Here is the policy I am loading using:
_serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("D:\\PhotoClient\\build\\policy.xml"));
wsp:Policy wsu:Id="UTOverTransport"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<!-- <sp:HttpsToken
RequireClientCertificate="false"/> -->
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
/>
</wsp:Policy>
</sp:SignedSupportingTokens>
<ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
<ramp:user>BOB</ramp:user>
<ramp:passwordCallbackClass>com.acme.peoplephoto.PasswordCallbackHandler</ramp:passwordCallbackClass>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
kevinlampert wrote:
>
> I am writing a java client to consume a web service that I have no control
> of. The web service requires a username and password for authentication.
> I have configured Rampart to place the data in the security header and can
> capture the request being sent and see the correct header information. I
> have the callback handler working correctly.
>
> If I submit just the SOAP message (I captured using tcpmon) using XMLSpy,
> the message works correctly and the response from the web service appears
> correct.
>
> My java client, however, throws an exception:
>
> Exception: org.apache.axis2.AxisFault: SOAP header missing
> org.apache.axis2.AxisFault: SOAP header missing
> at
> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFa
> ult(RampartReceiver.java:166)
> at
> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.jav
> a:99)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> OutInAxisOperation.java:363)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisO
> peration.java:416)
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(Out
> InAxisOperation.java:228)
>
> My question is:
> Is there something to tell Rampart that the security header is ONLY
> required for client outbound messages and that inbound messages to client
> WILL NOT have a security header?
>
> Other ideas, or something I am missing?
> I can add any additional information you may require.
>
> Thanks!
>
--
View this message in context:
http://www.nabble.com/org.apache.axis2.AxisFault%3A-SOAP-header-missing-tp22315041p22334805.html
Sent from the Axis - User mailing list archive at Nabble.com.
