Hi, Please have a look at how the axis2-0.95 security sample works (0.95 will be release today). It should give you a good idea about security configurations.
Please note that if you use exactly the same configuration of the service in the client side all your req and res msgs will have the same security settings. But for example if you want to authenticate a client to the service using a wsse:UsernameToken you just need to specify the client's outflow configuration to add a UsernameToken and the service's inflow to require a UsernameToken. Therefore the service and client configurations are different. Thanks, Ruchith On 3/22/06, Ameet Hasmucrai Amarchande <[EMAIL PROTECTED]> wrote: > Hi, > > Yes, that worked. Are these the steps necessary to make everything work? > > 1. Create a password callback class, with my own key > 2. Create a properties file > 3. Put all that in a jar > 4. Place it in the server side and in the client side of the service > 5. Create axis2.xml in the cliente side, with the same contents as of the > server, including the same configuration parameters of the service > > Thanks, > > Ameet > > > > > -----Original Message----- > From: Ruchith Fernando [mailto:[EMAIL PROTECTED] > Sent: quarta-feira, 22 de Março de 2006 15:52 > To: [email protected] > Subject: Re: [axis2] Security > > Hi Ameet, > > In the case of the security module... simply engaging the module is > not sufficient. > > You also have to provide security module configuration with respect to > the service in the service.xml file. > > This behaviour is useful since we will be just able to turn on > security for a given service and _not_ for another service in the > same axis2 repo, when the security module is engaged globally (as in > your case ). > > Thanks, > Ruchith > > On 3/22/06, Ameet Hasmucrai Amarchande <[EMAIL PROTECTED]> wrote: > > > > > > > > Hi all, > > > > > > > > For testing purposes, I included <module ref="security"/> in axis2.xml > > (0.94), downloaded security-0.94.mar to modules folder and restarted Tomcat > > (5.5.12). Then I tried to call the service from the client (without any > > modification), expecting that the service would throw some exception or > > error back to the client. It didn't do that. Is it normal? Why? > > > > > > > > Ameet >
