Hi All. I have an issue at the moment with policy files generated by sun glassfish 2.1 (with netbeans 6.5.1 as ide) consumed by Rampart 1.4. Do you know if there are interop issues for the policies depending on the tool vendors ?
Typicaly: When using these policies after a merge ( see below this corresponds to a mutual auth security using sign / enc / timestamp ), rampart do not encrypt the Body. Whereas when i re use and update a policy from the rampart samples with the expected information, this is fine, So does anybody knows where is the issue or can give me some information about what i am missing ? Thank you. Sun policy: <ns1:Policy xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/09/policy"; > <ns1:ExactlyOne> <ns1:All> <ns4:AsymmetricBinding xmlns:ns4="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:AlgorithmSuite> <ns1:Policy> <ns4:Basic256Rsa15></ns4:Basic256Rsa15> </ns1:Policy> </ns4:AlgorithmSuite> <ns4:IncludeTimestamp></ns4:IncludeTimestamp> <ns4:InitiatorToken> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:X509Token ns4:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:RequireIssuerSerialReference></ns4:RequireIssuerSerialReference> <ns4:WssX509V3Token10></ns4:WssX509V3Token10> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:X509Token> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:InitiatorToken> <ns4:Layout> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:Strict></ns4:Strict> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:Layout> <ns4:RecipientToken> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:X509Token ns4:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns4:RequireIssuerSerialReference></ns4:RequireIssuerSerialReference> <ns4:WssX509V3Token10></ns4:WssX509V3Token10> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:X509Token> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:RecipientToken> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns4:AsymmetricBinding> <ns5:Wss10 xmlns:ns5="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns1:Policy> <ns1:ExactlyOne> <ns1:All> <ns5:MustSupportRefIssuerSerial></ns5:MustSupportRefIssuerSerial> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> </ns5:Wss10> <ns6:UsingAddressing xmlns:ns6="http://www.w3.org/2006/05/addressing/wsdl"; ns1:Optional="true"></ns6:UsingAddressing> </ns1:All> </ns1:ExactlyOne> </ns1:Policy> <ns7:Policy xmlns:ns7="http://schemas.xmlsoap.org/ws/2004/09/policy"; > <ns7:ExactlyOne> <ns7:All> <ns8:EncryptedParts xmlns:ns8="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns8:Body></ns8:Body> </ns8:EncryptedParts> <ns9:SignedParts xmlns:ns9="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns9:Body></ns9:Body> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="ReplyTo"></ns9:Header> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="To"></ns9:Header> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="From"></ns9:Header> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="MessageID"></ns9:Header> <ns9:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing";></ns9:Header> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="Action"></ns9:Header> <ns9:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="RelatesTo"></ns9:Header> <ns9:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="AckRequested"></ns9:Header> <ns9:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="CreateSequence"></ns9:Header> <ns9:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="Sequence"></ns9:Header> <ns9:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="SequenceAcknowledgement"></ns9:Header> </ns9:SignedParts> </ns7:All> </ns7:ExactlyOne> </ns7:Policy> <ns10:Policy xmlns:ns10="http://schemas.xmlsoap.org/ws/2004/09/policy"; > <ns10:ExactlyOne> <ns10:All> <ns11:EncryptedParts xmlns:ns11="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns11:Body></ns11:Body> </ns11:EncryptedParts> <ns12:SignedParts xmlns:ns12="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <ns12:Body></ns12:Body> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="ReplyTo"></ns12:Header> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="To"></ns12:Header> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="From"></ns12:Header> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="MessageID"></ns12:Header> <ns12:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing";></ns12:Header> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="Action"></ns12:Header> <ns12:Header Namespace="http://www.w3.org/2005/08/addressing"; Name="RelatesTo"></ns12:Header> <ns12:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="AckRequested"></ns12:Header> <ns12:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="CreateSequence"></ns12:Header> <ns12:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="Sequence"></ns12:Header> <ns12:Header Namespace="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"; Name="SequenceAcknowledgement"></ns12:Header> </ns12:SignedParts> </ns10:All> </ns10:ExactlyOne> </ns10:Policy> -- View this message in context: http://www.nabble.com/Mutual-auth-security-policy%2C-Sun-glassfish-2.1-%28metro%29-policy-files-not-well-consumed-by-rampart.-tp24291775p24291775.html Sent from the Axis - User mailing list archive at Nabble.com.
