>The problem in this case is, that the process of add the "action" property >doesn't work. It always throws a exception:
I fixed the problem. The URI class only accept a argument that is conformed to a schema like "http://getclientes";. I changed the "ServiceInterfaceStub.class" like this: _call.setSOAPActionURI("http://localhost/WebServiceGMC/webservicegmc.asmx?op=getClientes";); //_call.setSOAPActionURI("getClientes"); It's strange, but it works. Do anyone say why that works that way? Steve -----Mensagem original----- De: Steve Behrendt Enviada em: terça-feira, 5 de julho de 2005 10:21 Para: Dittmann, Werner Cc: [email protected] Assunto: RES: RES: How to configure UsernameTokenSignature Werner, Thanks for the hint!! Now I want to add the addributes "action", "MessageId", "ReplayTo" and "To". When I use the ws-adressing-project, the handler always call the part of the "action", even I don't define it in the .wsdd file. I think it's a bug, or isn't it? The problem in this case is, that the process of add the "action" property doesn't work. It always throws a exception: AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException faultSubcode: faultString: org.apache.axis.types.URI$MalformedURIException: No scheme found in URI. faultActor: faultNode: faultDetail: {http://xml.apache.org/axis/}stackTrace:org.apache.axis.types.URI$MalformedURIException: No scheme found in URI. at org.apache.axis.types.URI.initialize(URI.java:483) at org.apache.axis.types.URI.<init>(URI.java:281) at org.apache.axis.types.URI.<init>(URI.java:265) at org.apache.axis.message.addressing.handler.AddressingHandler.processClientRequest(AddressingHandler.java:240) at org.apache.axis.message.addressing.handler.AddressingHandler.invoke(AddressingHandler.java:108) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2765) at org.apache.axis.client.Call.invoke(Call.java:2748) at org.apache.axis.client.Call.invoke(Call.java:2424) at org.apache.axis.client.Call.invoke(Call.java:2347) at org.apache.axis.client.Call.invoke(Call.java:1804) at net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterfaceStub.java:284) at net.weg.service.client.main(client.java:96) {http://xml.apache.org/axis/}hostname:brjgsd181091 org.apache.axis.types.URI$MalformedURIException: No scheme found in URI. at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) at org.apache.axis.message.addressing.handler.AddressingHandler.invoke(AddressingHandler.java:121) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2765) at org.apache.axis.client.Call.invoke(Call.java:2748) at org.apache.axis.client.Call.invoke(Call.java:2424) at org.apache.axis.client.Call.invoke(Call.java:2347) at org.apache.axis.client.Call.invoke(Call.java:1804) at net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterfaceStub.java:284) at net.weg.service.client.main(client.java:96) Caused by: org.apache.axis.types.URI$MalformedURIException: No scheme found in URI. at org.apache.axis.types.URI.initialize(URI.java:483) at org.apache.axis.types.URI.<init>(URI.java:281) at org.apache.axis.types.URI.<init>(URI.java:265) at org.apache.axis.message.addressing.handler.AddressingHandler.processClientRequest(AddressingHandler.java:240) at org.apache.axis.message.addressing.handler.AddressingHandler.invoke(AddressingHandler.java:108) ... 11 more My wsdd-File is that: <deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <globalConfiguration > <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="action" value="Timestamp UsernameTokenSignature" /> <parameter name="passwordCallbackClass" value="net.weg.service.PWCallback" /> <parameter name="signatureParts" value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; {Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"; /> </handler> <handler name="addr" type="java:org.apache.axis.message.addressing.handler.AddressingHandler"> <parameter name="referencePropertyNames" value="{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}MessageID; {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}ReplayTo; {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}To"/> </handler> </requestFlow> </globalConfiguration> <transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender"/> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> <transport name="local" pivot="java:org.apache.axis.transport.local.LocalSender"/> </deployment> The Program throws the exception at this point in the "org.apache.axis.message.addressing.handler.AddressingHandler" in the method "processClientRequest" // set Action String action = msgContext.getSOAPActionURI(); if (action != null) { headers.setAction(new Action(new URI(action))); ///// Here is the exception thrown --> action has the value "getClientes" - the name of the method in the webservice. } else if(headers.getAction() != null) { msgContext.setUseSOAPAction(true); // Make SOAP action match msgContext.setSOAPActionURI(headers.getAction().toString()); } Thanks to everyone!!!! Steve -----Mensagem original----- De: Dittmann, Werner [mailto:[EMAIL PROTECTED] Enviada em: terça-feira, 5 de julho de 2005 03:28 Para: Steve Behrendt Cc: [email protected] Assunto: AW: RES: How to configure UsernameTokenSignature Steve. about the problem "Timestamp" not found, just reverse the actions. That is do "Timestamp" first, then the Signature. The handler works from left to right, builds up the request as it works thru the actions. This, you try to perform a Signature of en element that is not yet build into the request. Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Steve Behrendt [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 4. Juli 2005 19:28 > An: Werner Dittmann > Cc: [email protected] > Betreff: RES: RES: How to configure UsernameTokenSignature > > > Werner, > > Thanks for the tip. Now I have another problem. The engine > don't signate a part of the message. It stops with a > Exception shown at the bottom of the Mail. > > .NET with wse2.0 sp3 uses signature based on usernametoken > for the "wsa:Action", "wsa:MessageID", "wsa:ReplayTo", > "wsa:To", "wsu:Timestamp" and the "soap:Body wsu:Id" > elements. I began with Timestamp, but it downs't work. > > AxisFault > faultCode: > {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException > faultSubcode: > faultString: WSDoAllSender: Error during Signatur with > UsernameToken > secretorg.apache.ws.security.WSSecurityException: General > security error (WSEncryptBody/WSSignEnvelope: Element to > encrypt/sign not found: > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu > rity-secext-1.0.xsd, Timestamp) > faultActor: > faultNode: > faultDetail: > {http://xml.apache.org/axis/}stackTrace:WSDoAllSender: > Error during Signatur with UsernameToken > secretorg.apache.ws.security.WSSecurityException: General > security error (WSEncryptBody/WSSignEnvelope: Element to > encrypt/sign not found: > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu > rity-secext-1.0.xsd, Timestamp) > at > org.apache.ws.axis.security.WSDoAllSender.performUT_SIGNAction > (WSDoAllSender.java:512) > at > org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender > .java:336) > at > org.apache.axis.strategies.InvocationStrategy.visit(Invocation > Strategy.java:32) > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) > at org.apache.axis.client.Call.invokeEngine(Call.java:2765) > at org.apache.axis.client.Call.invoke(Call.java:2748) > at org.apache.axis.client.Call.invoke(Call.java:2424) > at org.apache.axis.client.Call.invoke(Call.java:2347) > at org.apache.axis.client.Call.invoke(Call.java:1804) > at > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf > aceStub.java:284) > at net.weg.service.client.main(client.java:95) > > {http://xml.apache.org/axis/}hostname:brjgsd181091 > > WSDoAllSender: Error during Signatur with UsernameToken > secretorg.apache.ws.security.WSSecurityException: General > security error (WSEncryptBody/WSSignEnvelope: Element to > encrypt/sign not found: > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu > rity-secext-1.0.xsd, Timestamp) > at > org.apache.ws.axis.security.WSDoAllSender.performUT_SIGNAction > (WSDoAllSender.java:512) > at > org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender > .java:336) > at > org.apache.axis.strategies.InvocationStrategy.visit(Invocation > Strategy.java:32) > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) > at org.apache.axis.client.Call.invokeEngine(Call.java:2765) > at org.apache.axis.client.Call.invoke(Call.java:2748) > at org.apache.axis.client.Call.invoke(Call.java:2424) > at org.apache.axis.client.Call.invoke(Call.java:2347) > at org.apache.axis.client.Call.invoke(Call.java:1804) > at > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf > aceStub.java:284) > > at net.weg.service.client.main(client.java:95) > > Here is my .wsdd-File: > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > > <globalConfiguration > > <requestFlow> > <handler > type="java:org.apache.ws.axis.security.WSDoAllSender" > > <parameter name="action" > value="UsernameTokenSignature Timestamp" /> > <parameter name="passwordCallbackClass" > value="net.weg.service.PWCallback" /> > > <parameter name="signatureParts" > value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis- > 200401-wss-wssecurity-secext-1.0.xsd}Timestamp" /> > </handler> > </requestFlow> > </globalConfiguration> > > <transport name="java" > pivot="java:org.apache.axis.transport.java.JavaSender"/> > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <transport name="local" > pivot="java:org.apache.axis.transport.local.LocalSender"/> > > </deployment> > > Any idea? > Thanks!!! > > Steve > > -----Mensagem original----- > De: Werner Dittmann [mailto:[EMAIL PROTECTED] > Enviada em: sábado, 2 de julho de 2005 07:42 > Para: Steve Behrendt > Cc: [email protected] > Assunto: Re: RES: How to configure UsernameTokenSignature > > > Steve, > > just remove the action that you don't want from the scenarios, e.g > the encrypt. > > On the Callback problem: as the deployment setup overwrights the > progeamatic setup the "passwordCallbackClass parameter" > will be used by the handler. As I can see you define a java > source file here - not a class. pls check your setup and fix > it. > > Regards, > Werner > > Steve Behrendt schrieb: > > Werner, > > > > > >>AFAIK the Secnario 3a (or 2a?) of the interop scenarios > >>show ho to use the stuff. > > > > > > The Problem is that the stuff is only shown with encryption > etc. But I only want to use a signature base on the > UsernameToken - for an implementation with Microsoft .NET. > > But when I call the method of the service, the handler > (PasswordCallBackHandler) is not passed. > > > > My Handler: > > > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > > > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > > > > <globalConfiguration > > > <requestFlow> > > <handler > type="java:org.apache.ws.axis.security.WSDoAllSender" > > > <parameter name="action" > value="UsernameTokenSignature" /> > > <parameter name="passwordCallbackClass" > value="net.weg.service.PWCallback.java" /> > > </handler> > > </requestFlow> > > </globalConfiguration> > > > > <transport name="java" > pivot="java:org.apache.axis.transport.java.JavaSender"/> > > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > > <transport name="local" > pivot="java:org.apache.axis.transport.local.LocalSender"/> > > > > </deployment> > > > > and thats a part of my client: > > > > PWCallback pwCallback = new PWCallback(); > > ServiceInterfaceStub axisPort = > (ServiceInterfaceStub)service; > > > > axisPort._setProperty(WSHandlerConstants.USER, > usuario); //fixe o usuario > > > axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF,pwCal > lback); //fixe a classe //do handler > > > > The Message is sent, but hasn't a Header with the > UsenameToken or the Signature. > > > > > > For a little bit of help, > > i'm very gratefully. > > > > STEVE > > > > > > -----Mensagem original----- > > De: Dittmann, Werner [mailto:[EMAIL PROTECTED] > > Enviada em: quarta-feira, 29 de junho de 2005 11:33 > > Para: Steve Behrendt; [email protected] > > Assunto: AW: How to configure UsernameTokenSignature > > > > > > Steve, > > > > AFAIK the Secnario 3a (or 2a?) of the interop scenarios > > show ho to use the stuff. > > > > We've not fully tested interop with Microsoft or others. > > > > Regards, > > Werner > > > > > >>-----Ursprüngliche Nachricht----- > >>Von: Steve Behrendt [mailto:[EMAIL PROTECTED] > >>Gesendet: Mittwoch, 29. Juni 2005 14:36 > >>An: [email protected] > >>Betreff: RES: How to configure UsernameTokenSignature > >> > >> > >>Hi, > >> > >>Is there now an existing implementation of the > >>UsernameTokenSignature "Problem"? > >>Because my implementation is using only a UsernameToken and I > >>want to implement more security, but without using keys. > >> > >>Greets, > >>Steve > >> > >>-----Mensagem original----- > >>De: Davanum Srinivas [mailto:[EMAIL PROTECTED] > >>Enviada em: terça-feira, 21 de junho de 2005 10:53 > >>Para: Dittmann, Werner > >>Cc: Granqvist, Hans; [email protected] > >>Assunto: Re: How to configure UsernameTokenSignature > >> > >> > >>Hi Werner, > >> > >>updated the specs directory. Please take a look and let me > know if you > >>need something else. > >> > >>-- dims > >> > >>On 6/21/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote: > >> > >>>Hans, > >>> > >>>are the drafts publicly available? Can't find > >>>them on the OASIS WSS pages. > >>> > >>>Regards, > >>>Werner > >>> > >>> > >>>>-----Ursprüngliche Nachricht----- > >>>>Von: Granqvist, Hans [mailto:[EMAIL PROTECTED] > >>>>Gesendet: Montag, 20. Juni 2005 17:31 > >>>>An: [email protected] > >>>>Betreff: RE: How to configure UsernameTokenSignature > >>>> > >>>> > >>>> > >>>>><quote> > >>>>>The Username Token profile does not currently define a key > >>>>>derivation algorithm. The OASIS WSS TC is expected to address > >>>>>this issue in a subsequent specification. </quote> > >>>> > >>>>The latest (March 2005 and onward) WSS 1.1 draft of the > >>>>UsernameToken profile defines key derivation in section 4. > >>>> > >>>>Hans > >>>> > >>> > >> > >>-- > >>Davanum Srinivas -http://blogs.cocoondev.org/dims/ > >> > > > > > >
