Re: [Axis2][rampart] Two questions regarding rampart policy files

Tue, 23 Jan 2007 21:55:43 -0800 

Hi JF,

On 1/24/07, footh <[EMAIL PROTECTED]> wrote:

Using a rampart policy file, I am programmatically
trying to create this security header:

<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
soapenv:mustUnderstand="1">
  <wsse:UsernameToken>
    <wsse:Username>test</wsse:Username>
    <wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>aUoyaPN1AMY3/6OiPUXSgDLIPOE=</wsse:Password>
    <wsse:Nonce>mm/5n4Se5T0LyqC9VAoApA==</wsse:Nonce>
    <wsu:Created
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2007-01-23T23:28:15Z</wsu:Created>
  </wsse:UsernameToken>
</wsse:Security>

In other words, a UsernameToken with digested
password.  Using sample01 from the rampart dist, I get
the username token with clear text, but I can't figure
out how to digest the password.  I tried sticking
this:

<wsp:Policy>
  <sp:HashPassword/>
</wsp:Policy>

in the UsernameToken tag, but I don't think rampart
supports it yet.  Does anyone have an idea of how to
do this?


Rampart doesn't support this yet. WS-SecPolicy 1.1 spec does not
provide the above assertion.



Also, since I am dynamically invoking the web service,
I don't have the password until run-time.  In the
RampartConfig part of the policy file, one provides
the password callback class.  However, I would prefer
to pass an instance of the class (where I can supply
the password at run-time).  I was able to do this with
Axis1 by setting a property on the Call object.  Is
there a similar way to do this with Axis2 and rampart?


You can still do this with Rampart. Simply add the callback handler
instance to the options object of the service client with the key
org.apache.ws.security.handler.WSHandlerConstants.PW_CALLBACK_REF

options.setProperty(WSHandlerConstants.PW_CALLBACK_REF, myCallbackHandler);

Thanks,
Ruchith



Best regards,

JF




____________________________________________________________________________________
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.
http://tools.search.yahoo.com/toolbar/features/mail/

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
www.ruchith.org
www.wso2.org

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to