re-sending since the first try bounced ---------- Forwarded message ---------- From: Ruchith Fernando <[EMAIL PROTECTED]> Date: Nov 5, 2006 10:22 AM Subject: Re: 回复: WSS4J and UsernameToken replay To: [email protected]
Hi, http://www.wso2.net/kb/169 You can retrieve all UsernameToken info after security processing (after the security handlers) in another handler or in the service as the above link explains. Thanks, Ruchith On 11/4/06, falom <[EMAIL PROTECTED]> wrote:
Hi, I think you can retrieve the desired nonce directly from the soap header. falom Christian Keiler <[EMAIL PROTECTED]> 写道: Hi, I'm using Axis2 in connection with the rampart module. I want to authenticate users by an UsernameToken using digests. Considering possible replay attacks I want to save some nonce values within my service implementation and do not want to accept twice used "nonce" in a given time. Does one of you know, how to do this with the mentioned frameworks? The WSPasswordCallback is missing a getNonce() and a getCreated() method as well...is this "just" a bug or are there other possibilities to manage my problem? Thanks in advance, Christian --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ________________________________ 雅虎免费邮箱-3.5G容量,20M附件
-- www.ruchith.org -- www.ruchith.org
