Hi Sanjay,
Rampart SNAPSHOT insist on using "https" as the transport
medium because you have the following policy assertion.
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
If you comment out the https token, you will be able to use
http, but it is adviced to use a secure transport. Looking at the
stack trace it seems that, the response you are getting from the
server is not having a security header and looking at your policy it
is correct behavior. The response doesn't need to have a security
header. I thought we handle this scenario properly, but I will recheck
with your policy.
thanks,
/nandana
On Mon, Mar 3, 2008 at 7:10 PM, Sanjay Vivek
<[EMAIL PROTECTED]> wrote:
> Hi everyone,
>
> I've a policy based service that returns the UsernameToken information
> of an authenticated user. This service is based on the latest Rampart
> and Axis2 SNAPSHOT version as suggested in the forum. However, when I
> tried to call this service with a client, I got the following exception:
>
> Exception in thread "main" org.apache.axis2.AxisFault: Expected
> transport is "https" but incoming transport found : "http"
>
> So I proceeded to put the service behind https. Now however, I get a new
> exception:
>
> Exception in thread "main" org.apache.axis2.AxisFault: Missing
> wsse:Security header in request
> at
> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:9
> 2)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
> at
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
> at
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:132)
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(Out
> InAxisOperation.java:336)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOper
> ation.java:389)
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInA
> xisOperation.java:211)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163
> )
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528
> )
> at
> org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508
> )
> at
> org.apache.rampart.policy.CommandLineClient.main(CommandLineClient.java:
> 69)
> Caused by: org.apache.rampart.RampartException: Missing wsse:Security
> header in request
> at
> org.apache.rampart.RampartEngine.process(RampartEngine.java:106)
> at
> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:8
> 5)
> ... 10 more
>
>
> I don't get these errors when I use the rampart-1.3 distribution. My
> client can successfully call the service via http or https. Both my
> client and service installation is exactly the same as the
> rampart-snapshot distribution (i.e. my services.xml and policy.xml are
> exactly the same). And does Rampart-SNAPSHOT insist upon the service
> being behind https?
>
> Do I have to edit anything else to the services.xml or policy.xml to get
> it working for the rampart-snapshot distro? Both my services.xml and
> policy.xml are given below for reference. Cheers.
>
> Regards
> Sanjay
>
>
> policy.xml:
>
> <wsp:Policy wsu:Id="UTOverTransport"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken
> RequireClientCertificate="false"/>
> </wsp:Policy>
> </sp:TransportToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Lax/>
> </wsp:Policy>
> </sp:Layout>
> </wsp:Policy>
> </sp:TransportBinding>
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:UsernameToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
> cludeToken/AlwaysToRecipient" />
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> <ramp:RampartConfig
> xmlns:ramp="http://ws.apache.org/rampart/policy";>
> <ramp:user>bob</ramp:user>
>
> <ramp:passwordCallbackClass>org.apache.rampart.policy.PWHandlerClient</r
> amp:passwordCallbackClass>
> </ramp:RampartConfig>
>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
>
> services.xml:
>
> <service>
> <operation name="echo">
> <messageReceiver
> class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
> </operation>
> <parameter name="ServiceClass"
> locked="false">org.apache.rampart.policy.PolicyEchoService</parameter>
>
> <module ref="rampart" />
> <module ref="addressing" />
>
> <wsp:Policy wsu:Id="UTOverTransport"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken
> RequireClientCertificate="false"/>
> </wsp:Policy>
> </sp:TransportToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Lax/>
> </wsp:Policy>
> </sp:Layout>
> </wsp:Policy>
> </sp:TransportBinding>
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:UsernameToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
> cludeToken/AlwaysToRecipient" />
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> <ramp:RampartConfig
> xmlns:ramp="http://ws.apache.org/rampart/policy";>
>
> <ramp:passwordCallbackClass>org.apache.rampart.policy.PWHandlerServer</r
> amp:passwordCallbackClass>
> </ramp:RampartConfig>
>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
> </service>
>
--
Nandana Mihindukulasooriya
Software Engineer
WSO2 inc.
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/
