Hi all, I am trying to include a SAML token that was generated by the security provider and passed to us as a Session attribute (at Runtime). For testing, I have retrieved the SAML assertion token externally and attempting to include in the SOAP header by hard-coding the token in the mySamlPolicy.xml file. All I need to do (for testing) is just pass the retrieved SAML token to the remote web service (SSL-enabled) via SOAP header in the request. Deployed Apache Rampart 1.4 module correctly as per the samples. Using Axis2 client and stubs generated by WSDL2Java tool. Also, using a policy based approach (mySamlPolicy.xml attached). I can see the <wsse:Security> header but NO assertion token included in the SOAP header. Assertion tag shown in the policy file is truncated (for security reasons). Any feedback/suggestions in this regard is highly appreciated. Thanks, Seshi P. SOAP request message: =========================================================================== DEBUG [httpclient.wire.content] >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:Header>[\n]" [java] DEBUG [httpclient.wire.content] >> "<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soapenv:mustUnderstand="1"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="Timestamp-20735553"><wsu:Created>2009-01-24T00:44:49.546Z</wsu:Created><wsu:Expires>2009-01-24T00:49:49.546Z</wsu:Expires></wsu:Timestamp></wsse:Security></soapenv:Header><soapenv:Body><ns1:echo xmlns:ns1="urn:us.mil.osd.atl.avsoa.echo"><ns1:message>Hello Seshi!</ns1:message></ns1:echo></soapenv:Body></soapenv:Envelope>" [java] ========================================================================== SOAP response message received: ========================================================================== DEBUG [org.apache.commons.httpclient.methods.EntityEnclosingMethod] Request body sent [java] DEBUG [httpclient.wire.header] << "HTTP/1.1 500 Internal Server Error[\r][\n]" [java] DEBUG [httpclient.wire.header] << "HTTP/1.1 500 Internal Server Error[\r][\n]" [java] DEBUG [httpclient.wire.header] << "Server: Apache-Coyote/1.1[\r][\n]" [java] DEBUG [httpclient.wire.header] << "Content-Type: text/xml;charset=UTF-8[\r][\n]" [java] DEBUG [httpclient.wire.header] << "Content-Length: 223[\r][\n]" [java] DEBUG [httpclient.wire.header] << "Date: Sat, 24 Jan 2009 00:44:14 GMT[\r][\n]" [java] DEBUG [httpclient.wire.header] << "Connection: close[\r][\n]" [java] DEBUG [httpclient.wire.header] << "[\r][\n]" [java] DEBUG [httpclient.wire.content] << "<soa" [java] DEBUG [httpclient.wire.content] << "p:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>No SAML Assertion was found!</faultstring></soap:Fault></soap:Body></soap:Envelope>" [java] ERROR [org.apache.axis2.engine.AxisEngine] SOAP header missing [java] org.apache.axis2.AxisFault: SOAP header missing ============================================================================
<?xml version="1.0" encoding="UTF-8"?> <wsp:Policy wsu:Id="echo" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> </wsp:Policy> </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> <wsp:Policy> <sp:WssSamlV10Token11> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; AssertionID="_87df086111ccda39741d133dcdffe001" IssueInstant="2009-01-23T15:05:04.650Z" Issuer="https://xxxx"; MajorVersion="1" MinorVersion="1</Assertion>
</sp:WssSamlV10Token11> </wsp:Policy> </sp:SamlToken> </wsp:Policy> </sp:SignedSupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:sslConfig> <ramp:property name="javax.net.ssl.keyStoreType">PKCS12</ramp:property> <ramp:property name="javax.net.ssl.keyStore">C:\tomcat_5.5\xxx.p12</ramp:property> <ramp:property name="javax.net.ssl.keyStorePassword">xxxxx</ramp:property> <ramp:property name="javax.net.ssl.trustStore">C:\tomcat_5.5\xxx.jks</ramp:property> <ramp:property name="javax.net.ssl.trustStorePassword">xxxxx</ramp:property> </ramp:sslConfig> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>
