Hi all
I face the same issue of Invalid Security and have no clue about whats
causing the issue.
Can someone elaborate on how to add WSDL in the client ?
Following is my client code
____________________________
ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("client-repo",
null);
op = new Options();
String epr="https://localhost:8443/axis2/services/someService";;
//String
epr="https://localhost:8443/axis2/services/someService?wsdl";;
op.setTo(new EndpointReference(epr));
op.setUserName("apache");
op.setPassword("password");
System.setProperty("javax.net.ssl.trustStore", "mykeystore");
System.setProperty("javax.net.ssl.trustStorePassword",
"password");
sc = new ServiceClient(ctx,null);
String policyPath = "policy.xml";
op.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy(policyPath));
sc.engageModule("rampart");
sc.engageModule("rahas");
// sc.engageModule("addressing");
sc.setOptions(op);
result = sc.sendReceive(getPayload());
shradha.panigrahi wrote:
>
> Hi,
>
> I was trying out a sample using ws security to be used in our project.
>
> I dont want to encrypt the message, i just want it to be signed using
> the username token supported by ws security.
>
> I engaged the rampart module in my client side with the corresponding
> policy file.
>
> But when I invoke the service in synapse I get an invalid security
> exception. (Message never reaches the inSequence)--
>
> STACK TRACE--
>
> 2008-12-26 10:48:14,771 [10.207.70.56-EC4T16ES-169579]
> [HttpServerWorker-8] ERROR AxisEngine InvalidSecurity
> org.apache.axis2.AxisFault: InvalidSecurity
> at
> org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDi
> spatchVerificationHandler.java:148)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostReques
> t(HTTPTransportUtils.java:275)
> at
> org.apache.synapse.transport.nhttp.ServerWorker.processPost(ServerWorker
> .java:253)
> at
> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:19
> 4)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
> Source)
> at java.lang.Thread.run(Unknown Source)
> 2008-12-26 10:48:14,771 [10.207.70.56-EC4T16ES-169579]
> [HttpServerWorker-8] ERROR ServerWorker Error processing POST request
> org.apache.axis2.AxisFault: InvalidSecurity
> at
> org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDi
> spatchVerificationHandler.java:148)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostReques
> t(HTTPTransportUtils.java:275)
> at
> org.apache.synapse.transport.nhttp.ServerWorker.processPost(ServerWorker
> .java:253)
> at
> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:19
> 4)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
> Source)
> at java.lang.Thread.run(Unknown Source)
>
> synapse.xml---
> <localEntry key="server_policy"
> src="file:repository/conf/sample/resources/policy/Test_policy_3.xml/>
> <syn:proxy name="WSsecurityTest" trace="enable">
> <syn:target>
> <syn:endpoint>
> <syn:address uri="
> http://localhost:8080/ISV1/services/ISV1";>
> </syn:address>
> </syn:endpoint>
> <syn:inSequence>
> <syn:log level="full" separator=","/>
> <syn:header xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex
> t-1.0.xsd" name="wsse:Security" action="remove"/>
> </syn:inSequence>
> <syn:outSequence>
> <syn:send/>
> </syn:outSequence>
> </syn:target>
> <syn:policy key="server_policy"/>
> <syn:enableSec/>
> </syn:proxy>
>
>
>
> I have also attached the policy file I have used for synapse and the
> client side and the trace messages exchanged between synapse and the
> client.
>
> Can someone provide me inputs on how to avoid this? Am I missing out
> something?
> ---------------
>
> Regards,
>
> Shradha
>
>
>
> Please do not print this email unless it is absolutely necessary.
>
> The information contained in this electronic message and any attachments
> to this message are intended for the exclusive use of the addressee(s) and
> may contain proprietary, confidential or privileged information. If you
> are not the intended recipient, you should not disseminate, distribute or
> copy this e-mail. Please notify the sender immediately and destroy all
> copies of this message and any attachments.
>
> WARNING: Computer viruses can be transmitted via email. The recipient
> should check this email and any attachments for the presence of viruses.
> The company accepts no liability for any damage caused by any virus
> transmitted by this email.
>
> www.wipro.com
>
> TRACE MESSAGE (TCPMON)-----
>
> Message sent to synapse
> -------------------------------------------------------------------------------------------------
> <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:Header
> xmlns:wsa="http://www.w3.org/2005/08/addressing";>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> soapenv:mustUnderstand="1"><wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="Timestamp-9838079"><wsu:Created>2008-12-26T04:49:19.499Z</wsu:Created><wsu:Expires>2008-12-26T04:54:19.499Z</wsu:Expires></wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="UsernameToken-24446859"><wsse:Username>alice</wsse:Username><wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>password</wsse:Password></wsse:UsernameToken></wsse:Security><wsa:To>http://localhost:1236/soap/WSsecurityTest.WSsecurityTestHttpEndpoint</wsa:To><wsa:MessageID>urn:uuid:FF64B43B5CE6261E7D1230266958854</wsa:MessageID><wsa:Action>http://localhost:8080/ISV1/getISV</wsa:Action></soapenv:Header><soapenv:Body><ns1:getISV
> xmlns:ns1="http://localhost:8080/ISV1/";><in>Severus
> Snape</in></ns1:getISV></soapenv:Body></soapenv:Envelope>
>
>
> Message received from synapse
> ---------------------------------------------------------------------------------------------------
> <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";><soapenv:Header
> xmlns:wsa="http://www.w3.org/2005/08/addressing";><wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault</wsa:Action><wsa:RelatesTo>urn:uuid:FF64B43B5CE6261E7D1230266958854</wsa:RelatesTo></soapenv:Header><soapenv:Body><soapenv:Fault><faultcode>soapenv:Server</faultcode><faultstring>InvalidSecurity</faultstring><detail
> /></soapenv:Fault></soapenv:Body></soapenv:Envelope>
>
>
> <wsp:Policy wsu:Id="UTOverTransport"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:TransportToken>
> <wsp:Policy>
> <sp:HttpsToken
> RequireClientCertificate="false"/>
> </wsp:Policy>
> </sp:TransportToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Lax/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> </wsp:Policy>
> </sp:TransportBinding>
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:UsernameToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
> />
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> <ramp:RampartConfig
> xmlns:ramp="http://ws.apache.org/rampart/policy";>
> <ramp:user>alice</ramp:user>
>
> <ramp:passwordCallbackClass>com.wipro.sobay.saas.poc.client.PWCallback</ramp:passwordCallbackClass>
> </ramp:RampartConfig>
>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
--
View this message in context:
http://old.nabble.com/Problem-using-WS-Security-in-proxy-service%28Invalid-Security-Exception%29-tp21171981p27023022.html
Sent from the Synapse - User mailing list archive at Nabble.com.
