The scenarios available here can be deployed using deploy.sh | |
Simply give the scenario name as an argument to the script. | |
E.g. %sh deploy.sh scenario1 | |
Windows users please use the "deploy.bat". | |
Make sure you have run the | |
../client/deploy_client_repo.sh on Linux or | |
..\client\deploy_client_repo.bat in Windows. | |
These scenarios will only copy the security policy (XML) files. | |
Then start the server. (simple_axis_server is in $AXIS2C_HOME/bin) | |
To run the client, use the script | |
"../client/sec_echo/update_n_run.sh" on Linux or | |
"..\client\sec_echo\update_n_run.bat" on Windows. | |
Following is a summary of scenarios available. | |
Scenario Summary | |
------------------- | |
1. Timestamp | |
2. UsernameToken | |
3. Encryption | |
4. Signature | |
5. A complete scenario to show: Timestamp, UsernameToken, Encrypt, | |
The protection order is Sign->Encrypt | |
Signature is Encrypted | |
6. A complete scenario to show: Timestamp, UsernameToken, Encrypt, | |
The protection order is Encrypt->Sign | |
Signature is Encrypted | |
7. Replay detection | |
8. Symmetric binding. Encryption using derived keys. | |
9. Symmetric binding. Signature | |
10. Symmetric binding. Both encryption and sign. | |
The protection order is Encrypt->Sign | |
11. Symmetric binding. Both encryption and sign. | |
The protection order is Sign->Encrypt | |
12. Symmetric binding. Both encryption and sign. | |
The protection order is Sign->Encrypt | |
Signature is Encrypted | |
13. Symmetric binding. Both encryption and sign. | |
The protection order is Encrypt->Sign | |
Signature is Encrypted | |
14. SAML Signed supporting token inclution. This scenario uses the saml_echo client. | |
15. Symmetric binding with security context token. Encryption only. | |
16. Symmetric binding with security context token. Both encryption and sign. | |
The protection order is Encrypt->Sign | |
17. Symmetric binding with secure conversation token. Using derived keys. | |
Both encryption and sign | |
The protection token is Sign->Encrypt | |
18. Symmetric binding with secure conversation token. | |
Using different tokens for encryption and signature.Using DerivedKeys | |
The protection token is Encrypt->Sign. Signature is Encrypted. | |
19. Symmetric binding with secure conversation token. | |
Using different tokens for encryption and signature. | |
The protection token is Sign->Encrypt. Signature is Encrypted. | |
20. SAML Scenario. Get a SAML token from samlsts and give the saml token to sec_echo service to access the service. Cannot be run with test_scen.sh. Please use saml.sh script | |
21. Asymetric binding encryption with PKCS12 as the key store. | |
22. Asymetric binding signature with PKCS12 as the key store. | |
23. Symmetric binding signature and encryption with PKCS12 key store. | |
24. SAML as a protection token for signing and encrypting a message. | |
25. SecureConversation using Rahas module. Issue operation is defined in rahas | |
26. SecureConversation using Rahas module. Issue operation is defined in service | |
27. Same as 25. With WS-SecurityPolicy1.2, WS-Trust1.3 and WS-SecConv 1.3 | |
28. Same as 26. With WS-SecurityPolicy1.2, WS-Trust1.3 and WS-SecConv 1.3 | |
29. UserNameToken over transport binding | |
FAQ: | |
--- | |
* I am NOT on LINUX. Are there any changes to be done in samples. | |
---------------------------------------------------------------- | |
YES. You have to change file names accordingly. For example your password | |
callback module might have "*.so" as the extension. This might be different in | |
WIN32 and Mac OS. | |
* I am in a HURRY and I need to try a scenario | |
-------------------------------------------- | |
If you are in a real hurry and need to try a scenario please use "test_scen.sh". | |
Usage : %sh test_scen.sh scenarioX server-port | |
E.g. %sh test_scen.sh scenario3 8080 | |
test_scen.bat scenario3 8080 | |
* I need to try all the scenarios | |
------------------------------- | |
In this case please use the script run_all.sh. | |
Usage: %sh run_all.sh server-port | |
E.g. %sh run_all.sh 8080 | |
run_all.bat 8080 | |
* I need to see messages exchanged | |
-------------------------------------- | |
You may use the TCP Monitor utility: http://ws.apache.org/commons/tcpmon/ | |
Make sure that you give the correct port that you have configured in TCPMon | |
while running the scripts. | |
* I cannot run samples and log says keys cannot be loaded | |
--------------------------------------------------------- | |
Check your policy files. Make sure that you have correct paths specified for | |
key/certificate files. | |
* My client sends a secured SOAP request. But the server throws me SOAP faults. | |
------------------------------------------------------------------------------ | |
Well. You are on it. Check whether the server's policy configurations are | |
satisfied by the client's policies. There is a <Reason> element carrying the | |
information you need in the SOAP fault. Misconfigurations in the server also can be resulted | |
in a SOAP fault. | |
*Hmm... I'm still in a trouble. Can I contact you guys? | |
------------------------------------------------------- | |
Indeed you can. Please check here. | |
http://ws.apache.org/rampart/c/lists_issues.html | |
Err... if you can attach log files under AXIS2C_HOME/logs, a trace of SOAP | |
message, plus anything that you think relavent, that'll help the troubleshooting process. | |