Nencho
Yes, the conversation initiation will happen on the first call - no
matter what operation.
I think there are good samples in Rampart. They are the best approach
to getting started with Rampart.
Paul
On 5/2/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote:
Hi Paul,
Do you know if with the Secure conversation i can force the client
to send the username token only the first time without having the login
operation, or
I still need this entry point?
Is there any usefull documentation on the rampart secure conv.
implementation?
Thanks,
Nencho
2007/4/27, Paul Fremantle <[EMAIL PROTECTED]>:
> Nencho
>
> With any third-party users of your service, you do need to give them
> some additional documentation! The WSDL and Policy are a good starting
> point, but the developer still needs to understand the business
> processes behind the services.
>
> However, you are right that secureconversation will also give you the
> pattern you want, where the initial login is used to create a token,
> which is then passed with every request.
>
> Paul
>
> On 4/27/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote:
> > Hi Paul,
> >
> > Thanks for the constructive idea :).anyway,I can't confirm that these
> > services will be invoked only by my client code.
> > Consider some third party client - i cannot force himm to call first the
> > login operation, though it is obvious that
> > the rest of the operations will deny to be executed first.
> >
> > Maybe i am stick with the Ws Secure conv implemented in rampart, does
> > someone has tested it with username token sent only the first time?
> >
> >
> > thanks,
> > Nencho
> >
> >
> > 2007/4/27, Paul Fremantle <[EMAIL PROTECTED]>:
> > > Nencho
> > >
> > > You can specify different policies per operation with Axis2. So you
> > > need to identify a specific operation that is the "login" operation -
> > > i.e. the one that users call first (and only first), and statically
> > > specify a different policy for this one.
> > >
> > > I'm not suggesting changing the policy at runtime. That won't work -
> > > certainly not at the server side.
> > >
> > > Paul
> > >
> > > On 4/27/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote:
> > > > Hi Paul,
> > > >
> > > > Having different policies includes ex-changing them runtime.
> > > >
> > > > 1. Is that posible with axis2 without redeploying the service?
> > > > 2. How this correlates to the session, because i expect different
> > clients to
> > > > connect to this
> > > > service and i cannot just change the policiy since one of the will
be at
> > the
> > > > login state and another will
> > > > be already loged in.
> > > > 3. does WS secure conversation way overcome those problems?
> > > >
> > > > thanks,
> > > > Nencho
> > > >
> > > >
> > > > 2007/4/27, Paul Fremantle < [EMAIL PROTECTED]>:
> > > > > Nencho
> > > > >
> > > > > If you want to do this, you need to have two different policies.
> > > > >
> > > > > One for the "login" operation/service, which uses UT, and the
other
> > > > > for the rest of the operations, which has encryption (if needed)
but
> > > > > no UT. Obviously you need to write your own logic to ensure that
you
> > > > > check the session is available for those other operations.
> > > > >
> > > > > Paul
> > > > >
> > > > > On 4/27/07, Nencho Lupanov <[EMAIL PROTECTED]> wrote:
> > > > > > Hi Deepal,
> > > > > >
> > > > > > I have yet another question/issue about the sessions.
> > > > > > I am using UsernameToken in a ws security policy handled by
rampart.
> > > > > > I want to use axis2 sessions so i pass the user/pass only once
and
> > then
> > > > rely
> > > > > > on the
> > > > > > session to recognize me on a subsequent call.the point is that
the
> > > > rampart
> > > > > > policy
> > > > > > is alredy there and will expect a username token in every
request.
> > > > > > Is there any way to overcome this?
> > > > > >
> > > > > > thanks,
> > > > > > Nencho
> > > > > >
> > > > > >
> > > > > > 2007/4/26, Deepal Jayasinghe < [EMAIL PROTECTED]>:
> > > > > > > Hi Nencho,
> > > > > > > Yes we found that issue and we have fixed that in the 1.2
branch
> > and
> > > > the
> > > > > > > fixes will be available in 1.2 release.
> > > > > > >
> > > > > > > Thanks
> > > > > > > Deepal
> > > > > > >
> > > > > > > > Hi Deepal,
> > > > > > > >
> > > > > > > > I checked the test and yes i was able to run it successfull.
> > > > > > > > anyway, when i try to put this in my running enviroment i
get
> > this
> > > > > > > > strange error:
> > > > > > > >
> > > > > > > > [java] Exception in thread "main"
> > org.apache.axis2.AxisFault:
> > > > > > > > Unable to fin
> > > > > > > > d corresponding context for the serviceGroupId:
> > > > > > > > urn:uuid:97198317A8B28D4CDF11775
> > > > > > > > 98325288
> > > > > > > >
> > > > > > > > In services.xml on the server side i have the
> > > > > > > >
> > > > > > > > scope
> > > > > > > >
> > > > > > > > ="soapsession" attribute
> > > > > > > >
> > > > > > > > At the client side I have the following code
> > > > > > > >
> > > > > > > > *options.setManageSession (true); *
> > > > > > > >
> > > > > > > > *...*
> > > > > > > >
> > > > > > > > client.engageModule(new QName("addressing"));
> > > > > > > >
> > > > > > > > Is there anything else to configure?
> > > > > > > >
> > > > > > > > Thanks,
> > > > > > > >
> > > > > > > > Nencho
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > 2007/4/26, Deepal Jayasinghe < [EMAIL PROTECTED]
> > > > > > > > <mailto: [EMAIL PROTECTED] >>:
> > > > > > > >
> > > > > > > > Hi Nencho ,
> > > > > > > >
> > > > > > > > Axis2 soap session to be work , you need to engage
> > addressing in
> > > > > > both
> > > > > > > > the side.
> > > > > > > >
> > > > > > > > It is working , there is a test case in the build so we
are
> > > > > > > > testing that
> > > > > > > > daily.
> > > > > > > >
> > org.apache.axis2.engine.ServiceGroupContextTest
> > > > > > > >
> > > > > > > > Thanks
> > > > > > > > Deepal
> > > > > > > >
> > > > > > > > > Hi All,
> > > > > > > > >
> > > > > > > > > I read this axis2 session management article:
> > > > > > > > >
> > > > > >
> > http://www.developer.com/java/web/article.php/3620661
> > > > > > > > >
> > > > > > > > > Basically, it says that i can define my services being
of
> > a
> > > > soap
> > > > > > > > > session scope,
> > > > > > > > > then i have to put this option on my client:
> > > > > > > > > * options.setManageSession(true);*
> > > > > > > > >
> > > > > > > > > Therefore it is expected for the service to include
> > > > > > > > > <wsa:ReferenceParameters>
> > > > > > > > > element as an session identifier in the soap envelope.
> > > > > > > > >
> > > > > > > > > I tested this and it does not work - axis2 does not
put
> > that
> > > > > > > > element,
> > > > > > > > > in order
> > > > > > > > > to be used as session identifier.Am i missing
something or
> > > > this
> > > > > > > > is a bug?
> > > > > > > > >
> > > > > > > > > Thanks,
> > > > > > > > > Nencho
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > Thanks,
> > > > > > > > Deepal
> > > > > > > >
> > > > > >
> > > >
> >
................................................................
> > > > > > > > "The highest tower is built one brick at a time"
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > >
> > > >
> >
---------------------------------------------------------------------
> > > > > > > > To unsubscribe, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > > > <mailto:
[EMAIL PROTECTED]
> > >
> > > > > > > > For additional commands, e-mail:
> > [EMAIL PROTECTED]
> > > > > > > > <mailto: [EMAIL PROTECTED]>
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > >
> >
---------------------------------------------------------------------
> > > > > > > To unsubscribe, e-mail:
> > > > > > [EMAIL PROTECTED]
> > > > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Paul Fremantle
> > > > > VP/Technology, WSO2 and OASIS WS-RX TC Co-chair
> > > > >
> > > > > http://bloglines.com/blog/paulfremantle
> > > > > [EMAIL PROTECTED]
> > > > >
> > > > > "Oxygenating the Web Service Platform", www.wso2.com
> > > > >
> > > > >
> > > >
> >
---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail:
> > > > [EMAIL PROTECTED]
> > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Paul Fremantle
> > > VP/Technology, WSO2 and OASIS WS-RX TC Co-chair
> > >
> > > http://bloglines.com/blog/paulfremantle
> > > [EMAIL PROTECTED]
> > >
> > > "Oxygenating the Web Service Platform", www.wso2.com
> > >
> > >
> >
---------------------------------------------------------------------
> > > To unsubscribe, e-mail:
> > [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
>
> --
> Paul Fremantle
> VP/Technology, WSO2 and OASIS WS-RX TC Co-chair
>
> http://bloglines.com/blog/paulfremantle
> [EMAIL PROTECTED]
>
> "Oxygenating the Web Service Platform", www.wso2.com
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
[EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Paul Fremantle
VP/Technology, WSO2 and OASIS WS-RX TC Co-chair
http://bloglines.com/blog/paulfremantle
[EMAIL PROTECTED]
"Oxygenating the Web Service Platform", www.wso2.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
