I am attempting to secure an Axis2 webservice with UsernameToken and Digest
Password. I have successfully been able to secure the service using a
plaintext password, but am running into issues when attempting to switch to
a digest password.
I'm using JDeveloper to create the client which creates the UsernameToken
and handles all the SOAP on the client side. Using a SOAP monitoring tool I
can see the message being sent by my client and it contains the appropriate
security header information with the digest, nonce, and create objects. From
this I'm assuming that the issue has to be inside of the Axis2/web service
configuration and not the client.
My understanding of the CallbackHandler is that in the case of a digest
password it should set the password. Mine looks like this:
public class PWCBHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i WSPasswordCallback pwcb
=(WSPasswordCallback)callbacks ;
String id = pwcb.getIdentifer();
if("user".equals(id)){
pwcb.setPassword("userpwd");
}
else {
throw new UnsupportedCallbackException(callbacks ,
"Unrecognized Callback");
}
}
The error i'm getting is on the client end:
javax.xml.rpc.soap.SOAPFaultException: WSDoAllReceiver: security processing
failed
Any ideas? Am I using the callbackHandler incorrectly? Something in the
Axis2 configuration that I'm missing? Is there a way to get more logging out
of Axis2 to know what exactly it is failing?
thanks
deagan
_________________________________________________________________
Find a local pizza place, movie theater, and moreĀ
.then map the best route!
http://maps.live.com/default.aspx?v=2&ss=yp.bars~yp.pizza~yp.movie%20theater&cp=42.358996~-71.056691&style=r&lvl=13&tilt=-90&dir=0&alt=-1000&scene=950607&encType=1&FORM=MGAC01
