Re: Using rampart policy for basic authentication

[jason zhang]

Hi, Martin The BasicPolicy is not what I am looking for. In your example, the AlgorithmSuite is Basic128Rsa15. It is inside a SymmetricBinding. Symmetric binding implies that the message is encrypted using a symmetric algorithm. I just want username and password passed to server in Soap header as is defined in Web Services Security UsernameToken Profile 1.0.  The message is clear http message. thanks -jason Martin Gainty wrote: you can define a BasicPolicy in your services.xml an example is: <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic128Rsa15/> </wsp:Policy> </sp:AlgorithmSuite> </wsp:Policy> </sp:SymmetricBinding> Is this what you're looking for? Martin- ----- Original Message ----- From: "jason zhang" <[EMAIL PROTECTED]> To: <axis-user@ws.apache.org> Sent: Saturday, March 29, 2008 6:07 AM Subject: Using rampart policy for basic authentication Hi, All Is it possible to implement the rampart sample/basic/sample02 with policy? What I want to do just basic username/password authentication with policy. All the examples in policy directory involve encryption or signature. If it is possible, how can I find out in my business method who the authenticated user is? For example, the Servlet API has a method HttpServletRequest.getRemoteUser(). Is such a similar API in rampart? Thanks -jason --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]