Since I've gotten WSS SOAP Message Security UsernameToken Profile 1.0 to work (at least on Linux), I decided to share with others the complete, fool-proof, list of steps describing what I did to get it to work, from scratch.   I hope the formatting in this email doesn't cause readability issues (I'm sure it will). 

This setup is sufficient for my needs because it allows me to:
(A) communicate with a Windows machine from any Java machine (e.g., Linux, FreeBSD, Mac OSX [untested], etc.),
(B) do so securely, over HTTPS, and
(C) supply credentials so that the service can be run as any user.  If anyone else finds themselves needing a similar setup, they might find this useful.

WCF Server Setup:

Create a WCF service with the following binding in Web.config:

    <bindings>
      <basicHttpBinding>
        <binding name="myBinding">
          <security mode="TransportWithMessageCredential">
            <transport clientCredentialType="Basic"/>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>

 

For example, a Web.config for a service named HelloWorldWcf might look like this:

<?xml version="1.0"?>
<configuration> 
  <system.web>     <compilation debug="true" targetFramework="4.0" />   </system.web>
  <system.webServer>     <modules runAllManagedModulesForAllRequests="true"/>   </system.webServer>
  <system.serviceModel>     <services>       <service name="Org.Tempuri.HelloWorldWcf" behaviorConfiguration="myBehavior">
        <endpoint name="IHelloWorldWcf"                   address="https://my.server.hostname/HelloWorldWcf/HelloWorldWcfService.svc"                   binding="basicHttpBinding"                   bindingConfiguration="myBinding"                   contract="Org.Tempuri.IHelloWorldWcf" />
        <endpoint address="mex"                   binding="mexHttpsBinding"                   contract="IMetadataExchange" />       </service>     </services>
    <behaviors>       <serviceBehaviors>         <behavior name="myBehavior">           <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>           <serviceDebug includeExceptionDetailInFaults="true"/>         </behavior>       </serviceBehaviors>     </behaviors>
    <bindings>       <basicHttpBinding>         <binding name="myBinding">           <security mode="TransportWithMessageCredential">             <transport clientCredentialType="Basic"/>           </security>         </binding>       </basicHttpBinding>     </bindings>  
  </system.serviceModel> </configuration>

 

And its service code might look like this:

using System.ServiceModel; 
namespace Org.Tempuri {     [ServiceContract]     public interface IHelloWorldWcf     {         [OperationContract]         string getHello();     }
    public class HelloWorldWcf : IHelloWorldWcf     {         [OperationBehavior(Impersonation = ImpersonationOption.Required)]         public string getHello()         {                 return "Hello!!!!!!!!!!!!!!!";         }     } }

Axis2 Client Setup:

Download  Axis2-1.6.0 (http://mirror.candidhosting.com/pub/apache/axis/axis2/java/core/1.6.0/axis2-1.6.0-bin.zip), unzip, and put directory in the $AXIS2_HOME environment variable.

cd

wget http://mirror.candidhosting.com/pub/apache/axis/axis2/java/core/1.6.0/axis2-1.6.0-bin.zip

unzip axis2-1.6.0-bin.zip

export AXIS2_HOME=~/axis2-1.6.0

 

Download Rampart-1.6.0 (http://newverhost.com/pub/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip), unzip, and put directory in the $RAMPART_HOME environment variable.

cd
wget http://newverhost.com/pub/axis/axis2/java/rampart/1.6.0/rampart-dist-1.6.0-bin.zip
unzip rampart-dist-1.6.0-bin.zip
export RAMPART_HOME=~/rampart-1.6.0


Copy Rampart modules into Axis2’s repository:
cp $RAMPART_HOME/modules/* $AXIS2_HOME/repository/modules/

 

Create a directory for the client:

cd

mkdir trywebserviceclient

 

Create the following “generate” script (replace URI with WSDL location):

#!/bin/sh

rm -fr build build.xml src

$AXIS2_HOME/bin/wsdl2java.sh -uri http://my.server.hostname/HelloWorldWcf/HelloWorldWcfService.svc?wsdl -uw -o .

 

Create the following “compile” script :

#!/bin/sh

cp TryWebServiceClient.java src/org/tempuri/

ant

 

Create the following “run” script (replace HelloWorldWcfService with name of service):

#!/bin/sh

java -Djavax.net.ssl.trustStore=trustcert.jks -cp build/lib/*:$AXIS2_HOME/lib/*:$RAMPART_HOME/lib/* org.tempuri.TryWebServiceClient


Create a trustStore, trustcert.jks,  for the server’s certificate (replace server.crt with service’s certificate):
keytool –import –trustcacerts –alias root –file server.crt –keystore trustcert.jks

 

Create “TryWebServiceClient.java“ (replace HelloWorldWcfService with name of service, and supply USERNAME and PASSWORD):

package org.tempuri;

import org.apache.axis2.context.ConfigurationContext;

import org.apache.axis2.context.ConfigurationContextFactory;

import org.apache.axis2.client.ServiceClient;

import org.apache.axis2.client.Options;

import org.apache.log4j.Logger;

import org.apache.log4j.Level;

public class TryWebServiceClient

{

    public static void main(String[] args) throws Exception

    {

        Logger.getRootLogger().setLevel(Level.OFF);

 

        /* Get repository context */

        ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(System.getenv("AXIS2_HOME") + "/repository",null);

 

        /* Get Service stub */

        HelloWorldWcfServiceStub stub = new HelloWorldWcfServiceStub(ctx);

        ServiceClient sc = stub._getServiceClient();

 

        /* Set options */

        Options options = sc.getOptions();

        options.setUserName("USERNAME");

        options.setPassword("PASSWORD");

 

        /* Engage addressing and rampart modules */

        sc.engageModule("rampart");

        sc.engageModule("addressing");

 

 

        /* Consume service */

        System.out.println(stub.getHello());

    }

}

 

Run the client with :

./generate && ./compile && ./run

 

That's it.  The client runs fine on Linux and FreeBSD. 


--
Jay Sullivan