Re: Axis2 with rampart sample, username hardcoded

Sun, 30 Mar 2008 23:12:27 -0700 

Hi, Nandana
I used this poicy in my service.xml, deployed the service. I then generated stub using wsdl which contains the policy element. 

My client code is like this

ConfigurationContext ctx = 
ConfigurationContextFactory.createConfigurationContextFromFileSystem(repo_dir, 
null);

       stub = new net.sf.webcommand.ws.client.ProgramwsStub(ctx,
               "http://localhost:9090/cmdportal1/services/programws";);

       ServiceClient sc=stub._getServiceClient();      
       sc.engageModule("rampart");

       Options options = sc.getOptions();
       options.setUserName("apache");
       options.setPassword("password");

     
But the client does not send the username and password. It just sends an 
empty security header.  This header is like this

<soapenv:Header>

<wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; 
soapenv:mustUnderstand="true" /></soapenv:Header>


any suggestion?

thanks

-jason


Nandana Mihindukulasooriya wrote:

Hi Jason,
       You need to have that Username Token assertion inside a
supporting token assertion.

<wsp:Policy wsu:Id="UToverHTTP"
                
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
                xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
                xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
        <wsp:ExactlyOne>
                <wsp:All>
                          <sp:SupportingTokens>
                            <wsp:Policy>
                                  <sp:UsernameToken/>                     
                            </wsp:Policy>
                          </sp:SupportingTokens>
                          <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";>
                                <ramp:user>Alice</ramp:user>        
                                
<ramp:passwordCallbackClass>org.apache.testing.clients.WSS11Client</ramp:passwordCallbackClass>
                        </ramp:RampartConfig>
            </wsp:All>
        </wsp:ExactlyOne>
</wsp:Policy>

But here the password is in clear text. If you are using Rampart
SNAPSHOT , you can use WS Security Policy 1.2 to send the hashed
password. The policy for that is given below.

<wsp:Policy wsu:Id="HashedPasswordoverHTTP"
                
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
                xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
                
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
        <wsp:ExactlyOne>
                <wsp:All>
                          <sp:SupportingTokens>
                            <wsp:Policy>
                                  <sp:UsernameToken>                      
                                          <wsp:Policy>
                                                  <sp:HashPassword/>
                                          </wsp:Policy>
                                  </sp:UsernameToken>
                            </wsp:Policy>
                          </sp:SupportingTokens>
                          <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";>
                                <ramp:user>Alice</ramp:user>        
                                
<ramp:passwordCallbackClass>org.apache.testing.clients.WSS11Client</ramp:passwordCallbackClass>
                        </ramp:RampartConfig>
            </wsp:All>
        </wsp:ExactlyOne>
</wsp:Policy>

thanks,
/nandana


  



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to