I still don't get my service fault messages encrypted:
Axis 1.4.1
Client server stubs generated from WSDL by wsdl2java
The outFaultFlow does contain the "security" phase
Messages get signed and encrypted, see service.xml below
Response messages do get encrypted/signed fine, so there is no issue
with the keystore setup, configuration, etc, but if I throw a service
exception, the resulting fault message is send in plain text without
security header, etc...
public SResults SSearch(SearchRequest sRequest)
throws XYZFault {
[...]
throw new XYZFault("Please please encrypt me");
[...]
}
Is there ANYthing I am doing wrong? I assume there must be a way to
sign/encrypt fault messages...
Thanks for any suggestion....
---- snip ---
<serviceGroup>
<service name="SearchServices">
<messageReceivers>
<messageReceiver mep="http://www.w3.org/ns/wsdl/in-out";
class="ca.bc.xyz.SearchServicesMessageReceiverInOut"/>
</messageReceivers>
<parameter name="ServiceClass"
locked="false">ca.bc.xyz.SearchServiceImplementation</parameter>
<!--
<parameter name="useOriginalwsdl">true</parameter>
<parameter name="modifyUserWSDLPortAddress">true</parameter>
-->
<operation name="SSearch"
mep="http://www.w3.org/ns/wsdl/in-out"; namespace="....">
<actionMapping>SyncSearch</actionMapping>
<outputActionMapping>....</outputActionMapping>
<faultActionMapping
faultName="DPSearchFault">...</faultActionMapping>
<faultActionMapping
faultName="XYZFault">urn:....</faultActionMapping>
</operation>
<module ref="rampart" />
<wsp:Policy
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="mypolicy">
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10>
<wsp:Policy>
<sp:MustSupportRefEmbeddedToken />
<sp:MustSupportRefIssuerSerial />
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts>
<sp:Body />
</sp:SignedParts>
<sp:EncryptedParts>
<sp:Body />
</sp:EncryptedParts>
<RampartConfig
xmlns="http://ws.apache.org/rampart/policy";>
<user>s1</user>
<encryptionUser>useReqSigCert</encryptionUser>
<passwordCallbackClass>
ca.....webservice.server.search.PasswordCallbackHandler
</passwordCallbackClass>
<signatureCrypto>
<crypto
provider="org.apache.ws.security.components.crypto.Merlin">
<property
name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS
</property>
<property
name="org.apache.ws.security.crypto.merlin.file"> keystore.ks
</property>
<property
name="org.apache.ws.security.crypto.merlin.keystore.password"> ....
</property>
</crypto>
</signatureCrypto>
<encryptionCrypto>
<crypto
provider="org.apache.ws.security.components.crypto.Merlin">
<property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS
</property>
<property
name="org.apache.ws.security.crypto.merlin.file"> keystore.ks
</property>
<property
name="org.apache.ws.security.crypto.merlin.keystore.password">....</property>
</crypto>
</encryptionCrypto>
</RampartConfig>
</wsp:Policy>
</service>
</serviceGroup>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
