Hi,
Couple of days back I had the same problem but I could not make it using
rampart but solved the problem. Find below the working code. I have created
the stub using wsdl with Eclipse IDE.
URL endPointURL = new URL("http:// ");
EngineConfiguration config = new FileProvider("client_deploy.wsdd");
Service service = new Service(config);
TestSoapStub stub = new TestSoapStub(endPointURL, service);
stub._setProperty(WSHandlerConstants.ACTION,
WSHandlerConstants.SIGNATURE);
stub._setProperty(WSHandlerConstants.SIG_PROP_FILE,
"client_crypto.properties");
stub._setProperty(WSHandlerConstants.USER, "client");
stub._setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,"com.unistream.client
.ServiceSecurityHandler");
stub._setProperty(WSHandlerConstants.SIG_KEY_ID,"DirectReference");
stub.login(userID,password);
client.deploy.wsdd file (just copy the same contents)
<deployment xmlns="http://xml.apache.org/axis/wsdd/";
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
</handler>
</requestFlow >
</globalConfiguration >
</deployment>
client_crypto.properties file (just copy the same contents and change the
keystore.password, keystore.alias, alias.password, merlin.file according to
ur spec)
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
pto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=xyzabc
org.apache.ws.security.crypto.merlin.keystore.alias=client
org.apache.ws.security.crypto.merlin.alias.password= xyzabc
org.apache.ws.security.crypto.merlin.file=client.jks
If you find any other better solution, please let me know.
Regards,
-senthil
_____
From: Tirtza Bernstein [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 17, 2007 7:54 PM
To: [email protected]
Subject: Rampart signature
I am using Axis2-1.3 and Rampart 1.3.
I am the client and my requests need to be signed.
My axis.client.xml includes the following
<module ref="rampart" />
<parameter name="OutflowSecurity">
<action>
<items>Signature</items>
<user>wally</user>
<signaturePropFile>crypto.properties</signaturePropFile>
<passwordCallbackClass>net.idt.svp.security.PWCallback</passwordCallbackClas
s>
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>Signature</items>
<signaturePropFile>crypto.properties</signaturePropFile>
</action>
</parameter>
My crypto.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
pto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.file=J:\svp_prime\trunk\security\test.j
ks
org.apache.ws.security.crypto.merlin.keystore.password=pswd
My Client includes the following:
_serviceClient.getOptions().setTo(new
org.apache.axis2.addressing.EndpointReference(targetEndpoint));
_serviceClient.getOptions().setUseSeparateListener(useSeparateListener);
StAXOMBuilder builder = new StAXOMBuilder("resources/policy.xml");
Policy clientPolicy =
PolicyEngine.getPolicy(builder.getDocumentElement());
_serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLIC
Y, clientPolicy);
_serviceClient.engageModule("rampart");
My problem is that I have no clue how to set up the policy.xml. Rampart's
examples do not include an example of pure signature only (no timestamp).
Can someone supply me with an example?
Thanks.
