Hi Kau, Sorry, I did some more testing back without using rampart. At first I was getting the same error that showed with rampart. After some fiddling around I got that working again and then set it up with Rampart again. Now I don't get the same error but it is failing with A different error "[rampart][rampart_out_handler] UsernmaeToken build failed. ERROR":
[Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler]Inflow Security found [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating Timestamp [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler addressing_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\addr_disp.c(108) Checking for service using WSA enpoint address : http://localhost:8181/axis2/services/ttwebservices [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA enpoint address [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_action_disp.c(108) Checking for operation using SOAPAction : [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation using SOAP message body's first child's local name : CreatePrimaryItem [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using SOAP message body's first child's local name [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler dispatch_post_conditions_evaluator within the phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler context_handler within the phase PostDispatch [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase PolicyDetermination [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler AddressingOutHandler within the phase MessageOut [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\phase.c(356) Invoke the handler RampartOutHandler within the phase MessageOut [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler] building UsernmaeToken [Tue Nov 14 21:42:32 2006] [info] [rampart][rampart_out_handler] UsernmaeToken build failed. ERROR [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(445) Axis2 engine receive successful [Tue Nov 14 21:42:32 2006] [debug] ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue Nov 14 21:42:32 2006] [info] Request served successfully Thanks, -Dave. -----Original Message----- From: Dave Meier [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 14, 2006 9:27 PM To: Apache AXIS C User List Subject: RE: [Axis2] rampart problem using WS-SECURITY Hi Kau, 1. I used the Inflow/Outflow parameters like what is in the samples: <!--Rampart configurations START --> <parameter name="OutflowSecurity"> <action> <items>UsernameToken Timestamp</items> <user>BILL</user> <passwordType>passwordText</passwordType> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo rdCallbackClass> <timeToLive>360</timeToLive> </action> </parameter> <parameter name="InflowSecurity"> <action> <items>UsernameToken Timestamp</items> <passwordCallbackClass>D:/ttaxiswsse/Debug/ttwebserviceswsse.dll</passwo rdCallbackClass> </action> </parameter> <!--Rampart configurations END --> 2. Here is the trace of incoming and outgoing soap. I am using Visual Studio 2005 C# for the client side: Incoming: <?xml version="1.0" encoding="utf-8" ?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse curity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd"> <soap:Header> <wsa:Action /> <wsa:MessageID>urn:uuid:527b7049-198f-4725-a2d7-bc861b4d36b3</wsa:Messag eID> <wsa:ReplyTo> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony mous</wsa:Address> </wsa:ReplyTo> <wsa:To>http://localhost:8181/axis2/services/ttwebservices</wsa:To> <wsse:Security soap:mustUnderstand="1"> <wsu:Timestamp wsu:Id="Timestamp-f4f3626e-2c6f-4c69-b280-df0c2bf0ad3b"> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created> <wsu:Expires>2006-11-15T05:23:08Z</wsu:Expires> </wsu:Timestamp> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd" wsu:Id="SecurityToken-b7689ab1-70e9-4472-8386-0880eb2180fe"> <wsse:Username>bill</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t oken-profile-1.0#PasswordText">b</wsse:Password> <wsse:Nonce>vVR7Rzg8oLtLfg5NjxWV1g==</wsse:Nonce> <wsu:Created>2006-11-15T05:22:08Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soap:Header> <soap:Body> <CreatePrimaryItem xmlns="urn:ttwebservices"> <auth> <userId xsi:nil="true" /> <password xsi:nil="true" /> <hostname xsi:nil="true" /> </auth> <projectID>16</projectID> <item> <genericItem> <itemID xsi:nil="true" /> <itemName>BUG</itemName> </genericItem> <classification>Image Builder</classification> <title>my title</title> <description>my desc</description> <createdBy>bill</createdBy> <createDate>2006-01-01T00:12:12</createDate> <modifiedBy>bill</modifiedBy> <modifiedDate>2006-01-01T00:12:12</modifiedDate> <activeInactive>true</activeInactive> <state>Waiting</state> <owner>joe</owner> <extendedFieldList> <name>FOUND_IN_VERSION</name> <value>v1.1</value> </extendedFieldList> <extendedFieldList> <name>FUNCTIONAL_AREA</name> <value>Help</value> </extendedFieldList> </item> </CreatePrimaryItem> </soap:Body> </soap:Envelope> Outgoing: <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Header /> <soapenv:Body /> </soapenv:Envelope> When I use the same client code without WS-SECURITY and take rampart out of the axis2.xml, my web service method does get called and everything gets returned correctly to the client. Thanks, -Dave. -----Original Message----- From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 14, 2006 9:02 PM To: Apache AXIS C User List Subject: Re: [Axis2] rampart problem using WS-SECURITY Hi, I need some information from you to figure out what exactly is the problem. 1. Have you specified the Outflow/InflowSecurity parameters correctly using axis2.xml If you have any questions on this do not hesitate to ask me. Have a look at the sample axis2.xml file in rampart/samples/client/echo/data/un_ts_axis2.xml. 2. Is it possible to send a trace of outgoing message. (You may use TCPMonitor for this) BTW from log entries I can see that Rampart has done the validation correct. But in the message building has failed in the server side. This "might" be due to improper settings in the server side. Try the latest code. But do not use the encryption yet:) It is still under development. Cheers, Kau Dave Meier wrote: > Hi, > > Okay, I got the latest code. I had to add "#include > <oxs_xml_encryption.h>" to the rampart_encryption.c file in order to > get it to link on Windows. Now it returns an empty message as it's > not invoking my service method: > > <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> > <soapenv:Header /> > <soapenv:Body /> > </soapenv:Envelope> > > The log below shows "[error] > ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl > object for service 'ttwebservices' not set in message receiver. 0 :: No Error". > > Please let me know if there is something I am doing wrong. I'll go > look at the source code to see if I can figure it out. > > > [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler]Inflow > Security found > [Tue Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler] > Validating UsernameToken [Tue Nov 14 11:24:07 2006] [info] > [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Tue > Nov 14 11:24:07 2006] [info] [rampart][rampart_in_handler] Validating > Timestamp [Tue Nov 14 11:24:07 2006] [info] > [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Tue Nov > 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Tue > Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > addressing_based_dispatcher within the phase Dispatch [Tue Nov 14 > 11:24:07 2006] [debug] > ..\..\modules\core\engine\addr_disp.c(108) Checking for service using > WSA enpoint address : > http://localhost:8181/axis2/services/ttwebservices > [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\addr_disp.c(138) Service found using WSA > enpoint address [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > request_uri_based_dispatcher within the phase Dispatch [Tue Nov 14 > 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > soap_action_based_dispatcher within the phase Dispatch [Tue Nov 14 > 11:24:07 2006] [debug] > ..\..\modules\core\engine\soap_action_disp.c(108) Checking for > operation using SOAPAction : > [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > soap_message_body_based_dispatcher within the phase Dispatch [Tue Nov > 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\soap_body_disp.c(198) Checking for operation > using SOAP message body's first child's local name : CreatePrimaryItem > [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\soap_body_disp.c(207) Operation found using > SOAP message body's first child's local name [Tue Nov 14 11:24:07 > 2006] [debug] > ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch > [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > dispatch_post_conditions_evaluator within the phase PostDispatch [Tue > Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\phase.c(356) Invoke the handler > context_handler within the phase PostDispatch [Tue Nov 14 11:24:07 > 2006] [debug] > ..\..\modules\core\engine\engine.c(762) Invoking phase > PolicyDetermination [Tue Nov 14 11:24:07 2006] [error] > ..\..\modules\core\receivers\raw_xml_in_out_msg_recv.c(114) Impl > object for service 'ttwebservices' not set in message receiver. 0 :: > No Error [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\engine.c(445) Axis2 engine receive > successful [Tue Nov 14 11:24:07 2006] [debug] > ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut [Tue > Nov 14 11:24:07 2006] [info] Request served successfully > > Thanks, > > -Dave. > > -----Original Message----- > From: Dave Meier [mailto:[EMAIL PROTECTED] > Sent: Tuesday, November 14, 2006 7:35 AM > To: Apache AXIS C User List > Subject: RE: [Axis2] rampart problem using WS-SECURITY > > Thanks for the quick fix - I'll go try it out right now. > > I am using Visual Studio 2005 C# on the client side. We'll be > supporting C#, Axis2 Java and Axis2C for our client side > implementations. Other projects here already use Axis2 for Java. > > -Dave. > > -----Original Message----- > From: Kaushalye Kapuruge [mailto:[EMAIL PROTECTED] > Sent: Tuesday, November 14, 2006 1:24 AM > To: Apache AXIS C User List > Subject: Re: [Axis2] rampart problem using WS-SECURITY > > Kaushalye Kapuruge wrote: > >> Dave Meier wrote: >> >>> I have the rampart module hooked up and my password callback is >>> called correctly. But after successful validation, my web service >>> method does not get called. Instead I get back the following >>> > response: > >>> <?xml version="1.0" encoding="UTF-8" ?> <soapenv:Envelope >>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> >>> <soapenv:Header /> >>> <soapenv:Body> >>> <soapenv:Fault> >>> <faultcode>soapenv:MustUnderstand</faultcode> >>> <faultstring>Header not understood</faultstring> >>> </soapenv:Fault> >>> </soapenv:Body> >>> </soapenv:Envelope> >>> >>> This occurs after the userid and password have already been >>> > validated. > >>> Here are the log entries: >>> >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\transport\http\http_worker.c(204) Client HTTP >>> version >>> HTTP/1.1 >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\axiom\src\soap\soap_builder.c(840) Identified soap version is >>> soap11 >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase TransportIn >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase PreDispatch >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> AddressingInHandler within the phase PreDispatch [Mon Nov 13 >>> 17:01:14 >>> > > >>> 2006] [info] Starting addressing in handler ......... >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> RampartInHandler within the phase PreDispatch [Mon Nov 13 17:01:14 >>> 2006] [info] [rampart][rampart_in_handler]Inflow >>> Security found >>> [Mon Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] >>> Validating UsernameToken [Mon Nov 13 17:01:14 2006] [info] >>> [rampart][rampart_in_handler] Validating UsernameToken SUCCESS [Mon >>> Nov 13 17:01:14 2006] [info] [rampart][rampart_in_handler] >>> Validating Timestamp [Mon Nov 13 17:01:14 2006] [info] >>> [rampart][rampart_in_handler] Validating Timestamp is SUCCESS [Mon >>> Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase Dispatch [Mon >>> Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> addressing_based_dispatcher within the phase Dispatch [Mon Nov 13 >>> 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\addr_disp.c(99) Checking for service using >>> WSA enpoint address : >>> http://localhost:8181/axis2/services/ttwebservices >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\addr_disp.c(129) Service found using WSA >>> enpoint address [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> request_uri_based_dispatcher within the phase Dispatch [Mon Nov 13 >>> 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> soap_action_based_dispatcher within the phase Dispatch [Mon Nov 13 >>> 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\soap_action_disp.c(106) Checking for >>> operation using SOAPAction : [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> soap_message_body_based_dispatcher within the phase Dispatch [Mon >>> Nov >>> > > >>> 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\soap_body_disp.c(196) Checking for >>> operation using SOAP message body's first child's local name : >>> CreatePrimaryItem [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\soap_body_disp.c(205) Operation found >>> using >>> > > >>> SOAP message body's first child's local name [Mon Nov 13 17:01:14 >>> 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase PostDispatch >>> [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> dispatch_post_conditions_evaluator within the phase PostDispatch >>> [Mon >>> > > >>> Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\phase.c(356) Invoke the handler >>> context_handler within the phase PostDispatch [Mon Nov 13 17:01:14 >>> 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase >>> PolicyDetermination [Mon Nov 13 17:01:14 2006] [debug] >>> ..\..\modules\core\engine\engine.c(762) Invoking phase MessageOut >>> [Mon Nov 13 17:01:14 2006] [info] Request served successfully >>> >>> I did have mustUnderstand set in the request like this: >>> "<wsse:Security soap:mustUnderstand="1"> >>> >>> >> Rampart_in_handler should set this relaying attribute to false after >> processing. Thanks for pointing this out. >> BTW, are you using a rampart in the client side as well? Or is it >> another implementation? :) 'Coz rampart doesn't set mustUnderstand=1. >> >>> How can I get around this? >>> > Get the latest code from the svn. > Cheers, > >>> Thanks, >>> >>> -Dave. >>> >>> ******************************************************************** >>> * >>> * This email and any files transmitted with it are confidential and >>> intended solely for the use of the individual or entity to whom they >>> are addressed. Any unauthorized review, use, disclosure or >>> distribution is prohibited. If you are not the intended recipient, >>> please contact the sender by reply e-mail and destroy all copies of >>> the original message. >>> >>> >>> -------------------------------------------------------------------- >>> - To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
