Thanks Dimuthu. My question was about UsernameToken, not Basic Authentication, but specifically its use with a WS Policy. I've looked at the samples/policy/sample01/policy.xml file (below), and have a question about this: The 'RampartConfig' section of the policy specifies only one user. What happens if the inflow/outflow users are different? Does the ramp:user refer to the inflow user or the outflow user?
<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec urity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:TransportToken> <wsp:Policy> <sp:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </sp:TransportToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic256/> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Lax/> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp/> </wsp:Policy> </sp:TransportBinding> <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In cludeToken/AlwaysToRecipient" /> </wsp:Policy> </sp:SignedSupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:user>alice</ramp:user> <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample01.P WCBHandler</ramp:passwordCallbackClass> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> > -----Original Message----- > From: Dimuthu [mailto:[EMAIL PROTECTED] > Sent: 25 July 2007 04:13 > To: [email protected] > Subject: Re: Using a different user for inflow/outflow basic > authenticationin ws-policy > > > Hi Andrew, > > HTTP Basic Auth is different from UsernameToken. > > This is how you handle HTTP Basic Auth [1] > > UsernameToken can be added in two ways, i.e. by using policy or > inflow/outflow configs. > > If you want to use policy please refer > samples/policy/sample01/policy.xml. > > If you want to use inflow/outflow config please refer > samples/basic/sample02. Here is a good article about it[2] > > > Regards, > Dimuthu > > > [1] > HttpTransportProperties.Authenticator auth = new > HttpTransportProperties.Authenticator(); > auth.setPreemptiveAuthentication(true); > auth.setAuthSchemes(authSchemes); > auth.setUsername("username"); > auth.setPassword("password"); > Options options = serviceClient.getOptions(); > options.setProperty(HTTPConstants.AUTHENTICATE, auth); > serviceClient.setOptions(options); > > [2]http://wso2.org/library/240 > > > On Tue, 2007-07-24 at 06:01 -0700, Andrew Fielden wrote: > > Hi, > > > > I'm trying to use a WS Policy file with Rampart. If I wish to enable > > basic authentication for outflow, the RampartConfig section of the > > ws-policy will look like this: > > > > <?xml version="1.0" encoding="UTF-8"?> > > <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > > <wsp:ExactlyOne> > > <wsp:All> > > <ramp:RampartConfig > > > > xmlns:ramp="http://ws.apache.org/rampart/policy";> > > <ramp:user>alice</ramp:user> > > <ramp:passwordCallbackClass>InboundPWCallbackHandler > > </ramp:passwordCallbackClass> > > </ramp:RampartConfig> > > </wsp:All> > > </wsp:ExactlyOne> > > </wsp:Policy> > > > > > > My question is, suppose I wish to specify a user for basic > > authentication Inflow. How do I differentiate between usernames for > > basic authentication in both directions (inflow and outflow)? > > There is only one ramp:user element. > > > > Thanks. > > Andrew. > > > >
