Hi Shams, Please see my comments inline.
On Wed, 2007-09-19 at 14:17 +0000, shams jawaid wrote: > Hi im fairly new to rampart and i keep getting errors with the policy files > i am using with wsf php and rampart 1.3 > > in my wsf php client, i use this policy.xml file: > > <wsp:Policy xmlns:wsp='http://schemas.xmlsoap.org/ws/2004/09/policy'> > <wsp:ExactlyOne> > <wsp:All> > <sp:AsymmetricBinding > xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always'> > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always'> > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256Rsa15 /> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict /> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp /> > > <sp:EncryptBeforeSigning /> > <sp:OnlySignEntireHeadersAndBody /> > </wsp:Policy> > </sp:AsymmetricBinding> > <sp:Wss10 xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'> > <wsp:Policy> > <sp:MustSupportRefIssuerSerial /> > </wsp:Policy> > </sp:Wss10> > <sp:EncryptedParts > xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'> > <sp:Body/> > </sp:EncryptedParts> > <sp:SignedParts > xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'> > <sp:Body/> > </sp:SignedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > > however, with my services.xml file like this, i get a > <soapenv:Text xml:lang="en-US">java.lang.RuntimeException: Undefined > 'badEncoding' resource property</soapenv:Text> error. > > > <service name="Math" scope="application"> > <description> > MathService > </description> > <messageReceivers> > <messageReceiver > mep="http://www.w3.org/2004/08/wsdl/in-out"; > class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> > > <messageReceiver > mep="http://www.w3.org/2004/08/wsdl/in-out"; > class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> > > <messageReceiver > mep="http://www.w3.org/2004/08/wsdl/in-out"; > class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> > > <messageReceiver > mep="http://www.w3.org/2004/08/wsdl/in-out"; > class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> > </messageReceivers> > > <parameter name="ServiceClass"> > math.Math > </parameter> > > <module ref="rampart" /> > <module ref="addressing" /> > <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsp:ExactlyOne> > <wsp:All> > <sp:AsymmetricBinding > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> > <wsp:Policy> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:TripleDesRsa15 /> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict /> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp /> > <sp:EncryptBeforeSigning/> > <sp:OnlySignEntireHeadersAndBody /> > </wsp:Policy> > </sp:AsymmetricBinding> > <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier /> > <sp:MustSupportRefIssuerSerial /> > </wsp:Policy> > </sp:Wss10> > <sp:EncryptedParts > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <sp:Body/> > </sp:EncryptedParts> > <sp:SignedParts > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <sp:Body/> > </sp:SignedParts> > <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> > <ramp:user>service</ramp:user> > > <ramp:encryptionUser>client</ramp:encryptionUser> > <ramp:passwordCallbackClass>math.PWCBHandler</ramp:passwordCallbackClass> > <ramp:signatureCrypto> > <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property> > </ramp:crypto> > </ramp:signatureCrypto> > <ramp:encryptionCypto> > <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property> > <ramp:property > name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property> > </ramp:crypto> > </ramp:encryptionCypto> > </ramp:RampartConfig> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > </service> > > are my policy.xml file and services.xml file compatible? No . The </sp:AlgorithmSuite> property in the two files are different. In Policy.xml it is <sp:Basic256Rsa15/> and in Services.xml it is <sp:TripleDesRsa15/>. Pleae use the same one in both sides. And <sp:IncludeToken> attributes also different. It may also be a problem if Rampart strictly validating key reference mechanisms. -Manjula. > > _________________________________________________________________ > Got a favourite clothes shop, bar or restaurant? Share your local knowledge > http://www.backofmyhand.com > > > _______________________________________________ > Wsf-php-user mailing list > [EMAIL PROTECTED] > http://wso2.org/cgi-bin/mailman/listinfo/wsf-php-user
