[Users] security header with petals-bc-soap component
bg_ghassen [via Petals Forums]
ml-node+s974793n4025177h61 at n3.nabble.com
Fri Jul 20 12:48:23 CEST 2012
I’m trying to consume a web service (hello world) via petals-bc-soap but I
have a problem.
This the configuration used:
1. Tomcat 6.0
2. Axis2 1.6.0
3. Rampart 1.6.0
4. Petals-esb v 3.1
5. Petals studio v 1.3.2
6. petals-bc-soap v 4.0.8
*In first step I deploy my web service “HelloWorld-1.0.0-SNAPSHOT.aar” under
axis2, and I can join it from
“http://localhost:8080/axis2/services/HelloServiceImplService?wsdl” address.
*Secondly I create 2 project service Unit,
"sa-SOAP-HelloServiceImplService-consume.zip"
"sa-SOAP-HelloServiceImplService-provider.zip", and I can join the web
service from “http://localhost:8084/petals/services/HelloServiceImplService”
address.
*Third step, I add add security configuration to the axis2.xml
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<user>user</user>
<passwordCallbackClass>org.ow.petals.sample.PWCBHandler</passwordCallbackClass>
</action>
</parameter>
And I add the security header to my soap input message
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:sam="http://sample.petals.ow.org/">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
soapenv:mustUnderstand="false">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>gtp</wsse:Username>
<wsse:Password
ype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">P7kNWIS0I8j/OllsTLRk+AVuD4s=</wsse:Password>
<wsse:Nonce>A9XZlJwMulQyGrZpOfNGDg==</wsse:Nonce>
<wsu:Created>2012-07-16T09:21:00.165Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sam:sayHello>
<arg0>éééé</arg0>
</sam:sayHello>
</soapenv:Body>
</soapenv:Envelope>
I also add the configuration security tm my jbi.xml in the petals-customer
like this:
<extensions:params>
<extensions:param name="modules">rampart</extensions:param>
<extensions:param name="service-parameters">
</extensions:param>
</extensions:params>
The problem is that when I call the web service from
“http://localhost:8084/petals/services/HelloServiceImplService” address I
got this error
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Must Understand check failed for header
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
: Security</faultstring>
<faultactor>http://petals.ow2.org/petals-bc-soap</faultactor>
<detail>
<stackTrace>org.ow2.petals.component.framework.api.exception.SOAP11FaultServerException:
Must Understand check failed for header
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
: Security
at
org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:664)
at
org.ow2.petals.component.framework.process.MessageExchangeProcessor.processAsProvider(MessageExchangeProcessor.java:372)
at
org.ow2.petals.component.framework.process.MessageExchangeProcessor.process(MessageExchangeProcessor.java:234)
at
org.ow2.petals.component.framework.process.MessageExchangeProcessor.run(MessageExchangeProcessor.java:177)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.jbi.messaging.MessagingException: Must Understand check
failed for header
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
: Security
at
org.ow2.petals.binding.soap.listener.outgoing.AbstractExternalServiceCaller.handleException(AbstractExternalServiceCaller.java:286)
at
org.ow2.petals.binding.soap.listener.outgoing.SOAPCaller.call(SOAPCaller.java:360)
at
org.ow2.petals.binding.soap.listener.outgoing.JBIListener.invokeCaller(JBIListener.java:132)
at
org.ow2.petals.binding.soap.listener.outgoing.JBIListener.onJBIMessage(JBIListener.java:156)
at
org.ow2.petals.component.framework.process.MessageExchangeProcessor.processInOutAsProvider(MessageExchangeProcessor.java:637)
... 6 more</stackTrace>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
With a second call I have this message
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:InvalidSecurity</faultcode>
<faultstring>Nonce value : A9XZlJwMulQyGrZpOfNGDg==, already seen
before for user name : gtp. Possibly this could be a replay
attack.</faultstring>
<detail/>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Have you any ideas for the reasons of the first error, and why I can’t join
the service with UserNameToken?
My configuration of jbi.xml is it OK?
Think you for help.
_______________________________________________
If you reply to this email, your message will be added to the discussion below:
http://forum.petalslink.com/security-header-with-petals-bc-soap-component-tp4025177.html
To start a new topic under Users (get help, provide help), email ml-node+s974793n2681628h42 at n3.nabble.com
To unsubscribe from Users (get help, provide help), visit http://forum.petalslink.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=2681628&code=dXNlcnNAZm9ydW0ucGV0YWxzbGluay5vcmd8MjY4MTYyOHwtOTE3MDU0NjU4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://forum-list.petalslink.org/pipermail/users/attachments/20120720/61c0f419/attachment.html>
More information about the Users
mailing list