Hi , Reported the problem in JIRA : RAMPART-28.
Regards, Angel On 3/19/07, Angel Todorov <[EMAIL PROTECTED]> wrote:
Hi Dimuthu, Thanks. I tried changing these in the policy definition, but now there is no effect - the header parts are not encrypted, even though in the policy it is defined so. Moreover, in the WSDL generated by Axis2, I don't have the element for the encrypted header parts present. Is that a bug ? I have this in services.xml : <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <sp:Body/> <sp:Header sp:Name="UsernameToken" sp:Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/> </sp:EncryptedParts> But in the WSDL generated by Axis2, i only see this: <sp:EncryptedParts> <sp:Body/> </sp:EncryptedParts> Can someone clarify this? Thanks very much. Best Regards, Angel On 3/19/07, Dimuthu Leelarathne <[EMAIL PROTECTED]> wrote: > On Mon, 2007-03-19 at 09:35 +0530, Dimuthu Leelarathne wrote: > > Hi Angel, > > I am sorry about the name. However the rest of the mail is correct. > > > I ran your policy file through a test. It passed the TestCase when I > > edited the EncryptedParts element as follows. > > > > <sp:EncryptedParts > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > <sp:Header sp:Name="UsernameToken" > > sp:Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/> > > </sp:EncryptedParts> > > > > Cheers, > > Dimuthu > > ----------------- > > http://wso2.org > > > > > > On Sun, 2007-03-18 at 12:29 +0200, Angel Todorov wrote: > > > Hi, > > > > > > I would like to ask whether the WS-SecurityPolicy usage for encrypting > > > parts of the header is currently supported in Rampart ? I am using > > > rampart-1.1 with Axis2-1.1.1 > > > > > > I have the following in my policy definition: > > > > > > <sp:EncryptedParts > > > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > > > <sp:Header Name="UsernameToken"/> > > > </sp:EncryptedParts> > > > > > > That is, what i would like to achieve is send the username/password in > > > plaintext (that is not using digest password type ), but encrypt these > > > in the header. > > > > > > I am getting this exception when i try to run the client: > > > > > > [java] Exception in thread "main" java.lang.NullPointerException > > > [java] at > > > org.apache.ws.secpolicy.builders.EncryptedPartsBuilder.processElement(EncryptedPartsBuilder.java:62) > > > [java] at > > > org.apache.ws.secpolicy.builders.EncryptedPartsBuilder.build(EncryptedPartsBuilder.java:44) > > > [java] at > > > org.apache.neethi.AssertionBuilderFactory.build(AssertionBuilderFactory.java:96) > > > [java] at > > > org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:221) > > > [java] at > > > org.apache.neethi.PolicyEngine.getAllOperator(PolicyEngine.java:158) > > > [java] at > > > org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:212) > > > [java] at > > > org.apache.neethi.PolicyEngine.getExactlyOneOperator(PolicyEngine.java:154) > > > [java] at > > > org.apache.neethi.PolicyEngine.processOperationElement(PolicyEngine.java:207) > > > [java] at > > > org.apache.neethi.PolicyEngine.getPolicyOperator(PolicyEngine.java:150) > > > [java] at > > > org.apache.neethi.PolicyEngine.getPolicy(PolicyEngine.java:122) > > > [java] at > > > org.apache.rampart.samples.policy.sample01.Client.loadPolicy(Unknown > > > Source) > > > [java] at > > > org.apache.rampart.samples.policy.sample01.Client.main(Unknown Source) > > > > > > > > > I am using a modified version (modified policy.xml and services.xml) > > > from the rampart distribution in samples/policy/sample01. > > > > > > I am attaching the policy.xml file. > > > > > > P.S: I also tried setting both Name and Namespace attributes in the > > > sp:Header child of sp:EncryptedParts, but with no success (same > > > error). > > > > > > Any feedback is greatly appreciated. Thank you. > > > > > > Regards, > > > Angel > > > >
