Hi Manjula,
I am unable to open the link you have sent in the reply.
Can you please send me the correct link.
Thanks & Regards,
Murali Krishna K
-----Original Message-----
From: Manjula Peiris
To: Apache AXIS C User List
Sent: 9/25/07 12:02 PM
Subject: Re: how to set the username & password dynamically using Rampart
Hi Murali,
Please note to use the Rampart/C artifacts Kaushalye has mentioned, you
need Axis2/C 1.1. You can download release artifacts from here.
http://people.apache.org/~samisa/1.1.0-2/
Rampart 1.0 release will not be compatible with Axis2/C 1.0 .
-Manjula.
On Tue, 2007-09-25 at 10:37 +0530, Kaushalye Kapuruge wrote:
> Hi Murali,
> Rampart/C[1] is the security module of Axis2/C. And it is based on the
> security policy assertions. So in order to enable username tokens, you
> need to engage Rampart/C with axis2/C. Please look at the scenario2,
> which shows how to enable user name tokens. And I hope following
> description would be a help.
>
> To add a usernametoken you need to include it under the
> sp:SignedSupportingTokens assertion. This is how you do it in the
policy
> file.
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <wsp:Policy>
> <sp:UsernameToken
>
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/Always"/>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> In addition you need to tell, which username should be included in the
> Usernametoken. This can be done using following assertion under
> <RampartConfigs>
> <rampc:User>Alice</rampc:User>
>
> Like for the user name we do not specify the password in the
> configuration file. instead we use a password callback mechanism,
where
> we get a password for the above mentioned user name. The user has to
> specify a DLL or a module to load the password from. For this,
following
> assertion is used.
>
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
ordCallbackClass>
>
> So what Rampart/C does is, first it loads the module dynamically and
> then call the function to get the password, which has to be
implemented
> by the user. This gives user flexibility to call databases, flat files
> or any other storage mechanism to extract the password.
>
> The username token profile allows two ways to send a password. Either
> you can send the password in the pain text form or you can send as a
> digest of the password. This can be specified using following
assertion.
> <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
>
> Note that we are about to release version 1.0. And the artifacts are
> here. You may use these releases for now. We will announce once the
> version 1.0 is released.
> Cheers,
> Kaushalye
> [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
>
> Murali Konnipati wrote:
> >
> > Hi All,
> >
> > I am very new to Axis2c. I am trying to develop a client for
my
> > .Net Web service. For this .Net web service, i need to send the
> > username & password in the UsernameToken element of the SOAP header.
> >
> > So, i am planning to use the Rampart API to set the username
&
> > password in my code. Can anybody please tell me, how to set the
> > username & password in the client through programmatically..
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
