The stack trace you posted says that the incoming message does not
contain a "Security" header when its expected to contain one. Please
re-check your client configuration if the exception was thrown at the
server side receiver handler.
I see a few approaches to your overall problem :
- Use UsernameToken over HTTPS.
- Encrypt the UsernameToken using WS-Security mechanisms (specify the
UsernameToken element in the encryptionParts)
IMHO either case can hide the password from a third party. In both
cases you can use a plain text password and can carryout your
authentication with the LDAP server in the callback handler you use at
the service.
On 10/12/06, Madraswala, Murtaza <[EMAIL PROTECTED]> wrote:
Hello,
I am fairly new to development using Axis and WSS4J. I am trying to build
a web service that accepts a UserID/Password combination and validates it
against an LDAP database. I have managed to execute the first example given
in the tutorial on the WSS4J site. I find that when I set the passwordType
to "PasswordDigest", a null value is returned when I extract the value in
the PWCallback class on the server side. If I use the "PasswordText" option
then the actual value is returned but the problem here is that the password
is also clearly visible in the SOAP message. I have tried quite a few times
to combine signature and encyption (as explained in the tutorials), having
generated my own keystore for the server and the client as well as the
certificates but to no avail. The latest error message I get at the client
when I try to run this is listed below:
C:\client>java samples.stock.client.StockServiceClient XXX
Calling service...
Exception in thread "main" AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSDoAllReceiver: Request does not contain required Security
header
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:WSDoAllReceiver:
Request does no
t contain required Security header
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.ja
va:175)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
at
org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at
org.apache.axis.client.Call.invoke(Call.java:2767)
at
org.apache.axis.client.Call.invoke(Call.java:2443)
at
org.apache.axis.client.Call.invoke(Call.java:2366)
at
org.apache.axis.client.Call.invoke(Call.java:1812)
at
samples.stock.client.StockWss01SoapBindingStub.getQuote(StockWss01Soa
pBindingStub.java:106)
at
samples.stock.client.StockServiceClient.main(StockServiceClient.java:
53)
{http://xml.apache.org/axis/}hostname:MMADRAW3
WSDoAllReceiver: Request does not contain required Security header
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.ja
va:175)
at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
y.java:32)
at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
at
org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at
org.apache.axis.client.Call.invoke(Call.java:2767)
at
org.apache.axis.client.Call.invoke(Call.java:2443)
at
org.apache.axis.client.Call.invoke(Call.java:2366)
at
org.apache.axis.client.Call.invoke(Call.java:1812)
at
samples.stock.client.StockWss01SoapBindingStub.getQuote(StockWss01Soa
pBindingStub.java:106)
at
samples.stock.client.StockServiceClient.main(StockServiceClient.java:
53)
If someone could suggest a technique to encypt the whole SOAP message
or atleast the password, then extract it on the server side so that it can
be used to perform a bind against an LDAP server, I would greatly appreciate
it.
Thanks,
Murtaza.
s
Murtaza Madraswala
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
