[ http://jira.codehaus.org/browse/XFIRE-383?page=comments#action_64942 ]
Brian Bonner commented on XFIRE-383: ------------------------------------ On second thought, even though the oasis docs refer to how the incoming xml should be handled when the type isn't present, it doesn't require how the handler should work by default. > Does XFire-WS-Security WSS4JInHandler properly handle UsernameToken? > -------------------------------------------------------------------- > > Key: XFIRE-383 > URL: http://jira.codehaus.org/browse/XFIRE-383 > Project: XFire > Type: Bug > Versions: 1.1-RC1 > Environment: jdk1.5.0_06, maven2.0.4, eclipse 3.1.2 > Reporter: Brian Bonner > Assignee: Tomasz Sztelak > Attachments: WSS4JInOutUserNameTokenTest.java, ws-security-testcase-patch.txt > > > I've attached a patch to the WSS4JInOutTest to illustrate what I think the > problem is. > Specifically, > When the Action is set to UsernameToken, > The password line is presented like this: > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"; > > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>k6fDmkGxRMWElSjBsU1XPFrn1Zc=</wsse:Password> > It looks like a digest. > Can someone confirm this? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
