this is what you can do with the Axis2 and rampart
first geneate the code using wsdl2java tool use -u and -g options as well.
then get a rampart distribution and put all requried libs to the class path
(these comes with the rampart distributtion) and put the .mar files to the
repository modules.
Install full strength security jars (with out this some security assertions
does not work)
write the client code like this
ConfigurationContext confContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(AXIS2_REPOSITORY,
AXIS2_XML);
stub = new
PingService10MutualCertificate10SignEncrypt_IPingServiceStub(confContext);
stub._getServiceClient().engageModule("rampart");
// set the rampart config properties correctly
CryptoConfig signcriptoInfo = new CryptoConfig();
signcriptoInfo.setProvider(Merlin.class.getName());
Properties properties = new Properties();
properties.setProperty("
org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
properties.setProperty("org.apache.ws.security.crypto.merlin.file",
"security_client_wcf/conf/sec.jks");
properties.setProperty("
org.apache.ws.security.crypto.merlin.keystore.password", "password");
signcriptoInfo.setProp(properties);
CryptoConfig encriptcriptoInfo = new CryptoConfig();
encriptcriptoInfo.setProp(properties);
encriptcriptoInfo.setProvider(Merlin.class.getName());
RampartConfig config = new RampartConfig();
config.setUser("alice");
config.setEncryptionUser("bob");
config.setPwCbClass("util.PasswordCallbackHandler");
config.setSigCryptoConfig(signcriptoInfo);
config.setEncrCryptoConfig(encriptcriptoInfo);
ramapConfigPolicy = new Policy();
ramapConfigPolicy.addAssertion(config);
try {
stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(
PolicyInclude.ANON_POLICY, ramapConfigPolicy);
String result = stub.echo("Test String");
System.out.println("Result ==> " + result);
} catch (RemoteException e) {
e.printStackTrace();
}
here stub refers to your generated stub.
AXIS2_REPOSITORY refers to your axis2 repository. this should have the
rampart mar files.
here you have to set the key store, user names and passwords as given above.
You may have a password callback class like this with the correct user names
and passwords.
public class PasswordCallbackHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i];
String id = pwcb.getIdentifer();
if ("alice".equals(id)) {
pwcb.setPassword("ecila");
} else if ("bob".equals(id)) {
pwcb.setPassword("bob");
}
}
}
}
thanks,
Amila.
On 7/26/07, Brian Baldwin <[EMAIL PROTECTED]> wrote:
I've been using Axis1.x to access my webservice using WSDL2Java generated
stubs...works great...I use the Locator class.
I've modified my webservice to use WS-Policy directives (Sign and Auth).
The WSDL has changed as expected to include the <wsp:policy> elements for
Sign and Auth.
Do I need to use Axis2/Rampart to generate the client stubs and apply the
encryption now that my webservice is using WS-Policy directives?
Is there an example for using Axis/Axis2 to access a policy-enabled web
service?
My webservice is deployed to WLS 9.2 and I can use weblogic's
clientgen-generated stubs to encrypt and digitally-sign the
message. However, I would like my clients to be able to use Axis.
I've been trying to use Axis2/Rampart but can't get it working.
I've been getting an 'InvalidKeyException: Wrong key usage'.
Follow on question would be with WS-Policy Auth.xml does that mean I
should
use the Encrypt item in the OutflowSecurity parameter for Rampart? Does
WS-Policy Sign.xml map to the Signature item in OutflowSecurity? What
WS-Policy would cause me to need to use the Timestamp item in
OutflowSecurity?
Thank you in advance
Brian
--
Amila Suriarachchi,
WSO2 Inc.
