How to generate client for WSDL which has Symmetric Binding policy using axis2 and Apache Rampart?I am able to generate client using axis2 and eclipse, after that how can i add Apache Rampart configuration(Symmetric binding) for generated Client? Please help me.
You can start with this tutorial. After that, I recommend looking at the Rampart samples provided in the bundle, a symmetric scenario is included there, runnable example.
Related
We are implementing WS-Security Policy on our web services with the following framework/module/specification.
Apache Axis2 1.6.2
Apache Rampart 1.6.2
WS-Security Policy 1.2(namespace:http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702)
We are facing the following issues while creating/consuming the service.
Axis2 wsdl generation logic ignores <sp:NoPassword/> assertion. After debugging,I realized that it is because of the logic in org.apache.ws.secpolicy.model.UsernameToken (rampart-policy-1.6.2.jar) that expects
<sp:WssUsernameToken11 /> ( or <sp:WssUsernameToken10 />) to be specified - again when I specify that, the <sp:NoPassword/> is created as child element of <sp:WssUsernameToken11 /> which was causing <sp:NoPassword/> to get ignored on the client (consumer) side.
In the implementation of org.apache.rampart.PolicyBasedResultsValidator/handleSupportingTokens method - NoPassword scenario is not considerd ; hence it always fails saying "org.apache.axis2.AxisFault: UsernameToken missing in request".
On the consumer side, for WS Security policy 1.2 to work, we had to remove rahas-1.6.2.mar from client side rampart repository;there is a JIRA ticket too - https://issues.apache.org/jira/browse/RAMPART-371
Please suggest if I missed something here.
I have a JAX-WS endpoint which uses WS-Security, specifically the WebLogic pre-written Wssp1.2-2007-Wss1.1-UsernameToken-Plain-X509-Basic256.xml policy. I have a working command-line client where I build all the client credential providers and trust managers. Everything works great.
Now I also need to have another EE module deployed separately to the same server. According to http://docs.oracle.com/cd/E12839_01/web.1111/e13713/message.htm#i251852 I'm supposed to code the EE client as-if there was no security related WS-Policy at all but it doesn't work. Either I'm completely failing on setting up the credential mapping (which wouldn't surprise me because the documentation is lacking) or what I think seems to be more likely, the credential mapping isn't actually happening because I'm talking to localhost.
How do you create an JAX-WS EE client that uses a WS-Security enabled service on localhost? (I'd also like to see an remote host example too)
I'm developing a web service and I am working with Axis2 + Rampart on the server. Is it necessary to have Rampart on both ends of the web service? Or is it possible to have a client which implements WS-Security with something other than Rampart?
The examples of Rampart which I've found seem to assume Rampart on both ends. I can't tell if that's just convenient, or if it's necessary. I don't have any control over the client.
No. It is not necessary to use Rampart on the client. Rampart is basically processing the security headers in the SOAP message according to the WS-Security* Specifications. So if the client can send valid SOAP messages containing standard security headers adhering to the WS-Security* Specifications, rampart will successfully process the request and validate security.
i have a wcf rest service hosted on iis which is ssl enabled. i have both a console application and a browser as client. Is it possible to implement ssl on the console app? is possible, any idea or links to related resources will be greatly helpful.
If you want to use mutual SSL with a REST service from your console application, you can use the WebChannelFactory class.
http://msdn.microsoft.com/en-us/library/bb908674.aspx
The client certificate is set using the WebChannelFactory.Credentials property. The advantage of this approach is that you can set the certificate in connnnfiguration so you can change it later without recompiling.
Alternatively, you can use the HttpWebRequest class and its ClientCertificates property.
I'm trying to add SAML assertions to a SOAP web service that is built on the axis2 engine. I'm having a little trouble wrapping my head around how the two would interact. Could someone help point me in the right direction to add a SAML assertion to a response message from Axis2?
Thanks,
Tom
You'll need to include the rampart module as an extra module. The relevent section for configuring SAML support appears to be here
If you want more platform support then I'd recommend deploying your web service onto the Web services application server produced by the authors of Axis2. It has GUI driven screens that assist in configuring the Rampart module.