Re: ws-security at operation level

Thu, 03 Jun 2010 11:58:08 -0700

Please move to the ws-security policy based approach and define your policy at the operation level. 

This [1] by Nandana will be helpful....

Thanks & regards.
-Prabath
http://RampartFAQ.com

[1]: http://wso2.org/library/3786

Charles Galpin wrote:

I'm running axis2-1.5/rampart1.5 with a POJO based service and can't get 
ws-security enabled for specific operations (not the whole service). If I 
enable rampart for the service, using the same InflowSecurity parameter it 
works fine, but if I move it into an operation block I get

     [java] org.apache.axis2.AxisFault: Must Understand check failed for header 
http://docs.oasis-open.org/wss/2004/01/o
asis-200401-wss-wssecurity-secext-1.0.xsd : Security
     [java]     at 
org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:517)
     [java]     at 
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:371)
     [java]     at 
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
     [java]     at 
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
     [java]     at 
org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
     [java]     at 
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:539)
     [java]     at 
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)

The admin tools verify the rampart module is engaged for the operation. Any 
thoughts on what I am doing wrong?

Using policies is the next step, but for now I am using the following in 
services.xml (or trying to within an operation block)

          <module ref="rampart"/>
          <parameter name="InflowSecurity">
               <action>
                 <items>UsernameToken Timestamp</items>
                 
<passwordCallbackClass>my.PasswordCallbackHandler</passwordCallbackClass>
               </action>
           </parameter>

In either case there is no markup in the WSDL which doesn't seem right, and 
when I have it at the service level and it worked, my operation got null for
MessageContext.getCurrentMessageContext().getProperty(RampartMessageData.USERNAME); 
which is even more perplexing. Help!

Thanks,
charles

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]





---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to