Hi all, I am trying to include an obtained *SAML**token* in the Security header (wsse:Security) All I need to do is just pass the retrieved *SAML**token* to the remote web service (SSL-enabled) request by including it in the SOAP header.
Deployed Apache Rampart 1.4 module correctly as per the samples. Using Axis2 client and stubs generated by WSDL2Java tool. Also, using a policy based approach (mySamlPolicy.xml attached). I can see the <*wsse:Security*> * header* but NO assertion *token* included *in* the SOAP *header*. Assertion tag shown * in* the policy file is truncated (for security reasons). I suspect something wrong with my policy. Is there any other simpler way to insert the dynamically retrieved SAML token (at Runtime) in to the Security header of the SOAP request? SAML token will be passed to us as a Session attribute at runtime. We are fast approching our deadline and this is a show-stopper for us. Any help in this regard is highly appreciated. Thanks, Seshi P. SOAP request message: =========================================================================== DEBUG [httpclient.wire.content] >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:*Header* >[\n]" [java] DEBUG [httpclient.wire.content] >> "<*wsse:Security* xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd " soapenv:mustUnderstand="1"><wsu:Timestamp xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="Timestamp-20735553"><wsu:Created>2009-01-24T00:44:49.546Z</wsu:Created><wsu:Expires>2009-01-24T00:49:49.546Z</wsu:Expires></wsu:Timestamp></ *wsse:Security*></soapenv:*Header*><soapenv:Body><ns1:echo xmlns:ns1="urn:us.mil.osd.atl.avsoa.echo"><ns1:message>Hello Seshi!</ns1:message></ns1:echo></soapenv:Body></soapenv:Envelope>" [java] ========================================================================== SOAP response message received: ========================================================================== DEBUG [org.apache.commons.httpclient.methods.EntityEnclosingMethod] Request body sent [java] DEBUG [httpclient.wire.*header*] << "HTTP/1.1 500 Internal Server Error[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "HTTP/1.1 500 Internal Server Error[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "Server: Apache-Coyote/1.1[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "Content-Type: text/xml;charset=UTF-8[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "Content-Length: 223[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "Date: Sat, 24 Jan 2009 00:44:14 GMT[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "Connection: close[\r][\n]" [java] DEBUG [httpclient.wire.*header*] << "[\r][\n]" [java] DEBUG [httpclient.wire.content] << "<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/ "><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>No *SAML* Assertion was found!</faultstring></soap:Fault></soap:Body></soap:Envelope>" [java] ERROR [org.apache.axis2.engine.AxisEngine] SOAP *header* missing [java] org.apache.axis2.AxisFault: SOAP *header* missing ============================================================================
<?xml version="1.0" encoding="UTF-8"?> <wsp:Policy wsu:Id="echo" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> </wsp:Policy> </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> <wsp:Policy> <sp:WssSamlV10Token11> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; AssertionID="_87df086111ccda39741d133dcdffe001" IssueInstant="2009-01-23T15:05:04.650Z" Issuer="https://xxxx"; MajorVersion="1" MinorVersion="1</Assertion> </sp:WssSamlV10Token11> </wsp:Policy> </sp:SamlToken> </wsp:Policy> </sp:SignedSupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:sslConfig> <ramp:property name="javax.net.ssl.keyStoreType">PKCS12</ramp:property> <ramp:property name="javax.net.ssl.keyStore">C:\tomcat_5.5\xxx.p12</ramp:property> <ramp:property name="javax.net.ssl.keyStorePassword">xxxxx</ramp:property> <ramp:property name="javax.net.ssl.trustStore">C:\tomcat_5.5\xxx.jks</ramp:property> <ramp:property name="javax.net.ssl.trustStorePassword">xxxxx</ramp:property> </ramp:sslConfig> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>
