On Mon, Feb 9, 2009 at 9:34 AM, Philip Housley <[email protected]>wrote:
> Hi, > > Firstly, sorry about posting on this issue twice, but I didn't get a > response last time, and I could really do with getting this going. > > I simply cannot make Tuscany driven webservices require security - even > when I run the samples which use policies, security is not engaged. The > simplest sample for this is helloworld-ws-service-secure. If I build > directly from the 1.4 src distro, and then ant run, I get: > > C:\src\tuscany-sca-1.4\samples\helloworld-ws-service-secure>ant run > Buildfile: build.xml > > run: > [java] 09-Feb-2009 09:33:59 org.apache.tuscany.sca.node.impl.NodeImpl > <init> > [java] INFO: Creating node: helloworldws.composite > [java] 09-Feb-2009 09:33:59 org.apache.tuscany.sca.node.impl.NodeImpl > configureNode > [java] INFO: Loading contribution: > file:/C:/src/tuscany-sca-1.4/samples/helloworld-ws-service-secure/target/sample-helloworld-ws-service-secure.jar > [java] >>>Initializing WSPolicyProcessor > [java] 09-Feb-2009 09:34:00 org.apache.tuscany.sca.node.impl.NodeImpl > configureNode > [java] INFO: Loading composite: > jar:file:/C:/src/tuscany-sca-1.4/samples/helloworld-ws-service-secure/target/sample-helloworld-ws-service-secure.jar!/helloworldws.composite > [java] 09-Feb-2009 09:34:00 org.apache.tuscany.sca.node.impl.NodeImpl > start > [java] INFO: Starting node: helloworldws.composite > [java] - Module validation failed: The system is attempting to engage a > module that is not available: rampart > [java] - Module validation failed: The system is attempting to engage a > module that is not available: rampart > [java] - No JMS connection factories are defined.Will not listen for > any JMS messages > [java] - No JMS connection factories are defined.Will not listen for > any JMS messages > [java] 09-Feb-2009 09:34:01 > org.apache.tuscany.sca.http.jetty.JettyServer addServletMapping > [java] - No JMS connection factories are defined.Will not listen for > any JMS messages > [java] - No JMS connection factories are defined.Will not listen for > any JMS messages > [java] INFO: Added Servlet mapping: > http://CZC8191YB0:8085/HelloWorldService > [java] 09-Feb-2009 09:34:01 > org.apache.tuscany.sca.http.jetty.JettyServer addServletMapping > [java] HelloWorld server started (press enter to shutdown) > [java] INFO: Added Servlet mapping: > http://CZC8191YB0:8085/HelloWorldWsPolicyService > > If I then call the webservice (using soapUI) I don't need to provide any > sort of security information, and yet the service responds. Even a bare > request like: > > POST http://192.168.2.232:8085/HelloWorldWsPolicyService HTTP/1.1 > Content-Type: text/xml;charset=UTF-8 > SOAPAction: "urn:getGreetings" > User-Agent: Jakarta Commons-HttpClient/3.1 > Host: 192.168.2.232:8085 > Content-Length: 277 > > <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:hel="http://helloworld";> > <soapenv:Header/> > <soapenv:Body> > <hel:getGreetings> > <hel:name>phil</hel:name> > </hel:getGreetings> > </soapenv:Body> > </soapenv:Envelope> > > Is accepted. > > The main application I need security for acts the same way, using tomcat > instead of jetty, and I've found the same result on Linux as on Windows, so > I'm sure it isn't system dependent. I've also tried 1.4 branch head and 1.x > branch with no success. > > I will gratefully try anything suggested, and can provide any logs etc. > Thanks in advance. > > Philip Housley > > Hi Philip Sorry that you didn't get a response when you posted before. Not sure what happened there. Let me run this up and see what happens for me. While I do that do you get the same effect if you use the "HelloWorldService" endpoint at http://CZC8191YB0:8085/HelloWorldService<http://czc8191yb0:8085/HelloWorldService> ? Regards Simon
