You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-user@axis.apache.org by Dave Meier <DM...@SERENA.com> on 2006/11/14 02:05:55 UTC
RE: [Axis2] rampart problem using WS-SECURITY
I have the rampart module hooked up and my password callback is called
correctly. But after successful validation, my web service method does
not get called. Instead I get back the following response:
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header />
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:MustUnderstand</faultcode>
<faultstring>Header not understood</faultstring>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
This occurs after the userid and password have already been validated.
Here are the log entries:
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\transport\http\http_worker.c(204) Client HTTP version
HTTP/1.1
[Mon Nov 13 17:01:14 2006] [debug]
..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
soap11
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
AddressingInHandler within the phase PreDispatch
[Mon Nov 13 17:01:14 2006] [info] Starting addressing in handler
.........
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
RampartInHandler within the phase PreDispatch
[Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]Inflow
Security found
[Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken
[Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken SUCCESS
[Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp
[Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp is SUCCESS
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
addressing_based_dispatcher within the phase Dispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\addr_disp.c(99) Checking for service using WSA
enpoint address : http://localhost:8181/axis2/services/ttwebservices
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
enpoint address
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
request_uri_based_dispatcher within the phase Dispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_action_based_dispatcher within the phase Dispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\soap_action_disp.c(106) Checking for operation
using SOAPAction :
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_message_body_based_dispatcher within the phase Dispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(196) Checking for operation
using SOAP message body's first child's local name : CreatePrimaryItem
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
SOAP message body's first child's local name
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
dispatch_post_conditions_evaluator within the phase PostDispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
context_handler within the phase PostDispatch
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase
PolicyDetermination
[Mon Nov 13 17:01:14 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
[Mon Nov 13 17:01:14 2006] [info] Request served successfully
I did have mustUnderstand set in the request like this: "<wsse:Security
soap:mustUnderstand="1">
How can I get around this?
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Yes, this will be perfect.
Thanks,
-Dave.
-----Original Message-----
From: Samisa Abeysinghe [mailto:samisa@wso2.com]
Sent: Thursday, November 16, 2006 9:19 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
> In future I will try to insert security results as properties (e.g.
> user id) to the message context after processing a security header, so
> that we don't need to repeat the same processing in the service.
+1. That is much user friendly.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Samisa Abeysinghe <sa...@wso2.com>.
> In future I will try to insert security results as properties (e.g.
> user id) to the message context after processing a security header, so
> that we don't need to repeat the same processing in the service.
+1. That is much user friendly.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart header file - oxs_taken_transform.h
Posted by Samisa Abeysinghe <sa...@wso2.com>.
> In order to get rampart to build, I had to change oxs_token_transform.h
> because it was using OXS_TRANSFORM_H (used elsewhere) instead of
> OXS_TOKEN_TRANSFORM_H. Can you make this change in the checkin copy of
> this file?
>
Done.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] rampart header file - oxs_taken_transform.h
Posted by Dave Meier <DM...@SERENA.com>.
Hi Kaushalye,
In order to get rampart to build, I had to change oxs_token_transform.h
because it was using OXS_TRANSFORM_H (used elsewhere) instead of
OXS_TOKEN_TRANSFORM_H. Can you make this change in the checkin copy of
this file?
Thanks,
-Dave Meier.
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Dave Meier wrote:
> Hi Kaushalye,
>
> I've got this all working now. Thanks for all your help.
>
Not a problem :)
> I have a question: Is there a way to get the userid that was passed in
> the Security header from inside the server side implementation of a web
> service method?
>
Yes. You can get the SOAP envelope from the msg ctx. And then get the
Security header and process the Usernametoken.
You can get the logic by going thru the invoke() method of
rampart_in_handler.c
> Basically, I want to have my callback dll authenticate, but in my
> business logic on the server (a different dll), I still need to know
> what the userid is in order to perform the actions in the context of
> that user. I don't really care about the password as I know at that
> point that the client side has passed in the correct password, since it
> matches what I return from my callback dll.
>
In future I will try to insert security results as properties (e.g. user
id) to the message context after processing a security header, so that
we don't need to repeat the same processing in the service.
> Thanks!
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Thursday, November 16, 2006 12:17 AM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Hi Dave,
> Usernametoken building precess can be failed for following reasons.
> 1. Failure to specify the password either using Axis2 property
> "password" or using a callback module. (I think you are using callbacks)
> 2. Failure to specify callback module (path) correctly.
> 3. Failure to load the callback module (DLL in your case) correctly.
> 4. There is no such user in the system. i.e. The callback module cannot
> give a password for the user specified.
>
> If you can send the debug trace I might be able to identify where
> exactly the error is. I'll try to include more detailed log entries than
> this to make the debugging more easier.
> Cheers,
> Kaushalye
>
>
> Dave Meier wrote:
>
>> Hi Kau,
>>
>> Sorry, I did some more testing back without using rampart. At first I
>>
>
>
>> was getting the same error that showed with rampart. After some
>> fiddling around I got that working again and then set it up with
>> Rampart again. Now I don't get the same error but it is failing with A
>>
>
>
>> different error "[rampart][rampart_out_handler] UsernmaeToken build
>> failed. ERROR":
>>
>> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Tue Nov 14 21:42:32 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
>> Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating
>>
>
>
>> Timestamp [Tue Nov 14 21:42:32 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
>>
>
>
>> 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
>> Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
>> enpoint address [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
>> operation using SOAPAction :
>> [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
>> 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
>>
>
>
>> using SOAP message body's first child's local name : CreatePrimaryItem
>>
>
>
>> [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
>> SOAP message body's first child's local name [Tue Nov 14 21:42:32
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
>> Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Tue Nov 14 21:42:32
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
>>
>
>
>> Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingOutHandler within the phase MessageOut [Tue Nov 14 21:42:32
>> 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartOutHandler within the phase MessageOut [Tue Nov 14 21:42:32
>> 2006] [info] [rampart][rampart_out_handler] building UsernmaeToken
>> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
>> UsernmaeToken build failed. ERROR [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
>> successful [Tue Nov 14 21:42:32 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
>>
>
>
>> Nov 14 21:42:32 2006] [info] Request served successfully
>>
>> Thanks,
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Dave Meier [mailto:DMeier@SERENA.com]
>> Sent: Tuesday, November 14, 2006 9:27 PM
>> To: Apache AXIS C User List
>> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>>
>> Hi Kau,
>>
>> 1. I used the Inflow/Outflow parameters like what is in the samples:
>> <!--Rampart configurations START -->
>> <parameter name="OutflowSecurity">
>> <action>
>> <items>UsernameToken Timestamp</items>
>> <user>BILL</user>
>> <passwordType>passwordText</passwordType>
>>
>> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</pass
>> wo
>> rdCallbackClass>
>> <timeToLive>360</timeToLive>
>> </action>
>> </parameter>
>>
>>
>> <parameter name="InflowSecurity">
>> <action>
>> <items>UsernameToken Timestamp</items>
>>
>> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</pass
>> wo
>> rdCallbackClass>
>> </action>
>> </parameter>
>>
>> <!--Rampart configurations END -->
>>
>> 2. Here is the trace of incoming and outgoing soap. I am using
>> Visual Studio 2005 C# for the client side:
>>
>> Incoming:
>> <?xml version="1.0" encoding="utf-8" ?> <soap:Envelope
>> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws
>> se
>> curity-secext-1.0.xsd"
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
>> ec
>> urity-utility-1.0.xsd">
>> <soap:Header>
>> <wsa:Action />
>>
>> <wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Mess
>> ag
>> eID>
>> <wsa:ReplyTo>
>>
>> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/ano
>> ny
>> mous</wsa:Address>
>> </wsa:ReplyTo>
>>
>> <wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To>
>> <wsse:Security soap:mustUnderstand="1">
>> <wsu:Timestamp
>> wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b">
>> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
>> <wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires>
>> </wsu:Timestamp>
>> <wsse:UsernameToken
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
>> ec
>> urity-utility-1.0.xsd"
>> wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe">
>> <wsse:Username>bill</wsse:Username>
>> <wsse:Password
>> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username
>> -t oken-profile-1.0#PasswordText">b</wsse:Password>
>> <wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce>
>> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
>> </wsse:UsernameToken>
>> </wsse:Security>
>> </soap:Header>
>> <soap:Body>
>> <CreatePrimaryItem xmlns="urn:ttwebservices">
>> <auth>
>> <userId xsi:nil="true" />
>> <password xsi:nil="true" />
>> <hostname xsi:nil="true" />
>> </auth>
>> <projectID>16</projectID>
>> <item>
>> <genericItem>
>> <itemID xsi:nil="true" />
>> <itemName>BUG</itemName>
>> </genericItem>
>> <classification>Image Builder</classification>
>> <title>my title</title>
>> <description>my desc</description>
>> <createdBy>bill</createdBy>
>> <createDate>2006-01-01T00:12:12</createDate>
>> <modifiedBy>bill</modifiedBy>
>> <modifiedDate>2006-01-01T00:12:12</modifiedDate>
>> <activeInactive>true</activeInactive>
>> <state>Waiting</state>
>> <owner>joe</owner>
>> <extendedFieldList>
>> <name>FOUND_IN_VERSION</name>
>> <value>v1.1</value>
>> </extendedFieldList>
>> <extendedFieldList>
>> <name>FUNCTIONAL_AREA</name>
>> <value>Help</value>
>> </extendedFieldList>
>> </item>
>> </CreatePrimaryItem>
>> </soap:Body>
>> </soap:Envelope>
>>
>> Outgoing:
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body />
>> </soapenv:Envelope>
>>
>> When I use the same client code without WS-SECURITY and take rampart
>> out of the axis2.xml, my web service method does get called and
>> everything gets returned correctly to the client.
>>
>> Thanks,
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
>> Sent: Tuesday, November 14, 2006 9:02 PM
>> To: Apache AXIS C User List
>> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>>
>> Hi,
>> I need some information from you to figure out what exactly is the
>> problem.
>>
>> 1. Have you specified the Outflow/InflowSecurity parameters correctly
>> using axis2.xml If you have any questions on this do not hesitate to
>> ask me. Have a look at the sample axis2.xml file in
>> rampart/samples/client/echo/data/un_ts_axis2.xml.
>> 2. Is it possible to send a trace of outgoing message. (You may use
>> TCPMonitor for this)
>>
>> BTW from log entries I can see that Rampart has done the validation
>> correct. But in the message building has failed in the server side.
>> This "might" be due to improper settings in the server side. Try the
>> latest code. But do not use the encryption yet:) It is still under
>>
> development.
>
>> Cheers,
>> Kau
>>
>>
>> Dave Meier wrote:
>>
>>
>>> Hi,
>>>
>>> Okay, I got the latest code. I had to add "#include
>>> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to
>>> get it to link on Windows. Now it returns an empty message as it's
>>> not invoking my service method:
>>>
>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>> <soapenv:Header />
>>> <soapenv:Body />
>>> </soapenv:Envelope>
>>>
>>> The log below shows "[error]
>>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>>> object for service 'ttwebservices' not set in message receiver. 0 ::
>>>
>>>
>> No Error".
>>
>>
>>> Please let me know if there is something I am doing wrong. I'll go
>>> look at the source code to see if I can figure it out.
>>>
>>>
>>>
>>>
>>
>>
>>> [Tue Nov 14 11:24:07 2006] [info]
>>> [rampart][rampart_in_handler]Inflow
>>> Security found
>>> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
>>> Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
>>> Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
>>> Validating
>>>
>>>
>>
>>
>>> Timestamp [Tue Nov 14 11:24:07 2006] [info]
>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue
>>> Nov
>>>
>>>
>>
>>
>>> 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
>>> Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
>>> 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
>>>
>
>
>>> WSA enpoint address :
>>> http://localhost:8181/axis2/services/ttwebservices
>>> [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
>>> enpoint address [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
>>> 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
>>> 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
>>> operation using SOAPAction :
>>> [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
>>> 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for
>>> operation
>>>
>>>
>>
>>
>>> using SOAP message body's first child's local name :
>>> CreatePrimaryItem
>>>
>>>
>>
>>
>>> [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
>>>
>
>
>>> SOAP message body's first child's local name [Tue Nov 14 11:24:07
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>> [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
>>>
>
>
>>> Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> context_handler within the phase PostDispatch [Tue Nov 14 11:24:07
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>> PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
>>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>>> object for service 'ttwebservices' not set in message receiver. 0 ::
>>> No Error [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
>>> successful [Tue Nov 14 11:24:07 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>> [Tue
>>>
>>>
>>
>>
>>> Nov 14 11:24:07 2006] [info] Request served successfully
>>>
>>> Thanks,
>>>
>>> -Dave.
>>>
>>> -----Original Message-----
>>> From: Dave Meier [mailto:DMeier@SERENA.com]
>>> Sent: Tuesday, November 14, 2006 7:35 AM
>>> To: Apache AXIS C User List
>>> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>>>
>>> Thanks for the quick fix - I'll go try it out right now.
>>>
>>> I am using Visual Studio 2005 C# on the client side. We'll be
>>> supporting C#, Axis2 Java and Axis2C for our client side
>>> implementations. Other projects here already use Axis2 for Java.
>>>
>>> -Dave.
>>>
>>> -----Original Message-----
>>> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
>>> Sent: Tuesday, November 14, 2006 1:24 AM
>>> To: Apache AXIS C User List
>>> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>>>
>>> Kaushalye Kapuruge wrote:
>>>
>>>
>>>
>>>> Dave Meier wrote:
>>>>
>>>>
>>>>
>>>>> I have the rampart module hooked up and my password callback is
>>>>> called correctly. But after successful validation, my web service
>>>>> method does not get called. Instead I get back the following
>>>>>
>>>>>
>>>>>
>>> response:
>>>
>>>
>>>
>>>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>>>> <soapenv:Header />
>>>>> <soapenv:Body>
>>>>> <soapenv:Fault>
>>>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>>>> <faultstring>Header not understood</faultstring>
>>>>> </soapenv:Fault>
>>>>> </soapenv:Body>
>>>>> </soapenv:Envelope>
>>>>>
>>>>> This occurs after the userid and password have already been
>>>>>
>>>>>
>>>>>
>>> validated.
>>>
>>>
>>>
>>>>> Here are the log entries:
>>>>>
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>>>> version
>>>>> HTTP/1.1
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>>>> soap11
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13
>>>>> 17:01:14
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>>>> 2006] [info] Starting addressing in handler .........
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>>>> Security found
>>>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>>>>
>
>
>>>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>>>> Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
>>>>> [Mon
>>>>>
>>>>>
>>
>>
>>>>> Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>>> 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service
>>>>> using
>>>>>
>>>>>
>>
>>
>>>>> WSA enpoint address :
>>>>> http://localhost:8181/axis2/services/ttwebservices
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>>> 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>>> 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon
>>>>> Nov
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>>>> 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>>>> operation using SOAP message body's first child's local name :
>>>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found
>>>>> using
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>>>> 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>>>>
>
>
>>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> dispatch_post_conditions_evaluator within the phase PostDispatch
>>>>> [Mon
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>>>> Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>>>> 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>>>
>>>>> I did have mustUnderstand set in the request like this:
>>>>> "<wsse:Security soap:mustUnderstand="1">
>>>>>
>>>>>
>>>>>
>>>>>
>>>> Rampart_in_handler should set this relaying attribute to false after
>>>>
>
>
>>>> processing. Thanks for pointing this out.
>>>> BTW, are you using a rampart in the client side as well? Or is it
>>>> another implementation? :) 'Coz rampart doesn't set
>>>>
> mustUnderstand=1.
>
>>>>
>>>>
>>>>
>>>>> How can I get around this?
>>>>>
>>>>>
>>>>>
>>> Get the latest code from the svn.
>>> Cheers,
>>>
>>>
>>>
>>>>> Thanks,
>>>>>
>>>>> -Dave.
>>>>>
>>>>> *******************************************************************
>>>>> *
>>>>> *
>>>>> * This email and any files transmitted with it are confidential and
>>>>>
>
>
>>>>> intended solely for the use of the individual or entity to whom
>>>>> they
>>>>>
>>>>>
>>
>>
>>>>> are addressed. Any unauthorized review, use, disclosure or
>>>>> distribution is prohibited. If you are not the intended recipient,
>>>>> please contact the sender by reply e-mail and destroy all copies of
>>>>>
>
>
>>>>> the original message.
>>>>>
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> -
>>>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>> --------------------------------------------------------------------
>>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] Rampart -Now it is posisble to get the security processed
results
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi Dave,
Now it is possible to get security processed results from in the server side.
In your case, you can call
user_id =(axis2_char_t*)rampart_get_security_processed_result(env, msg_ctx, RAMPART_SPR_UT_USERNAME);
Please refer JIRA http://issues.apache.org/jira/browse/AXIS2C-407 for more details.
Cheers,
Kaushalye
Dave Meier wrote:
> Hi Kaushalye,
>
> I've got this all working now. Thanks for all your help.
>
> I have a question: Is there a way to get the userid that was passed in
> the Security header from inside the server side implementation of a web
> service method?
>
> Basically, I want to have my callback dll authenticate, but in my
> business logic on the server (a different dll), I still need to know
> what the userid is in order to perform the actions in the context of
> that user. I don't really care about the password as I know at that
> point that the client side has passed in the correct password, since it
> matches what I return from my callback dll.
>
> Thanks!
>
> -Dave.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] can I get the IP Address of the client?
Posted by Srinath Perera <he...@gmail.com>.
Dave ..ignore the last message, I thought it is a java axis2 Q
--Srinath
On 11/16/06, Srinath Perera <he...@gmail.com> wrote:
> I am quite positive it is not set to the message context. However if
> it is on request, I think you should be able to get the request .
>
> --Srinath
>
> On 11/16/06, Dave Meier <DM...@serena.com> wrote:
> > Hi,
> >
> > From the server code, is there a way to find out the IP Address of the
> > client?
> >
> > I'm trying to find it on the axis2_msg_ctx_t.
> >
> > Thanks,
> >
> > -Dave.
> >
> >
> > **********************************************************************
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-c-user-help@ws.apache.org
> >
> >
>
>
> --
> ============================
> Srinath Perera:
> Indiana University, Bloomington
> http://www.cs.indiana.edu/~hperera/
> http://www.bloglines.com/blog/hemapani
>
--
============================
Srinath Perera:
Indiana University, Bloomington
http://www.cs.indiana.edu/~hperera/
http://www.bloglines.com/blog/hemapani
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] can I get the IP Address of the client?
Posted by Srinath Perera <he...@gmail.com>.
I am quite positive it is not set to the message context. However if
it is on request, I think you should be able to get the request .
--Srinath
On 11/16/06, Dave Meier <DM...@serena.com> wrote:
> Hi,
>
> From the server code, is there a way to find out the IP Address of the
> client?
>
> I'm trying to find it on the axis2_msg_ctx_t.
>
> Thanks,
>
> -Dave.
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
--
============================
Srinath Perera:
Indiana University, Bloomington
http://www.cs.indiana.edu/~hperera/
http://www.bloglines.com/blog/hemapani
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] can I get the IP Address of the client?
Posted by Samisa Abeysinghe <sa...@gmail.com>.
Dave Meier wrote:
> Is there some way to find out the IP address of the client?
>
> I think it would be available from the socket connection.
>
Yes it is available at socket (in other words, stream level). It is
possible to pull this information up to the message context level.
> I would like to be able to identify the client for licensing
> and other actions like that.
>
Your requirement is an interesting use case. Please raise a Jira on this
and we can have a look into this.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] Question about getting http header and soap envelope
Posted by Dave Meier <DM...@SERENA.com>.
Hi,
I'm trying to figure out if basic authentication is supported (int the
HTTP header).
Is it supported or is there a way to get at the HTTP header?
On a related note, I put in code to get the soap envelope out of the
message context,
but it returns null. I know that the rampart code does this and it does
get the
soap envelope from the message context. Does it get removed at some
point before
it reaches my code?
struct axiom_soap_envelope* pSoapEnv =
AXIS2_MSG_CTX_GET_SOAP_ENVELOPE( msg_ctx, env );
// pSoapEnv is NULL after this call.
Also, is there any debug code that would take a message context and dump
out all
of the information inside? I'm finding it difficult to see the data as
the implementation
structures are all hidden. Casting in the debugger works to an extent
but is difficult
when there are many levels of data like in the message context.
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] can I get the IP Address of the client?
Posted by Dave Meier <DM...@SERENA.com>.
Is there some way to find out the IP address of the client?
I think it would be available from the socket connection.
I would like to be able to identify the client for licensing
and other actions like that.
Thanks,
-Dave.
-----Original Message-----
From: Samisa Abeysinghe [mailto:samisa@wso2.com]
Sent: Thursday, November 16, 2006 9:20 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] can I get the IP Address of the client?
Dave Meier wrote:
> Hi,
>
> >From the server code, is there a way to find out the IP Address of
> >the
> client?
>
> I'm trying to find it on the axis2_msg_ctx_t.
>
It is not set in the message context.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] can I get the IP Address of the client?
Posted by Samisa Abeysinghe <sa...@wso2.com>.
Dave Meier wrote:
> Hi,
>
> >From the server code, is there a way to find out the IP Address of the
> client?
>
> I'm trying to find it on the axis2_msg_ctx_t.
>
It is not set in the message context.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] Rampart callback module security
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi,
The callback mechanism is implemented for users to specify their own
ways to manage passwords.
Samples in rampart callbacks are just to provide a guide for users to
write their own callback modules.
You may use a different validation before returning the password.
Something like validation before extracting the password from a
database. These are beyond the scope of rampart. But I'll try to figure
out a way to overcome your problem. May be to improve the callback
sample a bit :). And your comments on these are more than welcome
Cheers,
Kaushalye
Dave Meier wrote:
> Hi,
>
> With the callback module that returns the password, is there a good way
> to configure
> the apache server to lock this module down so nobody else can call it?
>
> I'm concerned about it being a security hole.
>
> Thanks,
>
> -Dave.
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] Rampart callback module security
Posted by Dave Meier <DM...@SERENA.com>.
Hi,
With the callback module that returns the password, is there a good way
to configure
the apache server to lock this module down so nobody else can call it?
I'm concerned about it being a security hole.
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] Multiple byte character set support?
Posted by Dave Meier <DM...@SERENA.com>.
Hi Samisa,
Good news! I tested the wide character support in Axis2C and it worked
on the first try.
I inserted several Japanese characters into a string in two separate
tests, one where the
wide character string originates on the server and one where it
originates on the client.
For the client test I pass it to the server and then back.
Tested with the axis2_http_server.exe and also tested with Apache2 using
SSL. All succeeded.
Thanks,
-Dave.
-----Original Message-----
From: Dave Meier [mailto:DMeier@SERENA.com]
Sent: Friday, November 17, 2006 4:05 PM
To: Apache AXIS C User List
Subject: RE: [Axis2] Multiple byte character set support?
I will test this and see...
-Dave.
-----Original Message-----
From: Samisa Abeysinghe [mailto:samisa@wso2.com]
Sent: Thursday, November 16, 2006 9:22 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] Multiple byte character set support?
Dave Meier wrote:
> How are multibyte character sets handled in Axis2C?
>
> If I encode all my strings in UTF-8 before sending from the server and
> decode from UTF-8 when receiving strings on the server, will that
work?
>
As far as my understanding goes, yes. But I have not tried this on my
own. If you could try and report problems, may be I can help fix.
Samisa...
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] Multiple byte character set support?
Posted by Dave Meier <DM...@SERENA.com>.
I will test this and see...
-Dave.
-----Original Message-----
From: Samisa Abeysinghe [mailto:samisa@wso2.com]
Sent: Thursday, November 16, 2006 9:22 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] Multiple byte character set support?
Dave Meier wrote:
> How are multibyte character sets handled in Axis2C?
>
> If I encode all my strings in UTF-8 before sending from the server and
> decode from UTF-8 when receiving strings on the server, will that
work?
>
As far as my understanding goes, yes. But I have not tried this on my
own. If you could try and report problems, may be I can help fix.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] Multiple byte character set support?
Posted by Samisa Abeysinghe <sa...@wso2.com>.
Dave Meier wrote:
> How are multibyte character sets handled in Axis2C?
>
> If I encode all my strings in UTF-8 before sending from the server and
> decode from UTF-8 when receiving strings on the server, will that work?
>
As far as my understanding goes, yes. But I have not tried this on my
own. If you could try and report problems, may be I can help fix.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] Multiple byte character set support?
Posted by Dave Meier <DM...@SERENA.com>.
How are multibyte character sets handled in Axis2C?
If I encode all my strings in UTF-8 before sending from the server and
decode from UTF-8 when receiving strings on the server, will that work?
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] can I get the IP Address of the client?
Posted by Dave Meier <DM...@SERENA.com>.
Hi,
>From the server code, is there a way to find out the IP Address of the
client?
I'm trying to find it on the axis2_msg_ctx_t.
Thanks,
-Dave.
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Hi Kaushalye,
I've got this all working now. Thanks for all your help.
I have a question: Is there a way to get the userid that was passed in
the Security header from inside the server side implementation of a web
service method?
Basically, I want to have my callback dll authenticate, but in my
business logic on the server (a different dll), I still need to know
what the userid is in order to perform the actions in the context of
that user. I don't really care about the password as I know at that
point that the client side has passed in the correct password, since it
matches what I return from my callback dll.
Thanks!
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Thursday, November 16, 2006 12:17 AM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Hi Dave,
Usernametoken building precess can be failed for following reasons.
1. Failure to specify the password either using Axis2 property
"password" or using a callback module. (I think you are using callbacks)
2. Failure to specify callback module (path) correctly.
3. Failure to load the callback module (DLL in your case) correctly.
4. There is no such user in the system. i.e. The callback module cannot
give a password for the user specified.
If you can send the debug trace I might be able to identify where
exactly the error is. I'll try to include more detailed log entries than
this to make the debugging more easier.
Cheers,
Kaushalye
Dave Meier wrote:
> Hi Kau,
>
> Sorry, I did some more testing back without using rampart. At first I
> was getting the same error that showed with rampart. After some
> fiddling around I got that working again and then set it up with
> Rampart again. Now I don't get the same error but it is failing with A
> different error "[rampart][rampart_out_handler] UsernmaeToken build
> failed. ERROR":
>
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken [Tue Nov 14 21:42:32 2006] [info]
> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
> Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating
> Timestamp [Tue Nov 14 21:42:32 2006] [info]
> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
> 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
> Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
> 21:42:32 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
> WSA enpoint address :
> http://localhost:8181/axis2/services/ttwebservices
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
> enpoint address [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
> 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
> 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
> operation using SOAPAction :
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
> 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
> SOAP message body's first child's local name [Tue Nov 14 21:42:32
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
> Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch [Tue Nov 14 21:42:32
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
> Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> AddressingOutHandler within the phase MessageOut [Tue Nov 14 21:42:32
> 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> RampartOutHandler within the phase MessageOut [Tue Nov 14 21:42:32
> 2006] [info] [rampart][rampart_out_handler] building UsernmaeToken
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
> UsernmaeToken build failed. ERROR [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
> successful [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
> Nov 14 21:42:32 2006] [info] Request served successfully
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Dave Meier [mailto:DMeier@SERENA.com]
> Sent: Tuesday, November 14, 2006 9:27 PM
> To: Apache AXIS C User List
> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>
> Hi Kau,
>
> 1. I used the Inflow/Outflow parameters like what is in the samples:
> <!--Rampart configurations START -->
> <parameter name="OutflowSecurity">
> <action>
> <items>UsernameToken Timestamp</items>
> <user>BILL</user>
> <passwordType>passwordText</passwordType>
>
> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</pass
> wo
> rdCallbackClass>
> <timeToLive>360</timeToLive>
> </action>
> </parameter>
>
>
> <parameter name="InflowSecurity">
> <action>
> <items>UsernameToken Timestamp</items>
>
> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</pass
> wo
> rdCallbackClass>
> </action>
> </parameter>
>
> <!--Rampart configurations END -->
>
> 2. Here is the trace of incoming and outgoing soap. I am using
> Visual Studio 2005 C# for the client side:
>
> Incoming:
> <?xml version="1.0" encoding="utf-8" ?> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws
> se
> curity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
> ec
> urity-utility-1.0.xsd">
> <soap:Header>
> <wsa:Action />
>
> <wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Mess
> ag
> eID>
> <wsa:ReplyTo>
>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/ano
> ny
> mous</wsa:Address>
> </wsa:ReplyTo>
>
> <wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp
> wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b">
> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
> <wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
> ec
> urity-utility-1.0.xsd"
> wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe">
> <wsse:Username>bill</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username
> -t oken-profile-1.0#PasswordText">b</wsse:Password>
> <wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce>
> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
> <soap:Body>
> <CreatePrimaryItem xmlns="urn:ttwebservices">
> <auth>
> <userId xsi:nil="true" />
> <password xsi:nil="true" />
> <hostname xsi:nil="true" />
> </auth>
> <projectID>16</projectID>
> <item>
> <genericItem>
> <itemID xsi:nil="true" />
> <itemName>BUG</itemName>
> </genericItem>
> <classification>Image Builder</classification>
> <title>my title</title>
> <description>my desc</description>
> <createdBy>bill</createdBy>
> <createDate>2006-01-01T00:12:12</createDate>
> <modifiedBy>bill</modifiedBy>
> <modifiedDate>2006-01-01T00:12:12</modifiedDate>
> <activeInactive>true</activeInactive>
> <state>Waiting</state>
> <owner>joe</owner>
> <extendedFieldList>
> <name>FOUND_IN_VERSION</name>
> <value>v1.1</value>
> </extendedFieldList>
> <extendedFieldList>
> <name>FUNCTIONAL_AREA</name>
> <value>Help</value>
> </extendedFieldList>
> </item>
> </CreatePrimaryItem>
> </soap:Body>
> </soap:Envelope>
>
> Outgoing:
> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body />
> </soapenv:Envelope>
>
> When I use the same client code without WS-SECURITY and take rampart
> out of the axis2.xml, my web service method does get called and
> everything gets returned correctly to the client.
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Tuesday, November 14, 2006 9:02 PM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Hi,
> I need some information from you to figure out what exactly is the
> problem.
>
> 1. Have you specified the Outflow/InflowSecurity parameters correctly
> using axis2.xml If you have any questions on this do not hesitate to
> ask me. Have a look at the sample axis2.xml file in
> rampart/samples/client/echo/data/un_ts_axis2.xml.
> 2. Is it possible to send a trace of outgoing message. (You may use
> TCPMonitor for this)
>
> BTW from log entries I can see that Rampart has done the validation
> correct. But in the message building has failed in the server side.
> This "might" be due to improper settings in the server side. Try the
> latest code. But do not use the encryption yet:) It is still under
development.
> Cheers,
> Kau
>
>
> Dave Meier wrote:
>
>> Hi,
>>
>> Okay, I got the latest code. I had to add "#include
>> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to
>> get it to link on Windows. Now it returns an empty message as it's
>> not invoking my service method:
>>
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body />
>> </soapenv:Envelope>
>>
>> The log below shows "[error]
>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>> object for service 'ttwebservices' not set in message receiver. 0 ::
>>
> No Error".
>
>> Please let me know if there is something I am doing wrong. I'll go
>> look at the source code to see if I can figure it out.
>>
>>
>>
>
>
>> [Tue Nov 14 11:24:07 2006] [info]
>> [rampart][rampart_in_handler]Inflow
>> Security found
>> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
>> Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
>> Validating
>>
>
>
>> Timestamp [Tue Nov 14 11:24:07 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue
>> Nov
>>
>
>
>> 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
>> Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
>> enpoint address [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
>> operation using SOAPAction :
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
>> 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for
>> operation
>>
>
>
>> using SOAP message body's first child's local name :
>> CreatePrimaryItem
>>
>
>
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
>> SOAP message body's first child's local name [Tue Nov 14 11:24:07
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
>> Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Tue Nov 14 11:24:07
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>> object for service 'ttwebservices' not set in message receiver. 0 ::
>> No Error [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
>> successful [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Tue
>>
>
>
>> Nov 14 11:24:07 2006] [info] Request served successfully
>>
>> Thanks,
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Dave Meier [mailto:DMeier@SERENA.com]
>> Sent: Tuesday, November 14, 2006 7:35 AM
>> To: Apache AXIS C User List
>> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>>
>> Thanks for the quick fix - I'll go try it out right now.
>>
>> I am using Visual Studio 2005 C# on the client side. We'll be
>> supporting C#, Axis2 Java and Axis2C for our client side
>> implementations. Other projects here already use Axis2 for Java.
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
>> Sent: Tuesday, November 14, 2006 1:24 AM
>> To: Apache AXIS C User List
>> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>>
>> Kaushalye Kapuruge wrote:
>>
>>
>>> Dave Meier wrote:
>>>
>>>
>>>> I have the rampart module hooked up and my password callback is
>>>> called correctly. But after successful validation, my web service
>>>> method does not get called. Instead I get back the following
>>>>
>>>>
>> response:
>>
>>
>>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>>> <soapenv:Header />
>>>> <soapenv:Body>
>>>> <soapenv:Fault>
>>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>>> <faultstring>Header not understood</faultstring>
>>>> </soapenv:Fault>
>>>> </soapenv:Body>
>>>> </soapenv:Envelope>
>>>>
>>>> This occurs after the userid and password have already been
>>>>
>>>>
>> validated.
>>
>>
>>>> Here are the log entries:
>>>>
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>>> version
>>>> HTTP/1.1
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>>> soap11
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13
>>>> 17:01:14
>>>>
>>>>
>>
>>
>>>> 2006] [info] Starting addressing in handler .........
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>>> Security found
>>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
>>>> [Mon
>>>>
>
>
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service
>>>> using
>>>>
>
>
>>>> WSA enpoint address :
>>>> http://localhost:8181/axis2/services/ttwebservices
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon
>>>> Nov
>>>>
>>>>
>>
>>
>>>> 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>>> operation using SOAP message body's first child's local name :
>>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found
>>>> using
>>>>
>>>>
>>
>>
>>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>>> 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> dispatch_post_conditions_evaluator within the phase PostDispatch
>>>> [Mon
>>>>
>>>>
>>
>>
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>>> 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>>
>>>> I did have mustUnderstand set in the request like this:
>>>> "<wsse:Security soap:mustUnderstand="1">
>>>>
>>>>
>>>>
>>> Rampart_in_handler should set this relaying attribute to false after
>>> processing. Thanks for pointing this out.
>>> BTW, are you using a rampart in the client side as well? Or is it
>>> another implementation? :) 'Coz rampart doesn't set
mustUnderstand=1.
>>>
>>>
>>>> How can I get around this?
>>>>
>>>>
>> Get the latest code from the svn.
>> Cheers,
>>
>>
>>>> Thanks,
>>>>
>>>> -Dave.
>>>>
>>>> *******************************************************************
>>>> *
>>>> *
>>>> * This email and any files transmitted with it are confidential and
>>>> intended solely for the use of the individual or entity to whom
>>>> they
>>>>
>
>
>>>> are addressed. Any unauthorized review, use, disclosure or
>>>> distribution is prohibited. If you are not the intended recipient,
>>>> please contact the sender by reply e-mail and destroy all copies of
>>>> the original message.
>>>>
>>>>
>>>> -------------------------------------------------------------------
>>>> -
>>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>> --------------------------------------------------------------------
>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi Dave,
Usernametoken building precess can be failed for following reasons.
1. Failure to specify the password either using Axis2 property
"password" or using a callback module. (I think you are using callbacks)
2. Failure to specify callback module (path) correctly.
3. Failure to load the callback module (DLL in your case) correctly.
4. There is no such user in the system. i.e. The callback module cannot
give a password for the user specified.
If you can send the debug trace I might be able to identify where
exactly the error is. I'll try to include more detailed log entries than
this to make the debugging more easier.
Cheers,
Kaushalye
Dave Meier wrote:
> Hi Kau,
>
> Sorry, I did some more testing back without using rampart. At first
> I was getting the same error that showed with rampart. After some
> fiddling around I got that working again and then set it up with
> Rampart again. Now I don't get the same error but it is failing with
> A different error "[rampart][rampart_out_handler] UsernmaeToken build
> failed. ERROR":
>
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken SUCCESS
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp is SUCCESS
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
> WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
> enpoint address
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation
> using SOAPAction :
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
> SOAP message body's first child's local name
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> AddressingOutHandler within the phase MessageOut
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> RampartOutHandler within the phase MessageOut
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
> building UsernmaeToken
> [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
> UsernmaeToken build failed. ERROR
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful
> [Tue Nov 14 21:42:32 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
> [Tue Nov 14 21:42:32 2006] [info] Request served successfully
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Dave Meier [mailto:DMeier@SERENA.com]
> Sent: Tuesday, November 14, 2006 9:27 PM
> To: Apache AXIS C User List
> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>
> Hi Kau,
>
> 1. I used the Inflow/Outflow parameters like what is in the samples:
> <!--Rampart configurations START -->
> <parameter name="OutflowSecurity">
> <action>
> <items>UsernameToken Timestamp</items>
> <user>BILL</user>
> <passwordType>passwordText</passwordType>
>
> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
> rdCallbackClass>
> <timeToLive>360</timeToLive>
> </action>
> </parameter>
>
>
> <parameter name="InflowSecurity">
> <action>
> <items>UsernameToken Timestamp</items>
>
> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
> rdCallbackClass>
> </action>
> </parameter>
>
> <!--Rampart configurations END -->
>
> 2. Here is the trace of incoming and outgoing soap. I am using Visual
> Studio 2005 C# for the client side:
>
> Incoming:
> <?xml version="1.0" encoding="utf-8" ?>
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd">
> <soap:Header>
> <wsa:Action />
>
> <wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Messag
> eID>
> <wsa:ReplyTo>
>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony
> mous</wsa:Address>
> </wsa:ReplyTo>
>
> <wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp
> wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b">
> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
> <wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe">
> <wsse:Username>bill</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
> oken-profile-1.0#PasswordText">b</wsse:Password>
> <wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce>
> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
> <soap:Body>
> <CreatePrimaryItem xmlns="urn:ttwebservices">
> <auth>
> <userId xsi:nil="true" />
> <password xsi:nil="true" />
> <hostname xsi:nil="true" />
> </auth>
> <projectID>16</projectID>
> <item>
> <genericItem>
> <itemID xsi:nil="true" />
> <itemName>BUG</itemName>
> </genericItem>
> <classification>Image Builder</classification>
> <title>my title</title>
> <description>my desc</description>
> <createdBy>bill</createdBy>
> <createDate>2006-01-01T00:12:12</createDate>
> <modifiedBy>bill</modifiedBy>
> <modifiedDate>2006-01-01T00:12:12</modifiedDate>
> <activeInactive>true</activeInactive>
> <state>Waiting</state>
> <owner>joe</owner>
> <extendedFieldList>
> <name>FOUND_IN_VERSION</name>
> <value>v1.1</value>
> </extendedFieldList>
> <extendedFieldList>
> <name>FUNCTIONAL_AREA</name>
> <value>Help</value>
> </extendedFieldList>
> </item>
> </CreatePrimaryItem>
> </soap:Body>
> </soap:Envelope>
>
> Outgoing:
> <?xml version="1.0" encoding="UTF-8" ?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body />
> </soapenv:Envelope>
>
> When I use the same client code without WS-SECURITY and take rampart out
> of the axis2.xml, my web service method does get called and everything
> gets returned correctly to the client.
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Tuesday, November 14, 2006 9:02 PM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Hi,
> I need some information from you to figure out what exactly is the
> problem.
>
> 1. Have you specified the Outflow/InflowSecurity parameters correctly
> using axis2.xml If you have any questions on this do not hesitate to ask
> me. Have a look at the sample axis2.xml file in
> rampart/samples/client/echo/data/un_ts_axis2.xml.
> 2. Is it possible to send a trace of outgoing message. (You may use
> TCPMonitor for this)
>
> BTW from log entries I can see that Rampart has done the validation
> correct. But in the message building has failed in the server side. This
> "might" be due to improper settings in the server side. Try the latest
> code. But do not use the encryption yet:) It is still under development.
> Cheers,
> Kau
>
>
> Dave Meier wrote:
>
>> Hi,
>>
>> Okay, I got the latest code. I had to add "#include
>> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to
>> get it to link on Windows. Now it returns an empty message as it's
>> not invoking my service method:
>>
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body />
>> </soapenv:Envelope>
>>
>> The log below shows "[error]
>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>> object for service 'ttwebservices' not set in message receiver. 0 ::
>>
> No Error".
>
>> Please let me know if there is something I am doing wrong. I'll go
>> look at the source code to see if I can figure it out.
>>
>>
>>
>
>
>> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
>> Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler] Validating
>>
>
>
>> Timestamp [Tue Nov 14 11:24:07 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
>>
>
>
>> 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
>> Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
>> enpoint address [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
>> 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
>> operation using SOAPAction :
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
>> 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
>>
>
>
>> using SOAP message body's first child's local name : CreatePrimaryItem
>>
>
>
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
>> SOAP message body's first child's local name [Tue Nov 14 11:24:07
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
>> Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Tue Nov 14 11:24:07
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
>> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
>> object for service 'ttwebservices' not set in message receiver. 0 ::
>> No Error [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
>> successful [Tue Nov 14 11:24:07 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
>>
>
>
>> Nov 14 11:24:07 2006] [info] Request served successfully
>>
>> Thanks,
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Dave Meier [mailto:DMeier@SERENA.com]
>> Sent: Tuesday, November 14, 2006 7:35 AM
>> To: Apache AXIS C User List
>> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>>
>> Thanks for the quick fix - I'll go try it out right now.
>>
>> I am using Visual Studio 2005 C# on the client side. We'll be
>> supporting C#, Axis2 Java and Axis2C for our client side
>> implementations. Other projects here already use Axis2 for Java.
>>
>> -Dave.
>>
>> -----Original Message-----
>> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
>> Sent: Tuesday, November 14, 2006 1:24 AM
>> To: Apache AXIS C User List
>> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>>
>> Kaushalye Kapuruge wrote:
>>
>>
>>> Dave Meier wrote:
>>>
>>>
>>>> I have the rampart module hooked up and my password callback is
>>>> called correctly. But after successful validation, my web service
>>>> method does not get called. Instead I get back the following
>>>>
>>>>
>> response:
>>
>>
>>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>>> <soapenv:Header />
>>>> <soapenv:Body>
>>>> <soapenv:Fault>
>>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>>> <faultstring>Header not understood</faultstring>
>>>> </soapenv:Fault>
>>>> </soapenv:Body>
>>>> </soapenv:Envelope>
>>>>
>>>> This occurs after the userid and password have already been
>>>>
>>>>
>> validated.
>>
>>
>>>> Here are the log entries:
>>>>
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>>> version
>>>> HTTP/1.1
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>>> soap11
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13
>>>> 17:01:14
>>>>
>>>>
>>
>>
>>>> 2006] [info] Starting addressing in handler .........
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>>> Security found
>>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>>>>
>
>
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>>>>
>
>
>>>> WSA enpoint address :
>>>> http://localhost:8181/axis2/services/ttwebservices
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>>> 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon
>>>> Nov
>>>>
>>>>
>>
>>
>>>> 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>>> operation using SOAP message body's first child's local name :
>>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found
>>>> using
>>>>
>>>>
>>
>>
>>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>>> 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>>> [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> dispatch_post_conditions_evaluator within the phase PostDispatch
>>>> [Mon
>>>>
>>>>
>>
>>
>>>> Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>>> 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>>
>>>> I did have mustUnderstand set in the request like this:
>>>> "<wsse:Security soap:mustUnderstand="1">
>>>>
>>>>
>>>>
>>> Rampart_in_handler should set this relaying attribute to false after
>>> processing. Thanks for pointing this out.
>>> BTW, are you using a rampart in the client side as well? Or is it
>>> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>>>
>>>
>>>> How can I get around this?
>>>>
>>>>
>> Get the latest code from the svn.
>> Cheers,
>>
>>
>>>> Thanks,
>>>>
>>>> -Dave.
>>>>
>>>> ********************************************************************
>>>> *
>>>> * This email and any files transmitted with it are confidential and
>>>> intended solely for the use of the individual or entity to whom they
>>>>
>
>
>>>> are addressed. Any unauthorized review, use, disclosure or
>>>> distribution is prohibited. If you are not the intended recipient,
>>>> please contact the sender by reply e-mail and destroy all copies of
>>>> the original message.
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Hi Kau,
Sorry, I did some more testing back without using rampart. At first
I was getting the same error that showed with rampart. After some
fiddling around I got that working again and then set it up with
Rampart again. Now I don't get the same error but it is failing with
A different error "[rampart][rampart_out_handler] UsernmaeToken build
failed. ERROR":
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow
Security found
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken SUCCESS
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp is SUCCESS
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
addressing_based_dispatcher within the phase Dispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\addr_disp.c(108) Checking for service using
WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
enpoint address
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
request_uri_based_dispatcher within the phase Dispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_action_based_dispatcher within the phase Dispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation
using SOAPAction :
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_message_body_based_dispatcher within the phase Dispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
using SOAP message body's first child's local name : CreatePrimaryItem
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
SOAP message body's first child's local name
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
dispatch_post_conditions_evaluator within the phase PostDispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
context_handler within the phase PostDispatch
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase
PolicyDetermination
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase
PolicyDetermination
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
AddressingOutHandler within the phase MessageOut
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
RampartOutHandler within the phase MessageOut
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
building UsernmaeToken
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler]
UsernmaeToken build failed. ERROR
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful
[Tue Nov 14 21:42:32 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
[Tue Nov 14 21:42:32 2006] [info] Request served successfully
Thanks,
-Dave.
-----Original Message-----
From: Dave Meier [mailto:DMeier@SERENA.com]
Sent: Tuesday, November 14, 2006 9:27 PM
To: Apache AXIS C User List
Subject: RE: [Axis2] rampart problem using WS-SECURITY
Hi Kau,
1. I used the Inflow/Outflow parameters like what is in the samples:
<!--Rampart configurations START -->
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<user>BILL</user>
<passwordType>passwordText</passwordType>
<passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
rdCallbackClass>
<timeToLive>360</timeToLive>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
rdCallbackClass>
</action>
</parameter>
<!--Rampart configurations END -->
2. Here is the trace of incoming and outgoing soap. I am using Visual
Studio 2005 C# for the client side:
Incoming:
<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd">
<soap:Header>
<wsa:Action />
<wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Messag
eID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony
mous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b">
<wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
<wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe">
<wsse:Username>bill</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">b</wsse:Password>
<wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce>
<wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<CreatePrimaryItem xmlns="urn:ttwebservices">
<auth>
<userId xsi:nil="true" />
<password xsi:nil="true" />
<hostname xsi:nil="true" />
</auth>
<projectID>16</projectID>
<item>
<genericItem>
<itemID xsi:nil="true" />
<itemName>BUG</itemName>
</genericItem>
<classification>Image Builder</classification>
<title>my title</title>
<description>my desc</description>
<createdBy>bill</createdBy>
<createDate>2006-01-01T00:12:12</createDate>
<modifiedBy>bill</modifiedBy>
<modifiedDate>2006-01-01T00:12:12</modifiedDate>
<activeInactive>true</activeInactive>
<state>Waiting</state>
<owner>joe</owner>
<extendedFieldList>
<name>FOUND_IN_VERSION</name>
<value>v1.1</value>
</extendedFieldList>
<extendedFieldList>
<name>FUNCTIONAL_AREA</name>
<value>Help</value>
</extendedFieldList>
</item>
</CreatePrimaryItem>
</soap:Body>
</soap:Envelope>
Outgoing:
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header />
<soapenv:Body />
</soapenv:Envelope>
When I use the same client code without WS-SECURITY and take rampart out
of the axis2.xml, my web service method does get called and everything
gets returned correctly to the client.
Thanks,
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Tuesday, November 14, 2006 9:02 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Hi,
I need some information from you to figure out what exactly is the
problem.
1. Have you specified the Outflow/InflowSecurity parameters correctly
using axis2.xml If you have any questions on this do not hesitate to ask
me. Have a look at the sample axis2.xml file in
rampart/samples/client/echo/data/un_ts_axis2.xml.
2. Is it possible to send a trace of outgoing message. (You may use
TCPMonitor for this)
BTW from log entries I can see that Rampart has done the validation
correct. But in the message building has failed in the server side. This
"might" be due to improper settings in the server side. Try the latest
code. But do not use the encryption yet:) It is still under development.
Cheers,
Kau
Dave Meier wrote:
> Hi,
>
> Okay, I got the latest code. I had to add "#include
> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to
> get it to link on Windows. Now it returns an empty message as it's
> not invoking my service method:
>
> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body />
> </soapenv:Envelope>
>
> The log below shows "[error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
> object for service 'ttwebservices' not set in message receiver. 0 ::
No Error".
>
> Please let me know if there is something I am doing wrong. I'll go
> look at the source code to see if I can figure it out.
>
>
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
> Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler] Validating
> Timestamp [Tue Nov 14 11:24:07 2006] [info]
> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
> 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
> Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
> WSA enpoint address :
> http://localhost:8181/axis2/services/ttwebservices
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
> enpoint address [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
> operation using SOAPAction :
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
> 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
> SOAP message body's first child's local name [Tue Nov 14 11:24:07
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
> Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch [Tue Nov 14 11:24:07
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
> object for service 'ttwebservices' not set in message receiver. 0 ::
> No Error [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
> successful [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
> Nov 14 11:24:07 2006] [info] Request served successfully
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Dave Meier [mailto:DMeier@SERENA.com]
> Sent: Tuesday, November 14, 2006 7:35 AM
> To: Apache AXIS C User List
> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>
> Thanks for the quick fix - I'll go try it out right now.
>
> I am using Visual Studio 2005 C# on the client side. We'll be
> supporting C#, Axis2 Java and Axis2C for our client side
> implementations. Other projects here already use Axis2 for Java.
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Tuesday, November 14, 2006 1:24 AM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Kaushalye Kapuruge wrote:
>
>> Dave Meier wrote:
>>
>>> I have the rampart module hooked up and my password callback is
>>> called correctly. But after successful validation, my web service
>>> method does not get called. Instead I get back the following
>>>
> response:
>
>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>> <soapenv:Header />
>>> <soapenv:Body>
>>> <soapenv:Fault>
>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>> <faultstring>Header not understood</faultstring>
>>> </soapenv:Fault>
>>> </soapenv:Body>
>>> </soapenv:Envelope>
>>>
>>> This occurs after the userid and password have already been
>>>
> validated.
>
>>> Here are the log entries:
>>>
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>> version
>>> HTTP/1.1
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>> soap11
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13
>>> 17:01:14
>>>
>
>
>>> 2006] [info] Starting addressing in handler .........
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>> Security found
>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>>> WSA enpoint address :
>>> http://localhost:8181/axis2/services/ttwebservices
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon
>>> Nov
>>>
>
>
>>> 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>> operation using SOAP message body's first child's local name :
>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found
>>> using
>>>
>
>
>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> dispatch_post_conditions_evaluator within the phase PostDispatch
>>> [Mon
>>>
>
>
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>
>>> I did have mustUnderstand set in the request like this:
>>> "<wsse:Security soap:mustUnderstand="1">
>>>
>>>
>> Rampart_in_handler should set this relaying attribute to false after
>> processing. Thanks for pointing this out.
>> BTW, are you using a rampart in the client side as well? Or is it
>> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>>
>>> How can I get around this?
>>>
> Get the latest code from the svn.
> Cheers,
>
>>> Thanks,
>>>
>>> -Dave.
>>>
>>> ********************************************************************
>>> *
>>> * This email and any files transmitted with it are confidential and
>>> intended solely for the use of the individual or entity to whom they
>>> are addressed. Any unauthorized review, use, disclosure or
>>> distribution is prohibited. If you are not the intended recipient,
>>> please contact the sender by reply e-mail and destroy all copies of
>>> the original message.
>>>
>>>
>>> --------------------------------------------------------------------
>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Hi Kau,
1. I used the Inflow/Outflow parameters like what is in the samples:
<!--Rampart configurations START -->
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<user>BILL</user>
<passwordType>passwordText</passwordType>
<passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
rdCallbackClass>
<timeToLive>360</timeToLive>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo
rdCallbackClass>
</action>
</parameter>
<!--Rampart configurations END -->
2. Here is the trace of incoming and outgoing soap. I am using Visual
Studio 2005 C# for the client side:
Incoming:
<?xml version="1.0" encoding="utf-8" ?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd">
<soap:Header>
<wsa:Action />
<wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Messag
eID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony
mous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b">
<wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
<wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe">
<wsse:Username>bill</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordText">b</wsse:Password>
<wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce>
<wsu:Created>2006-11-15T05:22:08Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<CreatePrimaryItem xmlns="urn:ttwebservices">
<auth>
<userId xsi:nil="true" />
<password xsi:nil="true" />
<hostname xsi:nil="true" />
</auth>
<projectID>16</projectID>
<item>
<genericItem>
<itemID xsi:nil="true" />
<itemName>BUG</itemName>
</genericItem>
<classification>Image Builder</classification>
<title>my title</title>
<description>my desc</description>
<createdBy>bill</createdBy>
<createDate>2006-01-01T00:12:12</createDate>
<modifiedBy>bill</modifiedBy>
<modifiedDate>2006-01-01T00:12:12</modifiedDate>
<activeInactive>true</activeInactive>
<state>Waiting</state>
<owner>joe</owner>
<extendedFieldList>
<name>FOUND_IN_VERSION</name>
<value>v1.1</value>
</extendedFieldList>
<extendedFieldList>
<name>FUNCTIONAL_AREA</name>
<value>Help</value>
</extendedFieldList>
</item>
</CreatePrimaryItem>
</soap:Body>
</soap:Envelope>
Outgoing:
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header />
<soapenv:Body />
</soapenv:Envelope>
When I use the same client code without WS-SECURITY and take rampart out
of the axis2.xml, my web service method does get called and everything
gets returned correctly to the client.
Thanks,
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Tuesday, November 14, 2006 9:02 PM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Hi,
I need some information from you to figure out what exactly is the
problem.
1. Have you specified the Outflow/InflowSecurity parameters correctly
using axis2.xml If you have any questions on this do not hesitate to ask
me. Have a look at the sample axis2.xml file in
rampart/samples/client/echo/data/un_ts_axis2.xml.
2. Is it possible to send a trace of outgoing message. (You may use
TCPMonitor for this)
BTW from log entries I can see that Rampart has done the validation
correct. But in the message building has failed in the server side. This
"might" be due to improper settings in the server side. Try the latest
code. But do not use the encryption yet:) It is still under development.
Cheers,
Kau
Dave Meier wrote:
> Hi,
>
> Okay, I got the latest code. I had to add "#include
> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to
> get it to link on Windows. Now it returns an empty message as it's
> not invoking my service method:
>
> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body />
> </soapenv:Envelope>
>
> The log below shows "[error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
> object for service 'ttwebservices' not set in message receiver. 0 ::
No Error".
>
> Please let me know if there is something I am doing wrong. I'll go
> look at the source code to see if I can figure it out.
>
>
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue
> Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler] Validating
> Timestamp [Tue Nov 14 11:24:07 2006] [info]
> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
> 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue
> Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
> WSA enpoint address :
> http://localhost:8181/axis2/services/ttwebservices
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
> enpoint address [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
> 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for
> operation using SOAPAction :
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov
> 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
> SOAP message body's first child's local name [Tue Nov 14 11:24:07
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
> Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch [Tue Nov 14 11:24:07
> 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl
> object for service 'ttwebservices' not set in message receiver. 0 ::
> No Error [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive
> successful [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
> Nov 14 11:24:07 2006] [info] Request served successfully
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Dave Meier [mailto:DMeier@SERENA.com]
> Sent: Tuesday, November 14, 2006 7:35 AM
> To: Apache AXIS C User List
> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>
> Thanks for the quick fix - I'll go try it out right now.
>
> I am using Visual Studio 2005 C# on the client side. We'll be
> supporting C#, Axis2 Java and Axis2C for our client side
> implementations. Other projects here already use Axis2 for Java.
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Tuesday, November 14, 2006 1:24 AM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Kaushalye Kapuruge wrote:
>
>> Dave Meier wrote:
>>
>>> I have the rampart module hooked up and my password callback is
>>> called correctly. But after successful validation, my web service
>>> method does not get called. Instead I get back the following
>>>
> response:
>
>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>> <soapenv:Header />
>>> <soapenv:Body>
>>> <soapenv:Fault>
>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>> <faultstring>Header not understood</faultstring>
>>> </soapenv:Fault>
>>> </soapenv:Body>
>>> </soapenv:Envelope>
>>>
>>> This occurs after the userid and password have already been
>>>
> validated.
>
>>> Here are the log entries:
>>>
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>> version
>>> HTTP/1.1
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>> soap11
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13
>>> 17:01:14
>>>
>
>
>>> 2006] [info] Starting addressing in handler .........
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>> Security found
>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>>> WSA enpoint address :
>>> http://localhost:8181/axis2/services/ttwebservices
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon
>>> Nov
>>>
>
>
>>> 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>> operation using SOAP message body's first child's local name :
>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found
>>> using
>>>
>
>
>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> dispatch_post_conditions_evaluator within the phase PostDispatch
>>> [Mon
>>>
>
>
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>
>>> I did have mustUnderstand set in the request like this:
>>> "<wsse:Security soap:mustUnderstand="1">
>>>
>>>
>> Rampart_in_handler should set this relaying attribute to false after
>> processing. Thanks for pointing this out.
>> BTW, are you using a rampart in the client side as well? Or is it
>> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>>
>>> How can I get around this?
>>>
> Get the latest code from the svn.
> Cheers,
>
>>> Thanks,
>>>
>>> -Dave.
>>>
>>> ********************************************************************
>>> *
>>> * This email and any files transmitted with it are confidential and
>>> intended solely for the use of the individual or entity to whom they
>>> are addressed. Any unauthorized review, use, disclosure or
>>> distribution is prohibited. If you are not the intended recipient,
>>> please contact the sender by reply e-mail and destroy all copies of
>>> the original message.
>>>
>>>
>>> --------------------------------------------------------------------
>>> - To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi,
I need some information from you to figure out what exactly is the problem.
1. Have you specified the Outflow/InflowSecurity parameters correctly
using axis2.xml If you have any questions on this do not hesitate to ask
me. Have a look at the sample axis2.xml file in
rampart/samples/client/echo/data/un_ts_axis2.xml.
2. Is it possible to send a trace of outgoing message. (You may use
TCPMonitor for this)
BTW from log entries I can see that Rampart has done the validation
correct. But in the message building has failed in the server side. This
"might" be due to improper settings in the server side. Try the latest
code. But do not use the encryption yet:) It is still under development.
Cheers,
Kau
Dave Meier wrote:
> Hi,
>
> Okay, I got the latest code. I had to add "#include
> <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to get
> it to link on Windows. Now it returns an empty message as it's not
> invoking my service method:
>
> <?xml version="1.0" encoding="UTF-8" ?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body />
> </soapenv:Envelope>
>
> The log below shows "[error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
> for service 'ttwebservices' not set in message receiver. 0 :: No Error".
>
> Please let me know if there is something I am doing wrong. I'll go look
> at the source code to see if I can figure it out.
>
>
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken SUCCESS
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp
> [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp is SUCCESS
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(108) Checking for service using
> WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
> enpoint address
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation
> using SOAPAction :
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
> SOAP message body's first child's local name
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination
> [Tue Nov 14 11:24:07 2006] [error]
> ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
> for service 'ttwebservices' not set in message receiver. 0 :: No Error
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful
> [Tue Nov 14 11:24:07 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
> [Tue Nov 14 11:24:07 2006] [info] Request served successfully
>
> Thanks,
>
> -Dave.
>
> -----Original Message-----
> From: Dave Meier [mailto:DMeier@SERENA.com]
> Sent: Tuesday, November 14, 2006 7:35 AM
> To: Apache AXIS C User List
> Subject: RE: [Axis2] rampart problem using WS-SECURITY
>
> Thanks for the quick fix - I'll go try it out right now.
>
> I am using Visual Studio 2005 C# on the client side. We'll be
> supporting C#, Axis2 Java and Axis2C for our client side
> implementations. Other projects here already use Axis2 for Java.
>
> -Dave.
>
> -----Original Message-----
> From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
> Sent: Tuesday, November 14, 2006 1:24 AM
> To: Apache AXIS C User List
> Subject: Re: [Axis2] rampart problem using WS-SECURITY
>
> Kaushalye Kapuruge wrote:
>
>> Dave Meier wrote:
>>
>>> I have the rampart module hooked up and my password callback is
>>> called correctly. But after successful validation, my web service
>>> method does not get called. Instead I get back the following
>>>
> response:
>
>>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>>> <soapenv:Header />
>>> <soapenv:Body>
>>> <soapenv:Fault>
>>> <faultcode>soapenv:MustUnderstand</faultcode>
>>> <faultstring>Header not understood</faultstring>
>>> </soapenv:Fault>
>>> </soapenv:Body>
>>> </soapenv:Envelope>
>>>
>>> This occurs after the userid and password have already been
>>>
> validated.
>
>>> Here are the log entries:
>>>
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>>> version
>>> HTTP/1.1
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>>> soap11
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> AddressingInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>>
>
>
>>> 2006] [info] Starting addressing in handler .........
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>>> 2006] [info] [rampart][rampart_in_handler]Inflow
>>> Security found
>>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>>> WSA enpoint address :
>>> http://localhost:8181/axis2/services/ttwebservices
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>>> 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> soap_message_body_based_dispatcher within the phase Dispatch [Mon Nov
>>>
>
>
>>> 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>>> operation using SOAP message body's first child's local name :
>>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>>>
>
>
>>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>>> [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> dispatch_post_conditions_evaluator within the phase PostDispatch [Mon
>>>
>
>
>>> Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>>> 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>>
>>> I did have mustUnderstand set in the request like this:
>>> "<wsse:Security soap:mustUnderstand="1">
>>>
>>>
>> Rampart_in_handler should set this relaying attribute to false after
>> processing. Thanks for pointing this out.
>> BTW, are you using a rampart in the client side as well? Or is it
>> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>>
>>> How can I get around this?
>>>
> Get the latest code from the svn.
> Cheers,
>
>>> Thanks,
>>>
>>> -Dave.
>>>
>>> *********************************************************************
>>> * This email and any files transmitted with it are confidential and
>>> intended solely for the use of the individual or entity to whom they
>>> are addressed. Any unauthorized review, use, disclosure or
>>> distribution is prohibited. If you are not the intended recipient,
>>> please contact the sender by reply e-mail and destroy all copies of
>>> the original message.
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>>
>>>
>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Forgot to mention two other changes I made to my copy of the code:
1. In asym_ctx.c: renamed "oxs_asym_ctx_create_asym_ctx" method to
"oxs_asym_ctx_create" as that is what's defined in the header file.
2. In rampart_encryption.c, added an ampersand to the last argument in
this call as it takes an "axiom_node_t **enc_type_node":
enc_status = oxs_xml_enc_encrypt_node(env, enc_ctx, node_to_enc,
&enc_data_node);
-Dave.
-----Original Message-----
From: Dave Meier [mailto:DMeier@SERENA.com]
Sent: Tuesday, November 14, 2006 11:41 AM
To: Apache AXIS C User List
Subject: RE: [Axis2] rampart problem using WS-SECURITY
Hi,
Okay, I got the latest code. I had to add "#include
<oxs_xml_encryption.h>" to the rampart_encryption.c file in order to get
it to link on Windows. Now it returns an empty message as it's not
invoking my service method:
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header />
<soapenv:Body />
</soapenv:Envelope>
The log below shows "[error]
..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
for service 'ttwebservices' not set in message receiver. 0 :: No Error".
Please let me know if there is something I am doing wrong. I'll go look
at the source code to see if I can figure it out.
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
Security found
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info]
[rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue Nov
14 11:24:07 2006] [info] [rampart][rampart_in_handler] Validating
Timestamp [Tue Nov 14 11:24:07 2006] [info]
[rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov
14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue Nov
14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
addressing_based_dispatcher within the phase Dispatch [Tue Nov 14
11:24:07 2006] [debug]
..\..\modules\core\engine\addr_disp.c(108) Checking for service using
WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
enpoint address [Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14
11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14
11:24:07 2006] [debug]
..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation
using SOAPAction :
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov 14
11:24:07 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
using SOAP message body's first child's local name : CreatePrimaryItem
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
SOAP message body's first child's local name [Tue Nov 14 11:24:07 2006]
[debug]
..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch [Tue
Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
dispatch_post_conditions_evaluator within the phase PostDispatch [Tue
Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
context_handler within the phase PostDispatch [Tue Nov 14 11:24:07 2006]
[debug]
..\..\modules\core\engine\engine.c(762) Invoking phase
PolicyDetermination [Tue Nov 14 11:24:07 2006] [error]
..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
for service 'ttwebservices' not set in message receiver. 0 :: No Error
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue
Nov 14 11:24:07 2006] [info] Request served successfully
Thanks,
-Dave.
-----Original Message-----
From: Dave Meier [mailto:DMeier@SERENA.com]
Sent: Tuesday, November 14, 2006 7:35 AM
To: Apache AXIS C User List
Subject: RE: [Axis2] rampart problem using WS-SECURITY
Thanks for the quick fix - I'll go try it out right now.
I am using Visual Studio 2005 C# on the client side. We'll be
supporting C#, Axis2 Java and Axis2C for our client side
implementations. Other projects here already use Axis2 for Java.
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Tuesday, November 14, 2006 1:24 AM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Kaushalye Kapuruge wrote:
> Dave Meier wrote:
>> I have the rampart module hooked up and my password callback is
>> called correctly. But after successful validation, my web service
>> method does not get called. Instead I get back the following
response:
>>
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body>
>> <soapenv:Fault>
>> <faultcode>soapenv:MustUnderstand</faultcode>
>> <faultstring>Header not understood</faultstring>
>> </soapenv:Fault>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> This occurs after the userid and password have already been
validated.
>> Here are the log entries:
>>
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>> version
>> HTTP/1.1
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>> soap11
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] Starting addressing in handler .........
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Mon Nov
>> 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>> operation using SOAP message body's first child's local name :
>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>
>> I did have mustUnderstand set in the request like this:
>> "<wsse:Security soap:mustUnderstand="1">
>>
> Rampart_in_handler should set this relaying attribute to false after
> processing. Thanks for pointing this out.
> BTW, are you using a rampart in the client side as well? Or is it
> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>> How can I get around this?
Get the latest code from the svn.
Cheers,
>>
>> Thanks,
>>
>> -Dave.
>>
>> *********************************************************************
>> * This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. Any unauthorized review, use, disclosure or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender by reply e-mail and destroy all copies of
>> the original message.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Hi,
Okay, I got the latest code. I had to add "#include
<oxs_xml_encryption.h>" to the rampart_encryption.c file in order to get
it to link on Windows. Now it returns an empty message as it's not
invoking my service method:
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header />
<soapenv:Body />
</soapenv:Envelope>
The log below shows "[error]
..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
for service 'ttwebservices' not set in message receiver. 0 :: No Error".
Please let me know if there is something I am doing wrong. I'll go look
at the source code to see if I can figure it out.
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow
Security found
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
Validating UsernameToken SUCCESS
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp
[Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]
Validating Timestamp is SUCCESS
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
addressing_based_dispatcher within the phase Dispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\addr_disp.c(108) Checking for service using
WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\addr_disp.c(138) Service found using WSA
enpoint address
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
request_uri_based_dispatcher within the phase Dispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_action_based_dispatcher within the phase Dispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation
using SOAPAction :
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
soap_message_body_based_dispatcher within the phase Dispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation
using SOAP message body's first child's local name : CreatePrimaryItem
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\soap_body_disp.c(207) Operation found using
SOAP message body's first child's local name
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
dispatch_post_conditions_evaluator within the phase PostDispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\phase.c(356) Invoke the handler
context_handler within the phase PostDispatch
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase
PolicyDetermination
[Tue Nov 14 11:24:07 2006] [error]
..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl object
for service 'ttwebservices' not set in message receiver. 0 :: No Error
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful
[Tue Nov 14 11:24:07 2006] [debug]
..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
[Tue Nov 14 11:24:07 2006] [info] Request served successfully
Thanks,
-Dave.
-----Original Message-----
From: Dave Meier [mailto:DMeier@SERENA.com]
Sent: Tuesday, November 14, 2006 7:35 AM
To: Apache AXIS C User List
Subject: RE: [Axis2] rampart problem using WS-SECURITY
Thanks for the quick fix - I'll go try it out right now.
I am using Visual Studio 2005 C# on the client side. We'll be
supporting C#, Axis2 Java and Axis2C for our client side
implementations. Other projects here already use Axis2 for Java.
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Tuesday, November 14, 2006 1:24 AM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Kaushalye Kapuruge wrote:
> Dave Meier wrote:
>> I have the rampart module hooked up and my password callback is
>> called correctly. But after successful validation, my web service
>> method does not get called. Instead I get back the following
response:
>>
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body>
>> <soapenv:Fault>
>> <faultcode>soapenv:MustUnderstand</faultcode>
>> <faultstring>Header not understood</faultstring>
>> </soapenv:Fault>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> This occurs after the userid and password have already been
validated.
>> Here are the log entries:
>>
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>> version
>> HTTP/1.1
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>> soap11
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] Starting addressing in handler .........
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Mon Nov
>> 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>> operation using SOAP message body's first child's local name :
>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>
>> I did have mustUnderstand set in the request like this:
>> "<wsse:Security soap:mustUnderstand="1">
>>
> Rampart_in_handler should set this relaying attribute to false after
> processing. Thanks for pointing this out.
> BTW, are you using a rampart in the client side as well? Or is it
> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>> How can I get around this?
Get the latest code from the svn.
Cheers,
>>
>> Thanks,
>>
>> -Dave.
>>
>> *********************************************************************
>> * This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. Any unauthorized review, use, disclosure or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender by reply e-mail and destroy all copies of
>> the original message.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: [Axis2] rampart problem using WS-SECURITY
Posted by Dave Meier <DM...@SERENA.com>.
Thanks for the quick fix - I'll go try it out right now.
I am using Visual Studio 2005 C# on the client side. We'll be
supporting
C#, Axis2 Java and Axis2C for our client side implementations. Other
projects here already use Axis2 for Java.
-Dave.
-----Original Message-----
From: Kaushalye Kapuruge [mailto:kaushalye@wso2.com]
Sent: Tuesday, November 14, 2006 1:24 AM
To: Apache AXIS C User List
Subject: Re: [Axis2] rampart problem using WS-SECURITY
Kaushalye Kapuruge wrote:
> Dave Meier wrote:
>> I have the rampart module hooked up and my password callback is
>> called correctly. But after successful validation, my web service
>> method does not get called. Instead I get back the following
response:
>>
>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body>
>> <soapenv:Fault>
>> <faultcode>soapenv:MustUnderstand</faultcode>
>> <faultstring>Header not understood</faultstring>
>> </soapenv:Fault>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> This occurs after the userid and password have already been
validated.
>> Here are the log entries:
>>
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP
>> version
>> HTTP/1.1
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>> soap11
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] Starting addressing in handler .........
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14
>> 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon
>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info]
>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using
>> WSA enpoint address :
>> http://localhost:8181/axis2/services/ttwebservices
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>> enpoint address [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13
>> 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for
>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch [Mon Nov
>> 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for
>> operation using SOAP message body's first child's local name :
>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>> SOAP message body's first child's local name [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch [Mon
>> Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14
>> 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>
>> I did have mustUnderstand set in the request like this:
>> "<wsse:Security soap:mustUnderstand="1">
>>
> Rampart_in_handler should set this relaying attribute to false after
> processing. Thanks for pointing this out.
> BTW, are you using a rampart in the client side as well? Or is it
> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>> How can I get around this?
Get the latest code from the svn.
Cheers,
>>
>> Thanks,
>>
>> -Dave.
>>
>> *********************************************************************
>> * This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. Any unauthorized review, use, disclosure or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender by reply e-mail and destroy all copies of
>> the original message.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Kaushalye Kapuruge wrote:
> Dave Meier wrote:
>> I have the rampart module hooked up and my password callback is called
>> correctly. But after successful validation, my web service method does
>> not get called. Instead I get back the following response:
>>
>> <?xml version="1.0" encoding="UTF-8" ?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body>
>> <soapenv:Fault>
>> <faultcode>soapenv:MustUnderstand</faultcode>
>> <faultstring>Header not understood</faultstring>
>> </soapenv:Fault>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> This occurs after the userid and password have already been validated.
>> Here are the log entries:
>>
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP version
>> HTTP/1.1
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>> soap11
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingInHandler within the phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [info] Starting addressing in handler
>> .........
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartInHandler within the phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken SUCCESS
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp is SUCCESS [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using WSA
>> enpoint address : http://localhost:8181/axis2/services/ttwebservices
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>> enpoint address
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for operation
>> using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for operation
>> using SOAP message body's first child's local name : CreatePrimaryItem
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>> SOAP message body's first child's local name
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>
>> I did have mustUnderstand set in the request like this: "<wsse:Security
>> soap:mustUnderstand="1">
>>
> Rampart_in_handler should set this relaying attribute to false after
> processing. Thanks for pointing this out.
> BTW, are you using a rampart in the client side as well? Or is it
> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>> How can I get around this?
Get the latest code from the svn.
Cheers,
>>
>> Thanks,
>>
>> -Dave.
>>
>> **********************************************************************
>> This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. Any unauthorized review, use, disclosure or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender by reply e-mail and destroy all copies of
>> the original message.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Kaushalye Kapuruge wrote:
> Dave Meier wrote:
>> I have the rampart module hooked up and my password callback is called
>> correctly. But after successful validation, my web service method does
>> not get called. Instead I get back the following response:
>>
>> <?xml version="1.0" encoding="UTF-8" ?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
>> <soapenv:Header />
>> <soapenv:Body>
>> <soapenv:Fault>
>> <faultcode>soapenv:MustUnderstand</faultcode>
>> <faultstring>Header not understood</faultstring>
>> </soapenv:Fault>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>> This occurs after the userid and password have already been validated.
>> Here are the log entries:
>>
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP version
>> HTTP/1.1
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
>> soap11
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> AddressingInHandler within the phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [info] Starting addressing in handler
>> .........
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> RampartInHandler within the phase PreDispatch
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]Inflow
>> Security found
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating UsernameToken SUCCESS
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp
>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
>> Validating Timestamp is SUCCESS [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> addressing_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using WSA
>> enpoint address : http://localhost:8181/axis2/services/ttwebservices
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
>> enpoint address
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> request_uri_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_action_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for operation
>> using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> soap_message_body_based_dispatcher within the phase Dispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for operation
>> using SOAP message body's first child's local name : CreatePrimaryItem
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
>> SOAP message body's first child's local name
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> dispatch_post_conditions_evaluator within the phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\phase.c(356) Invoke the handler
>> context_handler within the phase PostDispatch
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase
>> PolicyDetermination
>> [Mon Nov 13 17:01:14 2006] [debug]
>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>>
>> I did have mustUnderstand set in the request like this: "<wsse:Security
>> soap:mustUnderstand="1">
>>
> Rampart_in_handler should set this relaying attribute to false after
> processing. Thanks for pointing this out.
> BTW, are you using a rampart in the client side as well? Or is it
> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
>> How can I get around this?
Get the latest code from the svn.
Cheers,
>>
>> Thanks,
>>
>> -Dave.
>>
>> **********************************************************************
>> This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they
>> are addressed. Any unauthorized review, use, disclosure or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender by reply e-mail and destroy all copies of
>> the original message.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart problem using WS-SECURITY
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Dave Meier wrote:
> I have the rampart module hooked up and my password callback is called
> correctly. But after successful validation, my web service method does
> not get called. Instead I get back the following response:
>
> <?xml version="1.0" encoding="UTF-8" ?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header />
> <soapenv:Body>
> <soapenv:Fault>
> <faultcode>soapenv:MustUnderstand</faultcode>
> <faultstring>Header not understood</faultstring>
> </soapenv:Fault>
> </soapenv:Body>
> </soapenv:Envelope>
>
> This occurs after the userid and password have already been validated.
> Here are the log entries:
>
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP version
> HTTP/1.1
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is
> soap11
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> AddressingInHandler within the phase PreDispatch
> [Mon Nov 13 17:01:14 2006] [info] Starting addressing in handler
> .........
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> RampartInHandler within the phase PreDispatch
> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]Inflow
> Security found
> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken
> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
> Validating UsernameToken SUCCESS
> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp
> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler]
> Validating Timestamp is SUCCESS
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> addressing_based_dispatcher within the phase Dispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using WSA
> enpoint address : http://localhost:8181/axis2/services/ttwebservices
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA
> enpoint address
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> request_uri_based_dispatcher within the phase Dispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_action_based_dispatcher within the phase Dispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for operation
> using SOAPAction :
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> soap_message_body_based_dispatcher within the phase Dispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for operation
> using SOAP message body's first child's local name : CreatePrimaryItem
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found using
> SOAP message body's first child's local name
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> dispatch_post_conditions_evaluator within the phase PostDispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\phase.c(356) Invoke the handler
> context_handler within the phase PostDispatch
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase
> PolicyDetermination
> [Mon Nov 13 17:01:14 2006] [debug]
> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut
> [Mon Nov 13 17:01:14 2006] [info] Request served successfully
>
> I did have mustUnderstand set in the request like this: "<wsse:Security
> soap:mustUnderstand="1">
>
Rampart_in_handler should set this relaying attribute to false after
processing. Thanks for pointing this out.
BTW, are you using a rampart in the client side as well? Or is it
another implementation? :) 'Coz rampart doesn't set mustUnderstand=1.
> How can I get around this?
>
> Thanks,
>
> -Dave.
>
> **********************************************************************
> This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org