axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alan macfarlane <alan.macfarl...@gmail.com>
Subject How do I specify just outgoing security in the policy.xml
Date Wed, 06 Jun 2012 14:31:39 GMT
I'm using Rampart to generate a request. I have a policy.xml that is used
to apply security.

I'm getting an exception on the response as Rampart is looking for the
security header, but one doesn't exist.

Can I still use my policy.xml and specify the fact that I don't need
inbound security in this, or do I need to do something else?

Policy:

 <wsp:Policy wsu:Id="SigOnly"
        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
        xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
    <wsp:All>
        <sp:AsymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <wsp:Policy>
                <sp:InitiatorToken>
                    <wsp:Policy>
                        <sp:X509Token

sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                            <wsp:Policy>
                                <sp:RequireThumbprintReference/>
                                <sp:WssX509V3Token10/>
                            </wsp:Policy>
                        </sp:X509Token>
                    </wsp:Policy>
                </sp:InitiatorToken>
                <sp:RecipientToken>
                    <wsp:Policy>
                        <sp:X509Token

sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                            <wsp:Policy>
                                 <sp:RequireThumbprintReference/>
                                <sp:WssX509V3Token10/>
                            </wsp:Policy>
                        </sp:X509Token>
                    </wsp:Policy>
                </sp:RecipientToken>
                <sp:AlgorithmSuite>
                    <wsp:Policy>
                        <sp:TripleDesRsa15/>
                    </wsp:Policy>
                </sp:AlgorithmSuite>
                <sp:Layout>
                    <wsp:Policy>
                        <sp:Strict/>
                    </wsp:Policy>
                </sp:Layout>
               <!--   <sp:IncludeTimestamp/> -->
                <sp:OnlySignEntireHeadersAndBody/>
            </wsp:Policy>
        </sp:AsymmetricBinding>
        <sp:Wss10
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <wsp:Policy>
                <sp:MustSupportRefKeyIdentifier/>
                <sp:MustSupportRefIssuerSerial/>
            </wsp:Policy>
        </sp:Wss10>
        <sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <sp:Body/>
        </sp:SignedParts>
        <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
            <ramp:user>ctr</ramp:user>
            <ramp:encryptionUser>ctr</ramp:encryptionUser>
            <ramp:passwordCallbackClass>com.gtnet.rampart.PWCBHandler
            </ramp:passwordCallbackClass>

            <ramp:signatureCrypto>
                <ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
                    <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
                    <ramp:property
name="org.apache.ws.security.crypto.merlin.file">build\resources\qw.jks</ramp:property>
                    <ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">123123</ramp:property>
                </ramp:crypto>
            </ramp:signatureCrypto>
        </ramp:RampartConfig>

    </wsp:All>
</wsp:ExactlyOne>

Mime
View raw message