I am trying to resolve a problem we have using glassfish V2 to publish a simple web service using a plain UserNameToken for security reasons. Since we were using Netbeans 6.5 to archive this we were looking into this tutorial.
Therefore the following steps were done:
In our dev environment we installed the Sun Java(TM) System Access Manager and can administer this through the admin console as well as through the Netbeans IDE. All good. The example from the tutorial worked perfect so we thought we are in a good position to move on.
After changing the security options for our web service we published this on our test environment without any Netbeans installed.
After that the following steps were done:
deploying the service
configure the realm in Access Manager for the IP address
setup the expected user to access the web service.
When our partner is now accessing the web service the actual web service code is not accessed and we always find in the server logging that the security header was not understood.
This is the message we receive at the server:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-10034404">
<wsu:Created>2009-01-19T16:33:38.537Z</wsu:Created>
<wsu:Expires>2009-01-19T16:34:08.537Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-10034094">
<wsse:Username>myUser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">myPasswd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<wsa:MessageID soapenv:mustUnderstand="0">uuid:ecc3b150-e646-11dd-96e5-9f80a576275b</wsa:MessageID>
<wsa:To soapenv:mustUnderstand="0">http://62.154.241.166:8080/HTNGService/WebServiceForTrustService</wsa:To>
<wsa:Action soapenv:mustUnderstand="0">http://webservice.trustinternational.com/ws/services/Htng2ReservationService</wsa:Action>
<wsa:From xmlns="http://schemas.xmlsoap.org/ws/2004/08/addressing" soapenv:mustUnderstand="0">
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address></wsa:From>
</soapenv:Header>
<soapenv:Body>
...
</soapenv:Body></soapenv:Envelope>
our wsit.xml looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<definitions
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" name="WebServiceForTrustService" targetNamespace="http://wstrust/" xmlns:tns="http://wstrust/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp1="http://www.w3.org/ns/ws-policy" xmlns:fi="http://java.sun.com/xml/ns/wsit/2006/09/policy/fastinfoset/service" xmlns:tcp="http://java.sun.com/xml/ns/wsit/2006/09/policy/soaptcp/service"
>
<message name="otaHotelResNotif"/>
<message name="otaHotelResNotifResponse"/>
<portType name="WebServiceForTrust">
<operation name="otaHotelResNotif">
<input message="tns:otaHotelResNotif"/>
<output message="tns:otaHotelResNotifResponse"/>
</operation>
</portType>
<binding name="WebServiceForTrustPortBinding" type="tns:WebServiceForTrust">
<wsp:PolicyReference URI="#WebServiceForTrustPortBindingPolicy"/>
<operation name="otaHotelResNotif">
<input/>
<output/>
</operation>
</binding>
<service name="WebServiceForTrustService">
<port name="WebServiceForTrustPort" binding="tns:WebServiceForTrustPortBinding"/>
</service>
<wsp:Policy wsu:Id="WebServiceForTrustPortBindingPolicy">
<wsp:ExactlyOne>
<wsp:All/>
</wsp:ExactlyOne>
</wsp:Policy>
</definitions>
Does anyone has any idea what configuration might be missing here?
We also realised that in the IDE after turning the security (AM security) on there was a file created under configuration files/ amserver called amconfig.xml.
This file we can't find on the webserver after deploying the service nor in the *.war nor under addons/amserver or so.
The file internally looks like:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:AMConfig xmlns:ns2="http://identity.netbeans.org/access_manager_config_1_0">
<ProviderConfig type="WSP" name="WebServiceForTrustService">
<SecurityMechanism uri="urn:sun:wss:security:null:UserNameToken-Plain"/>
</ProviderConfig>
</ns2:AMConfig>
since the information is already in sun-web.xml which is published on the server I think that should not be the problem but might be helpful for you.
since we worked further on the above here a few new things even if it isn't solved.
The example tutorial was rebuild and deployed on the test-server. Client and Server Test app. Both are working fine when started locally on the test-server.
If we configure how ever a client from remote to use the same web-service with the same security information, we find the same error like with our other application.
Therefore I assume it has something to do with the configurations o Access Manager, but no idea which one.
I hope that helps anyone to help me.
Thanks!
Related
Can any one please suggest how can I find wsdl version my web service is exposing -
snippet from wsdl -
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"
xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:tns="http://tempuri.org/"
xmlns:wsa10="http://www.w3.org/2005/08/addressing"
xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
name="XXXService" targetNamespace="http://tempuri.org/">
I have gone through these web links -
https://coderanch.com/t/502335/certification/determine-wsdl-version
according to above post it's 1.2
whereas looking at this -
https://www.soapui.org/docs/soap-and-wsdl/working-with-wsdls/
SoapUI documentation says "SoapUI supports 1.1 version of the WSDL specification".
Because my wsdl loads successfully in SoapUI - could it be version 1.1?
So, I am not sure which version of wsdl (1.1/1.2/2.0) my web service is exposing.
Any suggestions please.
There are two WSDL versions: 1.1 and 2.0. A history of how these versions got to be can be found on the Wikipedia page for WSDL.
Also on that page it's a useful image of the differences between them and how to recognize the version you are dealing with:
The easiest way is to look at the root element in the XML:
if it's called <definitions> then it's a WSDL 1.1;
if it's called <description> then it's a WSDL 2.0;
Most of the WSDLs you will find out there will be version 1.1, but if the technology is newer, it might also be possible to retrieve a WSDL 2.0. See for example the answer on this post for more details about some conventions of retrieving a SOAP web service's WSDL if it provides one.
I am trying to create a Webservice implementation deployed on a WebSphere 8.5 application server.
I already created the skeleton and all the stubs but I don't know how to package my application.
I noticed that using axis2-wsdl2code-maven-plugin a services.xml file is created and this should replace the old WSDD file from axis1. However I don't know where should I place the services.xml and how to set web.xml (if it is needed).
Everything should be packaged in a simple war file.
I cannot find any simple documentation for this.
UPDATE:
I was able to deploy my application but I cannot reach neither the service nor its wsdl (the WSDL is not present inside the archive).
When I'm trying to reach my webservice i get:
org.apache.axis2.AxisFault: The service cannot be found for the
endpoint reference
I have the following services.xml file, located under WEB-INF/services fodler of my WAR archive.
<?xml version="1.0" encoding="UTF-8"?><!-- This file was auto-generated from WSDL --><!-- by the Apache Axis2 version: 1.6.2 Built on : Apr 17, 2012 (05:33:49 IST) --><serviceGroup>
<service name="PagamentoBollettinoPostaleInf">
<messageReceivers>
<messageReceiver mep="http://www.w3.org/ns/wsdl/in-out" class="myservice.PagamentoBollettinoPostaleInfMessageReceiverInOut"/>
</messageReceivers>
<parameter name="ServiceClass">myservice.PagamentoBollettinoPostaleInfSkeleton</parameter>
<parameter name="useOriginalwsdl">true</parameter>
<parameter name="modifyUserWSDLPortAddress">true</parameter>
<operation name="getPagamentoBollettinoPostaleInf" mep="http://www.w3.org/ns/wsdl/in-out" namespace="******">
<actionMapping>urn:getPagamentoBollettinoPostaleInf</actionMapping>
<outputActionMapping>urn:getPagamentoBollettinoPostaleInfResponse</outputActionMapping>
</operation>
</service>
</serviceGroup>
This is my WEB.XML file:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
<display-name>inviaAnomalia</display-name>
<servlet>
<display-name>Apache-Axis Servlet</display-name>
<servlet-name>AxisServlet</servlet-name>
<servlet-class>org.apache.axis2.transport.http.AxisServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>/servlet/AxisServlet</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>*.jws</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AxisServlet</servlet-name>
<url-pattern>/services/*</url-pattern>
</servlet-mapping>
</web-app>
This is the endpoint i am trying to connect to:
http://localhost:9080/war_context_root/services/PagamentoBollettinoPostaleInf
This happens when I try to get the WSDL file of my webservice by connecting to: http://localhost:9080/war_context_root/services/PagamentoBollettinoPostaleInf?wsdl
SOLVED
The solution was to follow the steps shown here: http://maksim.sorokin.dk/it/2011/01/13/axis2-maven-servlets-tomcat/
Then, in order to deploy correctly, WSDL and services.xml descriptor file must be placed inside:
WEB-INF/services/<ServiceName>/META-INF
Furthermore, disabling IBM JAX-WS Engine as suggested by Bruce T. and setting the classloader as shown in the following image solved the issue.
I am working on implementation of service that should accept SOAP 1.2 request with with HTNG 2.1 header, WS-Addressing (to communicate message IDs between systems and address destinations) and WS-Security (user authentication only).
I have completed the whole business logic of processing payload message and generating proper response but I have a real trouble configuring my service to predefined request.
Here it is:
<Envelope xmlns="http://www.w3.org/2003/05/soap-envelope">
<soap2:Header xmlns:soap2="http://www.w3.org/2003/05/soap-envelope"
xmlns:htng="http://htng.org/1.3/Header/"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wss="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:htnga="http://htng.org/PWSWG/2007/02/AsyncHeaders"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsa:Action>http://MyHost/MyService_SubmitRequest</wsa:Action>
<wsa:ReplyTo>
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
</wsa:ReplyTo>
<htnga:ReplyTo>
<wsa:Address>HTTPS://ResponseHost/Response.SVC</wsa:Address>
</htnga:ReplyTo>
<wss:Security mustUnderstand="1">
<wss:UsernameToken>
<wss:Username>string</wss:Username>
<wss:Password>string</wss:Password>
</wss:UsernameToken>
</wss:Security>
<wsa:MessageID>df559145-78a4-4c85-a264-bf99bbf8df9e</wsa:MessageID>
<htnga:CorrelationID>df559145-78a4-4c85-a264-bf99bbf8df9e</htnga:CorrelationID>
<wsa:To>https://pms.url</wsa:To>
</soap2:Header>
<Body>
<!-- Payload -->
</Body>
</Envelope>
I want configuration in config file, not in code and I have tried all configuration options I could find in various posts without any success.
I am aware that I am probably missing some basics about WCF that I can't spot right now so at least a point in right direction will help.
As far as I know, the MesaageID/ReplyTo header could be added in the SOAP header by setting up the message version.
How to add MessageID in the soap headers of WCF request and response?
And UsernameToken could be added by authenticating the client with username/password pattern.
<customBinding>
<binding name="mybinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" includeTimestamp="false" >
</security>
<httpsTransport></httpsTransport>
</binding>
</customBinding>
Result.
Correct way communicate WSSE Usernametoken for SOAP webservice
I don’t know how to add HGNGA:CorrelationID header to the SOAP header, It might relate to the WCF tracing.
Feel free to let me know if there is anything I can help with.
I have a legacy SOAP WS in my JAVA project (1.7) which is currently giving some trouble. In its WEB-INF/wsdl/*.wsdl file there is this block
<xsd:schema>
<xsd:import namespace="https://myUrl.com/" schemaLocation="myService_schema.xsd"/>
</xsd:schema>
right after its deployment, when i download its wsdl via wget I get the following
<xsd:schema xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="https://o2o-staging.beeweeb.com/" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:import namespace="https://myUrl.com/" schemaLocation="http://myUrl.com:443/service-ws/myService?xsd=myService_schema.xsd"/>
</xsd:schema>
as you can see the xsd import address https://myUrl.com becomes http://myUrl.com:443, thus making the service inaccessible as nginx complains with a 400 error: The plain HTTP request was sent to HTTPS port
I really did some searching and found no problem assimilated to this. Can somebody please explain to me what is going on, and how to possibly fix it? the namespace url https: //myUrl.com should really remain that way, and is it possible to avoi its becoming http: //myUrl.com:443 ?
My server is Jboss 7.1
For whom it might be helpful.
When a soap webservice is deployed, jboss re-processes whatever wsdl and xsd you have in your WEB-INF/wsdl. My problem was that in my standalone.xml I had an http connector, while I actually needed an https one.
so you need to
1) change your connector to https (or whatever it is you are yousing for your web-app
<connector name="http" protocol="HTTP/1.1" scheme="https" socket-binding="http"
secure="true" proxy-port="443"/>
2) add and explicit wsdl port in your standalone.xml
<subsystem xmlns="urn:jboss:domain:webservices:1.2">
<modify-wsdl-address>true</modify-wsdl-address>
<wsdl-host>jbossws.undefined.host</wsdl-host>
<wsdl-port>443</wsdl-port>
I want to add wsse Security header to my web service client on ASP 3.5. I test the web service from SoapUI using this Soap Envelope and get an answer:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:comp="http://myCompany.org.tr"> <soapenv:Header xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/>
<wsse:Username>MyUsername</wsse:Username>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
(Body Info.)
</soapenv:Body>
</soapenv:Envelope>
I want to create this envelope through classic Web Service Reference which created by Visual Studi 2012. Which class should I use to add Username Info to my envelope?
Thank you John, and Ladislav.
Turns out that you should add the header via web.config file to get properly ordered SOAP message. Otherwise .Net tries to nest your code with its own capsulation (even you dont ask for it), and sends some rubbish as a result.