You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by vivek srinivasan <sr...@hotmail.com> on 2006/08/31 19:44:33 UTC
Transport level security using WSS4J and SAML authentication
I am trying to use SAML message level security after sucessfully using the
username token authentication. I noticed that for some reason, when i use
the SAML auth, the SOAP request header does not contain the username and
password that is set for transport level security.I get a 401(unauthorized)
response code from the server
Here is my client wsdd
<?xml version="1.0" encoding="UTF-8"?>
<deployment name="defaultClientConfig"
xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<globalConfiguration>
<parameter name="enable2DArrayEncoding" value="true"/>
<parameter name="sendMultiRefs" value="false"/>
<parameter name="sendXsiTypes" value="true"/>
<parameter name="disablePrettyXML" value="true"/>
<parameter name="enableNamespacePrefixOptimization" value="true"/>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
</handler>
</requestFlow>
</globalConfiguration>
<typeMapping
deserializer="org.apache.axis.encoding.ser.DateDeserializerFactory"
encodingStyle="" qname="xsd:date"
serializer="org.apache.axis.encoding.ser.DateSerializerFactory"
type="java:java.util.Date"/>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender">
<requestFlow>
</requestFlow>
<responseFlow>
</responseFlow>
</transport>
<transport name="local"
pivot="java:org.apache.axis.transport.local.LocalSender"/>
<transport name="java"
pivot="java:org.apache.axis.transport.java.JavaSender"/>
</deployment>
Here is the SOAP request header which is missing the username and password
for transport level security
POST /coretestWebServices/service/User2Service HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.4
Host: localhost:7001
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "urn:coretest:User2Service#selectById"
Content-Length: 1240
and here is the SOAP security header
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
AssertionID="ee70623d85f0faaba5096e2f8d334531"
IssueInstant="2006-08-31T17:40:41.186Z" Issuer="SAMLKEY" MajorVersion="1"
MinorVersion="1">
<AuthenticationStatement AuthenticationInstant="2006-08-31T17:40:41.170Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
<Subject>
<NameIdentifier NameQualifier="www.example.com">unitTest</NameIdentifier>
<SubjectConfirmation>
<ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod>
</SubjectConfirmation>
</Subject>
</AuthenticationStatement>
</Assertion>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<selectById xmlns="http://User2Service.service.coretestWebServices">
<key>admin</key>
</selectById>
</soapenv:Body>
</soapenv:Envelope>
Any ideas why this is happening?
_________________________________________________________________
Call friends with PC-to-PC calling -- FREE
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org