Hi Anthony, On 10/16/07, Anthony Bull <[EMAIL PROTECTED]> wrote: > > Hi Ruwan, > > thanks for the reply. The situation is we have a machine sitting > externally at a client site, and this has to proxy some web services on > internal machines at the client site. The client (a big client with > stringent security requirements) require that all web service requests > to go through a certain point (the Synapse setup) and that the web > services aren't on the external layer of their network. Also there are > other software vendors writing .NET web services that will be used > through Synapse in a similar way. The future plan is to do some > mediation, such as aggregation of web services.
Cool !! Also, I'm not sure if anyone is aware but I managed to get the setup I > required working with the latest nightly snapshot build of Synapse. So > it looks like the architecture stuff has been done already? Nice to hear that :D I then > managed to get it setup in an axis2 running inside Tomcat, which took a > bit of fiddling around to get everything working. The synapse.xml file > I used is: Just for the clarification, you are using the standalone distro, not the synapse-handler.mar right? <definitions xmlns="http://ws.apache.org/ns/synapse";> > <proxy name="DataHubVehicleService-1.0.0"> > <target> > <inSequence> > <send> > <endpoint> > <address > uri="http://tnz017:8080/tnz/services/DataHubVehicleService-1.0.0"; > optimize="swa"/> > </endpoint> > </send> > </inSequence> > <outSequence> > <send/> > </outSequence> > </target> > <publishWSDL > > uri="file:C:/Projects/data-hub/data-hub-vehicle-service/resources/DataHubVehicleService- > 1.0.0.wsdl"/> > </proxy> > </definitions> Thanks, Ruwan Ruwan Linton wrote: > > Hi Anthony, > > > > AFAIK, this is a limitation of synapse according to the current > > architecture. We thought of re-architecture synapse to handle these > cases > > which ended up in introducing a new module called synapse-handler.marwhich > > can handle these kind of situations. But we have not tested this > (especially > > with proxy services and security)?? > > > > I have filed a JIRA [1] on this and we will look in to this ASAP > > (1.1release time frame may not gonna scale for this and may not be > > able to fix > > this for 1.1) > > > > BTW: why do you need to proxy a service with security and just pass > through > > the message without doing any thing (no mediation)? I am trying to > > understand your use case and why do you need synapse in there ... > > > > [1] - https://issues.apache.org/jira/browse/SYNAPSE-152 > > > > Thanks, > > Ruwan > > > > On 10/16/07, Anthony Bull <[EMAIL PROTECTED]> wrote: > > > >> Hi, I have been trying to set up a proxy for some axis2 web services, > >> and have been having trouble with WS-Security. > >> > >> The entire message including the WS-Security headers are intended for > my > >> endpoint (axis2 service), however Synapse is trying to handle the > >> WS-Security headers (see error message below). How can I get Synapse > to > >> ignore the security headers and simply send the message to the endpoint > >> no matter what? > >> > >> The error message at Synapse is: > >> > >> org.apache.axis2.AxisFault: Must Understand check failed for header > >> > >> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > >> : Security > >> > >> Here is the SOAP message that is being sent to Synapse: > >> > >> <?xml version='1.0' encoding='UTF-8'?> > >> <soapenv:Envelope xmlns:soapenv=" > http://www.w3.org/2003/05/soap-envelope > >> "> > >> <soapenv:Header> > >> <wsse:Security > >> xmlns:wsse=" > >> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > >> " > >> > >> soapenv:mustUnderstand="true"> > >> <wsu:Timestamp > >> xmlns:wsu=" > >> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > >> " > >> > >> wsu:Id="Timestamp-5311938"> > >> <wsu:Created>2007-10-15T21:36:59.163Z</wsu:Created> > >> <wsu:Expires>2007-10-15T21:41:59.163Z</wsu:Expires> > >> </wsu:Timestamp> > >> <wsse:UsernameToken > >> xmlns:wsu=" > >> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > >> " > >> > >> wsu:Id="UsernameToken-30318493"> > >> <wsse:Username>bgilbert</wsse:Username> > >> <wsse:Password > >> Type=" > >> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText > >> ">x</wsse:Password> > >> </wsse:UsernameToken> > >> </wsse:Security> > >> </soapenv:Header> > >> <soapenv:Body> > >> <GetVehicleInformationRequest > >> xmlns="urn:toyota-co-nz:vehicle:vehicle-info-request-1.0.0 > >> "><Registration>rav4</Registration></GetVehicleInformationRequest> > >> </soapenv:Body> > >> </soapenv:Envelope> > >> > >> thanks, > >> Anthony. > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > > > > -- > > Anthony > ------------------------------------- > Anthony Bull > Senior Developer > Black Coffee Software Ltd > PO Box 10-192 The Terrace > Wellington, New Zealand > > [EMAIL PROTECTED] > Ph +64 4 472 8818 > Fax +64 4 472 8811 > ------------------------------------- > www.bcsoft.co.nz > --------------------------------------------------------------- > This email may contain confidential or privileged information, > and is intended for use only by the addressee, or addressees. > If you are not the intended recipient please advise the sender > immediately and do not copy, use or disclose the contents to > any other person or organisation. > Black Coffee Software Ltd accepts no responsibility for viruses > received with this email, or to any changes made to the original > content. Any views or opinions expressed in this email may be > personal to the sender and are not necessarily those of Black > Coffee Software Ltd. > --------------------------------------------------------------- > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Ruwan Linton http://www.wso2.org - "Oxygenating the Web Services Platform"
