Hello Santosh, Your line:
<wsse:UsernameToken xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3"> is based on the namespace: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd you may open the URL by double clicking in the link: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd By reading the provided documentation it follows that the attribute ID: <xsd:attribute name="Id" type="xsd:ID"> <xsd:annotation> <xsd:documentation>This global attribute supports annotating arbitrary elements with an ID.</xsd:documentation> </xsd:annotation> </xsd:attribute> Then we may conclude that this type defines the fault code value for Timestamp message expiration (wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3). Hope this helps. Jose Ferreiro On 7/20/08, Werner Dittmann <[EMAIL PROTECTED]> wrote: > > Strange - same mail with different subjects - what do intend here? > > Regards, > Werner > > sh_santosh schrieb: > >> >> >> Dear all, >> >> Hi Jose / all, >> >> just one word away. >> >> I am NOT able generate >> 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' inside the >> wsse:UsernameToken tag. >> In place of this i am able to generate only ' >> wsu:Id="UsernameToken-2691004" >> ' >> >> <wsse:UsernameToken >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> >> wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3"> >> >> What is this 'SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3' ? >> >> How can I generate it in Java (using Axis 1.3 and wss4j) ? >> >> Required Security Header by other end( .Net WSE 3.0) ---- >> >> <?xml version="1.0" encoding="utf-8"?> >> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; >> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"; >> xmlns:wsse=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> " >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> "> >> <soap:Header> >> <wsa:Action> >> http://www.test.com/api/ws/internal/testInfo >> </wsa:Action> >> <wsa:MessageID> >> urn:uuid:ca7e475b-484a-4bb8-974f-eb573438bb43 >> </wsa:MessageID> >> <wsa:ReplyTo> >> <wsa:Address> >> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous >> </wsa:Address> >> </wsa:ReplyTo> >> <wsa:To> >> http://localhost:8080/testapi/testwsapi.asmx >> </wsa:To> >> <wsse:Security soap:mustUnderstand="1"> >> <wsu:Timestamp >> >> wsu:Id="Timestamp-c70b72e2-561c-4b18-bc4b-acf8c3896b14"> >> >> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created> >> >> <wsu:Expires>2008-02-28T15:38:56Z</wsu:Expires> >> </wsu:Timestamp> >> <wsse:UsernameToken >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> >> wsu:Id="SecurityToken-9e141676-2400-4c6d-ab87-1d5af61729b3"> >> <wsse:Username>[EMAIL PROTECTED] >> </wsse:Username> >> <wsse:Password >> Type=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText >> "> >> SomePassword >> </wsse:Password> >> >> <wsse:Nonce>5SImW1gykzSPdeiWzcCdaQ==</wsse:Nonce> >> >> <wsu:Created>2008-02-28T15:33:56Z</wsu:Created> >> </wsse:UsernameToken> >> </wsse:Security> >> </soap:Header> >> <soap:Body> >> <SAN_Info >> xmlns="http://www.test.com/api/testing/ws/internal >> "> >> <SAN_Request VendorId="TestVendor" >> VendorPassword="SomePassword" >> xmlns=" >> http://www.test.com/api/testing/testinforequest";> >> <Brand>SANBUS</Brand> >> <TourCode>GE</TourCode> >> <Code>80135</Code> >> </SAN_Request> >> </SAN_Info> >> </soap:Body> >> </soap:Envelope> >> >> Generated Security header By my side (Java- Axis 1.3 and wss4j >> )----------------- >> <?xml version="1.0" encoding="UTF-8"?> >> <soapenv:Envelope >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; >> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"; >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> >> <soapenv:Header> >> <wsse:Security >> xmlns:wsse=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> " >> soapenv:mustUnderstand="1"> >> <wsse:UsernameToken >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> wsu:Id="UsernameToken-2691004"> >> <wsse:Username> >> [EMAIL PROTECTED] >> </wsse:Username> >> <wsse:Password >> Type=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText >> "> >> SomePassword >> </wsse:Password> >> >> <wsse:Nonce>bGmGuPDxQw2kkR5R0zC/hA==</wsse:Nonce> >> >> <wsu:Created>2008-07-10T16:46:47.046Z</wsu:Created> >> </wsse:UsernameToken> >> <wsu:Timestamp >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> " >> wsu:Id="Timestamp-25899876"> >> >> <wsu:Created>2008-07-10T16:46:47.015Z</wsu:Created> >> >> <wsu:Expires>2008-07-10T16:51:47.015Z</wsu:Expires> >> </wsu:Timestamp> >> </wsse:Security> >> <wsa:MessageID soapenv:mustUnderstand="0"> >> uuid:c83b29b0-4e9f-11dd-8e1f-d019b0e90563 >> </wsa:MessageID> >> <wsa:To soapenv:mustUnderstand="0"> >> http://localhost:8080/testapi/testwsapi.asmx >> </wsa:To> >> <wsa:Action soapenv:mustUnderstand="0"> >> http://www.test.com/api/testing/testinforequest >> </wsa:Action> >> <wsa:From soapenv:mustUnderstand="0"> >> <wsa:Address> >> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous >> </wsa:Address> >> </wsa:From> >> <wsa:ReplyTo soapenv:mustUnderstand="0"> >> <wsa:Address> >> >> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous >> </wsa:Address> >> </wsa:ReplyTo> >> </soapenv:Header> >> <soapenv:Body> >> <SAN_Info >> xmlns="http://www.test.com/api/testing/ws/internal >> "> >> <SAN_Request VendorId="TestVendor" >> VendorPassword="SomePassword" >> xmlns=" >> http://www.test.com/api/testing/testinforequest";> >> <Brand>SANBUS</Brand> >> <TourCode>GE</TourCode> >> <Code>80135</Code> >> </SAN_Request> >> </SAN_Info> >> </soapenv:Body> >> </soapenv:Envelope> >> >> >> My client-config.wsdd --------- >> >> <?xml version="1.0" encoding="UTF-8"?> >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >> <transport name="http" >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> >> <globalConfiguration> >> <requestFlow> >> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > >> <parameter name="action" value="Timestamp UsernameToken"/> >> <parameter name="user" value="[EMAIL PROTECTED]"/> >> <parameter name="passwordCallbackClass" >> value="com.api.testing.ws.internal.PWCallback"/> >> <parameter name="passwordType" value="PasswordText"/> >> <parameter name="password" value="ppx13Z11"/> >> <parameter name="mustUnderstand" value="true" /> >> <parameter name="addUTElements" value="Nonce Created"/> >> </handler> >> </requestFlow> >> </globalConfiguration> >> </deployment> >> >> >> By seeing the security header, we can say that it is >> username-token-profile-1.0. >> >> How to solve this. >> >> >> >> Please help me. >> >> >> >> Regards >> Santosh >> >> >> >> >> >> Shawn McKinney wrote: >> >>> Hello, >>> >>> I have question: >>> How do (can) we change the default crypto provider >>> used by WSS4J for a particular Java runtime instance? >>> >>> We are using WSS4J 1.5 and would like to enable WSS4J >>> to use the default crypto provider provided by Sun or >>> IBM in a Java runtime. The idea here is we want to >>> make it as easy as possible for our developers to test >>> transactions using WS-Security running in Axis. >>> We run Axis/WSS4J in JBoss, Tomcat and Websphere >>> containers and would like to be able to test using the >>> standard providers found in either JVM implementation >>> without having to configure the BouncyCastle provider. >>> >>> Please note the aim here isn't to phase out or replace >>> our use of BouncyCastle provider in production as we >>> are quite happy with its capabilities. Rather we want >>> to remove a step (steamline setup) for developers that >>> want to test using our security configuration. >>> >>> Our default client-side configuration is to enable >>> Username token, ecrypted: >>> >>> <parameter name="action" value="UsernameToken Encrypt >>> Timestamp"/> >>> >>> Thanks in advance for your reply. >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
