soapapache-axisrampart

How to disable UsernameToken encryption in soap Axis2 Rampart


I am using axis2 with rampart1.6.2 to create webservice client. I need to setup rampart to use username token and just to sign the message, not encrypt, but rampart is encrypting username token without any reason and I am unable to disable this bug-feature.

I am using ws-security1.0.

My rampart policy file:

<wsp:Policy wsu:Id="RampartPolicy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
    <wsp:All>
         <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
             <ramp:user>User</ramp:user>
             <ramp:userCertAlias>user</ramp:userCertAlias>
             <ramp:encryptionUser>User</ramp:encryptionUser>
             <ramp:passwordType>PasswordText</ramp:passwordType>
             <ramp:passwordCallbackClass>main.PWCBHandler</ramp:passwordCallbackClass>
             <ramp:signatureCrypto>
                 <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin" enableCryptoCaching="false">
                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
                     <ramp:property name="org.apache.ws.security.crypto.merlin.file">cert.jks</ramp:property>
                     <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">*****</ramp:property>
                 </ramp:crypto>
             </ramp:signatureCrypto>

         </ramp:RampartConfig>
     </wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>

Solution

  • This is a known issue in Rampart 1.6.2 and it is fixed in the current Rampart trunk.