As a follow-up, I was running it through tcpmon, which is why it had the strange address.
Yes, I am running the latest 1.2 build from the URL provided me last Thursday, I believe. Should I submit this is a bug? On Sat, Jun 7, 2008 at 8:11 PM, Ruwan Linton <[EMAIL PROTECTED]> wrote: > Hi Jeff, > > If you enable addressing to the outbound message then synapse should be > sending the ReplyTo header as appropriate. May be amazon is not accepting > anonymous ReplyTo headers, so assuming that you are using the 1.2 build > here > is the proposed solution to this; > > <definitions xmlns="http://ws.apache.org/ns/synapse";> > <localEntry key="sec_policy" > src="file:repository/conf/sample/resources/policy/amazon.xml"/> > > <in> > <send> > <endpoint name="secure"> > <address uri="http://localhost:8086";> > <enableSec policy="sec_policy"/> > <enableAddressing separateListener="true"/> > </address> > </endpoint> > </send> > </in> > <out> > <header name="wsse:Security" action="remove" xmlns:wsse=" > http://www.w3.org/2005/08/addressing"/> > <send/> > </out> > </definitions> > > The above configuration should work, but please note that you need to > change > the address uri of the endpoint in the above configuration from " > http://localhost:8086"; to "AMAZON_URL" > > If this is not working could you please attach the TCPMon out put of the > outbound message which is going to AMAZON (after changing important > information) and the message received from AMAZON. If you don't want to > post > it publicly you may send it to me (mailto:[EMAIL PROTECTED] <[EMAIL > PROTECTED]>) > > Thanks, > Ruwan > > On Sun, Jun 8, 2008 at 7:01 AM, Jeff Davis <[EMAIL PROTECTED]> wrote: > > > I did a little research, and I haven't seen anything in the standard that > > indicates WS-Security requires WS-Addressing. Unfortunately, it doesn't > > appear as though setting the header has any impact (further, if it did, > the > > ReplyTo has a child element for the Address, so not sure how that would > be > > added). Here's my configuration: > > > > <definitions xmlns="http://ws.apache.org/ns/synapse";> > > <localEntry key="sec_policy" > > src="file:repository/conf/sample/resources/policy/amazon.xml"/> > > > > <in> > > <header name="ReplyTo" action="set" value=""/> > > <send> > > <endpoint name="secure"> > > <address uri="http://localhost:8086";> > > <enableSec policy="sec_policy"/> > > <enableAddressing/> > > </address> > > </endpoint> > > </send> > > </in> > > <out> > > <send/> > > </out> > > </definitions> > > > > In lieu of the above header, I also tried: > > > > <header name="wsse:Security" action="remove" > > xmlns:wsse="http://www.w3.org/2005/08/addressing"/> > > > > (I also tried removing the <enableAddressing/> node for each test). > > > > To recap my issue, it seems as though Amazon AWS (at least for SimpleDB > > service) requires the ReplyTo WS-Addressing element, if WS-Addressing is > > used. I haven't found a way to remove WS-Addressing generated > automatically > > by Synapse when WS-Security is used, and I haven't figure out how to add > > ReplyTo (and it's child Address node) to the outbound message. > > > > Anyone have any work-arounds? Maybe I'll try chaining together some > things > > to see if I can devise something. > > > > Thanks, > > > > jeff > > > > > > On Sat, Jun 7, 2008 at 9:25 AM, Asankha C. Perera <[EMAIL PROTECTED]> > > wrote: > > > > > Hi Jeff > > > > > >> To be honest, I'm not entirely certain how to add it in the Header > > >> mediator, > > >> as you allude to. I did try various permutations of using the property > > and > > >> header nodes within the <in>, but nothing ever appeared. > > >> > > >> > > > I am sorry.. I had made a mistake in my reply earlier.. to set the > > ReplyTo > > > header to something, you will use "<header name="ReplyTo" value="..."/> > > > format.. If you are familiar with using TCPMon, you can place it > between > > > your service and Amazon and route the message through it to get a trace > > of > > > the messages. This will help you and us to solve any problems. > > > > > >> Obviously, Amazon's service is not entirely compliant with the > > WS-Security > > >> standards. Even in their section under WS-Security SOAP, they state > that > > >> "if > > >> you're using WS-Addressing, we recommend you also sign the Action and > To > > >> header elements" (I haven't figured out how to do that yet, but I'll > dig > > >> into that). > > >> > > >> > > > If you are ok to share your configuration/scenario with us or let us > try > > > some simple sample to reproduce the issue you are facing, one of the > > > developers would be able to tell you exactly whats wrong, and what you > > could > > > do to get past the problem > > > > > > asankha > > > > > > > > > -- > Ruwan Linton > http://www.wso2.org - "Oxygenating the Web Services Platform" >
