I removed the service from the client wsdd and made my properties files and keystore locations relative to the wsdd and it now works. Client wsdd looks like this
<deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <!-- define the service, using the WSDoAllSender security handler in request flow --> <handler name="DoSecuritySender" type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="crypto.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference"/> <parameter name="user" value="55ce69717372baf27f2862857a9dd2db_50e417e0-e461-474b-96e2-077b80325612"/> <parameter name="passwordCallbackClass" value="com.origoservices.keystore.util.PasswordProvider" /> <parameter name="mustUnderstand" value="0" /> </handler> <globalConfiguration> <requestFlow> <handler type="DoSecuritySender"/> </requestFlow> </globalConfiguration> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> </deployment> Note the mustUnderstand set to "0" (false) which prevents the SOAP header containing mustUnderstand. Many thanks to Pietro Romanazzi for his help with this. George -----Original Message----- From: George Cowe [mailto:[EMAIL PROTECTED] Sent: 18 January 2007 16:43 To: [email protected] Subject: Axis 1.3 with WSS4J 1.5.1 Hi I'm new to WSS4J and have a problem with signing a SOAP message being sent to an Axis web service. It seems the handler is not running (not being invoked) at all - I know this because the logs have no entries from the WSS4J classes (there are plenty of log entries from the Axis classes though). My client-wsdd looks like this <deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <handler name="DoSecuritySender" type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="C:\eclipse\george\workspaces\axiswebservice\AxisSamplesJava\cev2-wsdd\crypto.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference"/> <parameter name="user" value="55ce69717372baf27f2862857a9dd2db_50e417e0-e461-474b-96e2-077b80325612"/> <parameter name="passwordCallbackClass" value="com.origoservice.keystore.PasswordProvider" /> </handler> <service name="CEBondSingleContractClient" style="message"> <requestFlow> <handler type="DoSecuritySender"/> </requestFlow> </service> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> </deployment> The web service is deployed on Tomcat and is being invoked successfully - its just that it is receiving an SOAP message which has not been signed. So the service is reached and runs but there is no verify signature handler defined there yet. The client code to invoke the web service looks like this System.setProperty("axis.ClientConfigFile","cev2-wsdd\\client_deploy.wsdd"); Service service = new Service(); Call call = (Call) service.createCall(); String endpoint = "http://localhost:8181/AxisSecureTestWeb/services/CEBondSingleContractSecureHandlerService";; call.setTargetEndpointAddress(new URL(endpoint)); String operation = "processDocument"; call.setOperation(new QName(endpoint, operation), operation); SOAPBodyElement body = new SOAPBodyElement(is); try { Vector result = (Vector) call.invoke(new Object[] { body }); SOAPBodyElement sbe = (SOAPBodyElement) result.get(0); System.out.println("========CLIENT RECEIVED XML========="); System.out.println(XMLUtils.DocumentToString(sbe.getAsDocument())); } catch (AxisFault axisFault) { System.out.println("========SOAP FAULT========="); System.out.println(axisFault.getFaultReason()); } The handler does not seem to run (I get no log entries and no exceptions). The passwordCallbackClass does not run either - it has log entries in it too. I'm not sure if it because of the way I have setup the wsdd or the maybe it's the contents of the crypto.properties file which looks like this. org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=pkcs12 org.apache.ws.security.crypto.merlin.keystore.password=george org.apache.ws.security.crypto.merlin.keystore.alias=55ce69717372baf27f2862857a9dd2db_50e417e0-e461-474b-96e2-077b80325612 org.apache.ws.security.crypto.merlin.alias.password=george org.apache.ws.security.crypto.merlin.file=c:\digitalSig\george-origo.pfx Does anyone know where I have made a mistake. Any help much appreciated. Thanks George --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
