[jira] Commented: (WSS-64) USERNAME_TOKEN PW_DIGEST dont work with .NET 2.0

Thu, 14 Dec 2006 05:50:44 -0800 

    [ http://issues.apache.org/jira/browse/WSS-64?page=comments#action_12458485 
] 
            
Dittmann, Werner commented on WSS-64:
-------------------------------------

Just a hint: WSS4J uses the millisecond option in the timestamps,
(see the "created" elemelent. AFAIK .Net does not like that. There
is an option in WSS4J where you can switch off the millisecond
feature (haven't access to docs/source rigth now, pls have a look)

Regards,
Werner
 

1-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken > 
wsu:Id="UsernameToken-20564850" 
1-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-> 
open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x
sd"><wsse:Username xmlns:wsse="http://docs.oasis-> 
open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xs
1-wss-wssecurity-secext-1.0.xsd">> 
UrpQqQY/qXdGar7TKe5oUOLLzOk=</wsse:Password><wsse:Nonce 
A==</wsse:Nonce><wsu:Created xmlns:wsu="http://docs.oasis-> 
open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x
sd">2006-12-05T11:30:47.595Z</wsu:Created></wsse:UsernameToken></> 
wsse:Security>


> USERNAME_TOKEN PW_DIGEST dont work with .NET 2.0
> ------------------------------------------------
>
>                 Key: WSS-64
>                 URL: http://issues.apache.org/jira/browse/WSS-64
>             Project: WSS4J
>          Issue Type: Bug
>         Environment: jdk 1.5, wss4j-1.5.0.jar, xalan 2.7.0, xmlsec-1.3.0.jar, 
> czech locale, timezone GMT+1 
>            Reporter: Jara Cesnek
>         Assigned To: Davanum Srinivas
>
> USERNAME_TOKEN PW_DIGEST dont work with .NET 2.0. 
> USERNAME_TOKEN PW_TEXT work fine.
> <wsse:Security soap:mustUnderstand="true" 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:UsernameToken
>  wsu:Id="UsernameToken-20564850" 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>  
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsse:Username
>  
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>xxx</wsse:Username><wsse:Password
>  
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";
>  
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>UrpQqQY/qXdGar7TKe5oUOLLzOk=</wsse:Password><wsse:Nonce
>  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oas
> is-200401-wss-wssecurity-secext-1.0.xsd">hS6E+nb41TobI66FPB/eoA==</wsse:Nonce><wsu:Created
>  
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2006-12-05T11:30:47.595Z</wsu:Created></wsse:UsernameToken></wsse:Security>
> 1) Same .NET header have probably diferent hash value(algo?, locale?, 
> timezone ?).
> 2) Same .NET header have all namespaces in header tag and rest of XML is 
> perfectly readable and small in size.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to