Processing for WCF non-spec compliant Username Tokens was added as part of WSS4J 1.5.8:
https://issues.apache.org/jira/browse/WSS-199 You need to set the configuration option WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES to "true". Colm. On Tue, Nov 23, 2010 at 11:51 PM, George Stanchev <gstanc...@serena.com> wrote: > https://issues.apache.org/jira/browse/WSS-148 > https://issues.apache.org/jira/browse/WSS-151 > > It’s a problem with the .NET client (as you have already figured it out). Not > sure about a workaround though. There was a discussion about adding a > "compatibility" switch (google "WSS-148 WCF interop issue: Namespace not > honored incase of attributes." for related discussion) but I don't think > anything was put in. Colm or Werner can confirm. > > Your best bet is to fix your client to send standard-conforming SOAP messages. > > George > > -----Original Message----- > From: Wellen Lau [mailto:wellen....@oracle.com] > Sent: Tuesday, November 23, 2010 4:28 PM > To: dev@ws.apache.org > Cc: j...@apache.org > Subject: Does anyone who are using VB with WSS4J - running issue with > password's type in wss4j-1.5.9.jar with VB/.net generated username token > > > Hi All, > > Does anyone who are using VB with WSS4J - running issue with password's type > in wss4j-1.5.9.jar with VB[using generated username token ? > > the SvcUtil.exe that I use to convert the wsdl. > This is the command line that I use to run the svcutil > SvcUtil /language:vb http://localhost/System.1.wsdl > > > > This piece code is generated from VB. > <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" > xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> > <s:Header> > <o:Security s:mustUnderstand="1" > xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> > <o:UsernameToken > u:Id="uuid-8af81bba-cc2b-4591-b4db-7445e312f340-2"><o:Username>John</o:Username> > <o:Password > o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">John</o:Password></o:UsernameToken></o:Security> > </s:Header> > <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"> > <XXXX_Parameters > xmlns="http://xmlns.oracle.com/Enterprise/Tools/schemas/XXXX_Parameters.V1"/></s:Body></s:Envelope> > > > The reason why WSS4J failed as invalid security token because of o:Type in > the password attribute. > <o:Password > o:Type=?http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText?>. > . > It should be <o:Password > Type=?http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText?> > > Any suggestion ? > > Thanks, > WEllen. > ~ Hope can be ignited by a spark of encouragement. > Thankfulness finds something good in > every circumstance. > > - > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org > For additional commands, e-mail: dev-h...@ws.apache.org > > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org