[prev in list] [next in list] [prev in thread] [next in thread] 

List:       rampart-dev
Subject:    RE: "Missing wsse:Security header in request" exception.
From:       "Sanjay Vivek" <Sanjay.Vivek () newcastle ! ac ! uk>
Date:       2008-07-15 10:17:33
Message-ID: EMEW-k6EBHX1970e1c20cd29a279b812178f554edd0-88493EDAE8A32D4EA88F17102879E395082FE87D () moonraker ! campus ! ncl ! ac ! uk
[Download RAW message or body]

Hi Nandana,

I've managed to solve the problem by adding "<sp:IncludeTimestamp/>" in
the policy.xml. I had omitted it for my service. Would the absence of
<sp:IncludeTimestamp/> result in security headers not being included in
the SOAP message response? Thanks again.

Regards
Sanjay 

>-----Original Message-----
>From: Sanjay Vivek [mailto:Sanjay.Vivek@newcastle.ac.uk] 
>Sent: 15 July 2008 07:23
>To: rampart-dev@ws.apache.org
>Subject: RE: "Missing wsse:Security header in request" exception.
>
>Hi Nandana,
>
>I'm using Rampart 1.4 on both the client and service side. I 
>used the same policy file for my Rampart 1.3 installation and 
>the security header was in the response. 
>
>Do I have to configure my client code so that it accepts a 
>SOAP response message without security headers? Or do I 
>configure my policy so that Rampart 1.4 sends a SOAP message 
>with security headers? And if so, how do I go about doing 
>this? Thanks again.
>
>Regards
>Sanjay
>
>
>-----Original Message-----
>From: Nandana Mihindukulasooriya [mailto:nandana.cse@gmail.com]
>Sent: Mon 14/07/2008 18:50
>To: rampart-dev@ws.apache.org
>Subject: Re: "Missing wsse:Security header in request" exception.
> 
>Hi Sanjay,
>
>I just noticed the absence of <wsse:Security
>> 
>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws
>> se 
>> 
>curity-secext-1.0.xsd<http://docs.oasis-open.org/wss/2004/01/oa
sis-200401-wss-wssecurity-secext-1.0.xsd>"
>> soapenv:mustUnderstand="true" /> in the SOAP response 
>Header. Any idea 
>> why this element is missing in the SOAP response header?
>
>
>Looking at your policy, it seems that you don't need to have a 
>security header in the response. Rampart 1.4 doesn't send 
>empty security headers. Do you use Rampart 1.3 at the client side ?
>
>
>
>

[prev in list] [next in list] [prev in thread] [next in thread]