axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From SivaKumarl <sivakum...@naradaproducts.com>
Subject Re: Rampart alias in null
Date Sun, 20 Dec 2009 13:00:34 GMT

Hi Prabath,
               Now i defined a security policy for my service, can you
please provide the alternate policy for .NET client. kindly find the below
policy file for java

<wsp:Policy wsu:Id="SecConvPolicy2"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
	<wsp:ExactlyOne>
		<wsp:All>
			<sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
				<wsp:Policy>
					<sp:ProtectionToken>
						<wsp:Policy>
							<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
								<wsp:Policy>
									<sp:RequireDerivedKeys/>
									<sp:BootstrapPolicy>
										<wsp:Policy>
											<sp:EncryptedParts>
												<sp:Body/>
											</sp:EncryptedParts>
											<sp:SymmetricBinding>
												<wsp:Policy>
													<sp:ProtectionToken>
														<wsp:Policy>
															<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
																<wsp:Policy>
																	<sp:RequireDerivedKeys/>
																	<sp:RequireThumbprintReference/>
																	<sp:WssX509V3Token10/>
																</wsp:Policy>
															</sp:X509Token>
														</wsp:Policy>
													</sp:ProtectionToken>
													<sp:AlgorithmSuite>
														<wsp:Policy>
															<sp:Basic128Rsa15/>
														</wsp:Policy>
													</sp:AlgorithmSuite>
													<sp:Layout>
														<wsp:Policy>
															<sp:Strict/>
														</wsp:Policy>
													</sp:Layout>
													<sp:IncludeTimestamp/>
													<sp:EncryptSignature/>
													<sp:OnlySignEntireHeadersAndBody/>
												</wsp:Policy>
											</sp:SymmetricBinding>
											<sp:EndorsingSupportingTokens>
												<wsp:Policy>
													<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
														<wsp:Policy>
															<sp:RequireThumbprintReference/>
															<sp:WssX509V3Token10/>
														</wsp:Policy>
													</sp:X509Token>
												</wsp:Policy>
											</sp:EndorsingSupportingTokens>
											<sp:Wss11>
												<wsp:Policy>
													<sp:MustSupportRefKeyIdentifier/>
													<sp:MustSupportRefIssuerSerial/>
													<sp:MustSupportRefThumbprint/>
													<sp:MustSupportRefEncryptedKey/>
													<sp:RequireSignatureConfirmation/>
												</wsp:Policy>
											</sp:Wss11>
											<sp:Trust10>
												<wsp:Policy>
													<sp:MustSupportIssuedTokens/>
													<sp:RequireClientEntropy/>
													<sp:RequireServerEntropy/>
												</wsp:Policy>
											</sp:Trust10>
										</wsp:Policy>
									</sp:BootstrapPolicy>
								</wsp:Policy>
							</sp:SecureConversationToken>
						</wsp:Policy>
					</sp:ProtectionToken>
					<sp:AlgorithmSuite>
						<wsp:Policy>
							<sp:Basic128Rsa15/>
						</wsp:Policy>
					</sp:AlgorithmSuite>
					<sp:Layout>
						<wsp:Policy>
							<sp:Strict/>
						</wsp:Policy>
					</sp:Layout>
					<sp:IncludeTimestamp/>
					<sp:EncryptSignature/>
					<sp:OnlySignEntireHeadersAndBody/>
				</wsp:Policy>
			</sp:SymmetricBinding>
			<sp:Wss11
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
				<wsp:Policy>
					<sp:MustSupportRefKeyIdentifier/>
					<sp:MustSupportRefIssuerSerial/>
					<sp:MustSupportRefThumbprint/>
					<sp:MustSupportRefEncryptedKey/>
				</wsp:Policy>
			</sp:Wss11>
			<sp:Trust10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
				<wsp:Policy>
					<sp:MustSupportIssuedTokens/>
					<sp:RequireClientEntropy/>
					<sp:RequireServerEntropy/>
				</wsp:Policy>
			</sp:Trust10>
			<sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
				<sp:Body/>
			</sp:EncryptedParts>
			<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
				<ramp:user>client</ramp:user>
				<ramp:encryptionUser>service</ramp:encryptionUser>
			
<ramp:passwordCallbackClass>com.test.ws.PWCBHandler</ramp:passwordCallbackClass>
				
				<ramp:signatureCrypto>
					<ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
						<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
						<ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
						<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
					</ramp:crypto>
				</ramp:signatureCrypto>
				<ramp:encryptionCypto>
					<ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
						<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
						<ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
						<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
					</ramp:crypto>
				</ramp:encryptionCypto>
				
			</ramp:RampartConfig>
		</wsp:All>
	</wsp:ExactlyOne>
</wsp:Policy>
Thanks & Regards
--------
Siva



SivaKumarl wrote:
> 
> Hi Friends,
> 
>                I have developed webservices in java and enabled the
> security for this services. My client is in .NET ,when client connection i
> am getting the below error.
> 
> 
> Caused by: org.apache.ws.security.WSSecurityException: The signature or
> decryption was invalid; nested exception is:
>         java.lang.Exception: alias is null
> 
>           Friends kindly help me to solve this problem.
> 
> Thanks & Regards
> -----------
> Siva kumar.
> 
> 

-- 
View this message in context: http://old.nabble.com/Rampart-alias-in-null-tp26825462p26863236.html
Sent from the Axis - Dev mailing list archive at Nabble.com.


Mime
View raw message