We usually test all 16 security scenarios through the selenium test
framework and all were successful in WSAS-3.1.2 release. However we do not
use code generated client in there. We set the client side policy using
opts.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("client-policy-path"-policy.xml"));Regards Charitha Charitha Kankanamge WSO2 Inc. http://wso2.org email: [email protected] cell: +94 718 359 265 blog: http://charithaka.blogspot.com On Fri, Jan 15, 2010 at 4:41 PM, Amila Suriarachchi <[email protected]> wrote: > hi, > > I tried to this in order to create a secure service. > > 1. Start the WSO2wsas 3.1.2 and goto HelloService. > 2. Then enable security using Admin console and selet the 'Sign and encrypt > - X509 Authentication' (5 th case) > 3. Click on the Generate Client and generate the code with adb. > 4. Geneate the maven project with the generated pom.xml > > Invoke the service with the following client code. > > try { > HelloServiceStub stub = new HelloServiceStub(" > http://127.0.0.1:8088/services/HelloService.HelloServiceHttpSoap11Endpoint/ > "); > stub._getServiceClient().engageModule("rampart"); > StAXOMBuilder builder = new StAXOMBuilder("conf/policy.xml"); > Policy policy = > PolicyEngine.getPolicy(builder.getDocumentElement()); > > stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(policy); > stub.greet("hellow"); > } catch (AxisFault axisFault) { > axisFault.printStackTrace(); > } catch (java.rmi.RemoteException e) { > e.printStackTrace(); > } catch (XMLStreamException e) { > e.printStackTrace(); > } catch (FileNotFoundException e) { > e.printStackTrace(); > } > > Policy.xml contains following. I added the rampart mar to classpath. > > <wsp:Policy wsu:Id="SigEncr" > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> > <wsp:ExactlyOne> > <wsp:All> > <ramp:RampartConfig xmlns:ramp=" > http://ws.apache.org/rampart/policy"> > <ramp:user>wso2carbon</ramp:user> > <ramp:encryptionUser>wso2carbon</ramp:encryptionUser> > > <ramp:passwordCallbackClass>org.wso2.www.types.PWCallbackHandler</ramp:passwordCallbackClass> > > <ramp:signatureCrypto> > <ramp:crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> > </ramp:crypto> > </ramp:signatureCrypto> > <ramp:encryptionCypto> > <ramp:crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> > </ramp:crypto> > </ramp:encryptionCypto> > </ramp:RampartConfig> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > Callback handler class like this > > public class PWCallbackHandler implements CallbackHandler { > > public void handle(Callback[] callbacks) throws IOException, > UnsupportedCallbackException { > for (int i = 0; i < callbacks.length; i++) { > WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[i]; > String id = pwcb.getIdentifer(); > if ("wso2carbon".equals(id)) { > pwcb.setPassword("wso2carbon"); > } > } > } > } > > Then I am getting following error at the server side. > > aused by: org.apache.ws.security.WSSecurityException: An unsupported token > was provided (Token type " > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1 > ") > at > org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:594) > at > org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:558) > at > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:274) > at > org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:99) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:329) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:246) > at org.apache.rampart.RampartEngine.process(RampartEngine.java:154) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) > > I think this senario should work out of the box. What could be the problem? > > > thanks, > Amila. > > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
