Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany
Hi Simon, Thank you very much for your help. I will try to understand your explanations and to integrate the changes. Unfortunately at the moment I am very busy on other staff so I am not sure I will get the time required to do that before thursday evening. BUT I do want to keep in contact with you. Regarding the HTTP Basic authentication do you plan to add such a definition into Tuscany ? This type of authentication is MANDATORY for (and the only one handled by) the nursery web services we must consider in our evaluation. To do HTTP basic authentication we need a new a new policy definition. I don't think we have done this yet so I'll be interested to see if anyone posts here to contradict me. Regards, Marina. Le 2 juin 08 à 15:44, Simon Laws a écrit : On Mon, Jun 2, 2008 at 1:15 PM, Simon Laws [EMAIL PROTECTED] wrote: Hi Marina I've just been looking at this so some comments in line... Simon 1) the namespaces used in SOAP BODY are not in conformity with the WSDL. Indeed, one can find the value http://translatewithsms; as the pseudo namespace _ns_. Replacing that value with the one defined in the WSDL say http://com.osa.mdsp.enabler.sei/SMSEnabler/V2_0/ SMSSenderSEI, the SOAP frame works Note that I realized that translatewithsms is the package name of my Eclipse project (containing in particular java client, interfaces etc. files). A. How did you generate the Java interface that you are using to type the component reference that refers to this remote service? B. How do you define the interface of the reference that refers to the remote service. Do you use interface.wsdl? If you have generated your java interface into the package translatewithsms and you use this to describe the reference interface (or is defaults to this) then it will invent the message namespace based on the package name I believe. 2) at HTTP level, the web service in the Nursery is protected by Basic Authentication ; but the Authorization header is not sent by Tuscany (NB: at the current state, we cannot know whether it is actually a problem EXCEPT if Tuscany uses pre-emptive authentication mecanisms Yes. You definitions.xml file turns on the WSSecurity authorization using the tuscany:wsConfigParam element. To do HTTP basic authentication we need a new a new policy definition. I don't think we have done this yet so I'll be interested to see if anyone posts here to contradict me. 3) Note that Tuscany sends the authentication credentials(user/password) using WS-Security that is not taken into account by the Nursery platform. This is not a problem however, credentials are not operate. NB: tcpdump files can be opened with WireShark http:// www.wireshark.org/download.html I see. This comes back to replacing wssecurity based authentication with HTTP basic authentication. I might be responsible for these problems as I have probably made mistakes in coding (at least regarding the policy expression). Please can you help me in correcting. Thanks you very much. Regards, Marina. Marina I tried a test to help clarrify what I'm talking about in terms of getting the namespace right. I changed a calculator sample I'm using for some other testing to take the namespace from a manually altered WSDL file. This is how I set up the composite. component name=CalculatorServiceComponent implementation.java class=calculator.CalculatorServiceImpl/ reference name=addService interface.wsdl interface= http://calculator2#wsdl.interface(AddService)/ binding.ws uri=http://localhost:8085/AddService; requires=authentication / /reference reference name=subtractService target=SubtractServiceComponent/ reference name=multiplyService target=MultiplyServiceComponent/ reference name=divideService target=DivideServiceComponent/ /component component name=AddServiceComponent implementation.java class=calculator.AddServiceImpl/ service name=AddService interface.wsdl interface= http://calculator2#wsdl.interface(AddService) / binding.ws uri=http://localhost:8085/AddService; requires=authentication/ /service /component The WSDL sits alongside the composite file in the contribution and is automatically parsed by the runtime. Note that I'm telling the reference to take the interface details from the WSDL file with the line interface.wsdl interface=http://calculator2#wsdl.interface (AddService)/ This won't fix your HTTP basic authentication problem but should correct the namespace issue. Regards Simon
Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany
On Fri, May 30, 2008 at 11:25 AM, Marina Deslaugiers [EMAIL PROTECTED] wrote: Hi, As planned this morning, we have made directly test with the person responsible of web service Nursery support to users. We have detected various problems. I attach (I hope joined files will actually be sent otherwise please let me know) two sniff files at the TCP level on communication with the web server Nursery: - The first one (see Aspen.tcpdump) corresponds to TCP frames sent by Tuscany that does not work - The second one (see Support.tcpdump) corresponds to TCP frames sent by the Nursery support -after modification (correction) of the Tuscany frames- that does work Following are the differences and explanations reported by the person responsible for the Nursery WS support: 1) the namespaces used in SOAP BODY are not in conformity with the WSDL. Indeed, one can find the value http://translatewithsms; as the pseudo namespace _ns_. Replacing that value with the one defined in the WSDL say http://com.osa.mdsp.enabler.sei/SMSEnabler/V2_0/SMSSenderSEI;, the SOAP frame works Note that I realized that translatewithsms is the package name of my Eclipse project (containing in particular java client, interfaces etc. files). 2) at HTTP level, the web service in the Nursery is protected by Basic Authentication ; but the Authorization header is not sent by Tuscany (NB: at the current state, we cannot know whether it is actually a problem EXCEPT if Tuscany uses pre-emptive authentication mecanisms 3) Note that Tuscany sends the authentication credentials(user/password) using WS-Security that is not taken into account by the Nursery platform. This is not a problem however, credentials are not operate. NB: tcpdump files can be opened with WireShark http:// www.wireshark.org/download.html I might be responsible for these problems as I have probably made mistakes in coding (at least regarding the policy expression). Please can you help me in correcting. Thanks you very much. Regards, Marina. Le 29 mai 08 à 18:30, Marina Deslaugiers a écrit : Hi, Thanks for the answer. Hi Marina ... We need to collect a bit more information before deciding what to do. ... So firstly do you know what the response SOAP message looks like on the wire. Well, at the moment, I do not know anything about that. So I have managed to directly test - tomorrow morning - with the person responsible of web service support to users (who uses sniffers). I hope we would be able to get and provide you with the information on the response SOAP message. In the meantime, below are the policy definitions.xml file and the ClientPWCBHandler.java file. Also can you show me what you security policy looks like (obviously be careful not to disclose any confidential information such as real usernames or passwords on the mail list)? == definitions.xml file ?xml version=1.0 encoding=ASCII? !-- * Licensed to the Apache Software Foundation (ASF) under one * * under the License. -- sca:definitions xmlns=http://www.osoa.org/xmlns/sca/1.0; targetNamespace=http://www.osoa.org/xmlns/sca/1.0 xmlns:sca=http://www.osoa.org/xmlns/sca/1.0; xmlns:tuscany= http://tuscany.apache.org/xmlns/sca/1.0; xmlns:sms=http://sample; !-- WS Security POLICY SETS -- sca:policySet name=sms:wsClientAuthenticationPolicy provides=sca:authentication appliesTo=sca:reference/sca:binding.ws tuscany:wsConfigParam parameter name=OutflowSecurity action itemsUsernameToken/items usermyUsername/user passwordCallbackClasstranslatewithsms.ClientPWCBHandler/passwordCallbackClass + passwordTypePasswordText/passwordType /action /parameter /tuscany:wsConfigParam /sca:policySet /sca:definitions == == ClientPWCBHandler.java file /* * Licensed to the Apache Software Foundation (ASF) under one * ... * under the License. */ package translatewithsms; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * Sample userid passwd generation class */ public class ClientPWCBHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println(*** PASSAGE DANS HANDLE de ClientPWCBHandler); for (int i = 0; i callbacks.length; i++) {
Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany
Hi, As planned this morning, we have made directly test with the person responsible of web service Nursery support to users. We have detected various problems. I attach (I hope joined files will actually be sent otherwise please let me know) two sniff files at the TCP level on communication with the web server Nursery: - The first one (see Aspen.tcpdump) corresponds to TCP frames sent by Tuscany that does not work - The second one (see Support.tcpdump) corresponds to TCP frames sent by the Nursery support -after modification (correction) of the Tuscany frames- that does work Following are the differences and explanations reported by the person responsible for the Nursery WS support: 1) the namespaces used in SOAP BODY are not in conformity with the WSDL. Indeed, one can find the value http:// translatewithsms as the pseudo namespace _ns_. Replacing that value with the one defined in the WSDL say http:// com.osa.mdsp.enabler.sei/SMSEnabler/V2_0/SMSSenderSEI, the SOAP frame works Note that I realized that translatewithsms is the package name of my Eclipse project (containing in particular java client, interfaces etc. files). 2) at HTTP level, the web service in the Nursery is protected by Basic Authentication ; but the Authorization header is not sent by Tuscany (NB: at the current state, we cannot know whether it is actually a problem EXCEPT if Tuscany uses pre-emptive authentication mecanisms 3) Note that Tuscany sends the authentication credentials (user/password) using WS-Security that is not taken into account by the Nursery platform. This is not a problem however, credentials are not operate. NB: tcpdump files can be opened with WireShark http:// www.wireshark.org/download.html I might be responsible for these problems as I have probably made mistakes in coding (at least regarding the policy expression). Please can you help me in correcting. Thanks you very much. Regards, Marina. Le 29 mai 08 à 18:30, Marina Deslaugiers a écrit : Hi, Thanks for the answer. Hi Marina ... We need to collect a bit more information before deciding what to do. ... So firstly do you know what the response SOAP message looks like on the wire. Well, at the moment, I do not know anything about that. So I have managed to directly test - tomorrow morning - with the person responsible of web service support to users (who uses sniffers). I hope we would be able to get and provide you with the information on the response SOAP message. In the meantime, below are the policy definitions.xml file and the ClientPWCBHandler.java file. Also can you show me what you security policy looks like (obviously be careful not to disclose any confidential information such as real usernames or passwords on the mail list)? == definitions.xml file ?xml version=1.0 encoding=ASCII? !-- * Licensed to the Apache Software Foundation (ASF) under one * * under the License. -- sca:definitions xmlns=http://www.osoa.org/xmlns/sca/1.0; targetNamespace=http://www.osoa.org/xmlns/sca/1.0; xmlns:sca=http://www.osoa.org/xmlns/sca/1.0; xmlns:tuscany=http://tuscany.apache.org/xmlns/sca/1.0; xmlns:sms=http://sample; !-- WS Security POLICY SETS -- sca:policySet name=sms:wsClientAuthenticationPolicy provides=sca:authentication appliesTo=sca:reference/sca:binding.ws tuscany:wsConfigParam parameter name=OutflowSecurity action itemsUsernameToken/items usermyUsername/user passwordCallbackClasstranslatewithsms.ClientPWCBHandler/ passwordCallbackClass + passwordTypePasswordText/passwordType /action /parameter /tuscany:wsConfigParam /sca:policySet /sca:definitions == == ClientPWCBHandler.java file /* * Licensed to the Apache Software Foundation (ASF) under one * ... * under the License. */ package translatewithsms; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * Sample userid passwd generation class */ public class ClientPWCBHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println(*** PASSAGE DANS HANDLE de ClientPWCBHandler); for (int i = 0; i callbacks.length; i++) { System.out.println(*** Calling Client UserId/Password Handler ); WSPasswordCallback
Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany
On Thu, May 29, 2008 at 1:19 PM, Marina Deslaugiers [EMAIL PROTECTED] wrote: Hi, Please can someone URGENTLY help me on my coding (at least provide me with an analogous example) ? I provide you with the WSDL file I forgot to send Thanks *Regards,* ** *Marina.* * * ** ** * * * * Le 26 mai 08 à 17:15, Marina Deslaugiers a écrit : Hi, I am currently trying to connect to the external web service with user/password authentication (without HTTPS) I mentioned in my previous e-mails. But I cannot succeed. Can you help me, please. I join composite and definitions.xml files. Following is the error message I get: == Warning: Running an XSLT 1.0 stylesheet with an XSLT 2.0 processor ** Entrez le mode de traduction : fr_en, fr_es, fr_it... ** Entrez le texte a traduire bonjour Monsieur lang= text= bonjour Monsieur lang= langue non indiquee par console positionnement langue par Property Tuscany= fr_en le texte= bonjour Monsieur texte traduit= traduction impossible probleme serveur Web messagingWS injecte CONTENU DU SMSETO CREE = traduction impossible probleme serveur Web WS messaging appele *** PASSAGE DANS HANDLE de ClientPWCBHandler *** Calling Client UserId/Password Handler org.apache.axis2.AxisFault: Policy Falsified at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) at org.apache.tuscany.sca.binding.ws.axis2.Axis2BindingInvoker.invokeTarget(Axis2BindingInvoker.java:101) at org.apache.tuscany.sca.binding.ws.axis2.Axis2BindingInvoker.invoke(Axis2BindingInvoker.java:76) at org.apache.tuscany.sca.core.databinding.wire.DataTransformationInterceptor.invoke(DataTransformationInterceptor.java:74) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:249) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:146) at $Proxy11.sendSMS(Unknown Source) at translatewithsms.MessagingImpl.sendSMS(MessagingImpl.java:45) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.tuscany.sca.implementation.java.invocation.JavaImplementationInvoker.invoke(JavaImplementationInvoker.java:105) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:249) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:146) at $Proxy9.sendSMS(Unknown Source) at translatewithsms.TranslatorwithsmsImpl.translateAndSendSMS(TranslatorwithsmsImpl.java:39) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.tuscany.sca.implementation.java.invocation.JavaImplementationInvoker.invoke(JavaImplementationInvoker.java:105) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:249) at org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke(JDKInvocationHandler.java:146) at $Proxy7.translateAndSendSMS(Unknown Source) at translatewithsms.TranslatorwithsmsClient.main(TranslatorwithsmsClient.java:28) Retour d'envoi du SMS : null == Regards, Marina. WSmediawebtranslatorwebsms.composite definitions.xml Le 7 mai 08 à 14:54, Simon Laws a écrit : On Wed, May 7, 2008 at 1:49 PM, Marina Deslaugiers [EMAIL PROTECTED] wrote: Hi Simon, Thanks for the explanations. I will download and have a look to the calculator example you mention. However, I already have seen the sample/helloworld-ws-reference(service)-secure and I do not know whether and how I can use the policies they define ; indeed, as I said, I use to bind to a non-SCA web service - say the web service is not encapsulated in a SCA component. So, in this case, can I use the manner you indicate to me ? if yes, what are the changes to introduce in the policy description (definitions.xml and/or other files)? Regards, Marina. samples/helloworld-ws-reference-secure and samples/helloworld-ws-service-secure Le 7 mai 08 à 12:13, Simon Laws a écrit : On Mon, May 5, 2008 at 4:11 PM, Marina Deslaugiers [EMAIL PROTECTED] wrote: Hi, Hello, I am
Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany
Hi, Thanks for the answer. Hi Marina ... We need to collect a bit more information before deciding what to do. ... So firstly do you know what the response SOAP message looks like on the wire. Well, at the moment, I do not know anything about that. So I have managed to directly test - tomorrow morning - with the person responsible of web service support to users (who uses sniffers). I hope we would be able to get and provide you with the information on the response SOAP message. In the meantime, below are the policy definitions.xml file and the ClientPWCBHandler.java file. Also can you show me what you security policy looks like (obviously be careful not to disclose any confidential information such as real usernames or passwords on the mail list)? == definitions.xml file ?xml version=1.0 encoding=ASCII? !-- * Licensed to the Apache Software Foundation (ASF) under one * * under the License. -- sca:definitions xmlns=http://www.osoa.org/xmlns/sca/1.0; targetNamespace=http://www.osoa.org/xmlns/sca/1.0; xmlns:sca=http://www.osoa.org/xmlns/sca/1.0; xmlns:tuscany=http://tuscany.apache.org/xmlns/sca/1.0; xmlns:sms=http://sample; !-- WS Security POLICY SETS -- sca:policySet name=sms:wsClientAuthenticationPolicy provides=sca:authentication appliesTo=sca:reference/sca:binding.ws tuscany:wsConfigParam parameter name=OutflowSecurity action itemsUsernameToken/items usermyUsername/user passwordCallbackClasstranslatewithsms.ClientPWCBHandler/ passwordCallbackClass + passwordTypePasswordText/passwordType /action /parameter /tuscany:wsConfigParam /sca:policySet /sca:definitions == == ClientPWCBHandler.java file /* * Licensed to the Apache Software Foundation (ASF) under one * ... * under the License. */ package translatewithsms; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import org.apache.ws.security.WSPasswordCallback; /** * Sample userid passwd generation class */ public class ClientPWCBHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { System.out.println(*** PASSAGE DANS HANDLE de ClientPWCBHandler); for (int i = 0; i callbacks.length; i++) { System.out.println(*** Calling Client UserId/Password Handler ); WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i]; pwcb.getIdentifer(); pwcb.setPassword(myPassword); } } } == Regards, Marina. Le 29 mai 08 à 14:42, Simon Laws a écrit : On Thu, May 29, 2008 at 1:19 PM, Marina Deslaugiers [EMAIL PROTECTED] wrote: Hi, Please can someone URGENTLY help me on my coding (at least provide me with an analogous example) ? I provide you with the WSDL file I forgot to send Thanks *Regards,* ** *Marina.* * * ** ** * * * * Le 26 mai 08 à 17:15, Marina Deslaugiers a écrit : Hi, I am currently trying to connect to the external web service with user/password authentication (without HTTPS) I mentioned in my previous e-mails. But I cannot succeed. Can you help me, please. I join composite and definitions.xml files. Following is the error message I get: == Warning: Running an XSLT 1.0 stylesheet with an XSLT 2.0 processor ** Entrez le mode de traduction : fr_en, fr_es, fr_it... ** Entrez le texte a traduire bonjour Monsieur lang= text= bonjour Monsieur lang= langue non indiquee par console positionnement langue par Property Tuscany= fr_en le texte= bonjour Monsieur texte traduit= traduction impossible probleme serveur Web messagingWS injecte CONTENU DU SMSETO CREE = traduction impossible probleme serveur Web WS messaging appele *** PASSAGE DANS HANDLE de ClientPWCBHandler *** Calling Client UserId/Password Handler org.apache.axis2.AxisFault: Policy Falsified at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext (Utils.java:486) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse( OutInAxisOperation.java:343) at org.apache.axis2.description.OutInAxisOperationClient.send (OutInAxisOperation.java:389) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl (OutInAxisOperation.java:211) at org.apache.axis2.client.OperationClient.execute (OperationClient.java:163) at org.apache.tuscany.sca.binding.ws.axis2.Axis2BindingInvoker.invokeTar