Hi Nandana,
>.... you can apply policies in the WSDL. AFAIK, when the service being
>deployed, Axis2 should pick the policy from the WSDL. So only the services you
>need to >secure has security policies.
yes, the generated WSDL has than the policy but it still does not work. The
service throws out
[ERROR] Must Understand check failed for headers:
as I mentioned earlier on my other email to you (see below).
So I copied it into the axis2.xml and it resolved the error.
It looks like we are so close but yet so far away from a solution:-)
cheers
Tezcan
[ERROR] Must Understand check failed for headers:
{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd%7DSecurity>
org.apache.axis2.AxisFault: Must Understand check failed for headers:
{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd%7DSecurity>
at
org.apache.axis2.jaxws.handler.HandlerUtils.checkMustUnderstand(HandlerUtils.java:157)
at
org.apache.axis2.jaxws.server.EndpointController.handleRequest(EndpointController.java:256)
at
org.apache.axis2.jaxws.server.EndpointController.invoke(EndpointController.java:97)
at
org.apache.axis2.jaxws.server.JAXWSMessageReceiver.receive(JAXWSMessageReceiver.java:171)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:176)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:131)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
-----Ursprüngliche Nachricht-----
Von: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 9. Mai 2008 06:24
An: [email protected]
Betreff: Re: can I use use rampart with JAX-WS style webservice
Hi Alex,
Declaring the rampart in axis2.xml global config (and putting
the rampart.mar in WEB-INF/modules, of course) would engage it globally for all
services. If you only have one service running, this might be what you need. I
haven't found a way to engage a module ona per-service basis, though.
I didn't get the time to try this out, but I think it is worth giving a
try. As you have said, engage rampart globally. But you can apply policies in
the WSDL. AFAIK, when the service being deployed, Axis2 should pick the policy
from the WSDL. So only the services you need to secure has security policies.
Even though every service is engaged Rampart, only the ones having security
policies will be effectively secured. This is because, with in the Rampart
module, we check for the presence of security policies before actually securing
the messages.
thanks,
nandana
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: May 8, 2008 7:43 AM
To: [email protected]
Subject: AW: can I use use rampart with JAX-WS style webservice
Hi
thanks for your answer.
Unfortunately it does not seem to do the trick.
I am getting the following error.
[ERROR]
com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 32 counts of
IllegalAnnotationExceptions
org.apache.axiom.attachments.lifecycle.LifecycleManager is an interface, and
JAXB can't handle interfaces.
I am beginning to think that it is not possible to engage
Rampart with annotations.
cheers
Tezcan
-----Ursprüngliche Nachricht-----
Von: Ruchith Fernando [mailto:[EMAIL PROTECTED]
Gesendet: Dienstag, 6. Mai 2008 09:57
An: [email protected]
Betreff: Re: can I use use rampart with JAX-WS style webservice
I haven't tried this but I think the following solution will
work:
- first implement lifecycle management on the service [1]
- now in the "init" method you can get hold of the AxisService
instance and then you can engage the rampart module on it.
- Finally you can load the policy from a file as an
org.apache.neethi.Policy object and add that to the AxisService instance as
well.
Now you have a WS-Sec enabled service :-)
HTH
Thanks,
Ruchith
p.s. You can also try WSO2 WSAS [2] and try the WS-Sec support
available as well!
1.
http://ws.apache.org/axis2/1_3/api/org/apache/axis2/service/Lifecycle.html
2. http://wso2.org/downloads/wsas
On Wed, Apr 30, 2008 at 8:39 PM, <[EMAIL PROTECTED]> wrote:
>
>
>
> Hi
>
> I have a web service developed using jax-ws style
annotations. So it
> does not require a services.xml, It is deployed to axis2 as
jar file
> under WEB-INF\servicejars directory.
>
> Now if I want to secure this service using rampart how do I
link the
> policy.xml?
>
> Where do I add the stuff such as <module ref="rampart"> that
one
> usually adds into services.xml ?
>
>
> cheers
> Tezcan
--
http://blog.ruchith.org
http://wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
********************
NOTICE OF CONFIDENTIALITY
This communication including any information transmitted with
it is
intended only for the use of the addressees and is confidential.
If you are not an intended recipient or responsible for
delivering
the message to an intended recipient, any review, disclosure,
conversion to hard copy, dissemination, reproduction or other
use
of any part of this communication is strictly prohibited, as is
the
taking or omitting of any action in reliance upon this
communication.
If you receive this communication in error or without
authorization
please notify us immediately by return e-mail or otherwise and
permanently delete the entire communication from any computer,
disk drive, or other storage medium.
If the above disclaimer is not properly readable, it can be
found at
www.td.com/legal
AVERTISSEMENT DE CONFIDENTIALITE
Ce courriel, ainsi que tout renseignement ci-inclus, destiné
uniquement
aux destinataires susmentionnés, est confidentiel. Si vous
n'êtes pas le destinataire prévu ou un agent responsable de la
livraison de ce courriel, tout examen, divulgation, copie,
impression,
reproduction, distribution, ou autre utilisation d'une partie
de ce
courriel est strictement interdit de même que toute
intervention ou
abstraction à cet égard. Si vous avez reçu ce message par
erreur ou
sans autorisation, veuillez en aviser immédiatement
l'expéditeur par
retour de courriel ou par un autre moyen et supprimer
immédiatement
cette communication entière de tout système électronique.
Si l'avis de non-responsabilité ci-dessus n'est pas lisible,
vous
pouvez le consulter à www.td.com/francais/legale
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
