> Actually, I'm using soapUI as the client, so it is possible to ignore all > files with the word "client" in them? >
Then you just need to add this policy to the services.xml and engage Rampart. Remember you need to have the password callback handler in the service's archive. thanks, nandana -----Original Message----- > From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] > Sent: Mon 7/14/2008 8:01 AM > To: [email protected] > Subject: Re: Newbie Basics: Security Policy > > Hi Roxane, > > This is the policy to be used. Hope you know how to attach this policy to > services.xml and to a client. Please go through the Rampart policy samples > and you will be able to see how that is done. If you have further > questions, > please feel free to throw them in. > > regards, > nandana > > <wsp:Policy wsu:Id="UT" xmlns:wsu=" > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsp:ExactlyOne> > <wsp:All> > <sp:SupportingTokens xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:UsernameToken sp:IncludeToken=" > > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > " > /> > </wsp:Policy> > </sp:SupportingTokens> > > <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy > "> > > <ramp:user>username</ramp:user> > > > <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample01.PWCBHandler</ramp:passwordCallbackClass> > </ramp:RampartConfig> > > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > On Mon, Jul 14, 2008 at 11:53 PM, Roxanne Yee <[EMAIL PROTECTED]> wrote: > > > If I simply wanted to implement a web service that used a User Name Token > > authentication system with a Username and Password in Plaintext (no SSL > for > > now, cause I'm a little sketchy on how to actually set that up), what > would > > I need to do if using the Policy handler configuration? > > > > Thanks. > > > > => RY > > > >
