Win a copy of OCP Oracle Certified Professional Java SE 11 Developer Practice Tests this week in the OCP forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Ron McLeod
  • Tim Cooke
Sheriffs:
  • Devaka Cooray
  • paul wheaton
  • Mark Herschberg
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Frits Walraven
  • Jj Roberts
Bartenders:
  • Carey Brown
  • salvin francis
  • Piet Souris

Axis 2 & Rampart - Only apply security to outbound requests.

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm using Rampart to generate a request.
I have a policy.xml that is used to apply security.

I'm getting an exception on the response as Rampart is looking for the security header, but one doesn't exist.

Can I still use my policy.xml and specify the fact that I don't need inbound security in this, or do I need to do something else?


Policy:
 
Alan Macfarlanes
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The problem was that once Rampart is engaged, it expects the response to have the same security header. The way I solved the problem was by removing the handler to the Inflow security in the Rampart.mar file.

I'm not sure if this is the best fix, but it worked for us.

To remove the inflow handler: Unpack the rampart.mar file

Comment out the Inflow section

Zip up the META_INF folder. Then rename the .zip file to be .mar

Now when you use this as there are no handlers defined for inflow, it will just use the standard Axis2 response handler.

I guess if you had several projects using Rampart where some had the security header in the response and some didn't you would need a different approach.
 
If you like strawberry rhubarb pie, try blueberry rhubarb (bluebarb) pie. And try this tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic