The fault was caused by the fact that the security headers in the
SOAP request did not contain a timestamp. This is not mentioned
anywhere in the rampart samples included with the distribution. Is
it possible to require only a user and password without a timestamp?
Axis2 1.1 and Rampart 1.1 are being used.
Thanks.
At 01:34 PM 9/20/2007, Todd Allen wrote:
I am using Axis2-1.1 and am trying to implement the user name token
authentication. I've followed the samples but keep getting the
following SOAP fault string:
WSDoAllReceiver: Incoming message does not contain required Security header
I'm using SOAPUI version 1.7.5 as the client and have the following header:
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-secext1.0.xsd";
soapenv:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>bob</wsse:Username>
<wsse:Password>pword</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
My services.xml file has the following lines to engage rampart:
<module ref="rampart" />
<parameter name="InflowSecurity">
<action>
<items>UsernameToken</items>
<passwordCallbackClass>com.mycompany.myservice.producer.handlers.PWCBHandler</passwordCallbackClass>
</action>
</parameter>
What am I missing?
Thanks,
T
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
