Hi,
I´m using SOAPUI to test a secured proxy published on WSO2-EI-6.1.1. and i´m
facing the following error:
Error processing POST reguest for :
/services/Alfresco_ObjectService_SSL_Proxy.Alfresco_ObjectService_SSL_ProxyHttpSoap11Endpoint.
Error detail: null.
it works if i dont apply security to the proxy.
This is my proxy:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse";
name="Alfresco_ObjectService_SSL_Proxy"
startOnLoad="true"
statistics="disable"
trace="disable"
transports="http,https">
<target>
<inSequence>
<log level="full">
<property name="Mensaje" value="Entrando en Proxy "/>
</log>
<header
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
action="remove"
name="wsse:Security"
scope="default"/>
<property name="enableMTOM" scope="axis2" type="STRING"
value="true"/>
<property name="messageType"
scope="axis2"
type="STRING"
value="multipart/related"/>
<property xmlns:ns="http://org.apache.synapse/xsd";
expression="fn:concat('Basic ',
base64Encode('test_fwk:test..246'))"
name="Authorization"
scope="transport"/>
<class name="es.csic.framework.wso2.sec.BasicAuthWSSecMediator">
<property name="mediatorBehavior"
value="CreateWSSecurityAndForward"/>
</class>
<send>
<endpoint
key="conf:/RegistryResources/Endpoints/Alfresco/Alfresco_ObjectServiceAddressEndpoint.xml"/>
</send>
</inSequence>
<outSequence>
<header
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
action="remove"
name="wsse:Security"
scope="default"/>
<send/>
</outSequence>
</target>
<publishWSDL
key="conf:/RegistryResources/Endpoints/Alfresco/wsdl/ObjectService.wsdl">
<resource
key="conf:/RegistryResources/Endpoints/Alfresco/schemas/cmis_msg"
location="https://alf2.dev.sgai.csic.es/alfresco/cmisws/cmis?msg"/>
<resource
key="conf:/RegistryResources/Endpoints/Alfresco/schemas/cmis_core"
location="https://alf2.dev.sgai.csic.es/alfresco/cmisws/cmis?core"/>
</publishWSDL>
<parameter name="ScenarioID">scenario2</parameter>
<enableSec/>
<policy key="gov:policy-thor/politica-certificado-thor2.xml"/>
<description/>
</proxy>
This is my sec policy: (notice thats it´s SigOnly policy)
<wsp:Policy wsu:Id="SigOnly"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsoma:OptimizedMimeSerialization
xmlns:wsoma="http://schemas.xmlsoap.org/ws/2004/09/policy/optimizedmimeserialization";></wsoma:OptimizedMimeSerialization>
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body/>
</sp:EncryptedParts>
</wsp:All>
</wsp:ExactlyOne>
<rampart:RampartConfig
xmlns:rampart="http://ws.apache.org/rampart/policy";>
<rampart:optimizeParts>
<rampart:expressions>
<rampart:expression>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</rampart:expression>
</rampart:expressions>
<rampart:namespaces>
<rampart:namespace prefix="xenc"
uri="http://www.w3.org/2001/04/xmlenc#";></rampart:namespace>
</rampart:namespaces>
</rampart:optimizeParts>
<rampart:user>wso2carbon</rampart:user>
<rampart:encryptionUser>useReqSigCert</rampart:encryptionUser>
<rampart:timestampPrecisionInMilliseconds>true</rampart:timestampPrecisionInMilliseconds>
<rampart:timestampTTL>300</rampart:timestampTTL>
<rampart:timestampMaxSkew>300</rampart:timestampMaxSkew>
<rampart:timestampStrict>false</rampart:timestampStrict>
<rampart:tokenStoreClass>org.wso2.carbon.security.util.SecurityTokenStore
</rampart:tokenStoreClass>
<rampart:nonceLifeTime>300</rampart:nonceLifeTime>
<rampart:encryptionCrypto>
<rampart:crypto
cryptoKey="org.wso2.carbon.security.crypto.privatestore"
provider="org.wso2.carbon.security.util.ServerCrypto">
<rampart:property
name="org.wso2.carbon.security.crypto.alias">pocei.srv.sgai-dev.sistemas.csic.es</rampart:property>
<rampart:property
name="org.wso2.carbon.security.crypto.privatestore">wso2carbon.jks</rampart:property>
<rampart:property
name="org.wso2.stratos.tenant.id">-1234</rampart:property>
<rampart:property
name="org.wso2.carbon.security.crypto.truststores">wso2carbon.jks</rampart:property>
<rampart:property
name="rampart.config.user">wso2carbon</rampart:property>
</rampart:crypto>
</rampart:encryptionCrypto>
<rampart:signatureCrypto>
<rampart:crypto
cryptoKey="org.wso2.carbon.security.crypto.privatestore"
provider="org.wso2.carbon.security.util.ServerCrypto">
<rampart:property
name="org.wso2.carbon.security.crypto.alias">pocei.srv.sgai-dev.sistemas.csic.es</rampart:property>
<rampart:property
name="org.wso2.carbon.security.crypto.privatestore">wso2carbon.jks</rampart:property>
<rampart:property
name="org.wso2.stratos.tenant.id">-1234</rampart:property>
<rampart:property
name="org.wso2.carbon.security.crypto.truststores">wso2carbon.jks</rampart:property>
<rampart:property
name="rampart.config.user">wso2carbon</rampart:property>
</rampart:crypto>
</rampart:signatureCrypto>
</rampart:RampartConfig>
</wsp:Policy>
On SOAPUI i enabled the "enable MTOM" opcion and attach a file ...
Any Idea of what´s goind on?
Thakxs
R.
--
Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Development-f3.html
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
