Hi,
I'm trying to develop a perl client for a java (apache axis & wss4j) web
service (i'm a newbie to
perl and only using it to try to test interoperability with my axis service).
The client request
needs authenticating with a UsernameToken
(http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf)
consisting of a username, nonce, timestamp and a base64 encoded sha-1 password
digest of the
nonce, timestamp and a secret password concatenated.
I've tried creating it with
my $nonce = "i1UwBPCCWbUoI9Duh80D7w==";
my $timestamp = "2005-12-09T10:09:19.656Z";
my $password = "security";
my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $timestamp
. $password), '');
This generated a digest of 7lNgVRdTmjvLhIQ8nSz4vdb+Dpg=
However, this is different to that generated by both the axis/wss4j service and
a .NET client
(Cq22uI3TX3XASvn2kIQkU0ITA0s=) so authentication fails.
I also tried using the statement
my $digest = sha1_base64($nonce , $timestamp , $password);
but this produces a different has again (hxbqVmk+hqcNxXT+QW6j3gphFLk=).
I'm therefore assuming that either I'm doing something wrong, or there is a bug
in the these
modules. If anyone could give me any advise here I'd be grateful.
Richard.
___________________________________________________________
NEW Yahoo! Cars - sell your car and browse thousands of new and used cars
online! http://uk.cars.yahoo.com/
_______________________________________________
Perl-Win32-Users mailing list
Perl-Win32-Users@listserv.ActiveState.com
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
