Axis2: невозможно задействовать модуль Rampart

Question

Я получаю следующую ошибку при попытке реализовать WS-Security с помощью Rampart в Axis2.

org.apache.axis2.AxisFault: Unable to engage module : rampart 
at org.apache.axis2.client.ServiceClient.engageModule(ServiceClient.java:358) 

Я использую ось в встроенном режиме (внутри уха). Сервис работает нормально без реализации безопасности. Я включил политику в services.xml, а также в WSDL. Использование Jboss и JDK6 Пожалуйста, найдите файлы ниже.

Axis2.xml

<wsdl:definitions xmlns:ns1="http://org.apache.axis2/xsd" xmlns:ns="http://service" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" targetNamespace="http://service"> 
<wsdl:types> 
<xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://service"> 
<xs:element name="echo"> 
<xs:complexType> 
<xs:sequence> 
<xs:element minOccurs="0" name="args0" nillable="true" type="xs:string"/> 
</xs:sequence> 
</xs:complexType> 
</xs:element> 
<xs:element name="echoResponse"> 
<xs:complexType> 
<xs:sequence> 
<xs:element minOccurs="0" name="return" nillable="true" type="xs:string"/> 
</xs:sequence> 
</xs:complexType> 
</xs:element> 
</xs:schema> 
</wsdl:types> 
<wsdl:message name="echoRequest"> 
<wsdl:part name="parameters" element="ns:echo"></wsdl:part> 
</wsdl:message> 
<wsdl:message name="echoResponse"> 
<wsdl:part name="parameters" element="ns:echoResponse"></wsdl:part> 
</wsdl:message> 
<wsdl:portType name="SimpleServicePortType"> 
<wsdl:operation name="echo"> 
<wsdl:input message="ns:echoRequest" wsaw:Action="urn:echo"></wsdl:input> 
<wsdl:output message="ns:echoResponse" wsaw:Action="urn:echoResponse"></wsdl:output> 
</wsdl:operation> 
</wsdl:portType> 
<wsdl:binding name="SimpleServiceSoap11Binding" type="ns:SimpleServicePortType"> 
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> 
<wsdl:operation name="echo"> 
<soap:operation soapAction="urn:echo" style="document"/> 
<wsdl:input> 
<soap:body use="literal"/> 
</wsdl:input> 
<wsdl:output> 
<soap:body use="literal"/> 
</wsdl:output> 
</wsdl:operation> 
</wsdl:binding> 
<wsdl:binding name="SimpleServiceSoap12Binding" type="ns:SimpleServicePortType"> 
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/> 
<wsdl:operation name="echo"> 
<soap12:operation soapAction="urn:echo" style="document"/> 
<wsdl:input> 
<soap12:body use="literal"/> 
</wsdl:input> 
<wsdl:output> 
<soap12:body use="literal"/> 
</wsdl:output> 
</wsdl:operation> 
</wsdl:binding> 
<wsdl:binding name="SimpleServiceHttpBinding" type="ns:SimpleServicePortType"> 
<http:binding verb="POST"/> 
<wsdl:operation name="echo"> 
<http:operation location="SimpleService/echo"/> 
<wsdl:input> 
<mime:content part="echo" type="text/xml"/> 
</wsdl:input> 
<wsdl:output> 
<mime:content part="echo" type="text/xml"/> 
</wsdl:output> 
</wsdl:operation> 
</wsdl:binding> 
<wsdl:service name="SimpleService"> 
<wsdl:port name="SimpleServiceHttpEndpoint" binding="ns:SimpleServiceHttpBinding"> 
<http:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpEndpoint/"/> 
</wsdl:port> 
<wsdl:port name="SimpleServiceHttpSoap11Endpoint" binding="ns:SimpleServiceSoap11Binding"> 
<soap:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap11Endpoint/"/> 
</wsdl:port> 
<wsdl:port name="SimpleServiceHttpSoap12Endpoint" binding="ns:SimpleServiceSoap12Binding"> 
<soap12:address location="http://sbswsvm1426:9091/axis2/services/SimpleService.SimpleServiceHttpSoap12Endpoint/"/> 
</wsdl:port> 
</wsdl:service> 
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SigOnly"> 
<wsp:ExactlyOne> 
<wsp:All> 
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
<wsp:Policy> 
<sp:InitiatorToken> 
<wsp:Policy> 
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> 
<wsp:Policy> 
<sp:RequireThumbprintReference/> 
<sp:WssX509V3Token10/> 
</wsp:Policy> 
</sp:X509Token> 
</wsp:Policy> 
</sp:InitiatorToken> 
<sp:RecipientToken> 
<wsp:Policy> 
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> 
<wsp:Policy> 
<sp:RequireThumbprintReference/> 
<sp:WssX509V3Token10/> 
</wsp:Policy> 
</sp:X509Token> 
</wsp:Policy> 
</sp:RecipientToken> 
<sp:AlgorithmSuite> 
<wsp:Policy> 
<sp:TripleDesRsa15/> 
</wsp:Policy> 
</sp:AlgorithmSuite> 
<sp:Layout> 
<wsp:Policy> 
<sp:Strict/> 
</wsp:Policy> 
</sp:Layout> 
<sp:IncludeTimestamp/> 
<sp:OnlySignEntireHeadersAndBody/> 
</wsp:Policy> 
</sp:AsymmetricBinding> 
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
<sp:Policy> 
<sp:MustSupportRefKeyIdentifier/> 
<sp:MustSupportRefIssuerSerial/> 
</sp:Policy> 
</sp:Wss10> 
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
<sp:Body/> 
</sp:SignedParts> 
</wsp:All> 
</wsp:ExactlyOne> 
</wsp:Policy> 
</wsdl:definitions> 

services.xml

<?xml version="1.0" encoding="UTF-8"?> 
<!-- This file was auto-generated from WSDL --> 
<!-- by the Apache Axis2 version: 1.5.6 Built on : Aug 30, 2011 (10:00:16 CEST) --> 
<serviceGroup> 
    <service name="SimpleService"> 
     <messageReceivers> 
      <messageReceiver mep="http://www.w3.org/ns/wsdl/in-out" class="service.SimpleServiceMessageReceiverInOut"/> 
     </messageReceivers> 
     <parameter name="ServiceClass">service.SimpleServiceSkeleton</parameter> 
     <parameter name="useOriginalwsdl">true</parameter> 
     <parameter name="modifyUserWSDLPortAddress">true</parameter> 
     <operation name="echo" mep="http://www.w3.org/ns/wsdl/in-out" namespace="http://service"> 
      <actionMapping>urn:echo</actionMapping> 
      <outputActionMapping>urn:echoResponse</outputActionMapping> 
     </operation> 
    <module ref="rampart"/> 
    <module ref="addressing"/> 

    <wsp:Policy wsu:Id="SigOnly" 
       xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> 
     <wsp:ExactlyOne> 
      <wsp:All> 
       <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
        <wsp:Policy> 
         <sp:InitiatorToken> 
          <wsp:Policy> 
           <sp:X509Token 
             sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> 
            <wsp:Policy> 
             <sp:RequireThumbprintReference/> 
             <sp:WssX509V3Token10/> 
            </wsp:Policy> 
           </sp:X509Token> 
          </wsp:Policy> 
         </sp:InitiatorToken> 
         <sp:RecipientToken> 
          <wsp:Policy> 
           <sp:X509Token 
             sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> 
            <wsp:Policy> 
             <sp:RequireThumbprintReference/> 
             <sp:WssX509V3Token10/> 
            </wsp:Policy> 
           </sp:X509Token> 
          </wsp:Policy> 
         </sp:RecipientToken> 
         <sp:AlgorithmSuite> 
          <wsp:Policy> 
           <sp:TripleDesRsa15/> 
          </wsp:Policy> 
         </sp:AlgorithmSuite> 
         <sp:Layout> 
          <wsp:Policy> 
           <sp:Strict/> 
          </wsp:Policy> 
         </sp:Layout> 
         <sp:IncludeTimestamp/> 
         <sp:OnlySignEntireHeadersAndBody/> 
        </wsp:Policy> 
       </sp:AsymmetricBinding> 
       <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
        <wsp:Policy> 
         <sp:MustSupportRefKeyIdentifier/> 
         <sp:MustSupportRefIssuerSerial/> 
        </wsp:Policy> 
       </sp:Wss10> 
       <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> 
        <sp:Body/> 
       </sp:SignedParts> 

       <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
        <ramp:user>service</ramp:user> 
        <ramp:encryptionUser>client</ramp:encryptionUser> 
        <ramp:passwordCallbackClass>service.PWCBHandler 
        </ramp:passwordCallbackClass> 

        <ramp:signatureCrypto> 
         <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> 
          <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> 
          <ramp:property name="org.apache.ws.security.crypto.merlin.file">service.jks</ramp:property> 
          <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache 
          </ramp:property> 
         </ramp:crypto> 
        </ramp:signatureCrypto> 
       </ramp:RampartConfig> 

      </wsp:All> 
     </wsp:ExactlyOne> 
    </wsp:Policy> 
    </service> 
</serviceGroup> 

Client Заглушка

SimpleServiceStub stub = new SimpleServiceStub("http://sbswsvm1426:9091/axis2/services/SimpleService?wsdl"); 
      stub._getServiceClient().engageModule("rampart"); 
      stub._getServiceClient().engageModule("addressing"); 
      Options options = stub._getServiceClient().getOptions(); 
      options.setUserName("apache"); 
      options.setPassword("password"); 
      Echo oSreq=new Echo(); 
      oSreq.setArgs0("Echoed!!"); 


      EchoResponse response = stub.echo(oSreq); 
      System.out.println(response.get_return()); 

Answer 1

Попробуйте следовать. Вы должны указать путь к репозиторию клиента. В папке хранилища должна быть папка с именем «modules», а рампа mar должна находиться внутри этой папки.

ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("path/to/client/repo", null); 
SimpleServiceStub stub = new SimpleServiceStub(ctx, "http://sbswsvm1426ou:9091/axis2/services/SimpleService?wsdl"); 

Я думаю, вы снова получите новое сообщение об ошибке. Что-то вроде «PKIX path building failed». Если вы убедитесь, что вам нужно добавить сертификат сервера в хранилище ключей и его нужно импортировать. Вы можете сделать это так:

System.setProperty("javax.net.ssl.trustStore", "/path/to/server.jks"); 
System.setProperty("javax.net.ssl.trustStorePassword", "password"); 

Вы можете прочитать об этом здесь. http://wso2.com/library/3190/

Answer 2

вы должн чтобы развернуть rampart.mar в клиентский репозиторий в каталоге модулей.