tag:blogger.com,1999:blog-591744930960839717.post8156311403310459450..comments2023-09-05T11:27:29.080+01:00Comments on Sweetxml: Runnning the Axis2 Rampart sample "04. Message integrity and non-repudiation with signature"Unknownnoreply@blogger.comBlogger28125tag:blogger.com,1999:blog-591744930960839717.post-87843873629498120772012-04-21T05:37:46.103+01:002012-04-21T05:37:46.103+01:00This comment has been removed by the author.Ruby Clairehttps://www.blogger.com/profile/01710522322446393469noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-14433591544785737502011-06-29T00:24:02.457+01:002011-06-29T00:24:02.457+01:00HI Brian,
Thanks for the article.
I do have a que...HI Brian,<br /><br />Thanks for the article.<br />I do have a question related to addition of binarysecuritytoken. I do not see any logic in any of the files under Sample4 to generate and add binarysecurity token to the Soap Header. How does it get added?<br /><br />I am doing a similary implementation and have logic to generate the binarysecuritytoken but I am unable to figure how to add it to the Soap Header using Rampart/Axis2.Samhttps://www.blogger.com/profile/00674992961640333030noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-16939674591360376522010-07-19T15:07:18.830+01:002010-07-19T15:07:18.830+01:00Hi Sample
Great that it was of use to you.
Best ...Hi Sample<br /><br />Great that it was of use to you.<br /><br />Best regards BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-16461651782734801762010-07-07T11:16:07.049+01:002010-07-07T11:16:07.049+01:00Your site contains best solution for these message...Your site contains best solution for these messages, i browsed 10-20 sites yet.<br /><a href="http://www.samplemessages.in/" rel="nofollow">Sample messages</a>Sample Messageshttps://www.blogger.com/profile/17807144881174760441noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-20244477156955690592008-11-05T22:30:00.000+01:002008-11-05T22:30:00.000+01:00HiFirst I was surprised that there was such thing ...Hi<BR/><BR/>First I was surprised that there was such thing as an rampart-1.4 since the <A HREF="http://ws.apache.org/axis2/modules/index.html" REL="nofollow">Apache Axis2 Modules page</A> still refences version 1.3 as the latest/current and that is compatible with the earlier Axis2-1.3 release. I then checked the subsite for Rampart and discovered not just a facelift but also a <A HREF="http://ws.apache.org/rampart/download/1.4/download.cgi" REL="nofollow">1.4 release</A>.<BR/><BR/>I've just tried to run some of the samples and with an update to the build.xml to addressing-1.41.mar instead of addressing-1.4.mar:<BR/><BR/> <property name="addressing.mar" value="addressing-1.41.mar"/><BR/><BR/>it seems as if the basic ones run whereas I only got policy sample 01 and 02 to run without errors.<BR/><BR/>I know this isn't an answer to your question, but you should run with the latest jars and I since I could get the simplest policy samples to run you should be able to find inspiration in these config-files. There might be some bugs, but I didn't bump into the one that you mention in my fast run through and the errors I saw was probably related to the samples and their mockup not being nursed and not the release itself.<BR/><BR/>Best regards<BR/>BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-21949294596022057172008-11-04T06:11:00.000+01:002008-11-04T06:11:00.000+01:00Thanks Brian for the prompt reply :)That was exact...Thanks Brian for the prompt reply :)<BR/>That was exactly the problem..<BR/><BR/>While deploying a sample rampart example which refers to axis2.xml in my workspace's conf, i get this error while running client:<BR/>[java] org.apache.axis2.phaseresolver.PhaseException: Did not find the desired phase 'Security' while deploying handler 'PolicyBasedSecurityInHandler'.<BR/><BR/>I tried including the phase order as seen in the AXIS_HOME/conf/axis2.xml...but i still see the same error.<BR/><BR/>The sample works fine when i replace rahas-1.4.mar and rampart-1.4.mar in my workspace (modules dir) with rampart-1.1.mar and addressing-1.1.mar<BR/><BR/>Is there any specific setting i need to do when i use 1.4?<BR/><BR/>Thanks in advance.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-43991181748312099472008-11-03T23:51:00.000+01:002008-11-03T23:51:00.000+01:00HiMe guess is that you're not hitting the righ...Hi<BR/><BR/>Me guess is that you're not hitting the right endpoint. It's not related to security, but basically Axis. The message: <BR/><BR/>First Element must contain the local name, Envelope , but found h1<BR/><BR/>So it's expecting <soap:Envelope.. but gut <h1.. from the (X)HTML vocab.<BR/><BR/>Best reagrds<BR/>BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-35712708186777675192008-11-03T23:19:00.000+01:002008-11-03T23:19:00.000+01:00Hi Brian,Thank you for the nice blog. Any idea why...Hi Brian,<BR/><BR/>Thank you for the nice blog. Any idea why i might be getting this error while running ant client.01 from Rampart samples?<BR/>[java] Exception in thread "main" org.apache.axis2.AxisFault: First Element must contain the local name, Envelope , but found h1<BR/>[java] at org.apache.axis2.AxisFault.<BR/>makeFault(AxisFault.java:430)<BR/>[java] at org.apache.axis2.transport.<BR/>TransportUtils.createSOAPMessage<BR/>(TransportUtils.java:90)<BR/>[java] at org.apache.axis2.description.<BR/>OutInAxisOperationClient.<BR/>handleResponse<BR/>(OutInAxisOperation.java:353)<BR/>.....<BR/>I am using Axis 2, Rampart 1.4 bin distr.<BR/><BR/>Thanks.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-7029885560145720062008-09-27T15:34:00.000+01:002008-09-27T15:34:00.000+01:00Hi RyanI haven't looked into it but I guess theres...Hi Ryan<BR/><BR/>I haven't looked into it but I guess theres a high probability that the versioning <EM>mismatch</EM> is the reason, like I experienced in January. I would suggest that you try out either the older axis-1.3 or the nightly rampart/wss4j.<BR/><BR/>Brgds BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-51098424101444288922008-09-25T09:42:00.000+01:002008-09-25T09:42:00.000+01:00Hi Brian,Thank you for this, it really helps me al...Hi Brian,<BR/><BR/>Thank you for this, it really helps me alot.<BR/><BR/>By the way, I didn't use axis2-1.3 but I am using axis2-1.4.1 deployed in tomcat. I followed everything, the service is ok but the client is not, same error as your axis2 nightly. Do you think its because of the version also? Hope you could help me. Thank you in advance. <BR/><BR/>Thank you for your time.<BR/><BR/>Best Regards,<BR/>RyanAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-68096224879485481972008-07-12T21:45:00.000+01:002008-07-12T21:45:00.000+01:00Hi RajakumarMaybe, but could you please give a lit...Hi Rajakumar<BR/><BR/>Maybe, but could you please give a little context like clientside/serverside, platforms versions of axis/rampart etc.<BR/><BR/>Brgds BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-4408600132221156502008-07-12T07:43:00.000+01:002008-07-12T07:43:00.000+01:00Hello guys ,please help me with this issue org.apa...Hello guys ,<BR/><BR/>please help me with this issue <BR/><BR/>org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security<BR/><BR/>thanks RajRajakumarhttps://www.blogger.com/profile/17632820644247173053noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-7060868137360943862008-01-26T13:41:00.000+01:002008-01-26T13:41:00.000+01:00Hi SagarCongrats, that's excellent news. Hopefully...Hi Sagar<BR/><BR/>Congrats, that's excellent news. Hopefully you'll have it much easier with applying Rampart from here. You shouldn't thank me, thank the brave folks that develop and maintain Axis2 and it's modules.<BR/><BR/>Best regards<BR/>BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-70847572134756031872008-01-24T07:52:00.000+01:002008-01-24T07:52:00.000+01:00hello Brian,Finally everything working :)Thanks a ...hello Brian,<BR/><BR/>Finally everything working :)<BR/><BR/>Thanks a lot.<BR/><BR/>Thanks,<BR/>regards,<BR/>SagarAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-52068449399892707692008-01-22T21:16:00.000+01:002008-01-22T21:16:00.000+01:00Hi SagarIt's good to see that you're getting som p...Hi Sagar<BR/><BR/>It's good to see that you're getting som progress though slow. I do remember fiddeling with all the files, keystores, properties, parameters etc. Often I found the solution much to obvious afterwards. <BR/><BR/>My best guess is the post to the WSS4J mailing list that is on the same subject <A HREF="http://www.mail-archive.com/wss4j-dev@ws.apache.org/msg01747.html" REL="nofollow">Re: [WSS5J 1.5] Unexpected number of X509Data: for Signature</A> maybe it's the same problem you're having.<BR/><BR/>Brgds BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-83456505922663067292008-01-22T12:27:00.000+01:002008-01-22T12:27:00.000+01:00Correct entries in my client.prop. org.apache.ws.s...Correct entries in my client.prop. <BR/>org.apache.ws.security.crypto.merlin.keystore.alias=client<BR/>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.BouncyCastle<BR/>org.apache.ws.security.crypto.merlin.keystore.type=jks<BR/>org.apache.ws.security.crypto.merlin.keystore.password=apache<BR/>org.apache.ws.security.crypto.merlin.file=client.jks<BR/><BR/>Still failing :(Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-76818371717123943082008-01-22T11:41:00.000+01:002008-01-22T11:41:00.000+01:00hello Brian,I got it working. Now i am not getting...hello Brian,<BR/><BR/>I got it working. Now i am not getting CryptoFactory: Cannot load properties: service.properties) exception.<BR/><BR/>I think i have some progress after that. But now i am stuck at some other position. <BR/><BR/>I am getting General security error (Unexpected number of X509Data: for Signature). I have 2 entries in my .jks file. <BR/>Here is my client.prop file :<BR/>org.apache.ws.security.crypto.merlin.keystore.alias=client<BR/>org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.BouncyCastle<BR/>org.apache.ws.security.crypto.merlin.keystore.type=jks<BR/>org.apache.ws.security.crypto.merlin.keystore.password=apache<BR/>org.apache.ws.security.crypto.merlin.file=client.jks<BR/><BR/>My jks entries look like this :<BR/>Keystore type: jks<BR/>Keystore provider: SUN<BR/><BR/>Your keystore contains 2 entries<BR/><BR/>service, Aug 20, 2007, trustedCertEntry,<BR/>Certificate fingerprint (MD5): 0A:0D:20:99:3E:D3:65:A8:50:CC:20:A6:CB:6F:33:06<BR/>client, Aug 20, 2007, keyEntry,<BR/>Certificate fingerprint (MD5): 0C:EA:53:98:A5:15:B0:C8:5A:CD:4E:1C:87:A4:71:31<BR/><BR/>i m not sure why i am getting this exception. You have any clue?<BR/><BR/>regards,<BR/>SagarAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-79005842390241254612008-01-21T13:35:00.000+01:002008-01-21T13:35:00.000+01:00hello Brian,you are right. Rampart was not enabled...hello Brian,<BR/><BR/>you are right. Rampart was not enabled for my service (i had goofed up the services.xml file).I removed the following line also :<BR/>options.setProperty(Constants.ATTR_MUST_UNDERSTAND,<BR/>Constants.VALUE_FALSE); <BR/>Now that part is working fine. <BR/><BR/>But i am getting a run time exception (CryptoFactory: Cannot load properties: service.properties). I made sure that the property file is in class path but issue seems to be some thing else. Trying all possible options now.<BR/><BR/>regards,<BR/>SagarAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-86897375306817014772008-01-18T17:45:00.000+01:002008-01-18T17:45:00.000+01:00Hi SagarFirst off I don't think it's the right thi...Hi Sagar<BR/><BR/>First off I don't think it's the right thing to override the mustUnderstand with:<BR/><BR/>options.setProperty(Constants.ATTR_MUST_UNDERSTAND,<BR/>Constants.VALUE_FALSE);<BR/><BR/>It's hard to when I can't see the messages exchanged. How did you generate the client - from WSDL (WSDL2Java/WSDL2Code) or have you build the client yourself? Have you had the service running without WS-Sec. forehand with success?<BR/><BR/>Maybe you should try the Axis2 or WSS4J mailing lists.<BR/><BR/>Brgds BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-7646833846108609302008-01-18T06:16:00.000+01:002008-01-18T06:16:00.000+01:00hello Brian,I am using my own service not the samp...hello Brian,<BR/><BR/>I am using my own service not the sample provided by axis.i have modified my "services.xml" as requested by rampart(added InflowSecurity and OutflowSecurity sections). <BR/><BR/>After adding the below line in my client code...it started working - options.setProperty(Constants.ATTR_MUST_UNDERSTAND,<BR/>Constants.VALUE_FALSE);<BR/><BR/>Now i am getting some other error at the server end - org.apache.axis2.AxisFault: namespace mismatch require http://ws.scm.mycomp.com found http://www.w3.org/2001/04/xmlenc#. <BR/>When i looked at the out going message from client... "http://ws.scm.mycomp.com" namespace is missing. Do I need to set it some where in my client???Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-45875140336037373782008-01-17T20:36:00.000+01:002008-01-17T20:36:00.000+01:00Hi SagarJudging from that error message it sounds ...Hi Sagar<BR/><BR/>Judging from that error message it sounds like the rampart module hasn't been enabled on the serverside.<BR/><BR/>Qre you trying to run the rampart samples or applying it to your own service?<BR/><BR/>Brgds BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-18114250695780728442008-01-17T08:19:00.000+01:002008-01-17T08:19:00.000+01:00hello Brian, I used the sample code provided by Ax...hello Brian, <BR/><BR/>I used the sample code provided by Axis for Rampart. I used "Sign and encrypt messages" method. Now when i am trying to make a call to my service from Client...I am getting the following Exception - "org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security".<BR/><BR/>I did Google...but didn't get the solution. Is there anything you can think which is causing the issue. <BR/><BR/>I have Axis2 deployed in JBOSS. I am using certificates provided in the sample from Axis.<BR/><BR/>thanks,<BR/>SagarAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-56183218359857203052008-01-16T07:39:00.000+01:002008-01-16T07:39:00.000+01:00Thanks Brian.Thanks Brian.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-12501317997194939682008-01-16T07:02:00.000+01:002008-01-16T07:02:00.000+01:00Hi SagarThank you. Please notice that I didn't cre...Hi Sagar<BR/><BR/>Thank you. Please notice that I didn't create this example it's the dear folks behind WSS4J/Axis2. This and other samples come with the Rampart module that's allready available for download at the <A HREF="http://ws.apache.org/axis2/modules/index.html" REL="nofollow">Axis2 modules page</A>.<BR/><BR/>Best regards<BR/>BrianSweetxmlhttps://www.blogger.com/profile/05239249371767955354noreply@blogger.comtag:blogger.com,1999:blog-591744930960839717.post-70924816444993143562008-01-16T04:54:00.000+01:002008-01-16T04:54:00.000+01:00hi Brian,this post is of great help for newbies li...hi Brian,<BR/><BR/>this post is of great help for newbies like me.Thanks a lot for sharing all the information. It would be great if you could share the "service.properties" you used and the sample client and server code (if possible). <BR/><BR/>Thanks once again.Anonymousnoreply@blogger.com