Hi Thilo, On 1/8/07, Thilo Frotscher <[EMAIL PROTECTED]> wrote:
Hi! If you want to make use of password callback classes, these always depend on org.apache.ws.security.WSPasswordCallback, because the Callback instances which are passed into the handle() method have to be cast. WSPasswordCallback is contained in WSS4J, which depends itself von XML Security. This means, that when you develop client applications, you have to have WSS4J and XML Security in your classpath. The same is true for the server side: you must copy both JAR files to axis2/WEB-INF/lib, otherwise your servlet container reports a ClassNotFoundException for WSPasswordCallback. What I don't understand about this is that the Rampart module actually contains these jars. Why do I have to add them a second time to my client project and/or Axis2 web application. Why can't Rampart use the JARs in its own module archive?
The issue here is that service tries to load the callback handler class packaged with the service archive using the service classloader. The callback handler uses the WSPasswordCallback class and this requires the wss4j to be visible in the service classloader. Since these jars are required to be in the main classpath anyway ... how about leaving them out of the rampart mar file and then shipping an ant script that will copy the required jars (we already have this file in the rampart-1.1 distro). Thanks, Ruchith
Am I missing something? Thanks, Thilo --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- www.ruchith.org www.wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]