Thank you Paul. I wasn't aware that it was a WS-Security standard. Essentially I want the oas:Security node to go inside the header. I am now trying to do it with a policy document (which, btw, isn't working): am I going in the right direction?
\repository\conf\sample\resources\policy\ao_policy.xml <wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; oas:Id="ao_policy" > <oas:Security> <oas:UsernameToken> <oas:Username>myusername</oas:Username> <oas:Password>mypassword</oas:Password> </oas:UsernameToken> </oas:Security> </wsp:Policy> <definitions xmlns="http://ws.apache.org/ns/synapse"; xmlns:urn="urn:realops.com:amp:workflow"> <localEntry key="ao_policy" src="file:repository/conf/sample/resources/policy/ao_policy.xml"/> <sequence name="main" onError="fault"> <in> <header name="urn:grid-name" value="SMECGRID"/> <send> <endpoint name="stockquote"> <address uri="http://localhost:5002/baocdp/ws/workflow"/> <enableSec policy="ao_policy"/> </endpoint> </send> </in> </sequence> </definitions> Regards, Sabareeswar -----Original Message----- From: Paul Fremantle [mailto:[email protected]] Sent: Friday, October 23, 2009 1:35 PM To: [email protected] Subject: Re: Issues in using Custom Mediation Sabareeswar Hi. I don't understand why you are using the callout mediator. Also Synapse already supports adding security into outgoing flows using WS-Policy. Is this standard WS-Security Username token you are adding? Paul On Fri, Oct 23, 2009 at 8:28 AM, Sabareeswar P. B. <[email protected]> wrote: > Hi, > > We are using synapse between > 1) A web service client that was created from a wsdl that doesn't have > any authentication parameters. > 2) A web service provider that requires authentication. > > One of the requirements is to introduce a header element as per the > requirements of the service provider. > > I am using custom mediation in java to do this. The java class and the > synapse.xml are given below. > The problem is that the Header changes that I do in the custom class are not > appearing in the Header that goes to the web service provider. > In fact, the soap envelope to the web service provider doesn't have a > soapHeader field at all, though it appears properly when I try to log it > within the java class. > > Could you please provide any pointers to this? > > public class AddHeaders extends AbstractMediator { > public boolean mediate(MessageContext mc) { > try { > NamespaceImpl secns = new NamespaceImpl > > ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd","oas";); > > NamespaceImpl omns = new NamespaceImpl > > ("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd","oas";); > > OMFactory sfactory = new DOMSOAPFactory(); > ElementImpl security = new ElementImpl(new > DocumentImpl(sfactory), "Security", omns, sfactory); > ElementImpl usernameToken = new ElementImpl(security, > "UsernameToken", omns, sfactory); > ElementImpl username = new ElementImpl(usernameToken, > "Username", omns, sfactory); > username.setText("myusername"); > > ElementImpl password = new ElementImpl(usernameToken, > "Password", omns, sfactory); > password.setText("mypassword"); > > mc.getEnvelope().getHeader().addChild(security); > }catch(Exception e){ > System.out.println("exp: " + e); > } > System.out.println("Logging the Header" + > mc.getEnvelope().getHeader().toString()); > return true; > } > } > > > <definitions xmlns="http://ws.apache.org/ns/synapse";> > <class name="samples.mediators.AddHeaders"/> > <callout serviceURL="http://localhost:5002/baocdp/ws/workflow"; > action="execute-workflow"> > <source xmlns:s11="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:s12="http://www.w3.org/2003/05/soap-envelope"; > xpath="s11:Body/child::*[fn:position()=1] | > s12:Body/child::*[fn:position()=1]"/> > <target xmlns:s11="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:s12="http://www.w3.org/2003/05/soap-envelope"; > xpath="s11:Body/child::*[fn:position()=1] | > s12:Body/child::*[fn:position()=1]"/> > </callout> > <property name="RESPONSE" value="true"/> > </definitions> > > Regards, > Sabareeswar > > > **************** CAUTION - Disclaimer ***************** > This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely > for the use of the addressee(s). If you are not the intended recipient, please > notify the sender by e-mail and delete the original message. Further, you are > not > to copy, disclose, or distribute this e-mail or its contents to any other > person and > any such actions are unlawful. This e-mail may contain viruses. Infosys has > taken > every reasonable precaution to minimize this risk, but is not liable for any > damage > you may sustain as a result of any virus in this e-mail. You should carry out > your > own virus checks before opening the e-mail or attachment. Infosys reserves the > right to monitor and review the content of all messages sent to or from this > e-mail > address. Messages sent to or from this e-mail address may be stored on the > Infosys e-mail system. > ***INFOSYS******** End of Disclaimer ********INFOSYS*** > -- Paul Fremantle Co-Founder and CTO, WSO2 Apache Synapse PMC Chair OASIS WS-RX TC Co-chair blog: http://pzf.fremantle.org [email protected] "Oxygenating the Web Service Platform", www.wso2.com
