Talking to WSE 1.0 SP1

Tom Harding Tue, 26 Apr 2005 18:50:51 -0700

I am connecting as a client to a business partner's service running on Microsoft WSE 1.0 SP1.

First off, the following configuration was required:

   WSSConfig wssConfig = WSSConfig.getDefaultWSConfig();
    wssConfig.setWsseNS(WSConstants.WSSE_NS_OASIS_2002_07);
    wssConfig.setWsuNS(WSConstants.WSU_NS_OASIS_2002_07);

Next, I discovered that WSE 1.0 SP1 will accept the simple unqualified Password Type attribute

   <wsse:Password Type="PasswordDigest">

but the WSS4J API does not seem to provide a way to accomplish this. I got the result I wanted with the following hack to line 332 of UsernameToken.java

   -this.elementPassword.setAttribute("Type", WSConstants.PASSWORD_DIGEST);
   +this.elementPassword.setAttribute("Type", WSConstants.PW_DIGEST);

Which works because

WSConstants.PASSWORD_DIGEST = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"; WSConstants.PW_DIGEST = "PasswordDigest"

Sorry but I do not think I am qualified to write nor am I set up to submit a proper patch for this. Thanks to Brian Nielsen for helping me get my client going though.

Tom Harding
Palo Alto, CA

Talking to WSE 1.0 SP1

Reply via email to