Thanks Nandana,
I removed Timestamp from the server side and it seems to work. --kumar ________________________________ From: Nandana Mihindukulasooriya [mailto:[email protected]] Sent: Sunday, February 15, 2009 3:39 PM To: [email protected] Subject: Re: Rampart - axis2 fault Hi Kumar, You have set the actions to "UsernameToken Timestamp" but your SOAP UI is a missing a timestamp in the security header. That is the reason for the actions mismatch error. Can you configure the SOAP UI to send a timestamp as well and try again. Hopefully that will solve the problem. thanks, nandana On Tue, Feb 10, 2009 at 2:59 AM, Iyengar, Kumar <[email protected]> wrote: Thanks Nandana for the quick response. Here is the XML that Soap UI sends. I have set the action in services.xml to 'UsernameToken Timestamp' and so SoapUI is sending the password bobPW as a digest Host: localhost:8080 Content-Length: 1053 SOAPAction: "urn:echo" User-Agent: Jakarta Commons-HttpClient/3.0.1 Content-Type: text/xml;charset=UTF-8 <soapenv:Envelope xmlns:sam="http://sample02.samples.rampart.apache.org"; xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Header> <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse curity-secext-1.0.xsd"> <wsse:UsernameToken wsu:Id="UsernameToken-2960804" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd"> <wsse:Username>bob</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t oken-profile-1.0#PasswordDigest">b+iddlgeF2hcpof8WQ/iEYo5QEw=</wsse:Pass word> <wsse:Nonce>B1NdVICiOB2XBBZHQ66ijg==</wsse:Nonce> <wsu:Created>2009-02-09T21:16:43.652Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> <soapenv:Body> <sam:echo> <!--Optional:--> <sam:param0>How R U</sam:param0> </sam:echo> </soapenv:Body> </soapenv:Envelope> I will look at the samples. Unfortunately at this point, I have to get an app working (with Username Token and eventually X509) without depending on Policy. I installed the Sample02, 03 onto a Tomcat server that has Axis2 installed along with Rampart. I can get a simple request without any username token working with SoapUI as the client. Thanks for any help, --kumar ________________________________ From: Nandana Mihindukulasooriya [mailto:[email protected]] Sent: Monday, February 09, 2009 12:07 PM To: [email protected] Subject: Re: Rampart - axis2 fault Hi Kumar, Can you please post the SOAP message sent by SOAP UI ? Anyway if you starting to use Rampart, I would recommend you to use policy based approach which is more interoperable and most of the development for new specifications is only available in the policy based configuration. You can look at Rampart policy samples in the binary distribution and these two articles in WSO2 Oxygen Tank will also help you to get started. http://wso2.org/library/3190 https://wso2.org/library/3415 thanks, nandana On Tue, Feb 10, 2009 at 1:12 AM, Iyengar, Kumar <[email protected]> wrote: Hi all, Thanks for the help earlier. I managed to get a bit further. I am trying to get the Rampart sample programs working but am getting the following error: [ERROR] WSDoAllReceiver: security processing failed (actions mismatch) org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed (actions mismatch) at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver. java:344) at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceive r.java:86) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:317) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostReques t(HTTPTransportUtils.java:275) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133) at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica tionFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt erChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv e.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv e.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java :126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java :105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 48) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:86 9) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc essConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint .java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow erWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool .java:684) at java.lang.Thread.run(Thread.java:595) Does anyone know what Axis2 is expecting? I have Axis2 setup with Tomcat. I tried sample02 and sample03 and my services.xml has the following syntax: <action> <items>UsernameToken Timestamp<items> <passwordCallbackClass>...<passwordCallback> </action> I tried removing and adding Timestamp and keep getting the 'actions mismatch' error. I am using Soap UI. I am assuming this should not matter since it does send the Soap Header according to the standard. Thanks for any help, --kumar -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org -- Nandana Mihindukulasooriya WSO2 inc. http://nandana83.blogspot.com/ http://www.wso2.org
