You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by vi...@netscape.net on 2006/03/03 23:01:43 UTC
[Axis 2] Securing SOAP Messages with WSS4J

Hello,

I'm trying to get my axis2_0_94 client to handle WS-Security. The 
service is running on a non-Axis stack, and all I'm interested in 
achieving is call the service using Axis client.

I generated the client stubs using command:
WSDL2Java.sh -uri ./../demo/MyTest.wsdl -o ../demo/src -t -s -p 
axis2.demo.mytest.soap

I then enabled WS-Addressing by adding addressing to .axis2\modules. I 
already had axis2.xml in .axis2. I'm going through the document 
http://ws.apache.org/axis2/0_94/security-module.html, and am little 
lost. The document doesn't mention anything about module.xml, and I get 
following exception, when I run the client after adding <module 
ref="security"/> in my axis2.xml:

org.apache.axis2.deployment.DeploymentException: module.xml not found  
for the module :   security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found  
for the module :   security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found  
for the module :   security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found  
for the module :   security
at 
org.apache.axis2.deployment.DeploymentEngine.load(DeploymentEngine.java:5
42)
at 
org.apache.axis2.deployment.FileSystemConfigurator.getAxisConfiguration(F
ileSystemConfigurator.java:56)
at 
org.apache.axis2.context.ConfigurationContextFactory.createConfigurationC
ontext(ConfigurationContextFactory.java:39)
at 
org.apache.axis2.context.ConfigurationContextFactory.createConfigurationC
ontextFromFileSystem(ConfigurationContextFactory.java:53)
at 
axis2.demo.mytest.soap.TestServicePortTypeStub.<init>(TestServicePortType
Stub.java:81)- Module validation failed  module.xml not found  for the 
module :   security; nested exception is:
org.apache.axis2.deployment.DeploymentException: module.xml not found  
for the module :   security

What should I be doing to generate module.xml? Where should I be 
dropping this module.xml? Where does .properties file need to go? What 
else do I need to do to make my client generate the appopriate security 
header? The server expects the following security related tag in SOAP 
header:

<wsse:Security soap:mustUnderstand="true" xmlns="" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <wsse:UsernameToken wsu:Id="accessKeyId" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd">
        <wsse:Username 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd">EchoServiceTestAccessKeyId</wsse:Username>
    </wsse:UsernameToken>
    <wsse:BinarySecurityToken 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soa
p-message-security-1.0#Base64Binary" ValueType="urn:wss:credential" 
wsu:Id="credential" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd">eJwBcgCN/wACKDUNwmRDvH+IPiO/qk0YxEy1tqAl8VMMmFF4rDE
KYXiu2GgLlarCckmg+umhbBbh
yy4JxjFtKwGF6RHTJGGgy6htd/ALf4OBxe59IhMnBBaPnTfsVALB6HJY35DyERzse0Fko5REB
FR4
HqGgUmaGPkz+MxE=</wsse:BinarySecurityToken>
    <ds:Signature xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <ds:SignedInfo xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <ds:Reference URI="#body" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                <ds:Transforms xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" 
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" 
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                <ds:DigestValue xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">wlQFFordpp2YoC40L5C
M8p3q2tI=</ds:DigestValue>
            </ds:Reference>
            <ds:Reference URI="#id-1309073" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                <ds:Transforms xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" 
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" 
xmlns="" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                <ds:DigestValue xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">L+C5HTW4l8kFx/4duiQ
vWM9XhjE=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue URI="#body" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">5FfdYgeLELC+QdeBBio
u+D7d1V4=</ds:SignatureValue>
        <ds:KeyInfo Id="KeyId-17171576" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <wsse:SecurityTokenReference wsu:Id="STRId-4791372" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                <wsse:Reference URI="#CertId-605423" 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-t
oken-profile-1.0#X509v3" xmlns="" 
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            </wsse:SecurityTokenReference>
        </ds:KeyInfo>
    </ds:Signature>
    <wsu:Timestamp wsu:Id="id-1309073" xmlns="" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <wsu:Created xmlns="" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">2005-11-29T18:49:59
.604Z</wsu:Created>
        <wsu:Expires xmlns="" 
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" 
xmlns:wsa="http://www.w3.org/2005/08/addressing" 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
rity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">2005-12-16T02:31:05
.012Z</wsu:Expires>
    </wsu:Timestamp>
</wsse:Security>

Thanks,
Vineesh
___________________________________________________
Try the New Netscape Mail Today!
Virtually Spam-Free | More Storage | Import Your Contact List
http://mail.netscape.com