> Probebly PasswordText is to check Username and Password by myself and > PasswordDigest is checking automaticaly.
Correct. > Now I would like to switch by PasswordType, but when I use PasswordDigest on > the client side, I get a null in my PWCallbackClass when I use I just fixed that on the relevant branch actually. What you can do instead is query the getUsage() method on the WSPasswordCallback object. It will be of type WSPasswordCallback.USERNAME_TOKEN for a digested password, and WSPasswordCallback.USERNAME_TOKEN_UNKNOWN for a plaintext password or a password of unknown type. Colm. ________________________________ From: Vitali Heinrich [mailto:[email protected]] Sent: 14 July 2009 13:40 To: [email protected] Subject: Re: PasswordDigest and PasswordText difference Hi all, I think I know now the reasen. Probebly PasswordText is to check Username and Password by myself and PasswordDigest is checking automaticaly. Now I would like to switch by PasswordType, but when I use PasswordDigest on the client side, I get a null in my PWCallbackClass when I use: passwordCallback.getPasswordType(); With PasswordText I get the right String (WSConstants.PASSWORD_TEXT ). 2009/7/14 Vitali Heinrich <[email protected]> Hi all, I´m trying to implement WSS4J in our project. First I tried to implement UsernameToken and with PasswordDigest and PasswordText. It works, by a little bit strange. When I use PasswordDigest with wrong password, I get an exception (fine). But when I use PasswordText with wrong password, i do not get any exceptions. Why? It is a bug, or is there something that I don´t understand. I use wss4j 1.5.7 My PWCallbackClass looks like these public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if(callback instanceof WSPasswordCallback){ WSPasswordCallback passwordCallback = (WSPasswordCallback)callback; String username = passwordCallback.getIdentifier(); String password = MyUtility.getPassword(username); passwordCallback.setPassword(password); } } } Properties on client side: call.setClientHandlers(new WSDoAllSender(), null); call.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); call.setProperty(UsernameToken.PASSWORD_TYPE,WSConstants.PW_TEXT); // or call.setProperty(UsernameToken.PASSWORD_TYPE,WSConstants.PW_DIGEST); call.setProperty(WSHandlerConstants.USER, "user"); call.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,PasswordCallbackHandler.class.getName()); call.setProperty(WSHandlerConstants.MUST_UNDERSTAND, "true"); ..and on server side: action=UsernameToken passwordCallbackClass=com.asy.callback.PasswordProvider Can somebody help me? -- Best regards Vitali Heinrich -- Viele Grüße Vitali Heinrich
