Rampart

Hello all. I´ve followed all examples and tutorials about axis2 and rampart using wss, posted in wso2 (which are excellent), and they work fine in axis2 1.4.1 and rampart 1.4 on eclipse ganymede 3.4.1 and jdk 1.5.0_22 and tomcat-6.0.20. However, i've to implement a web service from a specific wsdl, using a keystore.jks and cacerts.jks that someone give to me, and here begin the problems as a "Error in signature with X509Token", and more. Could you help me if send you the wsdl ? Thanks. Emilio Here the wsdl: " <?xml version="1.0" encoding="UTF-8"?>

Thilina provides a simplified explanation on how XML encryption works with SOAP messages as per the WS Security Specification. Thilina Buddhika is a Software Engineer at WSO2. This post is intended to provide a simplified explanation on how XML encryption works with SOAP messages as per the WS Security Specification.

Introduction to Rampart/Java

http://blog.facilelogin.com/2008/11/usernametoken-authentication-based-on.html

This explains how to setup and run standard Apache Rampart samples in an Axis2 instance hosted in Apache Rampart.

In this tutorial, Nandana Mihindukulasooriya walks you through vulnerabilities within Axis2 1.4/ Rampart 1.4 and lists possible work arounds in solving those issues.

Apache Rampart is the Axis2 module that provides WS-Security functionality to Axis2 Web services and their clients. Apache Rampart configuration allows providing a password callback handler class, that can be used to provide passwords needed for Rampart engine to build username tokens and create signatures when sending messages. It is also used to provide passwords required to validate incoming username tokens and decrypt encrypted content in incoming messages. In this tutorial, Nandana Mihindukulasooriya will go through possible usage scenarios of password callback handler and describe how to configure Rampart and write password callback handlers to suit each of those usage scenarios.

Apache Rampart is the Axis2 module that provides WS-Security functionality to Axis2 Web services and clients. Rampart currently implements WS-SOAP message security , WS-Security policy , WS-Secure conversation and WS-Trust specifications. In part one of this tutorial, we looked at applying transport-level security to a Web service and a client. In this tutorial, we will look at how to apply message-level security to a Web service and a client using Apache Rampart.