Hi Ruchith,
Thanks a lot for sharing your views with me on the mentioned problem in this email.
Ruchith,I have to create the mentioned SOAP format while I am creating SOAP request i.e. before sending request to web service and don't have to do anything at receiver side(i.e. in SOAP Response from web service).
So I guess solution (1) that you have given can help me but I am not sure at what stage in client problem I should try to extract security
Processing results and how I will retrieve Reference tag information including its URI attribute.
Please guide me to resolve this issue.
Shyam Shukla
-----Original Message-----
From: Ruchith Fernando [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2006 12:58 AM
To: [email protected]
Cc: [email protected]
Subject: Re: Soap Request with X509 Token
Hi,
Right now Rampart/WSS4J does nto provide a way to extract the
SecurityTokenReference (STR) from the Signature element.
From the example message snippets you have given it seems that you
have to add the STR refering to the certificate that was used to sign.
I can think of a couple of workarounds for this:
1.) You can find the certificate that was used to sign the request
using the security results of WSS4J. (Example on extacting security
processing results[1]). From the results you can obtain the
certificate that was used to sign.
Now if you want to add a refernce to this certificate in your response
then you can add a "BinarySecurityToken" element (Please see usages
of org.apache.ws.security.message.token.BinarySecurity) into the
Securty header of the response and refer to it using an STR element
(please see usages of
org.apache.ws.security.message.token.SecurityTokenReference)
2.) When request soap envelop reaches the message receiver (or service
impl) the Signature element is still available in the Security header.
Therefore if you want to use the *exact same* STR element you can
extract it at the service and create your response.
HTH
Thanks,
Ruchith
[1] http://www.wso2.net/kb/169
On 9/30/06, Shyam Shukla <[EMAIL PROTECTED]> wrote:
>
>
>
>
> Dear All,
>
> I am required to create a SOAP request which contains RequestSecurityToken
> with X509 Security Token.
> I am using rampart module of axis2 1.0 to achieve this. Now my problem is
> when this request is sent to the web service,
> <wsse:SecurityTokenReference> tag is found as a child element of <KeyInfo>
> tag in SOAP Header.
> Is there any way to extract the above <wsse:SecurityTokenReference> tag so
> that I could place it inside the SOAP Body as a child element of <wst:Base>
> tag?
>
> My desired format of SOAP request is as below:
> <soap:Envelope>
> <soap:Header>
> ……………
> ………
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference
>
> URI="#SecurityToken-bbae5f08-04c5-4f4d-aa79-42e2475a1b7f"
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> />
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
> </soap:Header>
> <soap:body>
> <wst:Base>
> <wsse:SecurityTokenReference>
> <wsse:Reference
>
> URI="#SecurityToken-bbae5f08-04c5-4f4d-aa79-42e2475a1b7f"
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> />
> </wsse:SecurityTokenReference>
> </wst:Base>
>
> …
> …
> …
> </soap:Body>
> </soap:Envelope>
>
>
>
>
>
>
> Best Regards,
> Shyam Shukla
>
>
>
> DISCLAIMER ========== This e-mail may contain privileged and confidential
> information which is the property of Persistent Systems Pvt. Ltd. It is
> intended only for the use of the individual or entity to which it is
> addressed. If you are not the intended recipient, you are not authorized to
> read, retain, copy, print, distribute or use this message. If you have
> received this communication in error, please notify the sender and delete
> all copies of this message. Persistent Systems Pvt. Ltd. does not accept any
> liability for virus infected mails.
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails.