You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Matt Graham <ge...@gmail.com> on 2010/09/10 00:05:36 UTC
[AXIS2] - Adding ws-security headers from wsdl2java generated client...
My head asplode. If someone can point me in the right direction here, I'll
be very grateful.
I have a third party wsdl which I've used (wsdl2java) to generate my client
stub and test classes. When I run my test, the SOAP message is being
generated just fine, but the ws-security headers are forever missing.
With all the weblogs, tutorials and posts I've read, I've gotten all turned
around.
Here is what I've done, and a few clarifying questions:
WSDL: Looking at the wsdl, there is nothing there about security policies,
etc. Actually, nothing at all about security that I can see. Does there
need to be? (Not that I have any control over this... just trying to
understand.)
STUB: I've left the stub untouched, and can use it's methods, and call to
the web service successfully (except for the security errors.)
RAMPART: I've been trying to use Rampart to enable security, and add the
headers. To do this, I've unzipped the axis2-1.5 zip and the Rampart 1.5
zip together so the repository/modules directory would have all the right
files.
TEST: Then, in my test code, I added the following:
...
ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("src/test/java/com/thirdparty/soap/user/axis2-1.5/repository",
null);
com.pearson.soap.user.UserManagementStub stub = new
com.pearson.soap.user.UserManagementStub(ctx);
ServiceClient sc = stub._getServiceClient();
sc.engageModule("rampart");
Options options = sc.getOptions();
options.setUserName("apache");
options.setPassword("password");
options.setProperty("Created", "20011-05-01T15:05:01=06");
options.setProperty("Expires", "2011-05-01T15:05:01=06");
options.setProperty("UsernameToken", myToken);
...
Then I process the request. It goes through, but never includes the
<soap:Header> section at all.
This is a sample of the header I'm trying to generate.
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-b23cf78f-09f8-4eec-9106-
3a9a52819842">
<wsu:Created>2007-04-23T22:37:12Z</wsu:Created>
<wsu:Expires>2007-04-23T22:38:12Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="SecurityToken-8836043e-8f9b-4e56-
8e2b-5610e9ce280f">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
1.0#PasswordDigest">43h23932189t10yhahg09</wsse:Password>
<wsse:Nonce>f2949g0939g203yh203hg</wsse:Nonce>
<wsu:Created>2007-04-23T22:37:12Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
Can someone set me straight? Is Rampart the way to go here? Am I missing
any steps, or files I need to include? Maybe I needed rampart somewhere
when I used wsdl2java?
AW: [AXIS2] - Adding ws-security headers from wsdl2java generated client...
Posted by Markus Schaber <MS...@soloplan.de>.
Hi, Matt,
It seems that we have a similar problem...
Markus
**************************************************************************
Soloplan GmbH
Software für Logistik und Planung
Markus Schaber (Dipl.-Informatiker)
Entwicklung, Projektleitung
Burgstraße 20 | 87435 Kempten | Deutschland
Telefon: +49 831 57407-0 | Telefax: +49 831 57407-111
E-Mail: msr@soloplan.de <ma...@soloplan.de> | Internet: www.soloplan.de <http://www.soloplan.de/>
Geschäftsführer: Wolfgang Heidl, HRB 5304 Kempten
________________________________
Von: Matt Graham [mailto:gerter@gmail.com]
Gesendet: Freitag, 10. September 2010 00:06
An: java-user@axis.apache.org
Betreff: [AXIS2] - Adding ws-security headers from wsdl2java generated client...
My head asplode. If someone can point me in the right direction here, I'll be very grateful.
I have a third party wsdl which I've used (wsdl2java) to generate my client stub and test classes. When I run my test, the SOAP message is being generated just fine, but the ws-security headers are forever missing.
With all the weblogs, tutorials and posts I've read, I've gotten all turned around.
Here is what I've done, and a few clarifying questions:
WSDL: Looking at the wsdl, there is nothing there about security policies, etc. Actually, nothing at all about security that I can see. Does there need to be? (Not that I have any control over this... just trying to understand.)
STUB: I've left the stub untouched, and can use it's methods, and call to the web service successfully (except for the security errors.)
RAMPART: I've been trying to use Rampart to enable security, and add the headers. To do this, I've unzipped the axis2-1.5 zip and the Rampart 1.5 zip together so the repository/modules directory would have all the right files.
TEST: Then, in my test code, I added the following:
...
ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("src/test/java/com/thirdparty/soap/user/axis2-1.5/repository", null);
com.pearson.soap.user.UserManagementStub stub = new com.pearson.soap.user.UserManagementStub(ctx);
ServiceClient sc = stub._getServiceClient();
sc.engageModule("rampart");
Options options = sc.getOptions();
options.setUserName("apache");
options.setPassword("password");
options.setProperty("Created", "20011-05-01T15:05:01=06");
options.setProperty("Expires", "2011-05-01T15:05:01=06");
options.setProperty("UsernameToken", myToken);
...
Then I process the request. It goes through, but never includes the <soap:Header> section at all.
This is a sample of the header I'm trying to generate.
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-b23cf78f-09f8-4eec-9106-
3a9a52819842">
<wsu:Created>2007-04-23T22:37:12Z</wsu:Created>
<wsu:Expires>2007-04-23T22:38:12Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="SecurityToken-8836043e-8f9b-4e56-
8e2b-5610e9ce280f">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
1.0#PasswordDigest">43h23932189t10yhahg09</wsse:Password>
<wsse:Nonce>f2949g0939g203yh203hg</wsse:Nonce>
<wsu:Created>2007-04-23T22:37:12Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
Can someone set me straight? Is Rampart the way to go here? Am I missing any steps, or files I need to include? Maybe I needed rampart somewhere when I used wsdl2java?