WCF interop issue: Namespace not honored incase of attributes.
--------------------------------------------------------------
Key: WSS-148
URL: https://issues.apache.org/jira/browse/WSS-148
Project: WSS4J
Issue Type: Bug
Components: WSS4J Handlers
Environment: Windows XP, Java 1.5, CXF 2.1.2, .Net 3.5
Reporter: Aditya Sawhney
Assignee: Ruchith Udayanga Fernando
WSS4J cannot authenticate the WS-Security profile consisting of UsernameToken.
The SOAP header created by WCF is in the following format:
- <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
- <s:Header>
- <o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
- <o:UsernameToken u:Id="uuid-6fed7aff-51a9-4403-97fc-ad7631d94b47-1">
<o:Username>aditya</o:Username>
<o:Password
o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>aditya</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
- <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";>
- <getProductDetail xmlns="http://catalog.example/";>
<productId xmlns="">SW123</productId>
</getProductDetail>
</s:Body>
</s:Envelope>
But, WSS4J is unable to validate it because it fails to determine the
"passwordType" in UsernameToken constructor:
public UsernameToken(Element elem) throws WSSecurityException {
...
if (elementPassword != null) {
passwordType = elementPassword.getAttribute("Type");
}
As it tries to find "Type" attribute but in SOAP header it is "o:Type".
getAttributeNS should be used instead.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
