Hi Murali,
Rampart/C[1] is the security module of Axis2/C. And it is based on the
security policy assertions. So in order to enable username tokens, you
need to engage Rampart/C with axis2/C. Please look at the scenario2,
which shows how to enable user name tokens. And I hope following
description would be a help.
To add a usernametoken you need to include it under the
sp:SignedSupportingTokens assertion. This is how you do it in the policy
file.
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
In addition you need to tell, which username should be included in the
Usernametoken. This can be done using following assertion under
<RampartConfigs>
<rampc:User>Alice</rampc:User>
Like for the user name we do not specify the password in the
configuration file. instead we use a password callback mechanism, where
we get a password for the above mentioned user name. The user has to
specify a DLL or a module to load the password from. For this, following
assertion is used.
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:PasswordCallbackClass>
So what Rampart/C does is, first it loads the module dynamically and
then call the function to get the password, which has to be implemented
by the user. This gives user flexibility to call databases, flat files
or any other storage mechanism to extract the password.
The username token profile allows two ways to send a password. Either
you can send the password in the pain text form or you can send as a
digest of the password. This can be specified using following assertion.
<rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
Note that we are about to release version 1.0. And the artifacts are
here. You may use these releases for now. We will announce once the
version 1.0 is released.
Cheers,
Kaushalye
[1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
Murali Konnipati wrote:
Hi All,
I am very new to Axis2c. I am trying to develop a client for my
.Net Web service. For this .Net web service, i need to send the
username & password in the UsernameToken element of the SOAP header.
So, i am planning to use the Rampart API to set the username &
password in my code. Can anybody please tell me, how to set the
username & password in the client through programmatically..
Thanks & Regards,
Murali Krishna K
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
