Hi Peter, I've attached the services.xml for your reference. Cheers.
Regards Sanjay >-----Original Message----- >From: Rajesh, Peter (CLAIMS, WIP) >[mailto:[EMAIL PROTECTED] >Sent: 14 July 2008 16:52 >To: rampart-dev@ws.apache.org >Subject: RE: "Missing wsse:Security header in request" exception. > > >Please verify the policy.xml > > >Thanks & Regards, > >Peter Rajesh > > >-----Original Message----- >From: Sanjay Vivek [mailto:[EMAIL PROTECTED] >Sent: Monday, July 14, 2008 11:25 AM >To: rampart-dev@ws.apache.org >Subject: RE: "Missing wsse:Security header in request" exception. > >Hi again, > >I just noticed the absence of <wsse:Security >xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401 -wss-wsse >curity-secext-1.0.xsd" soapenv:mustUnderstand="true" /> in the >SOAP response Header. Any idea why this element is missing in >the SOAP response header? > >And why am I able to get back the correct SOAP response (minus >the security header)? Any help in this matter would be >appreciated. Cheers. > >Regards >Sanjay > >>-----Original Message----- >>From: Sanjay Vivek [mailto:[EMAIL PROTECTED] >>Sent: 14 July 2008 12:31 >>To: rampart-dev@ws.apache.org >>Subject: "Missing wsse:Security header in request" exception. >> >>Hi everyone, >> >>I've a rather curious situation whereby I'm getting a "Missing >>wsse:Security header in request" exception when I invoke a >Rampart 1.4 >>enabled service with a client on Eclipse. >> >>However, when I use TCPMON to intercept the SOAP request and response >>messages, I see that I have the the right data in the SOAP request >>message. I must have the client side configured in the correct manner >>because I'm getting the right SOAP request and response messages. Any >>idea why this is occuring? >>The code for the client is given below for reference. Cheers. >> >>public static void main(String[] args) throws Exception { >> >> ConfigurationContext ctx = ConfigurationContextFactory. >> >>createConfigurationContextFromFileSystem(confPath, null); >> >> GrouperServiceStub stub = new >>GrouperServiceStub(ctx,targetEPR); >> >> ServiceClient sc = stub._getServiceClient(); >> >> sc.engageModule("rampart"); >> sc.engageModule("addressing"); >> >> Options options = sc.getOptions(); >> options.setUserName("GrouperSystem"); >> options.setPassword("mypassword"); >> >> //load policy externally >> >>options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,loadP >>olicy(con >>fPath + "/conf/policy.xml")); >> >> //invoke the service >> WsGetGroupsLiteResult wsGetGroupsLiteResult = >>stub.getGroupsLite("v1_3_000", "[EMAIL PROTECTED]", "", "", "All", "", >>"", >>"", "", "", "", "", "", "", ""); >> >> //tells whether its an overall success >> >>System.out.println(ToStringBuilder.reflectionToString(wsGetGrou >>psLiteRes >>ult)); >> >> WsGroup[] results = wsGetGroupsLiteResult.getWsGroups(); >> if (results != null) { >> for (WsGroup wsGroup : results) { >> >>System.out.println(ToStringBuilder.reflectionToString(wsGroup)); >> } >> } >> } >> >> private static Policy loadPolicy(String xmlPath) throws >Exception { >> StAXOMBuilder builder = new StAXOMBuilder(xmlPath); >> return PolicyEngine.getPolicy(builder.getDocumentElement()); >> } >> >>} >> >>Regards >>-------------- >>Sanjay Vivek >>Web Analyst >>Middleware Team >>ISS >>Newcastle University >> > > >*************************************************************** >********** >This communication, including attachments, is for the >exclusive use of addressee and may contain proprietary, >confidential and/or privileged information. If you are not >the intended recipient, any use, copying, disclosure, >dissemination or distribution is strictly prohibited. If you >are not the intended recipient, please notify the sender >immediately by return e-mail, delete this communication and >destroy all copies. >*************************************************************** >********** > >
<!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more contributor license agreements. See the NOTICE file ~ distributed with this work for additional information ~ regarding copyright ownership. The ASF licenses this file ~ to you under the Apache License, Version 2.0 (the ~ "License"); you may not use this file except in compliance ~ with the License. You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. --> <service name="GrouperService" scope="application" targetNamespace="http://soap.ws.grouper.middleware.internet2.edu/";> <description> Grouper Service with ws security </description> <messageReceivers> <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"; class="org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver"/> <messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"; class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/> </messageReceivers> <schema schemaNamespace="http://soap.ws.grouper.middleware.internet2.edu/xsd"/> <parameter name="ServiceClass">edu.internet2.middleware.grouper.ws.soap.GrouperService</parameter> <module ref="rampart" /> <module ref="addressing" /> <wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <!-- <sp:HttpsToken RequireClientCertificate="false"/> --> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> </wsp:Policy> </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"; /> </wsp:Policy> </sp:SignedSupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:passwordCallbackClass>edu.internet2.middleware.grouper.ws.security.RampartHandlerServer</ramp:passwordCallbackClass> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </service>
