Hi Seshi,
Sorry I didn't see this earlier :( . Have you tried the approach in
sample 05. Storing the token received in the trust store
TokenStorage store = TrustUtil.getTokenStore(ctx);
store.add(responseToken);
and passing that Id as a property in options,
options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
responseToken.getId());
thanks,
nandana
On Tue, Jan 27, 2009 at 3:47 AM, Seshi Patibanda <seshi...@gmail.com> wrote:
> Hi all,
>
> I am trying to include an obtained *SAML**token* in the Security header
> (wsse:Security) All I need to
> do is just pass the retrieved *SAML**token* to the remote web service
> (SSL-enabled) request by including it in the SOAP header.
>
> Deployed Apache Rampart 1.4 module correctly as per the samples. Using
> Axis2
> client and stubs generated by WSDL2Java tool. Also, using a policy based
> approach (mySamlPolicy.xml attached). I can see the <*wsse:Security*> *
> header* but
> NO assertion *token* included *in* the SOAP *header*. Assertion tag shown
> *in* the
> policy file is truncated (for security reasons).
>
> I suspect something wrong with my policy. Is there any other simpler way to
> insert the dynamically retrieved SAML token (at Runtime) in to the Security
> header of the SOAP request? SAML token will be passed to us as a Session
> attribute at runtime.
>
> We are fast approching our deadline and this is a show-stopper for us. Any
> help in this regard is highly appreciated.
>
> Thanks, Seshi P.
>
> SOAP request message:
> ===========================================================================
>
> DEBUG [httpclient.wire.content] >> "<?xml version='1.0'
> encoding='UTF-8'?><soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:*Header
> *>[\n]"
>
> [java] DEBUG [httpclient.wire.content] >> "<*wsse:Security*
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> soapenv:mustUnderstand="1"><wsu:Timestamp
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
>
> wsu:Id="Timestamp-20735553"><wsu:Created>2009-01-24T00:44:49.546Z</wsu:Created><wsu:Expires>2009-01-24T00:49:49.546Z</wsu:Expires></wsu:Timestamp></
> *wsse:Security*></soapenv:*Header*><soapenv:Body><ns1:echo
> xmlns:ns1="urn:us.mil.osd.atl.avsoa.echo"><ns1:message>Hello
> Seshi!</ns1:message></ns1:echo></soapenv:Body></soapenv:Envelope>" [java]
>
> ==========================================================================
>
>
> SOAP response message received:
> ==========================================================================
>
> DEBUG [org.apache.commons.httpclient.methods.EntityEnclosingMethod] Request
> body
> sent
>
> [java] DEBUG [httpclient.wire.*header*] << "HTTP/1.1 500 Internal Server
> Error[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "HTTP/1.1 500 Internal Server
> Error[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "Server:
> Apache-Coyote/1.1[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "Content-Type:
> text/xml;charset=UTF-8[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "Content-Length: 223[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "Date: Sat, 24 Jan 2009
> 00:44:14
> GMT[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "Connection: close[\r][\n]"
>
> [java] DEBUG [httpclient.wire.*header*] << "[\r][\n]"
>
> [java] DEBUG [httpclient.wire.content] << "<soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> "><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>No
> *SAML* Assertion was
> found!</faultstring></soap:Fault></soap:Body></soap:Envelope>"
>
> [java] ERROR [org.apache.axis2.engine.AxisEngine] SOAP *header* missing
>
> [java] org.apache.axis2.AxisFault: SOAP *header* missing
> ============================================================================
>
>
>
>
