Re: URGENT - CONTINUED Need help again on binding to external web service with login authentication within Tuscany

Thu, 29 May 2008 09:29:52 -0700 


Hi,

Thanks for the answer.


Hi Marina

... We need to collect a bit more information before deciding what to
do. ... So
firstly do you know what the response SOAP message looks like on the wire.
Well, at the moment, I do not know anything about that. So I have managed to directly test - tomorrow morning - with the person responsible of web service support to users (who uses sniffers). I hope we would be able to get and provide you with the information on the response SOAP message.
In the meantime, below are the policy "definitions.xml" file and the ClientPWCBHandler.java file. 


Also can you show me what you security policy looks like (obviously be
careful not to disclose any confidential information such as real usernames 
or passwords on the mail list)?





==========================================
definitions.xml file

<?xml version="1.0" encoding="ASCII"?>
<!--
 * Licensed to the Apache Software Foundation (ASF) under one
 * ....
 * under the License.
-->
<sca:definitions xmlns="http://www.osoa.org/xmlns/sca/1.0";
                        targetNamespace="http://www.osoa.org/xmlns/sca/1.0";
                        xmlns:sca="http://www.osoa.org/xmlns/sca/1.0";
                        xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0";
                        xmlns:sms="http://sample";>


 <!-- WS Security POLICY SETS -->
 <sca:policySet name="sms:wsClientAuthenticationPolicy"
        provides="sca:authentication"
        appliesTo="sca:reference/sca:binding.ws">
        <tuscany:wsConfigParam>
                <parameter name="OutflowSecurity">
                        <action>
                                <items>UsernameToken</items>
                                <user>myUsername</user>
<passwordCallbackClass>translatewithsms.ClientPWCBHandler</ passwordCallbackClass>" + 
                <passwordType>PasswordText</passwordType>
               </action>
        </parameter>
        </tuscany:wsConfigParam>
 </sca:policySet>

 </sca:definitions>
==========================================


==========================================
ClientPWCBHandler.java file

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * ...
 * under the License.
 */
package translatewithsms;

import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;

import org.apache.ws.security.WSPasswordCallback;

/**
 * Sample userid passwd generation class
 */
public class ClientPWCBHandler implements CallbackHandler {

  public void handle(Callback[] callbacks) throws IOException,
            UnsupportedCallbackException {
System.out.println("*** PASSAGE DANS HANDLE de ClientPWCBHandler"); 
      for (int i = 0; i < callbacks.length; i++) {
System.out.println("*** Calling Client UserId/Password Handler .... "); 
        WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
        pwcb.getIdentifer();
        pwcb.setPassword(""myPassword");
     }
  }

}
==========================================

Regards,
Marina.


Le 29 mai 08 à 14:42, Simon Laws a écrit :


On Thu, May 29, 2008 at 1:19 PM, Marina Deslaugiers <
[EMAIL PROTECTED]> wrote:


Hi,
Please can someone URGENTLY help me on my coding (at least provide me with 
an analogous example) ?

I provide you with the WSDL file I forgot to send

Thanks
*Regards,*
**
*Marina.*
*
*
**

**
*
*
*
*

Le 26 mai 08 à 17:15, Marina Deslaugiers a écrit :

Hi,

I am currently trying to connect to the external web service with
user/password authentication (without HTTPS) I mentioned in my previous 
e-mails.

But I cannot succeed. Can you help me, please. I join composite and
definitions.xml files.

Following is the error message I get:

==============================================================
Warning: Running an XSLT 1.0 stylesheet with an XSLT 2.0 processor

** Entrez le mode de traduction : fr_en, fr_es, fr_it...
** Entrez le texte a traduire
bonjour Monsieur
lang=  text= bonjour Monsieur
lang=
langue non indiquee par console
positionnement langue par Property Tuscany= fr_en
le texte= bonjour Monsieur
texte traduit= traduction impossible probleme serveur Web
messagingWS injecte
CONTENU DU SMSETO CREE = traduction impossible probleme serveur Web
WS messaging appele
*** PASSAGE DANS HANDLE de ClientPWCBHandler
*** Calling Client UserId/Password Handler ....
org.apache.axis2.AxisFault: Policy Falsified
at
org.apache.axis2.util.Utils.getInboundFaultFromMessageContext (Utils.java:486) 
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse( OutInAxisOperation.java:343) 
at
org.apache.axis2.description.OutInAxisOperationClient.send (OutInAxisOperation.java:389) 
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl (OutInAxisOperation.java:211) 
at
org.apache.axis2.client.OperationClient.execute (OperationClient.java:163) 
at
org.apache.tuscany.sca.binding.ws.axis2.Axis2BindingInvoker.invokeTar get(Axis2BindingInvoker.java:101) 
at
org.apache.tuscany.sca.binding.ws.axis2.Axis2BindingInvoker.invoke (Axis2BindingInvoker.java:76) 
at
org.apache.tuscany.sca.core.databinding.wire.DataTransformationInterc eptor.invoke(DataTransformationInterceptor.java:74) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:249) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:146) 
at $Proxy11.sendSMS(Unknown Source)
at translatewithsms.MessagingImpl.sendSMS(MessagingImpl.java:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at
org.apache.tuscany.sca.implementation.java.invocation.JavaImplementat ionInvoker.invoke(JavaImplementationInvoker.java:105) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:249) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:146) 
at $Proxy9.sendSMS(Unknown Source)
at
translatewithsms.TranslatorwithsmsImpl.translateAndSendSMS (TranslatorwithsmsImpl.java:39) 
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at
org.apache.tuscany.sca.implementation.java.invocation.JavaImplementat ionInvoker.invoke(JavaImplementationInvoker.java:105) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:249) 
at
org.apache.tuscany.sca.core.invocation.JDKInvocationHandler.invoke (JDKInvocationHandler.java:146) 
at $Proxy7.translateAndSendSMS(Unknown Source)
at
translatewithsms.TranslatorwithsmsClient.main (TranslatorwithsmsClient.java:28) 
Retour d'envoi du SMS : null
==============================================================

Regards,
Marina.

<WSmediawebtranslatorwebsms.composite>

<definitions.xml>



Le 7 mai 08 à 14:54, Simon Laws a écrit :

On Wed, May 7, 2008 at 1:49 PM, Marina Deslaugiers <
[EMAIL PROTECTED]> wrote:

Hi Simon,

Thanks for the explanations. I will download and have a look to the
calculator example you mention.

However, I already have seen the
sample/helloworld-ws-reference(service)-secure and I do not know whether and how I can use the policies they define ; indeed, as I said, I use to bind to a non-SCA web service - say the web service is not encapsulated in 
a
SCA component.
So, in this case, can I use the manner you indicate to me ? if yes, what are the changes to introduce in the policy description (definitions.xml 
and/or other files)?


Regards,
Marina.

 samples/helloworld-ws-reference-secure and

samples/helloworld-ws-service-secure




Le 7 mai 08 à 12:13, Simon Laws a écrit :


 On Mon, May 5, 2008 at 4:11 PM, Marina Deslaugiers <

[EMAIL PROTECTED]> wrote:

 Hi,

Hello,

I am coming back to you as I now have to connect to an external web
service with user/password authentication and I do not know how this
can be
done (using policies I guess) in tuscany.

I use a coding analogue to the one in the simple HelloWorld Web
service
example provided (and corrected by you) in

* [jira] Commented: (TUSCANY-2268) Exceptions errors on binding
toexternal web services*

The WSDL of the web service seems to be in "document literal"
encoding.
However, the web service (accessible at the following URL ttp://
161.105.181.118/xml/SMSEnabler/V2.0/SMSSenderSEI which is different of 
the
one mentioned in the WSDL file) is private to our company so it is not 
publicly available.

Attached to this e-mail is the WSDL file.

Can you help me again, please ?

thanks.

*Regards,*
**
*Marina.*
**

**
*
*



 Hi Marina
The sample samples/calculator-ws-secure-webapp shows some username and password based authentication. For example, you will note that some of 
the
references/service require authentication..


   <component name="CalculatorServiceComponent">
<implementation.java class="calculator.CalculatorServiceImpl"/> 
       <reference name="addService" >
          <interface.java interface="calculator.AddService" />
           <binding.ws uri="
http://localhost:8080/sample-calculator-ws-secure-webapp/
AddServiceComponent
"
                       requires="authentication" />
       </reference>

....

   <component name="AddServiceComponent">
       <implementation.java class="calculator.AddServiceImpl"/>
       <service name="AddService">
            <interface.java interface="calculator.AddService" />
            <binding.ws requires="authentication"/>
       </service>


In this case the definitions.xml file defines service and reference
policy
sets that implement this intent as follows

 <sca:policySet name="calc:wsAuthenticationPolicy"
    provides="sca:authentication"
    appliesTo="sca:service/sca:binding.ws"


     <tuscany:wsConfigParam>

        <parameter name="InflowSecurity">
            <action>
                <items>UsernameToken</items>
<passwordCallbackClass>calculator.security.ServerPWCBHandler</ passwordCallbackClass> 
              </action>
         </parameter>
    </tuscany:wsConfigParam>
 </sca:policySet>

 <sca:policySet name="calc:wsClientAuthenticationPolicy"
    provides="sca:authentication"
    appliesTo="sca:reference/sca:binding.ws">
    <tuscany:wsConfigParam>
        <parameter name="OutflowSecurity">
            <action>
                <items>UsernameToken</items>
                <user>CalculatorUser</user>
<passwordCallbackClass>calculator.security.ClientPWCBHandler</ passwordCallbackClass>" 
+
               <passwordType>PasswordText</passwordType>
              </action>
       </parameter>
    </tuscany:wsConfigParam>
 </sca:policySet>
   </component>

These policy sets configure Axis2 to call out to the callback classes
specified in order to get the username and password to be included in
the
soap envelope. There is another, non-webapp, example of this in
samples/helloworld-ws-reference-secure and
samples/helloworld-ws-service-secure

Hope that helps

Simon
In theory you should be able to use the reference side policy to configure security in order to authenticate with the remove non-sca web service. However this depends a lot on how the remote service is expecting you to authenticate with it. Do you know the details in this case. I have to admit to not having tried this with an external service so we are both learning 
here:-)

Simon






Hi Marina
The error is reporting that a fault is coming back in the response SOAP message. We need to collect a bit more information before deciding what to do. I'm not sure if this is actually the "org.apache.axis2.AxisFault: Policy 
Falsified" error or not as I don't recognize this particular error. So
firstly do you know what the response SOAP message looks like on the wire. 
Also can you show me what you security policy looks like (obviously be
careful not to disclose any confidential information such as real usernames 
or passwords on the mail list)?

Regards

Simon

Reply via email to