Hi, I'm trying to develop a perl client for a java (apache axis & wss4j) web service (i'm a newbie to perl and only using it to try to test interoperability with my axis service). The client request needs authenticating with a UsernameToken (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf) consisting of a username, nonce, timestamp and a base64 encoded sha-1 password digest of the nonce, timestamp and a secret password concatenated.
I've tried creating it with my $nonce = "i1UwBPCCWbUoI9Duh80D7w=="; my $timestamp = "2005-12-09T10:09:19.656Z"; my $password = "security"; my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $timestamp . $password), ''); This generated a digest of 7lNgVRdTmjvLhIQ8nSz4vdb+Dpg= However, this is different to that generated by both the axis/wss4j service and a .NET client (Cq22uI3TX3XASvn2kIQkU0ITA0s=) so authentication fails. I also tried using the statement my $digest = sha1_base64($nonce , $timestamp , $password); but this produces a different has again (hxbqVmk+hqcNxXT+QW6j3gphFLk=). I'm therefore assuming that either I'm doing something wrong, or there is a bug in the these modules. If anyone could give me any advise here I'd be grateful. Richard. ___________________________________________________________ NEW Yahoo! Cars - sell your car and browse thousands of new and used cars online! http://uk.cars.yahoo.com/ _______________________________________________ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs