Tom, we tried to be backward compatible to previous drafts as much as possible. Unfortunatly due to the many changes made between the drafts and the final standard we certainly missed some points in this attempt.
BTW, I've never seen the spec dated from 2002-07, we used the spec dated 2003-06 when we started with WSS4J. Regards, Werner > -----Urspr�ngliche Nachricht----- > Von: Tom Harding [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 27. April 2005 03:51 > An: [email protected] > Betreff: Talking to WSE 1.0 SP1 > > > I am connecting as a client to a business partner's service > running on > Microsoft WSE 1.0 SP1. > > First off, the following configuration was required: > > WSSConfig wssConfig = WSSConfig.getDefaultWSConfig(); > wssConfig.setWsseNS(WSConstants.WSSE_NS_OASIS_2002_07); > wssConfig.setWsuNS(WSConstants.WSU_NS_OASIS_2002_07); > > Next, I discovered that WSE 1.0 SP1 will accept the simple > unqualified > Password Type attribute > > <wsse:Password Type="PasswordDigest"> > > but the WSS4J API does not seem to provide a way to > accomplish this. I > got the result I wanted with the following hack to line 332 of > UsernameToken.java > > -this.elementPassword.setAttribute("Type", > WSConstants.PASSWORD_DIGEST); > +this.elementPassword.setAttribute("Type", WSConstants.PW_DIGEST); > > Which works because > > WSConstants.PASSWORD_DIGEST = > "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-usern ame-token-profile-1.0#PasswordDigest" WSConstants.PW_DIGEST = "PasswordDigest" Sorry but I do not think I am qualified to write nor am I set up to submit a proper patch for this. Thanks to Brian Nielsen for helping me get my client going though. Tom Harding Palo Alto, CA
