Since I've gotten *WSS SOAP Message Security UsernameToken Profile 1.0* to work (at least on Linux), I decided to share with others the complete, fool-proof, list of steps describing what I did to get it to work, from scratch. I hope the formatting in this email doesn't cause readability issues (I'm sure it will).
This setup is sufficient for my needs because it allows me to: (A) communicate with a Windows machine from any Java machine (e.g., Linux, FreeBSD, Mac OSX [untested], etc.), (B) do so securely, over HTTPS, and (C) supply credentials so that the service can be run as any user. If anyone else finds themselves needing a similar setup, they might find this useful. WCF Server Setup: Create a WCF service with the following binding in Web.config: > <bindings> > <basicHttpBinding> > <binding name="myBinding"> > <security mode="TransportWithMessageCredential"> > <transport clientCredentialType="Basic"/> > </security> > </binding> > </basicHttpBinding> > </bindings> > For example, a Web.config for a service named HelloWorldWcf might look like this: > <?xml version="1.0"?><configuration> > <system.web> <compilation debug="true" targetFramework="4.0" /> > </system.web> > <system.webServer> <modules runAllManagedModulesForAllRequests="true"/> > </system.webServer> > <system.serviceModel> <services> <service > name="Org.Tempuri.HelloWorldWcf" behaviorConfiguration="myBehavior"> > <endpoint name="IHelloWorldWcf" > address="https://my.server.hostname/HelloWorldWcf/HelloWorldWcfService.svc"; > binding="basicHttpBinding" > bindingConfiguration="myBinding" > contract="Org.Tempuri.IHelloWorldWcf" /> > <endpoint address="mex" binding="mexHttpsBinding" > contract="IMetadataExchange" /> </service> </services> > <behaviors> <serviceBehaviors> <behavior name="myBehavior"> > <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/> > <serviceDebug includeExceptionDetailInFaults="true"/> </behavior> > </serviceBehaviors> </behaviors> > <bindings> <basicHttpBinding> <binding name="myBinding"> > <security mode="TransportWithMessageCredential"> <transport > clientCredentialType="Basic"/> </security> </binding> > </basicHttpBinding> </bindings> > </system.serviceModel></configuration> > > And its service code might look like this: > using System.ServiceModel; > namespace Org.Tempuri > { > [ServiceContract] > public interface IHelloWorldWcf > { > [OperationContract] > string getHello(); > } > > public class HelloWorldWcf : IHelloWorldWcf > { > [OperationBehavior(Impersonation = ImpersonationOption.Required)] > public string getHello() > { > return "Hello!!!!!!!!!!!!!!!"; > } > } > } > > Axis2 Client Setup: Download Axis2-1.6.0 ( http://mirror.candidhosting.com/pub/apache/axis/axis2/java/core/1.6.0/axis2-1.6.0-bin.zip), unzip, and put directory in the $AXIS2_HOME environment variable. > cd > > wget > http://mirror.candidhosting.com/pub/apache/axis/axis2/java/core/1.6.0/axis2-1.6.0-bin.zip > > unzip axis2-1.6.0-bin.zip > > export AXIS2_HOME=~/axis2-1.6.0 > Download Rampart-1.6.0 ( http://newverhost.com/pub/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip), unzip, and put directory in the $RAMPART_HOME environment variable. > cd > wget > http://newverhost.com/pub/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip > unzip rampart-dist-1.6.0-bin.zip > export RAMPART_HOME=~/rampart-1.6.0 Copy Rampart modules into Axis2’s repository: > cp $RAMPART_HOME/modules/* $AXIS2_HOME/repository/modules/ > Create a directory for the client: > cd > > mkdir trywebserviceclient > Create the following “*generate*” script (replace URI with WSDL location): > #!/bin/sh > > rm -fr build build.xml src > > $AXIS2_HOME/bin/wsdl2java.sh -uri * > http://my.server.hostname/HelloWorldWcf/HelloWorldWcfService.svc?wsdl* -uw > -o . > Create the following “*compile*” script : > #!/bin/sh > > cp TryWebServiceClient.java src/org/tempuri/ > > ant > Create the following “*run*” script (replace HelloWorldWcfService with name of service): > #!/bin/sh > > java -Djavax.net.ssl.trustStore=trustcert.jks -cp > build/lib/***:$AXIS2_HOME/lib/*:$RAMPART_HOME/lib/* > org.tempuri.TryWebServiceClient > Create a trustStore, *trustcert.jks*, for the server’s certificate (replace *server.crt* with service’s certificate): > keytool –import –trustcacerts –alias root –file server.crt –keystore > trustcert.jks Create “*TryWebServiceClient.java*“ (replace *HelloWorldWcfService* with name of service, and supply USERNAME and PASSWORD): > package org.tempuri; > > import org.apache.axis2.context.ConfigurationContext; > > import org.apache.axis2.context.ConfigurationContextFactory; > > import org.apache.axis2.client.ServiceClient; > > import org.apache.axis2.client.Options; > > import org.apache.log4j.Logger; > > import org.apache.log4j.Level; > > public class TryWebServiceClient > > { > > public static void main(String[] args) throws Exception > > { > > Logger.getRootLogger().setLevel(Level.OFF); > > > > /* Get repository context */ > > ConfigurationContext ctx = > ConfigurationContextFactory.createConfigurationContextFromFileSystem(System.getenv("AXIS2_HOME") > + "/repository",null); > > > > /* Get Service stub */ > > HelloWorldWcfServiceStub stub = new HelloWorldWcfServiceStub(ctx); > > ServiceClient sc = stub._getServiceClient(); > > > > /* Set options */ > > Options options = sc.getOptions(); > > options.setUserName("USERNAME"); > > options.setPassword("PASSWORD"); > > > > /* Engage addressing and rampart modules */ > > sc.engageModule("rampart"); > > sc.engageModule("addressing"); > > > > > > /* Consume service */ > > System.out.println(stub.getHello()); > > } > > } > Run the client with : > ./generate && ./compile && ./run > That's it. The client runs fine on Linux and FreeBSD. -- Jay Sullivan
