rampart/c http tutorial

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

rampart/c http tutorial

Adam Edgar
Is there a good start to finish tutorial for rampart/c for creating a
client starting with a WSDL file? Basically, right no I have written a
WSDL and used wsdl2c to generate the source for the client but it does
not seem to have any rampart code in it. If I run the server without
WSSE it works but not when I try to secure it. I've managed to find
documentation scattered about but nothing comprehensive.

All I'm trying to do is use UserName/Password authentication across
https. This is probably real simple but I can't seem to find the last
little bit of info to get it done.

ASE

Reply | Threaded
Open this post in threaded view
|

Re: rampart/c http tutorial

Samisa Abeysinghe-4
Rampart is an independent project. Hence, the generated code does not have Rampart specific stuff. 

For Rampart stuff, you have to engage the module and provide the security policies etc at client level programatically. 

Samisa...

On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <[hidden email]> wrote:
Is there a good start to finish tutorial for rampart/c for creating a
client starting with a WSDL file? Basically, right no I have written a
WSDL and used wsdl2c to generate the source for the client but it does
not seem to have any rampart code in it. If I run the server without
WSSE it works but not when I try to secure it. I've managed to find
documentation scattered about but nothing comprehensive.

All I'm trying to do is use UserName/Password authentication across
https. This is probably real simple but I can't seem to find the last
little bit of info to get it done.

ASE




--
Samisa Abeysinghe
Director, Engineering - WSO2 Inc.

http://www.wso2.com/ - "The Open Source SOA Company"
Reply | Threaded
Open this post in threaded view
|

Re: rampart/c http tutorial

Adam Edgar
I think I've managed to get some of it working but can't tell if the
proper headers are being generated. Is there a way to dump the traffic
being sent to the server?

Also when I try :

url="https://localhost:8443/axis2/services/NegativeAddressSecureService";
stub = axis2_stub_create_NegativeAddressSecureService(env,home,url);

I get :

op_client.c(949) Cannot infer transport
op_client.c(954) End:axis2_op_client_infer_transport
op_client.c(407) Op client execute failed. Cannot find transport out.


Is there something I need to do to enable https as it doesn't fail for
http?

ASE


On Fri, 2009-12-04 at 22:42 +0530, Samisa Abeysinghe wrote:

> Rampart is an independent project. Hence, the generated code does not
> have Rampart specific stuff.
>
>
> For Rampart stuff, you have to engage the module and provide the
> security policies etc at client level programatically.
>
>
> Samisa...
>
> On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <[hidden email]>
> wrote:
>         Is there a good start to finish tutorial for rampart/c for
>         creating a
>         client starting with a WSDL file? Basically, right no I have
>         written a
>         WSDL and used wsdl2c to generate the source for the client but
>         it does
>         not seem to have any rampart code in it. If I run the server
>         without
>         WSSE it works but not when I try to secure it. I've managed to
>         find
>         documentation scattered about but nothing comprehensive.
>        
>         All I'm trying to do is use UserName/Password authentication
>         across
>         https. This is probably real simple but I can't seem to find
>         the last
>         little bit of info to get it done.
>        
>         ASE
>        
>
>
>
> --
> Samisa Abeysinghe
> Director, Engineering - WSO2 Inc.
>
> http://www.wso2.com/ - "The Open Source SOA Company"
>


Reply | Threaded
Open this post in threaded view
|

Re: rampart/c http tutorial

Samisa Abeysinghe-4


On Fri, Dec 4, 2009 at 10:53 PM, Adam Edgar <[hidden email]> wrote:
I think I've managed to get some of it working but can't tell if the
proper headers are being generated. Is there a way to dump the traffic
being sent to the server?

Also when I try :

url="https://localhost:8443/axis2/services/NegativeAddressSecureService";
stub = axis2_stub_create_NegativeAddressSecureService(env,home,url);

I get :

op_client.c(949) Cannot infer transport
op_client.c(954) End:axis2_op_client_infer_transport
op_client.c(407) Op client execute failed. Cannot find transport out.


Is there something I need to do to enable https as it doesn't fail for
http?

You need to enable https in the axis2.xml conf file

Samisa...


ASE


On Fri, 2009-12-04 at 22:42 +0530, Samisa Abeysinghe wrote:
> Rampart is an independent project. Hence, the generated code does not
> have Rampart specific stuff.
>
>
> For Rampart stuff, you have to engage the module and provide the
> security policies etc at client level programatically.
>
>
> Samisa...
>
> On Fri, Dec 4, 2009 at 10:39 PM, Adam Edgar <[hidden email]>
> wrote:
>         Is there a good start to finish tutorial for rampart/c for
>         creating a
>         client starting with a WSDL file? Basically, right no I have
>         written a
>         WSDL and used wsdl2c to generate the source for the client but
>         it does
>         not seem to have any rampart code in it. If I run the server
>         without
>         WSSE it works but not when I try to secure it. I've managed to
>         find
>         documentation scattered about but nothing comprehensive.
>
>         All I'm trying to do is use UserName/Password authentication
>         across
>         https. This is probably real simple but I can't seem to find
>         the last
>         little bit of info to get it done.
>
>         ASE
>
>
>
>
> --
> Samisa Abeysinghe
> Director, Engineering - WSO2 Inc.
>
> http://www.wso2.com/ - "The Open Source SOA Company"
>





--
Samisa Abeysinghe
Director, Engineering - WSO2 Inc.

http://www.wso2.com/ - "The Open Source SOA Company"
Reply | Threaded
Open this post in threaded view
|

Re: rampart/c http tutorial

Adam Edgar
On Fri, 2009-12-04 at 22:59 +0530, Samisa Abeysinghe wrote:

> You need to enable https in the axis2.xml conf file
>

Ah, thanks one step closer.

I still need to figure out how to see the exact xml that is being sent
and received from the server. I am getting a fault back and I suspect it
is because the WSSE header information is not correct. I should be
sending something like this to the server:

<?xml version="1.0" encoding="UTF-8"?>
  <SOAP-ENV:Envelope
    xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"  
    xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401..."
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis..."    
    xmlns:negdb="http://secure.negativeaddress.research.att.com/"
  >
    <SOAP-ENV:Header>
       <wsse:Security SOAP-ENV:mustUnderstand="true">
         <wsse:UsernameToken
            wsu:Id="apache"
         >
             <wsse:Username>apache</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss...">
                 password
             </wsse:Password>
         </wsse:UsernameToken>
       </wsse:Security>
     </SOAP-ENV:Header>
<SOAP-ENV:Body>
...
While I think I've engaged rampart properly to add the header
information, the debugging log does not include the data sent to the
server.

ASE


Reply | Threaded
Open this post in threaded view
|

Re: rampart/c http tutorial

Setomidor
You can do this using the Apache TCPmon:

http://ws.apache.org/commons/tcpmon/

I'm also looking for a nice Rampart/C walkthrough, but I have yet to find one.

Regards,

Daniel


Adam Edgar wrote
On Fri, 2009-12-04 at 22:59 +0530, Samisa Abeysinghe wrote:

> You need to enable https in the axis2.xml conf file
>

Ah, thanks one step closer.

I still need to figure out how to see the exact xml that is being sent
and received from the server. I am getting a fault back and I suspect it
is because the WSSE header information is not correct. I should be
sending something like this to the server:

<?xml version="1.0" encoding="UTF-8"?>
  <SOAP-ENV:Envelope
    xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" 
    xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
    xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" 
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401..." 
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis..."   
    xmlns:negdb="http://secure.negativeaddress.research.att.com/"
  >
    <SOAP-ENV:Header>
       <wsse:Security SOAP-ENV:mustUnderstand="true">
         <wsse:UsernameToken
            wsu:Id="apache"
         >
             <wsse:Username>apache</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss...">
                 password
             </wsse:Password>
         </wsse:UsernameToken>
       </wsse:Security>
     </SOAP-ENV:Header>
<SOAP-ENV:Body> 
...
While I think I've engaged rampart properly to add the header
information, the debugging log does not include the data sent to the
server.

ASE