You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by vi...@netscape.net on 2006/03/03 23:01:43 UTC
[Axis 2] Securing SOAP Messages with WSS4J
Hello,
I'm trying to get my axis2_0_94 client to handle WS-Security. The
service is running on a non-Axis stack, and all I'm interested in
achieving is call the service using Axis client.
I generated the client stubs using command:
WSDL2Java.sh -uri ./../demo/MyTest.wsdl -o ../demo/src -t -s -p
axis2.demo.mytest.soap
I then enabled WS-Addressing by adding addressing to .axis2\modules. I
already had axis2.xml in .axis2. I'm going through the document
http://ws.apache.org/axis2/0_94/security-module.html, and am little
lost. The document doesn't mention anything about module.xml, and I get
following exception, when I run the client after adding <module
ref="security"/> in my axis2.xml:
org.apache.axis2.deployment.DeploymentException: module.xml not found
for the module : security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found
for the module : security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found
for the module : security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found
for the module : security
at
org.apache.axis2.deployment.DeploymentEngine.load(DeploymentEngine.java:5
42)
at
org.apache.axis2.deployment.FileSystemConfigurator.getAxisConfiguration(F
ileSystemConfigurator.java:56)
at
org.apache.axis2.context.ConfigurationContextFactory.createConfigurationC
ontext(ConfigurationContextFactory.java:39)
at
org.apache.axis2.context.ConfigurationContextFactory.createConfigurationC
ontextFromFileSystem(ConfigurationContextFactory.java:53)
at
axis2.demo.mytest.soap.TestServicePortTypeStub.<init>(TestServicePortType
Stub.java:81)- Module validation failed module.xml not found for the
module : security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found
for the module : security
What should I be doing to generate module.xml? Where should I be
dropping this module.xml? Where does .properties file need to go? What
else do I need to do to make my client generate the appopriate security
header? The server expects the following security related tag in SOAP
header:
<wsse:Security soap:mustUnderstand="true" xmlns=""
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<wsse:UsernameToken wsu:Id="accessKeyId"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd">
<wsse:Username
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd">EchoServiceTestAccessKeyId</wsse:Username>
</wsse:UsernameToken>
<wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soa
p-message-security-1.0#Base64Binary" ValueType="urn:wss:credential"
wsu:Id="credential"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd">eJwBcgCN/wACKDUNwmRDvH+IPiO/qk0YxEy1tqAl8VMMmFF4rDE
KYXiu2GgLlarCckmg+umhbBbh
yy4JxjFtKwGF6RHTJGGgy6htd/ALf4OBxe59IhMnBBaPnTfsVALB6HJY35DyERzse0Fko5REB
FR4
HqGgUmaGPkz+MxE=</wsse:BinarySecurityToken>
<ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<ds:Reference URI="#body" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:Transforms xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<ds:DigestValue xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">wlQFFordpp2YoC40L5C
M8p3q2tI=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-1309073" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:Transforms xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<ds:DigestValue xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">L+C5HTW4l8kFx/4duiQ
vWM9XhjE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue URI="#body" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">5FfdYgeLELC+QdeBBio
u+D7d1V4=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-17171576" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<wsse:SecurityTokenReference wsu:Id="STRId-4791372" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<wsse:Reference URI="#CertId-605423"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-t
oken-profile-1.0#X509v3" xmlns=""
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="id-1309073" xmlns=""
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<wsu:Created xmlns=""
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">2005-11-29T18:49:59
.604Z</wsu:Created>
<wsu:Expires xmlns=""
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">2005-12-16T02:31:05
.012Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
Thanks,
Vineesh
___________________________________________________
Try the New Netscape Mail Today!
Virtually Spam-Free | More Storage | Import Your Contact List
http://mail.netscape.com