolve my problem).
In case you have experience from this issue, please send me some advice.
Med vänlig hälsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
mail: runo.barrdahl@tieto.com<ma...@tieto.com>
tel (direct): 0709-790 407 / +46-709 790 407<tel:%2B46-709%20790%20407>
tel (central): 010 481 00 00 / +46-10 481 00 00<tel:%2B46-10%20481%2000%2000>
fax: 08-86 30 56 / +46-8 86 30 56<tel:%2B46-8%2086%2030%2056>
web: www.tieto.com<http://www.tieto.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org<ma...@axis.apache.org>
For additional commands, e-mail: java-dev-help@axis.apache.org<ma...@axis.apache.org>
Re: FW: No user value in rampart configuration policy
Posted by Hasini Gunasinghe <ha...@gmail.com>.
Hi Runo,
Adding rampart config programetically and setting SSL related system
properties is sufficient to get this scenario working.
You do not need to perform any other steps that you have mentioned- such as
editing axis2-client.xml and setting other properties, to get it work.
Thanks,
Hasini.
On Sun, May 27, 2012 at 10:54 PM, <Ru...@tieto.com> wrote:
> Dear Hasini:****
>
> ** **
>
> Thankyou for your kind and quick response.****
>
> I have tried, sofar without full success, to follow the instructions
> provided in the reference indicated below.****
>
> ** **
>
> Please find enclosed my Client implementation.****
>
> In particular, note that I actually DO set user name in the
> serviceClient’s options (opterions.setProperty(…).****
>
> ** **
>
> I did, following instructions for client in the reference indicated,
> starting at section 6, I entered the following section of code:****
>
> “****
>
> ** **
>
> RampartConfig rampartConfig = *new* RampartConfig();*
> ***
>
> rampartConfig.setUser("marginalen");****
>
> rampartConfig.setPwCbClass(
> "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");****
>
> // 2012-05-27, RunoB
> options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);****
>
> ** **
>
> Policy policy = *new* Policy();****
>
> policy.addAssertion(rampartConfig);****
>
> ** **
>
> // Policy rampartConfig = getRampartConfig();****
>
> ** **
>
>
> serviceClient.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY,
> policy);****
>
> // serviceClient.getAxisService().applyPolicy(policy);**
> **
>
> ** **
>
> “****
>
> The Statement “serviceClient.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY,
> policy);****
>
> ” contains deprecated methods – should it really be used?****
>
> As regards the method “getRampartConfig()”, I have no access to its
> contents.****
>
> ** **
>
> That did in fact remove the AxisFault “No user value in rampart
> configuration policy, but on the other hand, it renedered 4 usernameToken
> entries in the soap message. (after I had added the following code snippet:
> ****
>
> “****
>
>
> options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
> Boolean.TRUE);****
>
> ** **
>
> options.setProperty(WSHandlerConstants.USER, "*
> marginalen*"); // 2012-04-28, RunoB: Required for UsernameToken****
>
>
> options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
> "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");****
>
> ** **
>
> “****
>
> ** **
>
> It was not necessary in axis2-1.4.1 to programmatically ad a RamprtConfig
> to Policy, etc.****
>
> I do not find any full manual how to set up UsernameToken in all its
> details, in order to make it work properly.****
>
> ** **
>
> Med vänlig hälsning, / Best Regards,****
>
> ** **
>
> Runo Barrdahl, civ ing, tekn lic****
>
> ** **
>
> Tieto Sweden AB, Financial Services****
>
> ** **
>
> *From:* Hasini Gunasinghe [mailto:hasi7786@gmail.com]
> *Sent:* den 27 maj 2012 14:26
> *To:* java-dev@axis.apache.org
> *Subject:* Re: FW: No user value in rampart configuration policy****
>
> ** **
>
> Hi Runo,
>
> The error you have reported occur if the user name is not found either in
> service client's options or in rampart config at the time of creating User
> name token.
>
> According to your description, you have used code generated client stub
> from the wsdl file which embeds the security policy.
> In that case you need to programetically add rampart configuration to the
> policy.
>
> Please refer step 6 (Setting the Rampart specific configuration details)
> at http://wso2.org/library/3415#securing_the_client for the correct steps
> to add rampart config at the client side.
>
> HTH & let us know if you encounter further issues.
>
> Thanks,
> Hasini.****
>
> On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com> wrote:****
>
> ****
>
> ****
>
> Med vänlig hälsning, / Best Regards,****
>
> ****
>
> Runo Barrdahl, civ ing, tekn lic****
>
> ****
>
> Tieto Sweden AB, Financial Services****
>
> ****
>
> *From:* Barrdahl Runo
> *Sent:* den 26 maj 2012 18:12
> *To:* 'java-dev@axis.apache.org'
> *Subject:* No user value in rampart configuration policy****
>
> ****
>
> Dear Axis2 Specialist:****
>
> ****
>
> I have a problem with an axis2-1.6.2 client using UsernameToken and
> Addressing.****
>
> In no way can I avoid an AxisFault to be thrown in the Stub “No user value
> in the rampart configuration policy”.****
>
> ****
>
> First, I have added a policy according to the literature in the wsdl file,
> see enclosed file, and added in the client axis2.xml the following section
> at the top:****
>
> “****
>
> <axisconfig name="AxisJava2.0">****
>
> ****
>
> <module *ref*="rampart"/>****
>
> <module *ref*="metadataExchange" />****
>
> ****
>
> <parameter name="OutflowSecurity">****
>
> <action>****
>
> <items>UsernameToken</items>****
>
> <passwordType>PasswordText</passwordType>****
>
> </action>****
>
> </parameter>****
>
> “****
>
> I use adb binding, but have also tried xmlbeans, see the Java code
> generation command:****
>
> “****
>
> @SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java****
>
> @SET AXIS2_HOME=C:\axis2-1.6.2****
>
> @SET PATH=%JAVA_HOME%\bin;%PATH%****
>
> ****
>
> ****
>
> @REM xmlBeans, new WSDL: Axis2-1.6.2****
>
> @REM @C:\axis2-1.6.2\bin\wsdl2java.bat -*uri* ./*wsdl*/CustomerCreationService.wsdl
> -o ./ -p com.tieto.ws.axis2.customercreation.service -*ss* -*sd* -or -d *
> xmlbeans* -g -u -S ./*src* -R ./resourcesCustomerCreation****
>
> ****
>
> ****
>
> @REM ADB - Axis2-1.6.2****
>
> @C:\axis2-1.6.2\bin\wsdl2java.bat -*uri* ./*wsdl*/CustomerCreationService.wsdl
> -o ./ -p com.tieto.ws.axis2.customercreation.service -*ss* -*sd* -or -d *
> adb* -g -u -S ./*src* -R ./resourcesCustomerCreation****
>
> “****
>
> ****
>
> After that, I have, as alternatvies, tried to load the policy in the
> client, instantiating a RampartConfig object in the client, and numerous
> other different ways to get rid of the AxisFault in the client.****
>
> ****
>
> My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in
> Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service
> is available or not does not affect the result, i. e. the thrown AxisFault.
> ****
>
> ****
>
> I have even run debug mode in Eclipse using Rampart and wss4j source code,
> only to find that somewhere inside there a userMissing message is displayed.
> ****
>
> I have tested using http and SSL, with identical result.****
>
> I have tried all possible combinations in the client Java to set user, and
> in all various combinations, all with negative result:****
>
> “****
>
> // UsernameToken:****
>
> // 2012-05-21, RunoB String policyPath = new
> String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
> ****
>
> // 2012-05-21, RunoB
> options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
> loadPolicy(policyPath));****
>
> ****
>
> // 2012-05-23, RunoB options.setUserName("*marginalen*"); //
> removing this, results in: "No user value in the rampart configuration
> policy"****
>
> // 2012-05-23, RunoB: options.setPassword("*largimanen*"); //
> 2012-05-23, RunoB: this one causes:
> com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E'
> (code 69) in prolog; expected '<' at [row,*col* {unknown-source}]: [1,1]**
> **
>
> ****
>
> /* 2012-05-23, RunoB: no effect:****
>
> RampartConfig rampartConfig = new RampartConfig();***
> *
>
> rampartConfig.setUser("*marginalen*");****
>
>
> rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
> ****
>
> options.setProperty(RampartConfig.RAMPART_CONFIG_LN,
> rampartConfig);****
>
> */****
>
> ****
>
>
> options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
> Boolean.TRUE);****
>
> ****
>
> options.setProperty(WSHandlerConstants.USER, "*
> marginalen*"); // 2012-04-28, RunoB: Required for UsernameToken****
>
>
> options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
> "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");****
>
> //
> options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
> ****
>
> //
> options.setProperty(Constants.Configuration.ENABLE_MTOM,
> Constants.VALUE_TRUE);****
>
> ****
>
> “****
>
> ****
>
> The message never reaches the web service on the server, only if I
> configure the client erroneously, it might arrive to the service, where
> some other configuration erros message is displayed, telling me more
> explicitly that something is wrong. But, as soon as I have changed the
> client to produce a “correct” soap message, the client throws the axisFault
> “No user value in the rampart configuration policy”..****
>
> ****
>
> I have (for http) in all cases intercepted the final SOAP message in the
> client stub, just after the AxisFault has been thrown, and and used it to
> execute it in soapUI with success! ****
>
> This means that the generated soap message is OK. Nevertheless, the axis2
> client throws an AxisFault “No user value in the rampart configuration
> policy”.****
>
> ****
>
> I have previously, a few years back, successfully implemented an
> axis2-1.4.1 client (but at the time, I had to manually complement the
> policy statement in the stub to avoid errors). Now, for my current problem,
> I have looked back to configure client and axis2.xml analogously, without
> success.****
>
> ****
>
> I am at a loss as to what could possibly cause the error. Please find
> enclosed the wsdl file.****
>
> ****
>
> I hae seen reported on the web the same text error, but not found any
> conclusive solution (In fact, there was some instruction, that I followed,
> but it did not resolve my problem).****
>
> ****
>
> In case you have experience from this issue, please send me some advice.*
> ***
>
> ****
>
> ****
>
> ****
>
> Med vänlig hälsning, / Best Regards,****
>
> ****
>
> Runo Barrdahl, civ ing, tekn lic****
>
> ****
>
> Tieto Sweden AB, Financial Services****
>
> mail: runo.barrdahl@tieto.com****
>
> tel (direct): 0709-790 407 / +46-709 790 407****
>
> tel (central): 010 481 00 00 / +46-10 481 00 00****
>
> fax: 08-86 30 56 / +46-8 86 30 56****
>
> web: www.tieto.com****
>
> ****
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org****
>
> ** **
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>
RE: FW: No user value in rampart configuration policy
Posted by Ru...@tieto.com.
Dear Hasini:
Thankyou for your kind and quick response.
I have tried, sofar without full success, to follow the instructions provided in the reference indicated below.
Please find enclosed my Client implementation.
In particular, note that I actually DO set user name in the serviceClient's options (opterions.setProperty(...).
I did, following instructions for client in the reference indicated, starting at section 6, I entered the following section of code:
"
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("marginalen");
rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
// 2012-05-27, RunoB options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);
Policy policy = new Policy();
policy.addAssertion(rampartConfig);
// Policy rampartConfig = getRampartConfig();
serviceClient.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, policy);
// serviceClient.getAxisService().applyPolicy(policy);
"
The Statement "serviceClient.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, policy);
" contains deprecated methods - should it really be used?
As regards the method "getRampartConfig()", I have no access to its contents.
That did in fact remove the AxisFault "No user value in rampart configuration policy, but on the other hand, it renedered 4 usernameToken entries in the soap message. (after I had added the following code snippet:
"
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
"
It was not necessary in axis2-1.4.1 to programmatically ad a RamprtConfig to Policy, etc.
I do not find any full manual how to set up UsernameToken in all its details, in order to make it work properly.
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Hasini Gunasinghe [mailto:hasi7786@gmail.com]
Sent: den 27 maj 2012 14:26
To: java-dev@axis.apache.org
Subject: Re: FW: No user value in rampart configuration policy
Hi Runo,
The error you have reported occur if the user name is not found either in service client's options or in rampart config at the time of creating User name token.
According to your description, you have used code generated client stub from the wsdl file which embeds the security policy.
In that case you need to programetically add rampart configuration to the policy.
Please refer step 6 (Setting the Rampart specific configuration details) at http://wso2.org/library/3415#securing_the_client for the correct steps to add rampart config at the client side.
HTH & let us know if you encounter further issues.
Thanks,
Hasini.
On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com>> wrote:
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
From: Barrdahl Runo
Sent: den 26 maj 2012 18:12
To: 'java-dev@axis.apache.org<ma...@axis.apache.org>'
Subject: No user value in rampart configuration policy
Dear Axis2 Specialist:
I have a problem with an axis2-1.6.2 client using UsernameToken and Addressing.
In no way can I avoid an AxisFault to be thrown in the Stub "No user value in the rampart configuration policy".
First, I have added a policy according to the literature in the wsdl file, see enclosed file, and added in the client axis2.xml the following section at the top:
"
<axisconfig name="AxisJava2.0">
<module ref="rampart"/>
<module ref="metadataExchange" />
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<passwordType>PasswordText</passwordType>
</action>
</parameter>
"
I use adb binding, but have also tried xmlbeans, see the Java code generation command:
"
@SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java
@SET AXIS2_HOME=C:\axis2-1.6.2
@SET PATH=%JAVA_HOME%\bin;%PATH%
@REM xmlBeans, new WSDL: Axis2-1.6.2
@REM @C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d xmlbeans -g -u -S ./src -R ./resourcesCustomerCreation
@REM ADB - Axis2-1.6.2
@C:\axis2-1.6.2\bin\wsdl2java.bat -uri ./wsdl/CustomerCreationService.wsdl -o ./ -p com.tieto.ws.axis2.customercreation.service -ss -sd -or -d adb -g -u -S ./src -R ./resourcesCustomerCreation
"
After that, I have, as alternatvies, tried to load the policy in the client, instantiating a RampartConfig object in the client, and numerous other different ways to get rid of the AxisFault in the client.
My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service is available or not does not affect the result, i. e. the thrown AxisFault.
I have even run debug mode in Eclipse using Rampart and wss4j source code, only to find that somewhere inside there a userMissing message is displayed.
I have tested using http and SSL, with identical result.
I have tried all possible combinations in the client Java to set user, and in all various combinations, all with negative result:
"
// UsernameToken:
// 2012-05-21, RunoB String policyPath = new String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
// 2012-05-21, RunoB options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(policyPath));
// 2012-05-23, RunoB options.setUserName("marginalen"); // removing this, results in: "No user value in the rampart configuration policy"
// 2012-05-23, RunoB: options.setPassword("largimanen"); // 2012-05-23, RunoB: this one causes: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E' (code 69) in prolog; expected '<' at [row,col {unknown-source}]: [1,1]
/* 2012-05-23, RunoB: no effect:
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("marginalen");
rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
options.setProperty(RampartConfig.RAMPART_CONFIG_LN, rampartConfig);
*/
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, Boolean.TRUE);
options.setProperty(WSHandlerConstants.USER, "marginalen"); // 2012-04-28, RunoB: Required for UsernameToken
options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS, "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
// options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
// options.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
"
The message never reaches the web service on the server, only if I configure the client erroneously, it might arrive to the service, where some other configuration erros message is displayed, telling me more explicitly that something is wrong. But, as soon as I have changed the client to produce a "correct" soap message, the client throws the axisFault "No user value in the rampart configuration policy"..
I have (for http) in all cases intercepted the final SOAP message in the client stub, just after the AxisFault has been thrown, and and used it to execute it in soapUI with success!
This means that the generated soap message is OK. Nevertheless, the axis2 client throws an AxisFault "No user value in the rampart configuration policy".
I have previously, a few years back, successfully implemented an axis2-1.4.1 client (but at the time, I had to manually complement the policy statement in the stub to avoid errors). Now, for my current problem, I have looked back to configure client and axis2.xml analogously, without success.
I am at a loss as to what could possibly cause the error. Please find enclosed the wsdl file.
I hae seen reported on the web the same text error, but not found any conclusive solution (In fact, there was some instruction, that I followed, but it did not resolve my problem).
In case you have experience from this issue, please send me some advice.
Med v�nlig h�lsning, / Best Regards,
Runo Barrdahl, civ ing, tekn lic
Tieto Sweden AB, Financial Services
mail: runo.barrdahl@tieto.com<ma...@tieto.com>
tel (direct): 0709-790 407 / +46-709 790 407<tel:%2B46-709%20790%20407>
tel (central): 010 481 00 00 / +46-10 481 00 00<tel:%2B46-10%20481%2000%2000>
fax: 08-86 30 56 / +46-8 86 30 56<tel:%2B46-8%2086%2030%2056>
web: www.tieto.com<http://www.tieto.com>
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org<ma...@axis.apache.org>
For additional commands, e-mail: java-dev-help@axis.apache.org<ma...@axis.apache.org>
Re: FW: No user value in rampart configuration policy
Posted by Hasini Gunasinghe <ha...@gmail.com>.
Hi Runo,
The error you have reported occur if the user name is not found either in
service client's options or in rampart config at the time of creating User
name token.
According to your description, you have used code generated client stub
from the wsdl file which embeds the security policy.
In that case you need to programetically add rampart configuration to the
policy.
Please refer step 6 (Setting the Rampart specific configuration details) at
http://wso2.org/library/3415#securing_the_client for the correct steps to
add rampart config at the client side.
HTH & let us know if you encounter further issues.
Thanks,
Hasini.
On Sun, May 27, 2012 at 2:22 AM, <Ru...@tieto.com> wrote:
> ** **
>
> ** **
>
> Med vänlig hälsning, / Best Regards,****
>
> ** **
>
> Runo Barrdahl, civ ing, tekn lic****
>
> ** **
>
> Tieto Sweden AB, Financial Services****
>
> ** **
>
> *From:* Barrdahl Runo
> *Sent:* den 26 maj 2012 18:12
> *To:* 'java-dev@axis.apache.org'
> *Subject:* No user value in rampart configuration policy****
>
> ** **
>
> Dear Axis2 Specialist:****
>
> ** **
>
> I have a problem with an axis2-1.6.2 client using UsernameToken and
> Addressing.****
>
> In no way can I avoid an AxisFault to be thrown in the Stub “No user value
> in the rampart configuration policy”.****
>
> ** **
>
> First, I have added a policy according to the literature in the wsdl file,
> see enclosed file, and added in the client axis2.xml the following section
> at the top:****
>
> “****
>
> <axisconfig name="AxisJava2.0">****
>
> ** **
>
> <module *ref*="rampart"/>****
>
> <module *ref*="metadataExchange" />****
>
> ** **
>
> <parameter name="OutflowSecurity">****
>
> <action>****
>
> <items>UsernameToken</items>****
>
> <passwordType>PasswordText</passwordType>****
>
> </action>****
>
> </parameter>****
>
> “****
>
> I use adb binding, but have also tried xmlbeans, see the Java code
> generation command:****
>
> “****
>
> @SET JAVA_HOME=C:\IBM\WAS61\WebSphere\AppServer\java****
>
> @SET AXIS2_HOME=C:\axis2-1.6.2****
>
> @SET PATH=%JAVA_HOME%\bin;%PATH%****
>
> ** **
>
> ** **
>
> @REM xmlBeans, new WSDL: Axis2-1.6.2****
>
> @REM @C:\axis2-1.6.2\bin\wsdl2java.bat -*uri* ./*wsdl*/CustomerCreationService.wsdl
> -o ./ -p com.tieto.ws.axis2.customercreation.service -*ss* -*sd* -or -d *
> xmlbeans* -g -u -S ./*src* -R ./resourcesCustomerCreation****
>
> ** **
>
> ** **
>
> @REM ADB - Axis2-1.6.2****
>
> @C:\axis2-1.6.2\bin\wsdl2java.bat -*uri* ./*wsdl*/CustomerCreationService.wsdl
> -o ./ -p com.tieto.ws.axis2.customercreation.service -*ss* -*sd* -or -d *
> adb* -g -u -S ./*src* -R ./resourcesCustomerCreation****
>
> “****
>
> ** **
>
> After that, I have, as alternatvies, tried to load the policy in the
> client, instantiating a RampartConfig object in the client, and numerous
> other different ways to get rid of the AxisFault in the client.****
>
> ** **
>
> My laptop is Windows 7, 64 bit, and I can run the client in Eclipse, in
> Tomcat or in IBM WebSphere 6.1, with identical result. Whether the service
> is available or not does not affect the result, i. e. the thrown AxisFault.
> ****
>
> ** **
>
> I have even run debug mode in Eclipse using Rampart and wss4j source code,
> only to find that somewhere inside there a userMissing message is displayed.
> ****
>
> I have tested using http and SSL, with identical result.****
>
> I have tried all possible combinations in the client Java to set user, and
> in all various combinations, all with negative result:****
>
> “****
>
> // UsernameToken:****
>
> // 2012-05-21, RunoB String policyPath = new
> String("C:/IBM/WAS61/WebSphere/AppServer/profiles/AppSrv01/installedApps/WL2007481Node01Cell/marginalenAxis2WSClient_war.ear/marginalenAxis2WSClient-localhostWAS.war/WEB-INF/properties/clientPolicy.xml");
> ****
>
> // 2012-05-21, RunoB
> options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
> loadPolicy(policyPath));****
>
> ** **
>
> // 2012-05-23, RunoB options.setUserName("*marginalen*"); //
> removing this, results in: "No user value in the rampart configuration
> policy"****
>
> // 2012-05-23, RunoB: options.setPassword("*largimanen*"); //
> 2012-05-23, RunoB: this one causes:
> com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character 'E'
> (code 69) in prolog; expected '<' at [row,*col* {unknown-source}]: [1,1]**
> **
>
> ** **
>
> /* 2012-05-23, RunoB: no effect:****
>
> RampartConfig rampartConfig = new RampartConfig();***
> *
>
> rampartConfig.setUser("*marginalen*");****
>
>
> rampartConfig.setPwCbClass("com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");
> ****
>
> options.setProperty(RampartConfig.RAMPART_CONFIG_LN,
> rampartConfig);****
>
> */****
>
> ** **
>
>
> options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
> Boolean.TRUE);****
>
> ** **
>
> options.setProperty(WSHandlerConstants.USER, "*
> marginalen*"); // 2012-04-28, RunoB: Required for UsernameToken****
>
>
> options.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
> "com.tieto.ws.axis2.callback.UsernameTokenCallbackManager");****
>
> //
> options.setProperty(Constants.Configuration.ENABLE_REST,Constants.VALUE_FALSE);
> ****
>
> //
> options.setProperty(Constants.Configuration.ENABLE_MTOM,
> Constants.VALUE_TRUE);****
>
> ** **
>
> “****
>
> ** **
>
> The message never reaches the web service on the server, only if I
> configure the client erroneously, it might arrive to the service, where
> some other configuration erros message is displayed, telling me more
> explicitly that something is wrong. But, as soon as I have changed the
> client to produce a “correct” soap message, the client throws the axisFault
> “No user value in the rampart configuration policy”..****
>
> ** **
>
> I have (for http) in all cases intercepted the final SOAP message in the
> client stub, just after the AxisFault has been thrown, and and used it to
> execute it in soapUI with success! ****
>
> This means that the generated soap message is OK. Nevertheless, the axis2
> client throws an AxisFault “No user value in the rampart configuration
> policy”.****
>
> ** **
>
> I have previously, a few years back, successfully implemented an
> axis2-1.4.1 client (but at the time, I had to manually complement the
> policy statement in the stub to avoid errors). Now, for my current problem,
> I have looked back to configure client and axis2.xml analogously, without
> success.****
>
> ** **
>
> I am at a loss as to what could possibly cause the error. Please find
> enclosed the wsdl file.****
>
> ** **
>
> I hae seen reported on the web the same text error, but not found any
> conclusive solution (In fact, there was some instruction, that I followed,
> but it did not resolve my problem).****
>
> ** **
>
> In case you have experience from this issue, please send me some advice.*
> ***
>
> ** **
>
> ** **
>
> ** **
>
> Med vänlig hälsning, / Best Regards,****
>
> ** **
>
> Runo Barrdahl, civ ing, tekn lic****
>
> ** **
>
> Tieto Sweden AB, Financial Services****
>
> mail: runo.barrdahl@tieto.com****
>
> tel (direct): 0709-790 407 / +46-709 790 407****
>
> tel (central): 010 481 00 00 / +46-10 481 00 00****
>
> fax: 08-86 30 56 / +46-8 86 30 56****
>
> web: www.tieto.com****
>
> ** **
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
> For additional commands, e-mail: java-dev-help@axis.apache.org
>