Axis2 with Rampart: Undefined 'Security policy

2019-08-24 06:10发布

I am creating a web service following the example of "Developing Web Services with Apache Axis2" I am using axis 1.6.2 with rampart 1.6.2 When I execute the client I get the next exception:

Exception in thread "main" java.lang.RuntimeException: Undefined 'Security policy namespace cannot be null.' resource property
at org.apache.rampart.RampartException.getMessage(RampartException.java:81)
at org.apache.rampart.RampartException.<init>(RampartException.java:41)
at org.apache.rampart.RampartException.<init>(RampartException.java:57)
at org.apache.rampart.RampartMessageData.setWSSecurityVersions(RampartMessageData.java:387)
at org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:261)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at com.ttdev.secure.client.SecureServiceStub.concat(SecureServiceStub.java:188)
at com.ttdev.secure.client.SecureClient.main(SecureClient.java:51)

This is my WSDL File:

<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions name="SecureService" targetNamespace="http://ttdev.com/ss"         xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"         xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"         xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://ttdev.com/ss"     xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsdl:types>
    <xsd:schema targetNamespace="http://ttdev.com/ss" xmlns:xsd="http://www.w3.org    /2001/XMLSchema">
            <xsd:element name="concat">
                <xsd:complexType>
                <xsd:sequence>
                    <xsd:element name="s1" type="xsd:string"/>
                    <xsd:element name="s2" type="xsd:string"/>
                </xsd:sequence>
            </xsd:complexType>
        </xsd:element>
        <xsd:element name="concatResponse">
            <xsd:complexType>
                <xsd:sequence>
                    <xsd:element name="r" type="xsd:string"/>
                </xsd:sequence>
            </xsd:complexType>
        </xsd:element>
    </xsd:schema>
  </wsdl:types>
  <wsdl:message name="concatResponse">
    <wsdl:part name="parameters" element="tns:concatResponse">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="concatRequest">
    <wsdl:part name="parameters" element="tns:concat">
    </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="SecureService">
    <wsdl:operation name="concat">
      <wsdl:input message="tns:concatRequest">
    </wsdl:input>
      <wsdl:output message="tns:concatResponse">
    </wsdl:output>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="SecureServiceSOAP" type="tns:SecureService">
    <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
    <wsdl:operation name="concat">
    <wsp:PolicyReference URI="#p1" wsdl:required="true"/>
      <soap:operation soapAction="http://ttdev.com/ss/NewOperation"/>
      <wsdl:input>
        <soap:body use="literal"/>
      </wsdl:input>
      <wsdl:output>
        <soap:body use="literal"/>
      </wsdl:output>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="SecureService">
    <wsdl:port name="SecureServiceSOAP" binding="tns:SecureServiceSOAP">
      <soap:address location="http://localhost:8081/axis2/services/SecureService"/>
    </wsdl:port>
  </wsdl:service>
    <wsp:Policy wsu:Id="p1" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-            wss-wssecurity-utility-1.0.xsd">
        <sp:AsymmetricBinding>
            <wsp:Policy>

                <sp:InitiatorToken>
                    <wsp:Policy>
                        <sp:X509Token     sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken    /AlwaysToRecipient">
                            <wsp:Policy>
                                <sp:WssX509V3Token10/>
                            </wsp:Policy>
                        </sp:X509Token>
                    </wsp:Policy>
                </sp:InitiatorToken>
                <sp:RecipientToken>
                    <wsp:Policy>
                        <sp:X509Token         sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                            <wsp:Policy>
                                <sp:WssX509V3Token10/>
                            </wsp:Policy>
                        </sp:X509Token>
                    </wsp:Policy>
                </sp:RecipientToken>
                <sp:AlgorithmSuite>
                    <wsp:Policy>
                        <sp:TripleDesRsa15/>
                    </wsp:Policy>
                </sp:AlgorithmSuite>
            </wsp:Policy>
        </sp:AsymmetricBinding>
        <sp:Wss10>
            <wsp:Policy>
                <sp:MustSupportRefEmbeddedToken/>
                <sp:MustSupportRefIssuerSerial/>
            </wsp:Policy>
        </sp:Wss10>
        <sp:SignedParts>
            <sp:Body/>
        </sp:SignedParts>

    </wsp:Policy>
</wsdl:definitions>

This is my policy file:

<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" 
xmlns="http://ws.apache.org/rampart/policy">
    <RampartConfig>
        <user>c1</user>
        <passwordCallbackClass>
com.ttdev.secure.client.PasswordCallbackHandler
</passwordCallbackClass>
        <signatureCrypto>
            <crypto 
provider="org.apache.ws.security.components.crypto.Merlin">
                <property 
name="org.apache.ws.security.crypto.merlin.keystore.type">
JKS
</property>
                <property 
name="org.apache.ws.security.crypto.merlin.file">
E:\\Temp\\OK_Axis2Development\\keys\\client.ks
</property>
                <property 
name="org.apache.ws.security.crypto.merlin.keystore.password">
client-ks-pass
</property>
            </crypto>
        </signatureCrypto>
    </RampartConfig>
</wsp:Policy>

This is my first post here, I hope that the information be enough.

According to the book, in this point, if I execute the client, I should get an error because there is more configuration to complete the example, but at least I should see the soap xml sent to the server with the tcp monitor.

I cannot find answers, in this site there are others threads with the same question but they don't have responses.

Finally, this was is the client code, I don't know exactly why, but I suppose that is a problem with the versions.

package com.ttdev.secure.client;

import java.io.FileNotFoundException;
import java.rmi.RemoteException;
import java.util.List;

import javax.xml.stream.XMLStreamException;

import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.description.PolicyInclude;
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rampart.RampartMessageData;

public class SecureClient {

    public static void main(String[] args) {

        try {

            ConfigurationContext ctx = ConfigurationContextFactory
                    .createConfigurationContextFromFileSystem(
                            "repository\\modules\\rampart-1.6.2.mar",
                            null);

            SecureServiceStub stub = new SecureServiceStub(ctx,"http://localhost:9000/axis2/services/SecureService");

            stub._getServiceClient().engageModule("rampart");

            StAXOMBuilder builder = new StAXOMBuilder("rampart-config.xml");
            OMElement configElement = builder.getDocumentElement();
            Policy rampartConfig = PolicyEngine.getPolicy(configElement);


            //stub._getServiceClient().getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY, rampartConfig); <= NO LONGER USED

            stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, rampartConfig);
            //stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.SERVICE_POLICY, rampartConfig);   <= IT IS USED IN THE BOOK
            //stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(rampartConfig); <= IT IS ANOTHER WAY TO ADD POLICIES IN THIS VERSION, TRY IT

//           List it = (List)rampartConfig.getAlternatives().next();
//            for (int i=0; i<it.size(); i++) {
//              Assertion assertion = (Assertion)it.get(i);
//              System.out.format("i: %s  |  type: %s  |  name: %s  |  namespace uri: %s", i, assertion.getClass().getName(), assertion.getName(), assertion.getName().getNamespaceURI());
//            }
//           System.out.println("\n");
//          
            //stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.SERVICE_POLICY,rampartConfig);
            //stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(rampartConfig);

            String result = stub.concat("xyz", "111");

            System.out.println(result);

        } catch (AxisFault e) {
            e.printStackTrace();
        } catch (RemoteException e) {
            e.printStackTrace();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (XMLStreamException e) {
            e.printStackTrace();
        }
    }
}

Regards

2条回答
手持菜刀,她持情操
2楼-- · 2019-08-24 06:46

I had a mistake on client side:

I changed this line:

stub._getServiceClient().getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY, rampartConfig); 

by this one: stub._getServiceClient().getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, rampartConfig);

The example is not complete but I needed to solve this problem first.

查看更多
够拽才男人
3楼-- · 2019-08-24 06:46

In my case, I used the soap UI to create a ws-client to consume a secured web service. I used the WSDL given by my provider. When my classes (and my jar) are generated, everything execute, but when it reached the code that attached policy, the exception is raised.

The last thing that I checked is the wsdl, because my provider is very careful with this... but for my surprise, the left out the policy section... and that's why the exception is raised.

So, I strongly recommend to check that the wsdl contains the policy section.

regards.

查看更多
登录 后发表回答