RE: Username token implemetation
Thanks The change suggested by you seems to be for the SOAP Client. I want some guide about the changes that should be done on SOAP server and also if what changes are needed in the WSDD files. From: Robert Wierschke [mailto:[EMAIL PROTECTED] Sent: Thursday, July 31, 2008 12:33 PM To: axis-user@ws.apache.org Subject: Re: Username token implemetation Hi, unfortunately there is no real documentation. You could add a Username Toke without wss4j within a handler: OMFactory factory = OMAbstractFactory.getOMFactory(); OMNamespace wssNamespace = new OMNamespaceImpl( "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";, "wss"); SOAPHeaderBlock securityHeader = envelope.getHeader().addHeaderBlock("Security", wssNamespace); OMElement username = factory.createOMElement("Username", wssNamespace); username.setText("TopsyCretts"); OMElement password = factory.createOMElement("password", wssNamespace); password.setText("42"); OMElement usernameToken = factory.createOMElement("UsernameToken", wssNamespace); usernameToken.addChild(username); usernameToken.addChild(password); securityHeader.addChild(usernameToken); Using wss4j: String username = "TopsyCretts"; String password = "42"; WSSecUsernameToken builder = new WSSecUsernameToken(); builder.setPasswordType(WSConstants.PASSWORD_DIGEST); builder.setUserInfo(username, password); WSSecHeader securityHeader = new WSSecHeader(); securityHeader.insertSecurityHeader( doc); builder.build(doc, securityHeader); This only works with the SOAP as a W3C Document (and not with AXIOM) so you need to convert the envelope first. After inserting the Security header you need to create a new SOAPEnvelope object and set this to the message context. SOAPEnvelope secureEnvelope = Util.createSoapEnvelopeFromDOM(soapDocument); messageContext.setEnvelope(secureEnvelope); regards robert 2008/7/31 Shripad Gokhale <[EMAIL PROTECTED]> Hi, I am trying to implement user name token with Axis 1.4 and WSS4J on server side. Where can I get a good reference material or tutorial about the changes that are required? Some of the links I found of google provide only partial information. Thanks Shripad This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at http://www.amdocs.com/email_disclaimer.asp
Re: Username token implemetation
Hi, unfortunately there is no real documentation. You could add a Username Toke without wss4j within a handler: OMFactory factory = OMAbstractFactory.getOMFactory(); OMNamespace wssNamespace = new OMNamespaceImpl( " http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";, "wss"); SOAPHeaderBlock securityHeader = envelope.getHeader().addHeaderBlock("Security", wssNamespace); OMElement username = factory.createOMElement("Username", wssNamespace); username.setText("TopsyCretts"); OMElement password = factory.createOMElement("password", wssNamespace); password.setText("42"); OMElement usernameToken = factory.createOMElement("UsernameToken", wssNamespace); usernameToken.addChild(username); usernameToken.addChild(password); securityHeader.addChild(usernameToken); Using wss4j: String username = "TopsyCretts"; String password = "42"; WSSecUsernameToken builder = new WSSecUsernameToken(); builder.setPasswordType(WSConstants.PASSWORD_DIGEST); builder.setUserInfo(username, password); WSSecHeader securityHeader = new WSSecHeader(); securityHeader.insertSecurityHeader( doc); builder.build(doc, securityHeader); This only works with the SOAP as a W3C Document (and not with AXIOM) so you need to convert the envelope first. After inserting the Security header you need to create a new SOAPEnvelope object and set this to the message context. SOAPEnvelope secureEnvelope = Util.createSoapEnvelopeFromDOM(soapDocument); messageContext.setEnvelope(secureEnvelope); regards robert 2008/7/31 Shripad Gokhale <[EMAIL PROTECTED]> > Hi, > > > > I am trying to implement user name token with Axis 1.4 and WSS4J on server > side. Where can I get a good reference material or tutorial about the > changes that are required? Some of the links I found of google provide only > partial information. > > > > Thanks > > Shripad > > This message and the information contained herein is proprietary and > confidential and subject to the Amdocs policy statement, > you may review at http://www.amdocs.com/email_disclaimer.asp > >
Username token implemetation
Hi, I am trying to implement user name token with Axis 1.4 and WSS4J on server side. Where can I get a good reference material or tutorial about the changes that are required? Some of the links I found of google provide only partial information. Thanks Shripad This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement, you may review at http://www.amdocs.com/email_disclaimer.asp