In Apache Axis2/Rampart, while generating wsdl and validating policy, is Ws-security Policy 1.2 assertion <sp:NoPassword/> not handled completely? -

-

we implementing ws-security policy on our web services following framework/module/specification.

apache axis2 1.6.2
apache rampart 1.6.2
ws-security policy 1.2(namespace:http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702)

we facing following issues while creating/consuming service.

  1. axis2 wsdl generation logic ignores <sp:nopassword/> assertion. after debugging,i realized because of logic in org.apache.ws.secpolicy.model.usernametoken (rampart-policy-1.6.2.jar) expects <sp:wssusernametoken11 /> ( or <sp:wssusernametoken10 />) specified - again when specify that, <sp:nopassword/> created child element of <sp:wssusernametoken11 /> causing <sp:nopassword/> ignored on client (consumer) side.
  2. in implementation of org.apache.rampart.policybasedresultsvalidator/handlesupportingtokens method - nopassword scenario not considerd ; hence fails saying "org.apache.axis2.axisfault: usernametoken missing in request".
  3. on consumer side, ws security policy 1.2 work, had remove rahas-1.6.2.mar client side rampart repository;there jira ticket - https://issues.apache.org/jira/browse/rampart-371

please suggest if missed here.


Comments

Post a Comment

Popular posts from this blog

c# - How Configure Devart dotConnect for SQLite Code First? -

-
can configure following sample code ? when run following code, error : no entity framework provider found ado.net provider invariant name 'devart.data.sqlite' setting in machine.config <system.data> <dbproviderfactories> <add name="dotconnect sqlite" invariant="devart.data.sqlite" description="devart dotconnect sqlite" type="devart.data.sqlite.sqliteproviderfactory, devart.data.sqlite, version=4.6.287.0, culture=neutral, publickeytoken=09af7300eec23701" /> </dbproviderfactories> </system.data> after add below block code in app.config <?xml version="1.0"?> <configuration>   <configsections> <!-- more information on entity framework configuration, visit http://go.microsoft.com/fwlink/?linkid=237468 --> <section name="entityframework" type="system.data.entity.internal.configfile.entityframeworksection, entit...
Read more

java - Copying object fields -

-
what best way of copying classes when need have 2 independent variables? have simple class: public class myclass { boolean = false; string b= "not empty"; } do need make method : assign(myclass data ) { a= data.a; b= data.b; } is there automatic method copy (duplicate) objects in java? do need make method : pretty close. instead of making method, should make constructor. such constructors called copy constructor , , create them this: myclass(myclass data) { = data.a; b = data.b; } and create copy of instance, use constructor this: myclass obj1 = new myclass(); myclass obj2 = new myclass(obj1); copy constructor can tedious : using copy constructor create deep-copy can tedious, when class has mutable fields. in case, assignment create copy of reference, , not object itself. have create copy of fields (if want deep copy). can go recursive. a better way create deep copy serialize , deserialize object. why not use clone()? ...
Read more

c++ - Clear the memory after returning a vector in a function -

-
i have function processes , stores lot of data in , returns results vector of class. amount of data stored in function tremendous , want clear storage memory of function after finished job. necessary (does function automatically clear memory) or should clear memory function? update: vector<customers> process(char* const *filename, vector<int> id) { vector<customers> list_of_customers; (perform actions) return list_of_customers; } variables defined locally within function automatically released @ end of function scope. destructors objects called, should free memory allocated objects (if objects coded correctly). example of such object std::vector . anything you've allocated new must have corresponding delete release storage. try avoid doing own allocation , use raii instead, i.e. containers or smart pointers.
Read more