|
| |
| Sun Java System Application Server Enterprise Edition 8 2004Q4 XML and Web Services Security Guide | |
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Troubleshooting Message SecurityThe following sections discuss some ideas for troubleshooting message security.
How Can I View SOAP Messages Containing Security Elements in the server.log File?
To view SOAP messages containing security elements in the server.log file, set the parameter dumpMessages=true in the file install_dir/domains/domain_name/config/wss-server-config.xml, and then restart the server.
The section of the wss-server-config.xml file that needs to be modified to enable this is as shown below:
<xwss:SecurityConfiguration xmlns:xwss="http://com.sun.xml.wss.configuration"
useTimestamps="true"
dumpMessages="true">How Do I Know Whether the Username-Password Token is Enabled or Not?
To determine whether the username-password token is enabled or not, first make sure that you can view SOAP messages containing security elements in the server.log file, as described in How Can I View SOAP Messages Containing Security Elements in the server.log File?.
After you have enabled SOAP messages in the server.log file, you can verify if the username-password token is enabled by checking the install_dir/domains/domain_name/logs/server.log file for the tag <wsse:UsernamePassword>. The following selection of code is similar to what you might see in the server.log file.
It is strongly recommended that you not use leave this file as discussed in this section after you have troubleshooted message security. This is because the dump facility prints out passwords in clear text and everybody’s password will end up being in server.log.
The username-password token tag is highlighted in bold.
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://tax.org/wsdl" xmlns:
xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>j2ee</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/
oasis-200401-wss-username-token-profile-1.0#PasswordText">j2ee
</wsse:Password>
</wsse:UsernameToken>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2004-08-22T09:07:58Z</wsu:Created>
</wsu:Timestamp>
</wsse:Security>
</env:Header>
<env:Body>
<ns0:getStateTax>
<double_1 xsi:type="xsd:double">85000.0</double_1>
<double_2 xsi:type="xsd:double">5000.0</double_2>
</ns0:getStateTax>
</env:Body>
</env:Envelope>