Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / November 2007

Tip: Looking for answers? Try searching our database.

Calling Java Web Service with Security

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
BigJohn - 14 Nov 2007 15:36 GMT
From a VB.Net COM using VS2005, I need to call a Java web service with
ID/password.  I currently am successfully calling the service but am
rejecting because the security object is not available in SOAP.

A preliminary scan showed the direction of SOAP Toolkit 3.0 which was
unsupported April 2005, but I am not quick to use unsupported interfaces.

I am trying to use WSE 3.0, but cannot find a way to send the security object.

I assume I need to send a Username Token.

Thank you
Reply to this Message
BigJohn - 14 Nov 2007 16:44 GMT
For more clarification, Java service is running on WebLogic 8.1.

I read through the Interoperbility page and it references WSE3 with WebLogic
10 but I was unable to find samples of userName tokens.  The other WSE2
discussions reference methods not available to my application
(wsJava.Security.Tokens.Add).

Possibly I need to downgrade to VS2003?
Reply to this Message
BigJohn - 14 Nov 2007 20:38 GMT
After a full day of wasted investigation, here are a few more items which may
be of interest:

Exact error: "WSDoAllReceiver: Request does not contain required Security
header"

I did run the wsdl through wsdl.exe.  I do have WSE 3.0 installed and
configured.  I do not see my normal UsernameToken methods available (e.g.
SetProxy, SetClientCredentials).

I may need to add a security item to the SOAP header, but I thought WSE
would do that for me.

Thank you
Reply to this Message
Steven Cheng[MSFT] - 15 Nov 2007 03:58 GMT
Hi BigJohn,

Yes, WSE 3.0 provide many existing implementation of webservice WS-*
security specification, however, I think you should first verify what's the
security authentication rules your JAVA webservice uses and then consider
how to configure the ASP.NET or WSE secured .NET client to communicate with
it.

As you mentioned Usernametoken, can you ensure that the JAVA webservice is
demanding a usernametoken? BTW, after you installed WSE 3.0 for VS 2005, in
the project, you can select the project node in "solution explorer" and
choose "WSE Settings 3.0..." item in context menu, after that, in the popup
WSE setting dialog, check the "Eable this project for WSE " option in
"General" tab. Thus, when you use "Add Web Reference" to add the webservice
proxy, it will generate two proxy class, one is the standard one, and the
other is the WSE specifcy one(with  "Wse" suffix in its class name).

For detailed info on the security assertions of WSE 3.0, you can refer to
the WSE local document or the following web reference:

#What's New in Web Services Enhancements (WSE) 3.0
http://msdn2.microsoft.com/en-us/library/ms977317.aspx

#Turnkey Security Assertions
http://msdn2.microsoft.com/en-us/library/aa528756.aspx

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================
   

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
From: =?Utf-8?B?QmlnSm9obg==?= <bigjohn@newsgroup.nospam>
References:  <0A60C439-4D54-48AC-AFA3-53017AF35D85@microsoft.com>
Subject: RE: Calling Java Web Service with Security
Date: Wed, 14 Nov 2007 12:38:12 -0800

After a full day of wasted investigation, here are a few more items which
may
be of interest:

Exact error: "WSDoAllReceiver: Request does not contain required Security
header"

I did run the wsdl through wsdl.exe.  I do have WSE 3.0 installed and
configured.  I do not see my normal UsernameToken methods available (e.g.
SetProxy, SetClientCredentials).

I may need to add a security item to the SOAP header, but I thought WSE
would do that for me.

Thank you
Reply to this Message
BigJohn - 15 Nov 2007 12:48 GMT
Thank you for the response.

I added the web reference, then applied WSE, so I don't get the ...WSE
service which is probably my problem.  I tried adding the web reference a
second time and the server is throwing an error.  I tried using wsdl.exe
against the vendor provided wsdl file and it threw an error.

I am beginning to feel the wsdl has problems which need to get corrected
before I can move on.

I have used WSE3.0 on ASP for a brief period, but this is the first time I
used it on a COM object.
Reply to this Message
Steven Cheng[MSFT] - 19 Nov 2007 04:01 GMT
Hi BigJohn,

Thanks for your reply.

So when you try adding webreference against a external webservice in VS
2005 client project(with WSE 3.0 enabled), you can not find the Wse
specific generated proxy?  Have you tried "Add WebReference" against a
simple local webservice to see whether it can producted both standard and
WSE specific proxy?

Also, for commandline approach, you need to use the "WseWsdl3.exe" tool in
the WSE install folder:

"C:\Program Files\Microsoft WSE\v3.0\Tools"

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
From: =?Utf-8?B?QmlnSm9obg==?= <bigjohn@newsgroup.nospam>
Subject: RE: Calling Java Web Service with Security
Date: Thu, 15 Nov 2007 04:48:00 -0800

Thank you for the response.

I added the web reference, then applied WSE, so I don't get the ...WSE
service which is probably my problem.  I tried adding the web reference a
second time and the server is throwing an error.  I tried using wsdl.exe
against the vendor provided wsdl file and it threw an error.

I am beginning to feel the wsdl has problems which need to get corrected
before I can move on.

I have used WSE3.0 on ASP for a brief period, but this is the first time I
used it on a COM object.
Reply to this Message
BigJohn - 19 Nov 2007 15:10 GMT
thank you.  I now have a policy which I can use.  doesn't provide a
UserNameToken object usage, but I found the vendor doesn't allow for it.  The
WSEWsdl3 is working much better.
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.