Hi, It seems like I didn't get anything after engage the rampart module on services.xml. I should get an error if I send a soap message that doesn't have the timestamp header. Do I have to turn on anything else ? I am using the embedded Axis2 Web app.
Thanks. mgainty wrote: > > you get ws-security support with rampart-1.1 and above > http://www.apache.org/dyn/closer.cgi/ws/rampart/1_1 > > take a look at > /samples/basic/sample11/src/org/apache/rampart/samples/sample11/Client.java > for an example of configuring > Timestamp Signature Encryption for inflow and outflow as identified via > this > example services.xml > <parameter name="InflowSecurity"> > <action> > <items>Timestamp Signature Encrypt</items> > > <passwordCallbackClass>org.apache.rampart.samples.sample11.PWCBHandler</pass > wordCallbackClass> > <signaturePropFile>service.properties</signaturePropFile> > </action> > </parameter> > > the declarative operation identifies the password callback handler via > setPasswordCallbackClass in the client stub as in > ofc.setPasswordCallbackClass("org.apache.rampart.samples.sample11.PWCBHandle > r"); > > take a look at PWCBHandler.java which handles the Password validation > > also be sure to service.properties is located on the classpath and has the > ability to initialise all of the crypto parameters e.g. > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry > pto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=apache > org.apache.ws.security.crypto.merlin.file=service.jks > > Martin-- > ----- Original Message ----- > From: "ndthuy" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Wednesday, December 05, 2007 12:03 PM > Subject: Adding WS-Security to an embedded axis2 web application > > >> >> All, >> >> Does anyone know how to set up WS-Security to an embedded Axis2 web >> application ? I am using Axis2 1.3 and Rampart 1.3. This is my set up for >> embedded Axis2 web application. >> >> WebApp: >> + src >> + WebRoot >> + conf >> + lib >> + modules >> + services >> + common >> + META-INF >> + AdminRetrieveUserService.wsdl >> + apschema.xsd >> + services.xml >> >> I added rampart-1.3.mar to the modules folder. I also added all the > rampart >> libraries. I added the following to services.xml : >> >> <module ref="rampart"/> >> >> <parameter name="Inflowsecurity"> >> <action> >> <items>Timestamp</items> >> </action> >> </parameter> >> <parameter name="Outflowsecurity"> >> <action> >> <items>Timestamp</items> >> </action> >> </parameter> >> >> And I haven't modified my client yet. I supposed to receive the error if >> I >> send my message without the soap header. However nothing happened and I >> still received a successful soap message back. Does anyone try to do this >> before? >> >> Thanks. >> -- >> View this message in context: > http://www.nabble.com/Adding-WS-Security-to-an-embedded-axis2-web-applicatio > n-tf4950998.html#a14175976 >> Sent from the Axis - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Adding-WS-Security-to-an-embedded-axis2-web-application-tf4950998.html#a14181158 Sent from the Axis - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
