Hi,
I renamed rampart.mar to rampart.jar and put it into classpath of
java project (also addressing and rahas mars).
This java project is client of my jax-ws web service. I use it for signing messages.
In client I put this:
String axis2xml = "C:/.../conf/client.axis2.xml";
System.setProperty(Constants.AXIS2_CONF, axis2xml);
FileSystemConfigurator configurator = new FileSystemConfigurator(null, axis2xml);
ClientConfigurationFactory factory = new ClientConfigurationFactory(configurator);
MetadataFactoryRegistry.setFactory(ClientConfigurationFactory.class, factory);
JaxwsLibrary service = new JaxwsLibrary();
ERacunPortType stub = service.getLibrary();
BindingProvider provider = (BindingProvider)stub;
Policy policy = loadPolicy("sign-policy-client.xml");
provider.getRequestContext().put(RampartMessageData.KEY_RAMPART_POLICY, policy);
provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
"http://localhost:8080........../MyWebService");
You MUST set factory BEFORE creating service object. If you do not, then Axis will not be configured properly.
As you can see, my entire policy is in separate xml. I also put this policy into wsdl, but I am not sure if this one (from wsdl) is used anywhere.
For the web service side i put web service jar into "servicejars" directory.
I generate jar from
ant task like this:
<jar jarfile="${service-archive-name}.jar">
<fileset dir="${compiled-code}"/>
</jar>
"compiled-code" is directory where resides classes generated by wsimport.
Then I put this into axis2.xml on the service side (I am not sure this is correct):
<parameter name="OutflowSecurity">
<action>
<items>Signature</items>
<user>serveralias</user>
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass>
<signaturePropFile>crypto.properties</signaturePropFile>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>Signature</items>
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass>
<signaturePropFile>crypto.properties</signaturePropFile>
</action>
</parameter>
I put crypto.properties, My.jks and handler class into MyUtil.jar.
Then MyUtil.jar is added to /WEB-INF/lib.
When I start all this (WebSphere 6.1, Rational Software Developer with TCP/IP monitoring, Axis 1.6.0 and Rampart 1.6.0; axis and rampart versions MUST be the same) client sends signed message to web service. From the web service side this message is validated, but when server sends acknowledgement message something goes wrong.
I can see from debugger that password handler (on service side) do his job, but after that I see this (without security everything works ok):
[2012.06.18 10:08:52:000 CEST] 0000001f ServletWrappe E SRVE0068E: Uncaught exception thrown in one of the service methods of the
servlet: AxisServlet. Exception thrown : java.lang.NullPointerException
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:281)
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:255)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:717)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:414)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:516)
at org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:216)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464)
at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:90)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:744)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:279)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469)