Thx Martin Gainty wrote: > Illegal interception and manipulation costs businesses millions of > dollars in lost revenue here > > AXIS Security is handled by Rampart > Rampart doc states these steps for implementing BC > > 1.) Download bouncycastle according to your java version. You can download > bouncycastle from the following link. > http://www.bouncycastle.org/latest_releases.html > 2.) Add the bcprov-jdkXX-139.jar to your service's / client's classpath. > 3.) Add the following line to java.security file which can be found in > JRE's > lib/security directory as the last line. > security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider I put $JAVA_HOME/jre/lib/ext/bcprov-jdk15-143.jar and in java.securety I add BouncyCastle provider.
> > Before you try any of the samples makesure you > > 1.) Have the Axis2 standard binary distribution downloaded and extracted. > 2.) Set the AXIS2_HOME environment variable > 3.) Run ant from the "samples" directory to copy the required libraries and > modules to relevant directories in AXIS2_HOME. > > add both rahas-1.4.mar and rampart-1.4.mar modules to > /WEB-INF/modules/modules.list > rahas-1.4.mar > rampart-1.4.mar I have this modul, I use rampart, but also have smtpfault.mar. > > /WEB-INF/conf/axis2.xml would contain this global reference > <module ref="rampart"/> > > then configure inflow and outflow security parameters e.g: > <module ref="rampart" /> > > <!-- sample-10 : MTOM optimize encrypted content --> > > <parameter name="OutflowSecurity"> > <action> > <items>Timestamp Signature Encrypt</items> > <user>client</user> > > <!-- your customised Callback Handler class goes here --> > <passwordCallbackClass>org.apache.rampart.samples.sample10.PWCBHandler</passwordCallbackClass> > <signaturePropFile>client.properties</signaturePropFile> > <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier> > <encryptionKeyIdentifier>DirectReference</encryptionKeyIdentifier> > <encryptionUser>service</encryptionUser> > </action> > </parameter> > > <parameter name="InflowSecurity"> > <action> > <items>Timestamp Signature Encrypt</items> > > <!-- your customised Callback Handler class goes here --> > <passwordCallbackClass>org.apache.rampart.samples.sample10.PWCBHandler</passwordCallbackClass> > <signaturePropFile>client.properties</signaturePropFile> > </action> > </parameter> > I have my Callback Handler and it work fine. The problem is somewhere in axis2, because as standalone web application, this is working fine(sending S/MIME mail). So what are you saying, that the problem is rampart modul? > client.properties would contain: > org.apache.ws.security.crypto.provider=org.bouncycastle.jce.provider.BouncyCastleProvider > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=PasswordUsedTOCreateKeyStoreFile.jks > org.apache.ws.security.crypto.merlin.file=client.jks > > Martin Gainty > ______________________________________________ > Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité > > Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene > Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede > unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. > Diese Nachricht dient lediglich dem Austausch von Informationen und > entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten > Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt > uebernehmen. > > Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le > destinataire prévu, nous te demandons avec bonté que pour satisfaire informez > l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci > est interdite. Ce message sert à l'information seulement et n'aura pas > n'importe quel effet légalement obligatoire. Étant donné que les email > peuvent facilement être sujets à la manipulation, nous ne pouvons accepter > aucune responsabilité pour le contenu fourni. > > > > > > >> Date: Wed, 12 Aug 2009 15:31:39 +0200 >> From: tomaz.majerh...@arnes.si >> To: axis-user@ws.apache.org >> Subject: error sending S/MIME >> >> Env: >> OS: Win XP >> Tomcat: 6.0.18 >> java: 1.6.0_10-b33 >> axis2: 1.4.1 >> >> >> I have tomcat web application which use crypto and bouncy castle for > signing the mail and it work well. >> >> But when I'm using same class in my soap service(axis2) I get >> >> error: >> javax.mail.MessagingException: IOException while sending message; >> nested exception is: >> javax.activation.UnsupportedDataTypeException: no object DCH for MIME > type application/pkcs7-signature; name=smime.p7s; smime-type=signed-data >> >> >> >> Do any body know what is problem. >> >> >> Regards >> > > ------------------------------------------------------------------------ > Windows Live™: Keep your life in sync. Check it out. > <http://windowslive.com/explore?ocid=PID23384::T:WLMTAGL:ON:WL:en-US:NF_BR_sync:082009>
begin:vcard fn:Tomaz Majerhold n:Majerhold;Tomaz org:ARNES, Slovenian NREN;Development team adr:;;Jamova 39;Ljubljana;Ljubljana;1000;Slovenia title:Developer tel;work:+386 14798930 tel;fax:+386 1 479 88 99 tel;home:+386 1425 38 01 tel;cell:+386 40757229 x-mozilla-html:FALSE url:http://www.arnes.si/ version:2.1 end:vcard