OK, I am using usernametokensignature, usernametoken and timestamp as
seen in the WSDD file below:
<deployment xmlns="http://xml.apache.org/axis/wsdd/";
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<!-- ADDRESSING -->
<handler
type="java:org.apache.axis.message.addressing.handler.AddressingHandler">
<parameter name="referencePropertyNames"
value="{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}MessageID;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}Action;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}To;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}ReplyTo"/>
</handler>
<!-- SECURITY -->
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Timestamp UsernameToken
UsernameTokenSignature"/>
<parameter name="passwordType" value="PasswordDigest"/>
<parameter name="user" value="test"/>
<parameter name="passwordCallbackClass"
value="com.somepackage.security.PWCallback"/>
<parameter name="precisionInMilliseconds" value="false" />
<parameter name="signatureParts"
value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
</handler>
</requestFlow >
</globalConfiguration >
</deployment>
I still am having some issues.
-First, I get 2 usernametoken sections in my soap headers, and the one
set up by usernametokensignature sets the password in text, despite the
"PasswordType" parameter being set to "PasswordDigest" in the wsdd
file. I think that just using usernametokensignature would be fine,
but I need the password set to digest
-Second, the "ReplyTo" header is in the message as "From", not "ReplyTo"
-Third, If I try to set any of the addressing elements to be signed in
the "signatureParts" section, I get a "Element to encrypt/sign not
found" error
Any help would be greatly appreciated. Thanks!
Jim
Remy Bertrand wrote:
I tried to make it work with Axis 1.2 and WSS4J 1.1 (and in the opposite
configuration : .Net client -> Axis Server).
This was working with WSE2.0 but i was unable to configure/code in WSE3.0 to
make it works. (i don't know what version you use). The verification of the
signature (SignatureValue) always fails. Maybe you will be more lucky with
WSS4J 1.5...
Basically, you should configure WSS4J to use UsernameTokenSignature,
UsernameToken and Timestamp. (don't forget TimeStamp, which is implicit and
mandatory for .Net).
Rémy
----- Original Message -----
From: "Werner Dittmann" <[EMAIL PROTECTED]>
To: "James Gough" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Wednesday, May 17, 2006 8:30 PM
Subject: Re: [Axis 1.4/WSSJ 1.5 Client -> .NET Service] Newbie needs a
little direction re: signing
Its not SAML Signature but the .Net specific way of using a a Signature
based on a username token. WSS4J provides a similar, but not well tested
way that is modelled after the .Net specific way. (UsernametokenSignature)
Regards,
Werner
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
