Author: ruchithf Date: Wed Jan 30 04:22:33 2013 New Revision: 1440274 URL: http://svn.apache.org/viewvc?rev=1440274&view=rev Log: - sample01 now runs with the axis2server as expected to demonstrate the use of a UsernameToken. - Added some more documentation into README.txt including some that I found in [1] to make things clearer to the user.
1. http://svn.apache.org/repos/asf/axis/axis2/java/rampart/branches/1_5/modules/rampart-samples/policy/sample01/README.txt Modified: axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml Modified: axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt?rev=1440274&r1=1440273&r2=1440274&view=diff ============================================================================== --- axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt (original) +++ axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/README.txt Wed Jan 30 04:22:33 2013 @@ -3,6 +3,16 @@ UsernameToken Authentication The policy uses a TransportBinding and requires a SignedSupportingToken which is a UsernameToken and the inclusion of a TimeStamp. -Note that Rampart does not enforce the use of HTTPS transport and that +Note that Rampart enforces the use of HTTPS transport and that {http://ws.apache.org/rampart/policy}RampartConfig assertion provides -additional information required to secure the message. \ No newline at end of file +additional information required to secure the message. + +The policy included in the services.xml file has the following comment : +<!--<sp:HttpsToken RequireClientCertificate="false"/> --> + +If you uncomment this and deploy the service you will see the following error message : +org.apache.axis2.AxisFault: Expected transport is "https" but incoming transport found : "http" + +You can find a complete tutorial on transport level +security here: +http://wso2.org/library/3190 \ No newline at end of file Modified: axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml URL: http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml?rev=1440274&r1=1440273&r2=1440274&view=diff ============================================================================== --- axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml (original) +++ axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample01/services.xml Wed Jan 30 04:22:33 2013 @@ -32,7 +32,8 @@ <wsp:Policy> <sp:TransportToken> <wsp:Policy> - <sp:HttpsToken RequireClientCertificate="false"/> + <!-- REMOVED TO MAKE THE SAMPLE RUN WITH THE axis2server--> + <!--<sp:HttpsToken RequireClientCertificate="false"/> --> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite>
