Hi, I'm not sure why those instances are null. Maybe some other axis2 developer will be able help you figure this out.
Others what do you think? Thanks, Ruchith p.s. Please maintain the conversation on the list so someone who is aware of this issue will be able to help. On Sun, Apr 10, 2011 at 1:15 PM, Stephen Cresswell <[email protected]> wrote: > I've stepped through in debug and tracked the problem down to where the > RampartEngine attempts to assign the security policy from the > msgCtx.getEffectivePolicy (Rampart 1.5, RampartMessageData line 238) > > For the working "Hello World" service > > AxisBindingMessage bindingMessage = (AxisBindingMessage) > getProperty(Constants.AXIS_BINDING_MESSAGE); > > Returns a bindingMessage which has an attached security policy. > > For the failing "PostCode" service both the bindingMessage and axisMessage > are null, so no policy can be obtained. Any idea why the post code service > doesn't get assigned the security policy like the hello world one does? > > Thanks, > > S > > > > On 9 April 2011 20:53, Stephen Cresswell <[email protected]> > wrote: >> >> Hi Ruchith, >> >> The CallbackHandler is not being invoked. >> The only wsp:Policy sections are in services.xml. Nothing in the WSDL. I >> changed the useOriginalwsdl parameter to false, but it didn't make any >> difference. >> >> S >> >> >> On 9 April 2011 20:06, Ruchith Fernando <[email protected]> >> wrote: >>> >>> Hi, >>> >>> Right now I'm not sure why policy wasn't available when the rampart >>> handler was called and why it is available in post dispatch. Maybe >>> someone more familiar with policy loading will be able to help. >>> >>> Can you please verify whether the callback handler was called to >>> authenticate the username token in this case (I don't think it will >>> be). >>> >>> I noticed you have used : >>> <parameter name="useOriginalwsdl">true</parameter> >>> >>> Do you have security policy on the wsdl? If so I'm wondering whether >>> there's an issue when loading policy that depends on dispatch. >>> >>> Thanks, >>> Ruchith >>> >>> On Sat, Apr 9, 2011 at 2:12 PM, Stephen Cresswell >>> <[email protected]> wrote: >>> > Hi Ruchith, >>> > >>> > Can you elaborate a bit more please? If the webservice request is sent >>> > with >>> > the correct security headers, and if the service the correct policy >>> > definition, and can you think of any reason why it would not be >>> > available? >>> > Also any idea why it works for one service and not another (the headers >>> > and >>> > policy definitions are identical)? >>> > >>> > Thanks for your help, >>> > >>> > S >>> > >>> > On 9 April 2011 19:04, Ruchith Fernando <[email protected]> >>> > wrote: >>> >> >>> >> Hi, >>> >> >>> >> This error (PostDispatchVerificationHandler.java:152) means that >>> >> security policy was not available at the time rampart was called. >>> >> >>> >> Thanks, >>> >> Ruchith >>> >> >>> >> On Sat, Apr 9, 2011 at 1:05 PM, Stephen Cresswell >>> >> <[email protected]> wrote: >>> >> > We're running into problems added authentication to our web >>> >> > services. It >>> >> > works for our simple "hello world" web service, but when we try it >>> >> > with >>> >> > the >>> >> > real web service we get an InvalidSecurity fault. I've stripped the >>> >> > WSDL >>> >> > back so that the hello world and post code service are almost >>> >> > identical, >>> >> > but >>> >> > I still get this error. Any ideas? >>> >> > >>> >> > Failing Request >>> >> > <soapenv:Envelope >>> >> > xmlns:car="http://xyzi.mycomp.co.uk/postcodedata_1"; >>> >> > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> >>> >> > <soapenv:Header> >>> >> > <wsse:Security soapenv:mustUnderstand="1" >>> >> > >>> >> > >>> >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> >>> >> > <wsse:UsernameToken wsu:Id="UsernameToken-1" >>> >> > >>> >> > >>> >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> >>> >> > <wsse:Username>BILL</wsse:Username> >>> >> > <wsse:Password >>> >> > >>> >> > >>> >> > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>SECRET</wsse:Password> >>> >> > </wsse:UsernameToken> >>> >> > </wsse:Security> >>> >> > </soapenv:Header> >>> >> > <soapenv:Body> >>> >> > <car:getValidAddressTypes> >>> >> > <car:category>X</car:category> >>> >> > </car:getValidAddressTypes> >>> >> > </soapenv:Body> >>> >> > </soapenv:Envelope> >>> >> > >>> >> > Response >>> >> > <soapenv:Envelope >>> >> > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> >>> >> > <soapenv:Body> >>> >> > <soapenv:Fault> >>> >> > <faultcode>soapenv:Server</faultcode> >>> >> > <faultstring>InvalidSecurity</faultstring> >>> >> > <detail/> >>> >> > </soapenv:Fault> >>> >> > </soapenv:Body> >>> >> > </soapenv:Envelope> >>> >> > >>> >> > services.xml >>> >> > <?xml version="1.0" encoding="UTF-8"?> >>> >> > <!-- This file was auto-generated from WSDL --> >>> >> > <!-- by the Apache Axis2 version: 1.5.2 Built on : Sep 06, 2010 >>> >> > (09:42:01 >>> >> > CEST) --> >>> >> > <serviceGroup> >>> >> > <service name="PostCodeService_1_0"> >>> >> > <messageReceivers> >>> >> > <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out"; >>> >> > class="uk.co.mycomp.foo.PostCodeService_1_0MessageReceiverInOut"/> >>> >> > </messageReceivers> >>> >> > <parameter >>> >> > >>> >> > >>> >> > name="ServiceClass">uk.co.mycomp.foo.PostCodeService_1_0Skeleton</parameter> >>> >> > <parameter name="useOriginalwsdl">true</parameter> >>> >> > <parameter name="modifyUserWSDLPortAddress">true</parameter> >>> >> > <operation name="getValidAddressTypes" >>> >> > mep="http://www.w3.org/ns/wsdl/in-out"; >>> >> > namespace="http://xyzi.mycomp.co.uk/postcodeservice_1";> >>> >> > >>> >> > >>> >> > >>> >> > <actionMapping>http://xyzi.mycomp.co.uk/postcodeservice_1/PostCodePortType/getValidAddressTypesRequest</actionMapping> >>> >> > >>> >> > >>> >> > >>> >> > <outputActionMapping>http://xyzi.mycomp.co.uk/postcodeservice_1/PostCodePortType/getValidAddressTypesResponse</outputActionMapping> >>> >> > </operation> >>> >> > <module ref="SmartintegratorModule"/> >>> >> > <module ref="rampart"/> >>> >> > >>> >> > <wsp:Policy wsu:Id="UsernameToken" >>> >> > >>> >> > >>> >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; >>> >> > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> >>> >> > <wsp:ExactlyOne> >>> >> > <wsp:All> >>> >> > <sp:SupportingTokens >>> >> > >>> >> > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> >>> >> > <wsp:Policy> >>> >> > <sp:UsernameToken >>> >> > >>> >> > >>> >> > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> >>> >> > </sp:UsernameToken> >>> >> > </wsp:Policy> >>> >> > </sp:SupportingTokens> >>> >> > <ramp:RampartConfig >>> >> > xmlns:ramp="http://ws.apache.org/rampart/policy";> >>> >> > >>> >> > >>> >> > >>> >> > <ramp:passwordCallbackClass>com.mycomp.ext.auth.PasswordCallbackHandler</ramp:passwordCallbackClass> >>> >> > </ramp:RampartConfig> >>> >> > </wsp:All> >>> >> > </wsp:ExactlyOne> >>> >> > </wsp:Policy> >>> >> > </service> >>> >> > <service name="SpringAwareService" >>> >> > class="com.mycomp.ext.spring.SpringInit"> >>> >> > <description>Spring initialiser</description> >>> >> > </service> >>> >> > </serviceGroup> >>> >> > >>> >> > debug >>> >> > [ERROR] InvalidSecurity >>> >> > org.apache.axis2.AxisFault: InvalidSecurity >>> >> > at >>> >> > >>> >> > >>> >> > org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:152) >>> >> > at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >>> >> > at >>> >> > org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251) >>> >> > at >>> >> > org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160) >>> >> > at >>> >> > >>> >> > >>> >> > org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167) >>> >> > at >>> >> > >>> >> > org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:266) >>> >> > at >>> >> > >>> >> > >>> >> > org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281) >>> >> > at >>> >> > >>> >> > >>> >> > org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187) >>> >> > at >>> >> > >>> >> > >>> >> > org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82) >>> >> > at >>> >> > >>> >> > >>> >> > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >>> >> > at >>> >> > >>> >> > >>> >> > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >>> >> > at java.lang.Thread.run(Thread.java:662) >>> >> > >>> >> >>> >> >>> >> >>> >> -- >>> >> http://ruchith.org >>> > >>> > >>> >>> >>> >>> -- >>> http://ruchith.org >> > > -- http://ruchith.org --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
