On Wed, Nov 3, 2010 at 5:24 AM, Dennis Sosnoski <d...@sosnoski.com> wrote:
> Hi Thomas, > > I haven't had any luck with one-way security policies using Axis2, > though I didn't try this particular combination. You might find my > latest Java Web Services article on devWorks of interest: > http://www.ibm.com/developerworks/java/library/j-jws18/index.html This > one covers WS-Policy in some detail, and includes my tests with some > one-way policies. Your case is simpler than the ones I used, so you > might find that CXF or Metro would work for what you want. > Why are we advertising CFX and Metro on Axis2 list??? Should we not use their own lists to do that??? > You could also try attaching the policies directly to the actual Axis2 > message object in your client code (rather than including them in the > WSDL for client code generation), and see if that works. > > - Dennis > > -- > Dennis M. Sosnoski > Java SOA and Web Services > Axis2/CXF/Metro Training and Consulting > http://www.sosnoski.com - http://www.sosnoski.co.nz > Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117 > > > On 10/21/2010 07:26 AM, Thomas J Pinkl wrote: > > I'm trying to consume a web service using Axis2 1.4.1 and Rampart 1.4. > > The service requires WS-Security in the form of a signed request (no > > encryption), using x.509 tokens. > > > > I generated the client code from a WSDL file provided by the service. > > Unfortunately, it did not contain any security anotations. > > > > I am able to send a valid request to the service but I'm having a > > problem with the response. > > > > The response from the web service is NOT signed or encrypted. However, > > my attempts at configuring a policy file where the security is one-way, > > have been unsuccessful. > > > > With my current policy, I receive an AxisFault while processing the > > response: > > > > org.apache.axis2.AxisFault: Missing wsse:Security header in request > > at > org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166) > > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99) > > at org.apache.axis2.engine.Phase.invoke(Phase.java:317) > > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) > > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163) > > at > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363) > > at > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416) > > at > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228) > > at > org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) > > at ... > > > > I've tried removing the "Security" phase from InFlow and InFaultFlow > > in my axis2.xml file, but it seems that Rampart is still invoked. > > > > Can anyone suggest how I can consume this lopsided (security-wise) > > service? > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org > For additional commands, e-mail: java-user-h...@axis.apache.org > > Samisa ... http://samisa-abeysinghe.blogspot.com/
