Hi,
Right now Rampart/WSS4J does nto provide a way to extract the
SecurityTokenReference (STR) from the Signature element.
From the example message snippets you have given it seems that you
have to add the STR refering to the certificate that was used to sign.
I can think of a couple of workarounds for this:
1.) You can find the certificate that was used to sign the request
using the security results of WSS4J. (Example on extacting security
processing results[1]). From the results you can obtain the
certificate that was used to sign.
Now if you want to add a refernce to this certificate in your response
then you can add a "BinarySecurityToken" element (Please see usages
of org.apache.ws.security.message.token.BinarySecurity) into the
Securty header of the response and refer to it using an STR element
(please see usages of
org.apache.ws.security.message.token.SecurityTokenReference)
2.) When request soap envelop reaches the message receiver (or service
impl) the Signature element is still available in the Security header.
Therefore if you want to use the *exact same* STR element you can
extract it at the service and create your response.
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/169
On 9/30/06, Shyam Shukla <[EMAIL PROTECTED]> wrote:
Dear All,
I am required to create a SOAP request which contains RequestSecurityToken
with X509 Security Token.
I am using rampart module of axis2 1.0 to achieve this. Now my problem is
when this request is sent to the web service,
<wsse:SecurityTokenReference> tag is found as a child element of <KeyInfo>
tag in SOAP Header.
Is there any way to extract the above <wsse:SecurityTokenReference> tag so
that I could place it inside the SOAP Body as a child element of <wst:Base>
tag?
My desired format of SOAP request is as below:
<soap:Envelope>
<soap:Header>
……………
………
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference
URI="#SecurityToken-bbae5f08-04c5-4f4d-aa79-42e2475a1b7f"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:body>
<wst:Base>
<wsse:SecurityTokenReference>
<wsse:Reference
URI="#SecurityToken-bbae5f08-04c5-4f4d-aa79-42e2475a1b7f"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
/>
</wsse:SecurityTokenReference>
</wst:Base>
…
…
…
</soap:Body>
</soap:Envelope>
Best Regards,
Shyam Shukla
DISCLAIMER ========== This e-mail may contain privileged and confidential
information which is the property of Persistent Systems Pvt. Ltd. It is
intended only for the use of the individual or entity to which it is
addressed. If you are not the intended recipient, you are not authorized to
read, retain, copy, print, distribute or use this message. If you have
received this communication in error, please notify the sender and delete
all copies of this message. Persistent Systems Pvt. Ltd. does not accept any
liability for virus infected mails.
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
