xml - How to add MessageID in SOAP request using Axis2 and Rampart -
i trying build client application consume external server application using axis2
, rampat 1.6
.
everything seems fine when checking soap request, since soap encrypted , signed expected. following policy.xml file used purpose:
<wsp:policy wsu:id="mypolicy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" xmlns:wsam="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wst="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#samlassertionid"> <wsp:exactlyone> <wsp:all> <sp:signedsupportingtokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:policy> <sp:usernametoken sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystorecipient" /> </wsp:policy> </sp:signedsupportingtokens> <sp:symmetricbinding> <wsp:policy> <sp:protectiontoken> <wsp:policy> <sp:x509token sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/never"> <wsp:policy> <sp:requireissuerserialreference/> <sp:wssx509v3token10/> </wsp:policy> </sp:x509token> </wsp:policy> </sp:protectiontoken> <sp:algorithmsuite> <wsp:policy> <sp:basic128/> </wsp:policy> </sp:algorithmsuite> <sp:includetimestamp/> <sp:layout> <wsp:policy> <sp:strict/> </wsp:policy> </sp:layout> <sp:onlysignentireheadersandbody/> </wsp:policy> </sp:symmetricbinding> <sp:encryptedparts> <sp:body /> </sp:encryptedparts> <sp:signedparts> <sp:body/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="replyto"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="to"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="from"/> <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="ackrequested"/> <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="createsequence"/> <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="sequence"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="messageid"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="faultto"/> <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="sequenceacknowledgement"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="action"/> <sp:header namespace="http://www.w3.org/2005/08/addressing" name="relatesto"/> </sp:signedparts> <sp:wss11> <wsp:policy> <sp:mustsupportrefencryptedkey/> <sp:mustsupportrefissuerserial/> <sp:mustsupportrefthumbprint/> </wsp:policy> </sp:wss11> <ramp:rampartconfig xmlns:ramp="http://ws.apache.org/rampart/policy"> <ramp:usercertalias>mysignalias</ramp:usercertalias> <ramp:encryptionuser>myencryptalias</ramp:encryptionuser> <ramp:user>myuser</ramp:user> <ramp:passwordcallbackclass>mypackage.passwordcallbackhandler</ramp:passwordcallbackclass> <ramp:encryptioncypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">jks</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file">[path goes here]/clienttruststore.jks</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property> </ramp:crypto> </ramp:encryptioncypto> <ramp:signaturecrypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">jks</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file">[path goes here]/clientkeystore.jks</ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property> </ramp:crypto> </ramp:signaturecrypto> </ramp:rampartconfig> </wsp:all> </wsp:exactlyone>
but getting following axis fault while calling external server application:
severe: org.apache.axis2.axisfault: com.sun.xml.wss.xwssecurityexception: policy verification error:missing target messageid signature @ org.apache.axis2.util.utils.getinboundfaultfrommessagecontext(utils.java:531) @ org.apache.axis2.description.outinaxisoperationclient.handleresponse(outinaxisoperation.java:375) @ org.apache.axis2.description.outinaxisoperationclient.send(outinaxisoperation.java:421) @ org.apache.axis2.description.outinaxisoperationclient.executeimpl(outinaxisoperation.java:229) @ org.apache.axis2.client.operationclient.execute(operationclient.java:165)
the error self descriptive, soap request missing messageid
tag in soap header. tired find out how add mentioned tag no luck; found out how add custom soap header in link adding authentication header client stub axis2
but want avoid since using passwordcallbackhandler
add authentication proprieties.
is there way add messageid
automatically within soap header ? further, there similar tags action
, replyto
,to
, , from
how add them soap header ?
-- update:
from auto generated java files using axis2
tool - see apache axis2 user's guide - creating clients know how stub files has been generated - went api method in auto generated java class servicestub
. there message contxet created send soap request follwoing:
// create message context _messagecontext = new org.apache.axis2.context.messagecontext();
i used object _messagecontext
set message id follow:
_messagecontext.setmessageid("test_123456");
further, ran application on debug mode , can see test_123456
has been added soap request messageid
, server using same messageid
in response. still getting wired error policy verification error:missing target messageid signature
it confusing me how server said missingmessageid
although appearing in soap request , response coming server !
is has thing auto signature proccess ? so, messageid
added in signedparts
policy file else done on come issue ?
Comments
Post a Comment