Hi Dimuthu, Thanks so much for your reply. I have been able to configure and run the Axis2 security with simple configurations. Will try out the policy thing now. Thanks so much again.
Sincerely, Shivani Sawhney -----Original Message----- From: Dimuthu [mailto:[EMAIL PROTECTED] Sent: Thursday, July 12, 2007 4:09 PM To: [email protected] Subject: Re: Configuring Axis2 client Hi, There are two ways to configure security - one method is to use simple configurations and the other is to use Policy. Simple configurations are being deprecated, so better to use Policy. Policy samples are available in Rampart Distribution's sample/policy directory. There are four samples. Cheers, Dimuthu On Thu, 2007-07-12 at 12:03 +0530, Shivani Sawhney wrote: > Hi All, > > I am really new to Axis and am using Axis2 1.2. > > I have to use WS-Security on Axis2. I have deployed the service on server > and enabled the service's security but do not know the exact steps to > configure the client side for security. Am I supposed to configure a client > repository and configure axis2.xml for client too? If yes, then how exactly > is the security to be configured there? > > > Can someone please guide me on the same or refer a tutorial or link on > configuring the client of Axis2 or a sample web service with security > enabled and all the xml sect required. > > Any help will be most appreciated. > > ------------------------------------------------ > Code: > Services.xml > > <service name="MyService" provider="java:RPC" style="document" > use="literal"> > > <description> > This is a sample Web Service with two operations, echo and > ping. > </description> > > <parameter name="ServiceClass" locked="false"> > userguide.example1.MyService > </parameter> > > > <parameter name="scope" value="application" /> > <parameter name="allowedMethods" value="echo" /> > <parameter name="allowedMethods" value="ping" /> > > <parameter name="OutflowSecurity"> > <action> > <items>Timestamp Signature Encrypt</items> > <user>serverKeystore</user> > <passwordCallbackClass> > userguide.example1.PWCallback > </passwordCallbackClass> > <signaturePropFile> > out-server-signature.properties > </signaturePropFile> > <signatureKeyIdentifier> > SKIKeyIdentifier > </signatureKeyIdentifier> > <encryptionKeyIdentifier> > SKIKeyIdentifier > </encryptionKeyIdentifier> > <encryptionUser>serverKeystore</encryptionUser> > </action> > </parameter> > > <parameter name="InflowSecurity"> > <action> > <items>Encrypt Signature Timestamp</items> > <passwordCallbackClass> > userguide.example1.PWCallback > </passwordCallbackClass> > <signaturePropFile> > in-server-signature.properties > </signaturePropFile> > </action> > </parameter> > > <operation name="echo"> > <messageReceiver > > class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver" /> > <actionMapping>urn:echo</actionMapping> > </operation> > > <operation name="ping"> > <messageReceiver > > class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver" /> > <actionMapping>urn:ping</actionMapping> > </operation> > > </service> > > ------------------------------------------------ > in-server-signature.properties > > > # Server trust store for checking/validating signatures of incoming messages > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry > pto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=server > org.apache.ws.security.crypto.merlin.alias.password=server > org.apache.ws.security.crypto.merlin.keystore.alias=serverTrustStore > org.apache.ws.security.crypto.merlin.file=C:/Documents and > Settings/ssawhney/serverTrustStore.keystore > > > ------------------------------------------------ > Client code: > > public class PingClient > { > private static EndpointReference targetEPR = new > EndpointReference("http://localhost:8090/axis2/services/MyService";); > > public static void main(String[] args) > { > try > { > ServiceClient serviceClient = new ServiceClient(); > Options options = new Options(); > OMElement payload = ClientUtil.getEchoOMElement(); > Properties props = new Properties(); > // > // > props.put(UsernameToken.PASSWORD_TYPE, > WSConstants.PASSWORD_TEXT); > props.put(WSHandlerConstants.USER, "importedServerCert"); > props.put(WSHandlerConstants.PW_CALLBACK_CLASS, > "userguide.example1.PWCallback"); > props.setProperty(WSHandlerConstants.ACTION, > WSHandlerConstants.TIMESTAMP); > props.setProperty(WSHandlerConstants.ACTION, > WSHandlerConstants.SIGNATURE); > props.setProperty(WSHandlerConstants.ACTION, > WSHandlerConstants.ENCRYPT); > props.setProperty(WSHandlerConstants.SIG_PROP_FILE, > "out-client-signature.properties"); > props.setProperty(WSHandlerConstants.SIG_KEY_ID, > "SKIKeyIdentifier"); > // > // > serviceClient.setOptions(options); > options.setTo(targetEPR); > options.setAction("urn:echo"); > // > // > OMElement result = serviceClient.sendReceive(payload); > // > // > /** > * We have to bock this thread untill we send the request , the > * problem is if we go out of the main thread , then request > wont > * send ,so you have to wait some time :) > */ > Thread.sleep(500); > // > // > System.out.println(result.getQName()); > System.out.println(result); > // > // Iterate over the child elements to print what server has sent > Iterator iterChildElements = result.getChildElements(); > while (iterChildElements.hasNext()) > { > OMElement aChild = (OMElement) iterChildElements.next(); > System.out.println(aChild.getText()); > } > > } catch (AxisFault axisFault) > { > axisFault.printStackTrace(); > } catch (InterruptedException e) > { > e.printStackTrace(); > } > } > > } > > -------------------------------------- > out-client-signature.properties > > > # Server key store for adding signatures to outgoing messages > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry > pto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=client > org.apache.ws.security.crypto.merlin.alias.password=client > org.apache.ws.security.crypto.merlin.keystore.alias=importedServerCert > org.apache.ws.security.crypto.merlin.file=C:/Documents and > Settings/ssawhney/client.keystore > > ------------------------------------- > > > > Regards, > > Shivani Sawhney > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
