Murali Konnipati wrote:
Hi Kaushalye,
Thank you very much for an information reply.
As per your procedure, i need to write the username in the
configuration file(axis2.xml). But i want to set the username
dynamically at runtime in the client program.
Is it possible to set the username dynamically in Rampart C API.
Can you please provide some insights on this.
P:S I am using rampart_context_set_user() &
rampart_context_set_password() methods in RAMPART API to set the
username & password in my code.
Actually this is something we have not supported. You may try to create
and use a rampart context. And please have a look at rampart_context.h
and rampart_usernametoken.h files.
Cheers,
Kaushalye
Thanks & Regards,
Murali Krishna K
-----Original Message-----
From: Kaushalye Kapuruge
To: Apache AXIS C User List
Sent: 9/25/07 10:37 AM
Subject: Re: how to set the username & password dynamically using Rampart
Hi Murali,
Rampart/C[1] is the security module of Axis2/C. And it is based on the
security policy assertions. So in order to enable username tokens, you
need to engage Rampart/C with axis2/C. Please look at the scenario2,
which shows how to enable user name tokens. And I hope following
description would be a help.
To add a usernametoken you need to include it under the
sp:SignedSupportingTokens assertion. This is how you do it in the policy
file.
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/Always"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
In addition you need to tell, which username should be included in the
Usernametoken. This can be done using following assertion under
<RampartConfigs>
<rampc:User>Alice</rampc:User>
Like for the user name we do not specify the password in the
configuration file. instead we use a password callback mechanism, where
we get a password for the above mentioned user name. The user has to
specify a DLL or a module to load the password from. For this, following
assertion is used.
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
ordCallbackClass>
So what Rampart/C does is, first it loads the module dynamically and
then call the function to get the password, which has to be implemented
by the user. This gives user flexibility to call databases, flat files
or any other storage mechanism to extract the password.
The username token profile allows two ways to send a password. Either
you can send the password in the pain text form or you can send as a
digest of the password. This can be specified using following assertion.
<rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
Note that we are about to release version 1.0. And the artifacts are
here. You may use these releases for now. We will announce once the
version 1.0 is released.
Cheers,
Kaushalye
[1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
<http://people.apache.org/%7Ekaushalye/release/rampart-c/1.0.0/>
Murali Konnipati wrote:
>
> Hi All,
>
> I am very new to Axis2c. I am trying to develop a client for my
> .Net Web service. For this .Net web service, i need to send the
> username & password in the UsernameToken element of the SOAP header.
>
> So, i am planning to use the Rampart API to set the username &
> password in my code. Can anybody please tell me, how to set the
> username & password in the client through programmatically..
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
