Memory leak in Apache Axis2 1.6.2 AxisConfiguration

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

Memory leak in Apache Axis2 1.6.2 AxisConfiguration

Yashwanth Rajaram -X (yrajaram - ZENSAR TECHNOLOGIES INC at Cisco)

Hi All:

 

We are deploying our application which is an Axis2 1.6.2 module on WebSphere 6.1. We are not using the embedded Axis available in WebSphere.

 

We are seeing memory leak from AxisConfiguration.

 

So want to reach out to you all and ask if you might have found a way to fix this. Would appreciate any pointers/suggestions.

Thanks much!

 

 

Sincerely, Yashwanth

 

Reply | Threaded
Open this post in threaded view
|

RE: Memory leak in Apache Axis2 1.6.2 AxisConfiguration

Martin Gainty

please post wsdl, web.xml and axis2.xml
also please post any pom.xml or build.xml you use to build web service

eventually we would also need to see Axis*Service*.java
thanks,
Martin
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]; [hidden email]
Subject: Memory leak in Apache Axis2 1.6.2 AxisConfiguration
Date: Sat, 28 Feb 2015 00:49:14 +0000

Hi All:

 

We are deploying our application which is an Axis2 1.6.2 module on WebSphere 6.1. We are not using the embedded Axis available in WebSphere.

 

We are seeing memory leak from AxisConfiguration.

 

So want to reach out to you all and ask if you might have found a way to fix this. Would appreciate any pointers/suggestions.

Thanks much!

 

 

Sincerely, Yashwanth

 

Reply | Threaded
Open this post in threaded view
|

Re: Memory leak in Apache Axis2 1.6.2 AxisConfiguration

Shameera Rathnayaka
​Hi, 

More details about the way you got this heapdump more helpful to narrow down the issue.
When you get the heapdump? What are the steps you followed to reproduce this memory leak? ​

Thanks, 
Shameera.

On Fri, Feb 27, 2015 at 8:19 PM, Martin Gainty <[hidden email]> wrote:

please post wsdl, web.xml and axis2.xml
also please post any pom.xml or build.xml you use to build web service

eventually we would also need to see Axis*Service*.java
thanks,
Martin
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]; [hidden email]
Subject: Memory leak in Apache Axis2 1.6.2 AxisConfiguration
Date: Sat, 28 Feb 2015 00:49:14 +0000


Hi All:

 

We are deploying our application which is an Axis2 1.6.2 module on WebSphere 6.1. We are not using the embedded Axis available in WebSphere.

 

We are seeing memory leak from AxisConfiguration.

 

So want to reach out to you all and ask if you might have found a way to fix this. Would appreciate any pointers/suggestions.

Thanks much!

 

 

Sincerely, Yashwanth

 




--
Best Regards,
Shameera Rathnayaka.

email: shameera AT apache.org , shameerainfo AT gmail.com
Blog : http://shameerarathnayaka.blogspot.com/
Reply | Threaded
Open this post in threaded view
|

Re: Memory leak in Apache Axis2 1.6.2 AxisConfiguration

Shameera Rathnayaka

When you get the heapdump?
​I mean, you get this after submitting huge amount of requests or just after the server startup or etc... ?​

 
What are the steps you followed to reproduce this memory leak? ​

Thanks, 
Shameera.

On Fri, Feb 27, 2015 at 8:19 PM, Martin Gainty <[hidden email]> wrote:

please post wsdl, web.xml and axis2.xml
also please post any pom.xml or build.xml you use to build web service

eventually we would also need to see Axis*Service*.java
thanks,
Martin
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]; [hidden email]
Subject: Memory leak in Apache Axis2 1.6.2 AxisConfiguration
Date: Sat, 28 Feb 2015 00:49:14 +0000


Hi All:

 

We are deploying our application which is an Axis2 1.6.2 module on WebSphere 6.1. We are not using the embedded Axis available in WebSphere.

 

We are seeing memory leak from AxisConfiguration.

 

So want to reach out to you all and ask if you might have found a way to fix this. Would appreciate any pointers/suggestions.

Thanks much!

 

 

Sincerely, Yashwanth

 




--
Best Regards,
Shameera Rathnayaka.

email: shameera AT apache.org , shameerainfo AT gmail.com
Blog : http://shameerarathnayaka.blogspot.com/



--
Best Regards,
Shameera Rathnayaka.

email: shameera AT apache.org , shameerainfo AT gmail.com
Blog : http://shameerarathnayaka.blogspot.com/
Reply | Threaded
Open this post in threaded view
|

Log xml request file

Oscar Rugama
Hi,

   Please could anyone show me how to log the soap message I mea the xml file of an Axis2 request?

   Let me explain.

    I have developed a stand alone app which call two web services.

    I performed one client with ADB
    I performed the other client with XML beans

  I´m getting an error in my clients and I was wondering to know exactly which soap message I´m sending in order to try it in SOAP ui and knows if it works.

  In the past I now I did it several time ago that´s why I asked about it.

 I have been looking on Gloogle with no successful after trying serveral solutions I found on Internet.

  The problem also is that because I´m getting an error I can´t use anything at all related to Axis LastContext.

 Thanks in advance
Kind regards,
Oscar
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Martin Gainty

Oscar

install a copy of SOAPUI from:
http://www.soapui.org/downloads/download-soapui-pro-trial.html

...for each service request..

open SOAPUI
put SOAP request into input request buffer
press/click "send request"

report back what you see

Saludos Cordiales,
Martín
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]
CC: [hidden email]
Subject: Log xml request file
Date: Fri, 6 Mar 2015 13:07:17 +0100

Hi,

   Please could anyone show me how to log the soap message I mea the xml file of an Axis2 request?

   Let me explain.

    I have developed a stand alone app which call two web services.

    I performed one client with ADB
    I performed the other client with XML beans

  I´m getting an error in my clients and I was wondering to know exactly which soap message I´m sending in order to try it in SOAP ui and knows if it works.

  In the past I now I did it several time ago that´s why I asked about it.

 I have been looking on Gloogle with no successful after trying serveral solutions I found on Internet.

  The problem also is that because I´m getting an error I can´t use anything at all related to Axis LastContext.

 Thanks in advance
Kind regards,
Oscar
Reply | Threaded
Open this post in threaded view
|

Re: Log xml request file

Oscar Rugama
I guess I explained very bad my problem so sorry for it, I will try to make it easier to explain.

 If I have developed a web service client with adb or xmlbeans generated automatically from axis2 using the wsdl document, how can I see the complete xml file I mean the soap message which is xml

  I know exactly which is the correct xml to be sent because as Martin said using the soap ui you can know the xml request and you can see the structure, but the problem I have is that I have to add within the soap header a security token.

     The process is that I call one web service and retrieve a security token from it
    Then I call another web service using the security token provided by the first web service.

    What I did was to create manually the xml structure of the security token and after I added it to the soap header.

  So because I have changed the soap header I want to know how exactly the soap envelope will go I mean the soap request which is a xml file just to compare with the structure I know that should be sent.

For me it is ok if something like system.out.printl(request) and appears in the log the all soap request xml file

Does it make sense now?

Thanks your support is her appreciated.

Un saludo,
Oscar

On 6/3/2015, at 14:42, Martin Gainty <[hidden email]> wrote:


Oscar

install a copy of SOAPUI from:
http://www.soapui.org/downloads/download-soapui-pro-trial.html

...for each service request..

open SOAPUI
put SOAP request into input request buffer
press/click "send request"

report back what you see

Saludos Cordiales,
Martín
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]
CC: [hidden email]
Subject: Log xml request file
Date: Fri, 6 Mar 2015 13:07:17 +0100

Hi,

   Please could anyone show me how to log the soap message I mea the xml file of an Axis2 request?

   Let me explain.

    I have developed a stand alone app which call two web services.

    I performed one client with ADB
    I performed the other client with XML beans

  I´m getting an error in my clients and I was wondering to know exactly which soap message I´m sending in order to try it in SOAP ui and knows if it works.

  In the past I now I did it several time ago that´s why I asked about it.

 I have been looking on Gloogle with no successful after trying serveral solutions I found on Internet.

  The problem also is that because I´m getting an error I can´t use anything at all related to Axis LastContext.

 Thanks in advance
Kind regards,
Oscar
Reply | Threaded
Open this post in threaded view
|

Re: Log xml request file

Shameera Rathnayaka
​Hi Oscar, 

TCPMon[1] is best fit for your requirement. I have used this tool and it is easy to configure and use. try it. You need to put TCPMon in between your webservice and second webservice. 


On Fri, Mar 6, 2015 at 1:29 PM, Oscar Rugama <[hidden email]> wrote:
I guess I explained very bad my problem so sorry for it, I will try to make it easier to explain.

 If I have developed a web service client with adb or xmlbeans generated automatically from axis2 using the wsdl document, how can I see the complete xml file I mean the soap message which is xml

  I know exactly which is the correct xml to be sent because as Martin said using the soap ui you can know the xml request and you can see the structure, but the problem I have is that I have to add within the soap header a security token.

     The process is that I call one web service and retrieve a security token from it
    Then I call another web service using the security token provided by the first web service.

    What I did was to create manually the xml structure of the security token and after I added it to the soap header.

  So because I have changed the soap header I want to know how exactly the soap envelope will go I mean the soap request which is a xml file just to compare with the structure I know that should be sent.

For me it is ok if something like system.out.printl(request) and appears in the log the all soap request xml file

Does it make sense now?

Thanks your support is her appreciated.

Un saludo,
Oscar

On 6/3/2015, at 14:42, Martin Gainty <[hidden email]> wrote:


Oscar

install a copy of SOAPUI from:
http://www.soapui.org/downloads/download-soapui-pro-trial.html

...for each service request..

open SOAPUI
put SOAP request into input request buffer
press/click "send request"

report back what you see

Saludos Cordiales,
Martín
______________________________________________
                                                                                                   




From: [hidden email]
To: [hidden email]
CC: [hidden email]
Subject: Log xml request file
Date: Fri, 6 Mar 2015 13:07:17 +0100

Hi,

   Please could anyone show me how to log the soap message I mea the xml file of an Axis2 request?

   Let me explain.

    I have developed a stand alone app which call two web services.

    I performed one client with ADB
    I performed the other client with XML beans

  I´m getting an error in my clients and I was wondering to know exactly which soap message I´m sending in order to try it in SOAP ui and knows if it works.

  In the past I now I did it several time ago that´s why I asked about it.

 I have been looking on Gloogle with no successful after trying serveral solutions I found on Internet.

  The problem also is that because I´m getting an error I can´t use anything at all related to Axis LastContext.

 Thanks in advance
Kind regards,
Oscar



--
Best Regards,
Shameera Rathnayaka.

email: shameera AT apache.org , shameerainfo AT gmail.com
Blog : http://shameerarathnayaka.blogspot.com/
Reply | Threaded
Open this post in threaded view
|

Re: Log xml request file

robertlazarski .
In reply to this post by Oscar Rugama
On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:

>   So because I have changed the soap header I want to know how exactly the
> soap envelope will go I mean the soap request which is a xml file just to
> compare with the structure I know that should be sent.
>
> For me it is ok if something like system.out.printl(request) and appears in
> the log the all soap request xml file
>
> Does it make sense now?
>
> Thanks your support is her appreciated.
>
> Un saludo,
> Oscar

This may help:

MessageContext messageContext = MessageContext.
getCurrentMessageContext();
String request = messageContext.getEnvelope().toString();

- R

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Martin Gainty




> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Oscar Rugama
Thank you very much, I will try Martin Rampart explanation on Monday, I´m excitted to try now but on Saturday and Sunday I work in a Bakery and from Monday - Friday on Software

Keep all updated with my progress

Thank you very much
Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Fri, 6 Mar 2015 22:08:09 -0500





> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Martin Gainty

|_|



From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 10:35:01 +0100

Thank you very much, I will try Martin Rampart explanation on Monday, I´m excitted to try now but on Saturday and Sunday I work in a Bakery and from Monday - Friday on Software

Keep all updated with my progress

MG>
Hay una panadería de la esquina en la casa de hija mia en América del sur.Pan fresco, Donuts y lo mejor de todo gratis trata a los niños...Si usted viaja a Colombia, Perú parada por UIO Ecuador...Yo recojo en el aeropuerto y llevarte a la panadería

Mantente en contacto porfavor
Muchismimas Gracias/Obrigrado,
Martín
MG>


Thank you very much
Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Fri, 6 Mar 2015 22:08:09 -0500





> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Oscar Rugama
Hi all:

  So sorry to come back with very bad news as I don´t know how to go on. I´m very new to rampart maybe it´s that the problem.

 Best way is to start from the top to the botton.

Top (literally how the provider has sent the info to me in English):

 I have to call a Web Service with a request like this one:

 <?xml version="1.0" encodin g="UTF-8"?>
     <soapenv:Envelope xml ns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
         <soapenv:Header>
             <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                 <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken">
                     RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==
                 </wsse:BinarySecurityToken>
             </wsse:Security>
         </soapenv:Header>
         <soapenv:Body>
             <ns2:LtdCompanyRequest">
                 <ns2:Control>
                     <ns1:AppName ">
                         SOFYCUK
                     </ns1:AppName>
                     <ns1:Consent">
                         YCON
                     </ns1:Consent>
                     <ns1:AppSrchType">
                         P
                     </ns1:AppSrchType>
                 </ns2:Control>
                 <ns2:RegNumber>
                     06954101
                 </ns2:RegNumber>
                 </ns2:LtdCompanyRequest>
         </soapenv:Body>
     </soapenv:Envelope>
 
What I have highlighted in yellow is what the provider call "Security Token" and here you have what exactly the provider says.

1. You should provide a request as the one above
2. Security Token (what I have highlighted) is taken from another Web Service which you should authenticate through certificate (this Web service was done by me and working fine as I´m getting correctly the SecurityToken as String)
 
My first try before coming to this axis2 list was to develop the soap request and added the header with the Security token, obviusly I got exactly the same soap message as the one provided by the provider, but even that it didn´t work.

My way to did it

//securityToken parameter is the String got from the Web Service which provide it as the authentication
// it´s something like RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==    (this value is dummy as I have change it but lenght is the same)
private static void crearFirmaCabecera(LtdCompanySearchStub stub, String securityToken){
       
        try {
            String XMLNS_WSU = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
            String XSD_WSSE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
       
                OMFactory omFactory = OMAbstractFactory.getOMFactory();
                OMElement omSecurityElement = omFactory.createOMElement(new QName(XSD_WSSE, "Security", "wsse"), null);
                omSecurityElement.declareNamespace(XMLNS_WSU, "wsu");

                OMElement omBinarySecurityToken = omFactory.createOMElement(new QName(XSD_WSSE, "BinarySecurityToken", "wsse"), null);

                omBinarySecurityToken.addAttribute("xmlns:wsu", XMLNS_WSU, null);
               
                omBinarySecurityToken.addAttribute("ValueType", "ExperianWASP",null);
                omBinarySecurityToken.addAttribute("EncodingType", "wsse:Base64Binary",null);
                omBinarySecurityToken.addAttribute("wsu:Id", "SecurityToken",null);
               
                omBinarySecurityToken.setText(securityToken);
               
                omSecurityElement.addChild(omBinarySecurityToken);
          
                stub._getServiceClient().addHeader(omSecurityElement);
   
        } catch (Throwable ex) {
            System.out.println(ex);
        }
    }

Here I came to undertand how to retrieve the xml sent to check if ok. In the end I could verify it was the same but still didn´t work.

I asked the provider and just said

Are you attaching the certificate as well as the token when you are calling the service?


So not sure what it means to attach the certiicate. The communication with the provider is awful and the problem is not that I´m Spanish and he speaks English.

Taking Martin example I try to use Rampart, and that is my challenge since Monday.

 I have found on Internet a lot of examples about username and password within the header and it seems easy with rampart but about SecurityBinaryToken very very very few information or maybe for me it´s not clear to understand.

 So I tried Rampart and what I did is the following, I will try to go step by step and the best way is to go through my main class.

// I point to my local Axis configuration that´s why I create my context

 ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\repository",
"E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\conf\\axis2.xml");

 // I created stub with axis2 tools wsdl2java
 stub = new com.experian.services.experian.wbsv.generic.bi.LtdCompanySearchStub(ctx, endpoint);

 ServiceClient client = stub._getServiceClient();

Options options = client.getOptions();
// proxy options not listed here but in my real code yes I have HTTPProxyProperties with correct values
options.setProperty(HTTPConstants.PROXY, HTTPProxyProperties);
 
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("experian");
// I have created a PWCCallback as stated by Martin and will put later
rampartConfig.setPwCbClass("com.experian.uk.authenticator.PWCBHandler");

CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
// here is path to my keystore
props.setProperty("org.apache.ws.security.crypto.merlin.file","D:\\Netbeans\\ExperianWs\\certificado\\experian.jks");
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "experian");

 sigCrypto.setProp(props);

  rampartConfig.setSigCryptoConfig(sigCrypto);

  Policy policy = new Policy();
  policy.addAssertion(rampartConfig);
          
  client.engageModule("rampart");
      
  client.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, policy);          
 
 // here is where I call the web service        
  response = stub.limitedCompanyData(request);   //and here I got java.lang.RuntimeException: Undefined 'Security policy namespace cannot be null.' resource property

Anyway my first attemp was to did the folowing

Policy policy = loadPolicy("D:\\Netbeans\\ExperianWs\\src\\policy.xml");
options.setProperty(RampartMessageData.KEY_RAMPART_OUT_POLICY, policy);
client.engageModule("rampart");

and my policy.xml was like this one

<wsp:Policy wsu:Id="SecurityToken" xmlns:wsu=
    "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsp:ExactlyOne>
    <wsp:All>
      <sp:SupportingTokens
          xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
        <wsp:Policy>
                     <wsse:Security>
                           <wsse:BinarySecurityToken ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken"/>
                           </wsse:Security>
         </wsp:Policy>
      </sp:SupportingTokens>
      <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
              <ramp:passwordCallbackClass>com.experian.uk.authenticator.PWCBHandler</ramp:passwordCallbackClass>
          </ramp:RampartConfig>
    </wsp:All>
  </wsp:ExactlyOne>
</wsp:Policy>

But in this case I check the xml sent and it´s not correct

**************************************************************

My PWCHandler looks like this:

public class PWCBHandler implements CallbackHandler
{
    public void handle(Callback[] callbacks) throws IOException {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
          
            if(pwcb.getIdentifier().equals("experian") ) {
                // here not sure what to put as I don´t understand exactly what this class is for
               pwcb.setPassword("experian");
               or 
               pwcb.setPassword(getSecurityBinaryTokenFromWebServiceWhichProvideIT());
                return;
            }
        }
    }
}


I wonder to understand how it works PWCBHandler .

I appreciate very much Martin efforts but as I´m very new to rampart

Also I don´t what to forget I tried to put InFlowConfiguration but it doesn´t appear values like setPasswordType

See screenshot
<script type="jsv#4532_"></script>  
 <script type="jsv/4532_"></script>

 
I feel a little bit stupid as I have reading rampart examples and if I have to perform username and password toke for sure I can do but BinarySecurityToken as it´s not a predefined type I´m a bit lost.

Don´t want to bother anyone but I have search in Google since Monday and tried several things until coming here right now and feeling stupid with no idea how to go on.

So any help trust me it´s much appreciated.

And this for Martin and in Spanish.

Soy de Bilbao (España) por aquí las cosas no han ido muy bien por eso trabajo en Software y en una panadería pastelería.

Nosotros hacemos pan fresco y tenemos obrador de pastelería fresca diaria, todo lo que no es diario se tira a la basura para mantener nivel de calidad.

Eso si mi en mi caso concreto, a los niños pequeños les doy bollitos de pan gratis que les hace mucha ilusión y cuando digo niños pequeños, digo desde muy poquitos añitos para que muerdan y fortalezcan los dientes hasta alguno más mayorcito su sonrisa no tiene precio.

Pues aunque vivo en Bilbao, me toca trabajar mucho en Glasgow y aunque parezca mentira hay muchas probabilidades de que me toque trabajar en Méxcio y en Brasil el año que viene por lo que Martin si me toca expatriación ten por seguro que me moveré para compartir contigo unas cervezas.

gracias
Un saludo / Kind regards,
Oscar





From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 18:31:46 -0500


|_|



From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 10:35:01 +0100

Thank you very much, I will try Martin Rampart explanation on Monday, I´m excitted to try now but on Saturday and Sunday I work in a Bakery and from Monday - Friday on Software

Keep all updated with my progress

MG>
Hay una panadería de la esquina en la casa de hija mia en América del sur.Pan fresco, Donuts y lo mejor de todo gratis trata a los niños...Si usted viaja a Colombia, Perú parada por UIO Ecuador...Yo recojo en el aeropuerto y llevarte a la panadería

Mantente en contacto porfavor
Muchismimas Gracias/Obrigrado,
Martín
MG>


Thank you very much
Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Fri, 6 Mar 2015 22:08:09 -0500





> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Oscar Rugama
Hi all,

   I want to come back to you with very good news.

   At the end, I found what´s the problem and the problem was the provider, I mean the company who is our provider.

  Its Web Service was absolutely wrong, all your help applied to my code, even my first code works perfect.

   After becoming very angry with the provider, and argued with him, I found that with the current Web Service provided by them was impossible to communicate.

   I got angrier because I lost a lot of time on this and also I made some of you to lost time.

   After fixing by provider the problem in its server, I succesfully communicate with the web Service just signing the request with the certificate (new certificate because the old one wasn´t be valid by provider, incredible but it was truth) and log in perfect.

  A want to say a very big thank you!!!!!!!!

Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Wed, 11 Mar 2015 16:11:29 +0100

Hi all:

  So sorry to come back with very bad news as I don´t know how to go on. I´m very new to rampart maybe it´s that the problem.

 Best way is to start from the top to the botton.

Top (literally how the provider has sent the info to me in English):

 I have to call a Web Service with a request like this one:

 <?xml version="1.0" encodin g="UTF-8"?>
     <soapenv:Envelope xml ns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
         <soapenv:Header>
             <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                 <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken">
                     RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==
                 </wsse:BinarySecurityToken>
             </wsse:Security>
         </soapenv:Header>
         <soapenv:Body>
             <ns2:LtdCompanyRequest">
                 <ns2:Control>
                     <ns1:AppName ">
                         SOFYCUK
                     </ns1:AppName>
                     <ns1:Consent">
                         YCON
                     </ns1:Consent>
                     <ns1:AppSrchType">
                         P
                     </ns1:AppSrchType>
                 </ns2:Control>
                 <ns2:RegNumber>
                     06954101
                 </ns2:RegNumber>
                 </ns2:LtdCompanyRequest>
         </soapenv:Body>
     </soapenv:Envelope>
 
What I have highlighted in yellow is what the provider call "Security Token" and here you have what exactly the provider says.

1. You should provide a request as the one above
2. Security Token (what I have highlighted) is taken from another Web Service which you should authenticate through certificate (this Web service was done by me and working fine as I´m getting correctly the SecurityToken as String)
 
My first try before coming to this axis2 list was to develop the soap request and added the header with the Security token, obviusly I got exactly the same soap message as the one provided by the provider, but even that it didn´t work.

My way to did it

//securityToken parameter is the String got from the Web Service which provide it as the authentication
// it´s something like RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==    (this value is dummy as I have change it but lenght is the same)
private static void crearFirmaCabecera(LtdCompanySearchStub stub, String securityToken){
       
        try {
            String XMLNS_WSU = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
            String XSD_WSSE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
       
                OMFactory omFactory = OMAbstractFactory.getOMFactory();
                OMElement omSecurityElement = omFactory.createOMElement(new QName(XSD_WSSE, "Security", "wsse"), null);
                omSecurityElement.declareNamespace(XMLNS_WSU, "wsu");

                OMElement omBinarySecurityToken = omFactory.createOMElement(new QName(XSD_WSSE, "BinarySecurityToken", "wsse"), null);

                omBinarySecurityToken.addAttribute("xmlns:wsu", XMLNS_WSU, null);
               
                omBinarySecurityToken.addAttribute("ValueType", "ExperianWASP",null);
                omBinarySecurityToken.addAttribute("EncodingType", "wsse:Base64Binary",null);
                omBinarySecurityToken.addAttribute("wsu:Id", "SecurityToken",null);
               
                omBinarySecurityToken.setText(securityToken);
               
                omSecurityElement.addChild(omBinarySecurityToken);
          
                stub._getServiceClient().addHeader(omSecurityElement);
   
        } catch (Throwable ex) {
            System.out.println(ex);
        }
    }

Here I came to undertand how to retrieve the xml sent to check if ok. In the end I could verify it was the same but still didn´t work.

I asked the provider and just said

Are you attaching the certificate as well as the token when you are calling the service?


So not sure what it means to attach the certiicate. The communication with the provider is awful and the problem is not that I´m Spanish and he speaks English.

Taking Martin example I try to use Rampart, and that is my challenge since Monday.

 I have found on Internet a lot of examples about username and password within the header and it seems easy with rampart but about SecurityBinaryToken very very very few information or maybe for me it´s not clear to understand.

 So I tried Rampart and what I did is the following, I will try to go step by step and the best way is to go through my main class.

// I point to my local Axis configuration that´s why I create my context

 ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\repository",
"E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\conf\\axis2.xml");

 // I created stub with axis2 tools wsdl2java
 stub = new com.experian.services.experian.wbsv.generic.bi.LtdCompanySearchStub(ctx, endpoint);

 ServiceClient client = stub._getServiceClient();

Options options = client.getOptions();
// proxy options not listed here but in my real code yes I have HTTPProxyProperties with correct values
options.setProperty(HTTPConstants.PROXY, HTTPProxyProperties);
 
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("experian");
// I have created a PWCCallback as stated by Martin and will put later
rampartConfig.setPwCbClass("com.experian.uk.authenticator.PWCBHandler");

CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
// here is path to my keystore
props.setProperty("org.apache.ws.security.crypto.merlin.file","D:\\Netbeans\\ExperianWs\\certificado\\experian.jks");
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "experian");

 sigCrypto.setProp(props);

  rampartConfig.setSigCryptoConfig(sigCrypto);

  Policy policy = new Policy();
  policy.addAssertion(rampartConfig);
          
  client.engageModule("rampart");
      
  client.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, policy);          
 
 // here is where I call the web service        
  response = stub.limitedCompanyData(request);   //and here I got java.lang.RuntimeException: Undefined 'Security policy namespace cannot be null.' resource property

Anyway my first attemp was to did the folowing

Policy policy = loadPolicy("D:\\Netbeans\\ExperianWs\\src\\policy.xml");
options.setProperty(RampartMessageData.KEY_RAMPART_OUT_POLICY, policy);
client.engageModule("rampart");

and my policy.xml was like this one

<wsp:Policy wsu:Id="SecurityToken" xmlns:wsu=
    "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsp:ExactlyOne>
    <wsp:All>
      <sp:SupportingTokens
          xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
        <wsp:Policy>
                     <wsse:Security>
                           <wsse:BinarySecurityToken ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken"/>
                           </wsse:Security>
         </wsp:Policy>
      </sp:SupportingTokens>
      <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
              <ramp:passwordCallbackClass>com.experian.uk.authenticator.PWCBHandler</ramp:passwordCallbackClass>
          </ramp:RampartConfig>
    </wsp:All>
  </wsp:ExactlyOne>
</wsp:Policy>

But in this case I check the xml sent and it´s not correct

**************************************************************

My PWCHandler looks like this:

public class PWCBHandler implements CallbackHandler
{
    public void handle(Callback[] callbacks) throws IOException {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
          
            if(pwcb.getIdentifier().equals("experian") ) {
                // here not sure what to put as I don´t understand exactly what this class is for
               pwcb.setPassword("experian");
               or 
               pwcb.setPassword(getSecurityBinaryTokenFromWebServiceWhichProvideIT());
                return;
            }
        }
    }
}


I wonder to understand how it works PWCBHandler .

I appreciate very much Martin efforts but as I´m very new to rampart

Also I don´t what to forget I tried to put InFlowConfiguration but it doesn´t appear values like setPasswordType

See screenshot
 
 

 
I feel a little bit stupid as I have reading rampart examples and if I have to perform username and password toke for sure I can do but BinarySecurityToken as it´s not a predefined type I´m a bit lost.

Don´t want to bother anyone but I have search in Google since Monday and tried several things until coming here right now and feeling stupid with no idea how to go on.

So any help trust me it´s much appreciated.

And this for Martin and in Spanish.

Soy de Bilbao (España) por aquí las cosas no han ido muy bien por eso trabajo en Software y en una panadería pastelería.

Nosotros hacemos pan fresco y tenemos obrador de pastelería fresca diaria, todo lo que no es diario se tira a la basura para mantener nivel de calidad.

Eso si mi en mi caso concreto, a los niños pequeños les doy bollitos de pan gratis que les hace mucha ilusión y cuando digo niños pequeños, digo desde muy poquitos añitos para que muerdan y fortalezcan los dientes hasta alguno más mayorcito su sonrisa no tiene precio.

Pues aunque vivo en Bilbao, me toca trabajar mucho en Glasgow y aunque parezca mentira hay muchas probabilidades de que me toque trabajar en Méxcio y en Brasil el año que viene por lo que Martin si me toca expatriación ten por seguro que me moveré para compartir contigo unas cervezas.

gracias
Un saludo / Kind regards,
Oscar





From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 18:31:46 -0500


|_|



From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 10:35:01 +0100

Thank you very much, I will try Martin Rampart explanation on Monday, I´m excitted to try now but on Saturday and Sunday I work in a Bakery and from Monday - Friday on Software

Keep all updated with my progress

MG>
Hay una panadería de la esquina en la casa de hija mia en América del sur.Pan fresco, Donuts y lo mejor de todo gratis trata a los niños...Si usted viaja a Colombia, Perú parada por UIO Ecuador...Yo recojo en el aeropuerto y llevarte a la panadería

Mantente en contacto porfavor
Muchismimas Gracias/Obrigrado,
Martín
MG>


Thank you very much
Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Fri, 6 Mar 2015 22:08:09 -0500





> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
Reply | Threaded
Open this post in threaded view
|

RE: Log xml request file

Martin Gainty


Tu ejemplos de código que trabajó en todas las configuraciones
Sabía que se estaba implementando eje correctamente

Felicidades Oscar ..tu duro trabajo.. ha trabajado correctamente

¡Saludos Amigo Mio!
Martín
______________________________________________
(contratista Banco Santander)



From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Tue, 31 Mar 2015 12:04:59 +0200

Hi all,

   I want to come back to you with very good news.

   At the end, I found what´s the problem and the problem was the provider, I mean the company who is our provider.

  Its Web Service was absolutely wrong, all your help applied to my code, even my first code works perfect.

   After becoming very angry with the provider, and argued with him, I found that with the current Web Service provided by them was impossible to communicate.

   I got angrier because I lost a lot of time on this and also I made some of you to lost time.

   After fixing by provider the problem in its server, I succesfully communicate with the web Service just signing the request with the certificate (new certificate because the old one wasn´t be valid by provider, incredible but it was truth) and log in perfect.

  A want to say a very big thank you!!!!!!!!

Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Wed, 11 Mar 2015 16:11:29 +0100

Hi all:

  So sorry to come back with very bad news as I don´t know how to go on. I´m very new to rampart maybe it´s that the problem.

 Best way is to start from the top to the botton.

Top (literally how the provider has sent the info to me in English):

 I have to call a Web Service with a request like this one:

 <?xml version="1.0" encodin g="UTF-8"?>
     <soapenv:Envelope xml ns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
         <soapenv:Header>
             <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                 <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken">
                     RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==
                 </wsse:BinarySecurityToken>
             </wsse:Security>
         </soapenv:Header>
         <soapenv:Body>
             <ns2:LtdCompanyRequest">
                 <ns2:Control>
                     <ns1:AppName ">
                         SOFYCUK
                     </ns1:AppName>
                     <ns1:Consent">
                         YCON
                     </ns1:Consent>
                     <ns1:AppSrchType">
                         P
                     </ns1:AppSrchType>
                 </ns2:Control>
                 <ns2:RegNumber>
                     06954101
                 </ns2:RegNumber>
                 </ns2:LtdCompanyRequest>
         </soapenv:Body>
     </soapenv:Envelope>
 
What I have highlighted in yellow is what the provider call "Security Token" and here you have what exactly the provider says.

1. You should provide a request as the one above
2. Security Token (what I have highlighted) is taken from another Web Service which you should authenticate through certificate (this Web service was done by me and working fine as I´m getting correctly the SecurityToken as String)
 
My first try before coming to this axis2 list was to develop the soap request and added the header with the Security token, obviusly I got exactly the same soap message as the one provided by the provider, but even that it didn´t work.

My way to did it

//securityToken parameter is the String got from the Web Service which provide it as the authentication
// it´s something like RXJyb3IgaXNzRqluZyBhdXRoAz50aWNhdG4vbi20b2tlbg==    (this value is dummy as I have change it but lenght is the same)
private static void crearFirmaCabecera(LtdCompanySearchStub stub, String securityToken){
       
        try {
            String XMLNS_WSU = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
            String XSD_WSSE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
       
                OMFactory omFactory = OMAbstractFactory.getOMFactory();
                OMElement omSecurityElement = omFactory.createOMElement(new QName(XSD_WSSE, "Security", "wsse"), null);
                omSecurityElement.declareNamespace(XMLNS_WSU, "wsu");

                OMElement omBinarySecurityToken = omFactory.createOMElement(new QName(XSD_WSSE, "BinarySecurityToken", "wsse"), null);

                omBinarySecurityToken.addAttribute("xmlns:wsu", XMLNS_WSU, null);
               
                omBinarySecurityToken.addAttribute("ValueType", "ExperianWASP",null);
                omBinarySecurityToken.addAttribute("EncodingType", "wsse:Base64Binary",null);
                omBinarySecurityToken.addAttribute("wsu:Id", "SecurityToken",null);
               
                omBinarySecurityToken.setText(securityToken);
               
                omSecurityElement.addChild(omBinarySecurityToken);
          
                stub._getServiceClient().addHeader(omSecurityElement);
   
        } catch (Throwable ex) {
            System.out.println(ex);
        }
    }

Here I came to undertand how to retrieve the xml sent to check if ok. In the end I could verify it was the same but still didn´t work.

I asked the provider and just said

Are you attaching the certificate as well as the token when you are calling the service?


So not sure what it means to attach the certiicate. The communication with the provider is awful and the problem is not that I´m Spanish and he speaks English.

Taking Martin example I try to use Rampart, and that is my challenge since Monday.

 I have found on Internet a lot of examples about username and password within the header and it seems easy with rampart but about SecurityBinaryToken very very very few information or maybe for me it´s not clear to understand.

 So I tried Rampart and what I did is the following, I will try to go step by step and the best way is to go through my main class.

// I point to my local Axis configuration that´s why I create my context

 ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\repository",
"E:\\orugama\\Software\\Windows\\Windows XP - 7\\Axis\\axis2-1.6.2\\conf\\axis2.xml");

 // I created stub with axis2 tools wsdl2java
 stub = new com.experian.services.experian.wbsv.generic.bi.LtdCompanySearchStub(ctx, endpoint);

 ServiceClient client = stub._getServiceClient();

Options options = client.getOptions();
// proxy options not listed here but in my real code yes I have HTTPProxyProperties with correct values
options.setProperty(HTTPConstants.PROXY, HTTPProxyProperties);
 
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("experian");
// I have created a PWCCallback as stated by Martin and will put later
rampartConfig.setPwCbClass("com.experian.uk.authenticator.PWCBHandler");

CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
// here is path to my keystore
props.setProperty("org.apache.ws.security.crypto.merlin.file","D:\\Netbeans\\ExperianWs\\certificado\\experian.jks");
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "experian");

 sigCrypto.setProp(props);

  rampartConfig.setSigCryptoConfig(sigCrypto);

  Policy policy = new Policy();
  policy.addAssertion(rampartConfig);
          
  client.engageModule("rampart");
      
  client.getAxisService().getPolicyInclude().addPolicyElement(PolicyInclude.AXIS_SERVICE_POLICY, policy);          
 
 // here is where I call the web service        
  response = stub.limitedCompanyData(request);   //and here I got java.lang.RuntimeException: Undefined 'Security policy namespace cannot be null.' resource property

Anyway my first attemp was to did the folowing

Policy policy = loadPolicy("D:\\Netbeans\\ExperianWs\\src\\policy.xml");
options.setProperty(RampartMessageData.KEY_RAMPART_OUT_POLICY, policy);
client.engageModule("rampart");

and my policy.xml was like this one

<wsp:Policy wsu:Id="SecurityToken" xmlns:wsu=
    "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsp:ExactlyOne>
    <wsp:All>
      <sp:SupportingTokens
          xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
        <wsp:Policy>
                     <wsse:Security>
                           <wsse:BinarySecurityToken ValueType="ExperianWASP" EncodingType="wsse:Base64Binary" wsu:Id="SecurityToken"/>
                           </wsse:Security>
         </wsp:Policy>
      </sp:SupportingTokens>
      <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
              <ramp:passwordCallbackClass>com.experian.uk.authenticator.PWCBHandler</ramp:passwordCallbackClass>
          </ramp:RampartConfig>
    </wsp:All>
  </wsp:ExactlyOne>
</wsp:Policy>

But in this case I check the xml sent and it´s not correct

**************************************************************

My PWCHandler looks like this:

public class PWCBHandler implements CallbackHandler
{
    public void handle(Callback[] callbacks) throws IOException {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
          
            if(pwcb.getIdentifier().equals("experian") ) {
                // here not sure what to put as I don´t understand exactly what this class is for
               pwcb.setPassword("experian");
               or 
               pwcb.setPassword(getSecurityBinaryTokenFromWebServiceWhichProvideIT());
                return;
            }
        }
    }
}


I wonder to understand how it works PWCBHandler .

I appreciate very much Martin efforts but as I´m very new to rampart

Also I don´t what to forget I tried to put InFlowConfiguration but it doesn´t appear values like setPasswordType

See screenshot
 
 

 
I feel a little bit stupid as I have reading rampart examples and if I have to perform username and password toke for sure I can do but BinarySecurityToken as it´s not a predefined type I´m a bit lost.

Don´t want to bother anyone but I have search in Google since Monday and tried several things until coming here right now and feeling stupid with no idea how to go on.

So any help trust me it´s much appreciated.

And this for Martin and in Spanish.

Soy de Bilbao (España) por aquí las cosas no han ido muy bien por eso trabajo en Software y en una panadería pastelería.

Nosotros hacemos pan fresco y tenemos obrador de pastelería fresca diaria, todo lo que no es diario se tira a la basura para mantener nivel de calidad.

Eso si mi en mi caso concreto, a los niños pequeños les doy bollitos de pan gratis que les hace mucha ilusión y cuando digo niños pequeños, digo desde muy poquitos añitos para que muerdan y fortalezcan los dientes hasta alguno más mayorcito su sonrisa no tiene precio.

Pues aunque vivo en Bilbao, me toca trabajar mucho en Glasgow y aunque parezca mentira hay muchas probabilidades de que me toque trabajar en Méxcio y en Brasil el año que viene por lo que Martin si me toca expatriación ten por seguro que me moveré para compartir contigo unas cervezas.

gracias
Un saludo / Kind regards,
Oscar





From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 18:31:46 -0500


|_|



From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Sat, 7 Mar 2015 10:35:01 +0100

Thank you very much, I will try Martin Rampart explanation on Monday, I´m excitted to try now but on Saturday and Sunday I work in a Bakery and from Monday - Friday on Software

Keep all updated with my progress

MG>
Hay una panadería de la esquina en la casa de hija mia en América del sur.Pan fresco, Donuts y lo mejor de todo gratis trata a los niños...Si usted viaja a Colombia, Perú parada por UIO Ecuador...Yo recojo en el aeropuerto y llevarte a la panadería

Mantente en contacto porfavor
Muchismimas Gracias/Obrigrado,
Martín
MG>


Thank you very much
Kind regards,
Oscar


From: [hidden email]
To: [hidden email]
Subject: RE: Log xml request file
Date: Fri, 6 Mar 2015 22:08:09 -0500





> Date: Fri, 6 Mar 2015 17:28:16 -0300

> Subject: Re: Log xml request file
> From: [hidden email]
> To: [hidden email]
>
> On Fri, Mar 6, 2015 at 3:29 PM, Oscar Rugama <[hidden email]> wrote:
> > So because I have changed the soap header I want to know how exactly the
> > soap envelope will go I mean the soap request which is a xml file just to
> > compare with the structure I know that should be sent.
> >
> > For me it is ok if something like system.out.printl(request) and appears in
> > the log the all soap request xml file
> >
> > Does it make sense now?
> >
> > Thanks your support is her appreciated.
> >
> > Un saludo,
> > Oscar
>
> This may help:
>
> MessageContext messageContext = MessageContext.
> getCurrentMessageContext();
> String request = messageContext.getEnvelope().toString();
>
> - R

that will help for ADB ..thanks robert

 for xmlbeans you may need to add log.debug statements in org.apache.axis2.xmlbeans.CodeGenerationUtility.java:
take a look at:
  //process the unwrapped parameters
            if (!cgconfig.isParametersWrapped()) {
                //figure out the unwrapped operations
                axisServices = cgconfig.getAxisServices();
                for (Iterator servicesIter = axisServices.iterator(); servicesIter.hasNext();) {
                    axisService = (AxisService)servicesIter.next();
                    for (Iterator operations = axisService.getOperations();
                         operations.hasNext();) {
                        AxisOperation op = (AxisOperation)operations.next();

                        if (WSDLUtil.isInputPresentForMEP(op.getMessageExchangePattern())) {
                            AxisMessage message = op.getMessage(
                                    WSDLConstants.MESSAGE_LABEL_IN_VALUE);
                            if (message != null &&
                                    message.getParameter(Constants.UNWRAPPED_KEY) != null) {
                                SchemaGlobalElement xmlbeansElement =
                                        sts.findElement(message.getElementQName());
                                log.debug("CodeGenerationUtility::processSchemas  xmlbeansElement = "+xmlbeansElement.toString() );
then of course compile and redeploy:
mvn package
copy /target/*.jar into webapps/axis2/WEB-INF/lib
Un Saludo
Martín
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>