Axis2 Rampart client configuration

Dear All,

I have tomcat server on which web services are deployed using Apache CXF framework.
(Well I am having Alfresco open source content management server)

I want to write standalone java client to consume these web services.

Can I use Axis2 at client side in this case?
Also in Axis2 I want to configure rampart security module, but I don't have much idea how to configure it.

Do I have to configure Axis2 and rampart on server side also? even if I only want to consume the deployed web services in Apache CXF/Spring.

Where should i drop policy.xml at client side?

Thanks for any help.

Rampart comes with many examples - check the "samples" directory. You need to configure it where you're using it - it sounds as if that's only on the client side, since you're using CXF on the server side.

I don't think Rampart uses a policy.xml file - is that a CXF thing? if so, there's no point in having one on the client if you use Axis/Rampart there.

Hi Ulf,

I have downloaded "rampart-dist-1.5-bin.zip"

Following is the code i took from rampart's samples directory.

It loads policy file named "policy.xml".
/* * Copyright 2004,2005 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.rampart.samples.policy.sample05; import org.apache.axiom.om.OMAbstractFactory; import org.apache.axiom.om.OMElement; import org.apache.axiom.om.OMFactory; import org.apache.axiom.om.OMNamespace; import org.apache.axiom.om.impl.builder.StAXOMBuilder; import org.apache.axiom.soap.SOAP12Constants; import org.apache.axis2.addressing.AddressingConstants; import org.apache.axis2.addressing.EndpointReference; import org.apache.axis2.client.Options; import org.apache.axis2.client.ServiceClient; import org.apache.axis2.context.ConfigurationContext; import org.apache.axis2.context.ConfigurationContextFactory; import org.apache.neethi.Policy; import org.apache.neethi.PolicyEngine; import org.apache.rahas.RahasConstants; import org.apache.rahas.Token; import org.apache.rahas.TokenStorage; import org.apache.rahas.TrustException; import org.apache.rahas.TrustUtil; import org.apache.rahas.client.STSClient; import org.apache.rampart.RampartMessageData; import org.apache.ws.secpolicy.SP11Constants; import org.apache.ws.secpolicy.SPConstants; import org.opensaml.XML; import javax.xml.namespace.QName; public class Client { public static void main(String[] args) throws Exception { if(args.length != 3) { System.out.println("Usage: $java Client endpoint_address client_repo_path policy_xml_path"); } ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(args[1], null); STSClient stsClient = new STSClient(ctx); stsClient.setRstTemplate(getRSTTemplate()); String action = TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE); stsClient.setAction(action); Token responseToken = stsClient.requestSecurityToken(loadPolicy("sample05/policy.xml"), "http://localhost:8080/axis2/services/STS", loadPolicy("sample05/sts_policy.xml"), null); System.out.println("\n############################# Requested Token ###################################\n"); System.out.println(responseToken.getToken().toString()); TokenStorage store = TrustUtil.getTokenStore(ctx); store.add(responseToken); ServiceClient client = new ServiceClient(ctx, null); Options options = new Options(); options.setAction("urn:echo"); options.setTo(new EndpointReference(args[0])); options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy("sample05/policy.xml")); options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, responseToken.getId()); client.setOptions(options); client.engageModule("addressing"); client.engageModule("rampart"); OMElement response = client.sendReceive(getPayload("Hello world1")); System.out.println("Response : " + response); } private static Policy loadPolicy(String xmlPath) throws Exception { StAXOMBuilder builder = new StAXOMBuilder(xmlPath); return PolicyEngine.getPolicy(builder.getDocumentElement()); } private static OMElement getSAMLToken(OMElement resp) { OMElement rst = resp.getFirstChildWithName(new QName(RahasConstants.WST_NS_05_02, RahasConstants.IssuanceBindingLocalNames. REQUESTED_SECURITY_TOKEN)); OMElement elem = rst.getFirstChildWithName(new QName(XML.SAML_NS, "Assertion")); return elem; } private static OMElement getPayload(String value) { OMFactory factory = OMAbstractFactory.getOMFactory(); OMNamespace ns = factory.createOMNamespace("http://sample05.policy.samples.rampart.apache.org","ns1"); OMElement elem = factory.createOMElement("echo", ns); OMElement childElem = factory.createOMElement("param0", null); childElem.setText(value); elem.addChild(childElem); return elem; } private static OMElement getRSTTemplate() throws Exception { OMFactory fac = OMAbstractFactory.getOMFactory(); OMElement elem = fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE); TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem).setText(RahasConstants.TOK_TYPE_SAML_10); TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, RahasConstants.KEY_TYPE_SYMM_KEY); TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256); return elem; } }

Kindly provide links to develop client with axis2/rampart.

thanks for any help.

Why are you using that sample code - do you intend to work with SAML? If not, I suggest to stick to the examples in the "basic" directory, which do no use policy files.

Also, what do you intend to use WS-Security for - signing, encryption, or authentication?

As an introduction, I published a couple of articles in the JavaRanch Journal (www.javaranch.com/journal) about using Rampart for Authentication and Encryption.

Web services on server requires security header in soap request (wss security) like username,password and timestamp etc.

I am not much aware about rampart options. Can you please suggest me which option would fit my requirement?

Thanks.

like username, password and timestamp etc.

Those three are covered by WSS's UsernameToken and Timestamp features. Only you know which other ones you mean by "etc." :-)

Example basic/sample02 demonstrates those two features in action (as does the sample code in my article on Web Service Authentication with Axis 2).

I have followed suggestions given by you.

It seems still I am missing something.

Following is my client code, when I execute it throws following exception.

package cmis; /* * Copyright 2004,2005 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ import java.math.BigInteger; import org.apache.axiom.om.OMAbstractFactory; import org.apache.axiom.om.OMElement; import org.apache.axiom.om.OMFactory; import org.apache.axiom.om.OMNamespace; import org.apache.axis2.addressing.EndpointReference; import org.apache.axis2.client.Options; import org.apache.axis2.client.ServiceClient; import org.apache.axis2.context.ConfigurationContext; import org.apache.axis2.context.ConfigurationContextFactory; import org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub; import org.oasis_open.docs.ns.cmis.ws._200908.RepositoryServiceStub; import org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub.CmisObjectInFolderContainerType; import org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub.EnumIncludeRelationships; import org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub.GetFolderTree; import org.oasis_open.docs.ns.cmis.ws._200908.RepositoryServiceStub.CmisRepositoryEntryType; import org.oasis_open.docs.ns.cmis.ws._200908.RepositoryServiceStub.GetRepositories; public class Client { public static void main(String[] args) throws Exception { ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("D:\\Softwares\\axis2-1.5.1-bin\\axis2-1.5.1\\repository","D:\\Softwares\\axis2-1.5.1-bin\\axis2-1.5.1\\repository\\modules\\client.axis2.xml"); NavigationServiceStub stub = new NavigationServiceStub(ctx, "http://172.22.41.129:8080/alfresco/cmis/NavigationService"); GetFolderTree ft = new NavigationServiceStub.GetFolderTree(); ft.setRepositoryId("46f8b242-9f61-423b-b824-c6118f470f01"); ft.setFolderId("workspace://SpacesStore/0fceb8de-fe45-439a-9ac4-30b32c7671e0"); ft.setDepth(BigInteger.ONE); ft.setFilter("*"); ft.setRenditionFilter("*"); ft.setExtension(null); ft.setIncludeRelationships(EnumIncludeRelationships.none); NavigationServiceStub.GetFolderTreeResponse res = stub.getFolderTree(ft); CmisObjectInFolderContainerType[] fc = res.getObjects(); System.out.println("Total" + fc.length); // /* RepositoryServiceStub stub = new RepositoryServiceStub(ctx,"http://172.22.41.129:8080/alfresco/cmis/RepositoryService"); System.out.println("1"); GetRepositories rep = new RepositoryServiceStub.GetRepositories(); System.out.println("2"); RepositoryServiceStub.GetRepositoriesResponse res = stub.getRepositories(rep); System.out.println("3"); CmisRepositoryEntryType[] en = res.getRepositories(); System.out.println("4"); System.out.println("Total" + en.length);*/ } }


Exception:

Exception in thread "main" org.apache.axis2.AxisFault: WSDoAllReceiver: Error in converting to Document at org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:67) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:318) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:416) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) at org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub.getFolderTree(NavigationServiceStub.java:1095) at cmis.Client.main(Client.java:74) Caused by: org.apache.axis2.AxisFault: WSDoAllReceiver: Error in converting to Document at org.apache.rampart.handler.WSDoAllSender.processBasic(WSDoAllSender.java:196) at org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:64) ... 9 more Caused by: org.apache.ws.security.WSSecurityException: Error in converting SOAP Envelope to Document; nested exception is: org.apache.axis2.databinding.ADBException: extension cannot be null!! at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:161) at org.apache.rampart.handler.WSDoAllSender.processBasic(WSDoAllSender.java:194) ... 10 more Caused by: org.apache.axis2.databinding.ADBException: extension cannot be null!! at org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub$GetFolderTree.serialize(NavigationServiceStub.java:21761) at org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub$GetFolderTree.serialize(NavigationServiceStub.java:21473) at org.oasis_open.docs.ns.cmis.ws._200908.NavigationServiceStub$GetFolderTree$1.serialize(NavigationServiceStub.java:21461) at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:93) at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerialize(OMSourcedElementImpl.java:703) at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:953) at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:937) at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:227) at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:937) at org.apache.axiom.om.impl.llom.OMNodeImpl.serialize(OMNodeImpl.java:387) at org.apache.axiom.om.impl.llom.OMNodeImpl.serialize(OMNodeImpl.java:430) at org.apache.rampart.util.Axis2Util.getDocumentFromSOAPEnvelope(Axis2Util.java:152) ... 11 more

Kindly help.