Problem turning encryption off in sts-sample

classic Classic list List threaded Threaded
8 messages Options
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem turning encryption off in sts-sample

Ugo
I am trying to turn encryption off on the echo service messages by removing EncryptedParts (and also EncryptSignature and MustSupportRefEncryptedKey, just to be sure) from scenario17-policy.xml (the policy I am using for the echo service) and service.policy.xml. But after I do that the echo invocation fails with the following error message:

Exception in thread "main" org.apache.axis2.AxisFault: Expected encrypted part missing
        at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
        at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
        at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
        at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
        at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
        at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
        at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
        at org.wso2.wsas.sample.sts.client.Client.main(Client.java:120)

Why is it expecting an encrypted part when I turned encryption off in the policies?

Thank you,
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Nunny
Ugo,
     Did you apply the policy using the web console ? Did you change the service policy using the edit policy functionality ? When you look at the policy in the WSDL of the service does it
show the modifications ?

thanks,
nandana

On Fri, Jan 23, 2009 at 10:09 PM, Ugo <[hidden email]> wrote:

I am trying to turn encryption off on the echo service messages by removing
EncryptedParts (and also EncryptSignature and MustSupportRefEncryptedKey,
just to be sure) from scenario17-policy.xml (the policy I am using for the
echo service) and service.policy.xml. But after I do that the echo
invocation fails with the following error message:

Exception in thread "main" org.apache.axis2.AxisFault: Expected encrypted
part missing
       at
org.apache.axis2.util.Utils. lgetInboundFaultFromMessageContext(Utils.java:512)
       at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
       at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
       at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
       at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
       at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
       at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
       at org.wso2.wsas.sample.sts.client.Client.main(Client.java:120)

Why is it expecting an encrypted part when I turned encryption off in the
policies?

Thank you,
Ugo
--
View this message in context: http://www.nabble.com/Problem-turning-encryption-off-in-sts-sample-tp21628022p21628022.html
Sent from the WSO2 WSAS Users mailing list archive at Nabble.com.


_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user



--
Nandana Mihindukulasooriya  
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org

_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Ugo
Nandana,

I actually did not use the web console to modify and apply the echo service policy. I only modified the file scenario17-policy.xml before starting WSAS, thinking that the modified policy would be picked up at initialization time. But it looks like you are telling me that it does not work that way.

So I put back the original scenario17-policy.xml and I started WSAS again. In the console, I went into the "Edit Service Policies" option for the echo service. There I tried to remove the following code:

         <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <sp:Body />
         </sp:EncryptedParts>

But when I click "Update", I get message "Unable to update binding policy".

Thank you,
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Nunny
Hi Ugo,
   Normally you cannot update the policy when it is invalid. For example, if you have undeclared namespace prrfix, such things occur. But if you only deleted the encrypted parts assertions, it can't be the case. Anyway I will try the scenario and let you know.

thanks,
nandana


On Thu, Jan 29, 2009 at 1:24 AM, Ugo <[hidden email]> wrote:

Nandana,

I actually did not use the web console to modify and apply the echo service
policy. I only modified the file scenario17-policy.xml before starting WSAS,
thinking that the modified policy would be picked up at initialization time.
But it looks like you are telling me that it does not work that way.

So I put back the original scenario17-policy.xml and I started WSAS again.
In the console, I went into the "Edit Service Policies" option for the echo
service. There I tried to remove the following code:

        <sp:EncryptedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
           <sp:Body />
        </sp:EncryptedParts>

But when I click "Update", I get message "Unable to update binding policy".

Thank you,
Ugo
--
View this message in context: http://www.nabble.com/Problem-turning-encryption-off-in-sts-sample-tp21628022p21713451.html
Sent from the WSO2 WSAS Users mailing list archive at Nabble.com.


_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user



--
Nandana Mihindukulasooriya  
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org

_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Ugo
Hi Nandana,

I just tried to validate, using XMLSpy, the modified policy that gives me the update error, and it validates fine against the WS-Policy schema. So it should not be a malformed xml issue.

Regards,
Ugo


Nunny wrote
Hi Ugo,
   Normally you cannot update the policy when it is invalid. For example, if
you have undeclared namespace prrfix, such things occur. But if you only
deleted the encrypted parts assertions, it can't be the case. Anyway I will
try the scenario and let you know.

thanks,
nandana


On Thu, Jan 29, 2009 at 1:24 AM, Ugo <ugo.corda@ntc.com> wrote:

>
> Nandana,
>
> I actually did not use the web console to modify and apply the echo service
> policy. I only modified the file scenario17-policy.xml before starting
> WSAS,
> thinking that the modified policy would be picked up at initialization
> time.
> But it looks like you are telling me that it does not work that way.
>
> So I put back the original scenario17-policy.xml and I started WSAS again.
> In the console, I went into the "Edit Service Policies" option for the echo
> service. There I tried to remove the following code:
>
>         <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>            <sp:Body />
>         </sp:EncryptedParts>
>
> But when I click "Update", I get message "Unable to update binding policy".
>
> Thank you,
> Ugo
> --
> View this message in context:
> http://www.nabble.com/Problem-turning-encryption-off-in-sts-sample-tp21628022p21713451.html
> Sent from the WSO2 WSAS Users mailing list archive at Nabble.com.
>
>
> _______________________________________________
> Wsas-java-user mailing list
> Wsas-java-user@wso2.org
> https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user
>



--
Nandana Mihindukulasooriya
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org

_______________________________________________
Wsas-java-user mailing list
Wsas-java-user@wso2.org
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Ugo
In reply to this post by Nunny
Hi Nandana,

Were you able to reproduce the problem I encountered?

Thank you,
Ugo

<quote author="Nunny">
Hi Ugo,
   Normally you cannot update the policy when it is invalid. For example, if
you have undeclared namespace prrfix, such things occur. But if you only
deleted the encrypted parts assertions, it can't be the case. Anyway I will
try the scenario and let you know.

thanks,
nandana
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Nunny
I tried with WSAS 2.3 and was able to reproduce following your steps. It seems a bug and I will raise a JIRA. The trunk is drastically changed for WSAS 3.0 and now the policy editing support is a lot improved. Will it be option for you to use WSAS 3.0 ?

thanks,
Nandana

On Tue, Feb 3, 2009 at 8:27 AM, Ugo <[hidden email]> wrote:

Hi Nandana,

Were you able to reproduce the problem I encountered?

Thank you,
Ugo


Hi Ugo,
  Normally you cannot update the policy when it is invalid. For example, if
you have undeclared namespace prrfix, such things occur. But if you only
deleted the encrypted parts assertions, it can't be the case. Anyway I will
try the scenario and let you know.

thanks,
nandana

--
View this message in context: http://www.nabble.com/Problem-turning-encryption-off-in-sts-sample-tp21628022p21803092.html
Sent from the WSO2 WSAS Users mailing list archive at Nabble.com.


_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user

_______________________________________________
Wsas-java-user mailing list
[hidden email]
https://wso2.org/cgi-bin/mailman/listinfo/wsas-java-user
Ugo
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem turning encryption off in sts-sample

Ugo
I can switch to WSAS 3.0. Is it stable enough, particularly the security components like Rampart and Rahas?

Thank you,
Ugo


Nunny wrote
I tried with WSAS 2.3 and was able to reproduce following your steps. It
seems a bug and I will raise a JIRA. The trunk is drastically changed for
WSAS 3.0 and now the policy editing support is a lot improved. Will it be
option for you to use WSAS 3.0 ?

thanks,
Nandana
Loading...