xml - How to add MessageID in SOAP request using Axis2 and Rampart -


i trying build client application consume external server application using axis2 , rampat 1.6.

everything seems fine when checking soap request, since soap encrypted , signed expected. following policy.xml file used purpose:

<wsp:policy wsu:id="mypolicy"     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"     xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"     xmlns:wsam="http://schemas.xmlsoap.org/ws/2004/08/addressing"      xmlns:wst="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#samlassertionid"> <wsp:exactlyone>     <wsp:all>         <sp:signedsupportingtokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">             <wsp:policy>                 <sp:usernametoken sp:includetoken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/includetoken/alwaystorecipient" />             </wsp:policy>         </sp:signedsupportingtokens>         <sp:symmetricbinding>             <wsp:policy>                 <sp:protectiontoken>                     <wsp:policy>                         <sp:x509token sp:includetoken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/includetoken/never">                             <wsp:policy>                                 <sp:requireissuerserialreference/>                                 <sp:wssx509v3token10/>                             </wsp:policy>                         </sp:x509token>                     </wsp:policy>                 </sp:protectiontoken>                  <sp:algorithmsuite>                     <wsp:policy>                         <sp:basic128/>                     </wsp:policy>                 </sp:algorithmsuite>                 <sp:includetimestamp/>                 <sp:layout>                     <wsp:policy>                         <sp:strict/>                     </wsp:policy>                 </sp:layout>                 <sp:onlysignentireheadersandbody/>             </wsp:policy>         </sp:symmetricbinding>         <sp:encryptedparts>             <sp:body />         </sp:encryptedparts>         <sp:signedparts>             <sp:body/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="replyto"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="to"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="from"/>             <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="ackrequested"/>             <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="createsequence"/>             <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="sequence"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="messageid"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="faultto"/>             <sp:header namespace="http://docs.oasis-open.org/ws-rx/wsrm/200702" name="sequenceacknowledgement"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="action"/>             <sp:header namespace="http://www.w3.org/2005/08/addressing" name="relatesto"/>         </sp:signedparts>         <sp:wss11>             <wsp:policy>                 <sp:mustsupportrefencryptedkey/>                 <sp:mustsupportrefissuerserial/>                 <sp:mustsupportrefthumbprint/>             </wsp:policy>         </sp:wss11>         <ramp:rampartconfig xmlns:ramp="http://ws.apache.org/rampart/policy">             <ramp:usercertalias>mysignalias</ramp:usercertalias>             <ramp:encryptionuser>myencryptalias</ramp:encryptionuser>             <ramp:user>myuser</ramp:user>             <ramp:passwordcallbackclass>mypackage.passwordcallbackhandler</ramp:passwordcallbackclass>             <ramp:encryptioncypto>                 <ramp:crypto provider="org.apache.ws.security.components.crypto.merlin">                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">jks</ramp:property>                     <ramp:property name="org.apache.ws.security.crypto.merlin.file">[path goes here]/clienttruststore.jks</ramp:property>                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property>                 </ramp:crypto>             </ramp:encryptioncypto>              <ramp:signaturecrypto>                 <ramp:crypto provider="org.apache.ws.security.components.crypto.merlin">                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">jks</ramp:property>                     <ramp:property name="org.apache.ws.security.crypto.merlin.file">[path goes here]/clientkeystore.jks</ramp:property>                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property>                 </ramp:crypto>             </ramp:signaturecrypto>         </ramp:rampartconfig>      </wsp:all> </wsp:exactlyone> 

but getting following axis fault while calling external server application:

severe: org.apache.axis2.axisfault: com.sun.xml.wss.xwssecurityexception: policy verification error:missing target messageid signature @ org.apache.axis2.util.utils.getinboundfaultfrommessagecontext(utils.java:531) @ org.apache.axis2.description.outinaxisoperationclient.handleresponse(outinaxisoperation.java:375) @ org.apache.axis2.description.outinaxisoperationclient.send(outinaxisoperation.java:421) @ org.apache.axis2.description.outinaxisoperationclient.executeimpl(outinaxisoperation.java:229) @ org.apache.axis2.client.operationclient.execute(operationclient.java:165) 

the error self descriptive, soap request missing messageid tag in soap header. tired find out how add mentioned tag no luck; found out how add custom soap header in link adding authentication header client stub axis2

but want avoid since using passwordcallbackhandler add authentication proprieties.

is there way add messageid automatically within soap header ? further, there similar tags action , replyto ,to , , from how add them soap header ?

-- update:

from auto generated java files using axis2 tool - see apache axis2 user's guide - creating clients know how stub files has been generated - went api method in auto generated java class servicestub. there message contxet created send soap request follwoing:

 // create message context _messagecontext = new org.apache.axis2.context.messagecontext(); 

i used object _messagecontext set message id follow:

_messagecontext.setmessageid("test_123456"); 

further, ran application on debug mode , can see test_123456 has been added soap request messageid , server using same messageid in response. still getting wired error policy verification error:missing target messageid signature

it confusing me how server said missingmessageid although appearing in soap request , response coming server !

is has thing auto signature proccess ? so, messageid added in signedparts policy file else done on come issue ?


Comments

Popular posts from this blog

java - UnknownEntityTypeException: Unable to locate persister (Hibernate 5.0) -

python - ValueError: empty vocabulary; perhaps the documents only contain stop words -

ubuntu - collect2: fatal error: ld terminated with signal 9 [Killed] -