Check out policy sample02 in Rampart 1.3. The policy/service.xml files work there.
I have also gotten it to work for my own wsdl app. However I am having trouble adding a UsernameToken to the mix. Ford, Jennifer M. wrote: > > Well, it has stopped giving me errors for Must Understand, but still no > luck on actually authenticating. It appears to get past the Timestamp > processing, and then fails. Has anyone gotten a Rampart policy with > AsymmetricBinding/Signature only to work properly? I would be > interested in seeing your policy file. > > I am seeing the following error in the logs: > 2007-08-08 15:51:56,983 DEBUG org.apache.ws.security.WSSecurityEngine - > Unknown Element: BinarySecurityToken > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex > t-1.0.xsd > > That seems like probable cause for this to fail. I looked up that error > on Google, and I see a lot of references to XML Pretty Printing (which I > now have disabled in my client axis2.xml, although it does not appear to > have made a difference in the output) and most of those messages were > using Axis 1.3, not Axis2 as I am using. > > The other thing I am struggling with are the X509 token types and the > decryption algorithm. Is it possible to find that information on the > certificate itself? I was unable to find it, but I am thinking if I > were wrong that would be another reason why my signature validation > would fail. > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 08, 2007 8:07 AM > To: [email protected] > Subject: RE: Rampart error with MustUnderstand > > Hi, > > It looks like your client is set up to add a timestamp and signature, > but the server has not been configured to expect them. I got the same > error when I configured rampart on my client but not on my server. > > The Must Understand flag means: If the server doesn't understand this > header element, then it must report an error rather than continue > processing. > > cheers, > Michael > from sunny Ottawa > > >> -----Original Message----- >> From: Ford, Jennifer M. [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, August 07, 2007 6:17 PM >> To: [email protected] >> Subject: Rampart error with MustUnderstand >> >> >> I have spent the last couple days trying to add Rampart to an existing > >> web service with Policy/Sample02 as a model. I feel like I'm close, >> but I can't seem to get past the most recent error: >> >> 2007-08-07 16:43:12,066 DEBUG >> org.apache.axis2.transport.http.AxisServlet - >> org.apache.axis2.AxisFault: Must Understand check failed for header >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu > rity-secex > t-1.0.xsd : Security > > Perhaps a stupid question, but what does the Must Understand check do > exactly? And, more importantly, what might cause this problem? > > Thanks, > Jennifer > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Rampart%3A-how-to-use-UsernameToken%2C-Signature-and-Encrypt-together%2C-use-different-username.-tf3275410.html#a12564010 Sent from the Axis - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
