Re: [Axis2 - rampart] encrypt parts of the SOAP Header using WS-SecurityPolicy

Sun, 18 Mar 2007 20:05:04 -0800 

Hi Angel,

Ramaprt-1.1 only supports encryption of parts that are in the envelope
before security processing.

Also your policy seems to be using a TransportBinding and an
AsymmetricBinding. I don't think this is allowed. Can you please
explain the scenario that you are trying to configure.

Thanks,
Ruchith

On 3/18/07, Angel Todorov <[EMAIL PROTECTED]> wrote:

Hi,

I would like to ask whether the WS-SecurityPolicy usage for encrypting
parts of the header is currently supported in Rampart ? I am using
rampart-1.1 with Axis2-1.1.1

I have the following in my policy definition:

<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Header Name="UsernameToken"/>
</sp:EncryptedParts>

That is, what i would like to achieve is send the username/password in
plaintext (that is not using digest password type ), but encrypt these
in the header.

I am getting this exception when i try to run the client:

[java] Exception in thread "main" java.lang.NullPointerException
     [java]     at
org.apache.ws.secpolicy.builders.EncryptedPartsBuilder.processElement(EncryptedPartsBuilder.java:62)
     [java]     at
org.apache.ws.secpolicy.builders.EncryptedPartsBuilder.build(EncryptedPartsBuilder.java:44)
     [java]     at
org.apache.neethi.AssertionBuilderFactory.build(AssertionBuilderFactory.java:96)
     [java]     at
org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:221)
     [java]     at
org.apache.neethi.PolicyEngine.getAllOperator(PolicyEngine.java:158)
     [java]     at
org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:212)
     [java]     at
org.apache.neethi.PolicyEngine.getExactlyOneOperator(PolicyEngine.java:154)
     [java]     at
org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:207)
     [java]     at
org.apache.neethi.PolicyEngine.getPolicyOperator(PolicyEngine.java:150)
     [java]     at
org.apache.neethi.PolicyEngine.getPolicy(PolicyEngine.java:122)
     [java]     at
org.apache.rampart.samples.policy.sample01.Client.loadPolicy(Unknown
Source)
     [java]     at
org.apache.rampart.samples.policy.sample01.Client.main(Unknown Source)


I am using a modified version (modified policy.xml and services.xml)
from the rampart distribution in samples/policy/sample01.

I am attaching the policy.xml file.

P.S: I also tried setting both Name and Namespace attributes in the
sp:Header child of sp:EncryptedParts, but with no success (same
error).

Any feedback is greatly appreciated. Thank you.

Regards,
Angel





--
www.ruchith.org
www.wso2.org

Reply via email to