Hi Rampart Developers,
I think what .-2 is asking for is somehow "the normal case". userName and
password in a xml file is, sorry to me a bit artificial and the wrong place.
And I really wonder why Rampart can not pick up UserName and Password from
the options if set as shown by
> options.setUserName("bob");
> options.setPassword("wspwd");
and as intended by .-2, What is wrong with his intention? The solution
given in the answer .-1 is very much more confusing me, and it really opens
ground for many more question toward the team: when to use which option and
xml file.
I think what most users seek in any case is a simple possibel first approach to
do things and if this first approach does not fit requirements a more complex
approach is only then required. But sometimes I get the impression that
we get allmost always the served with the complex approach first and then after
a
while and claiming users a more easy approach is give/developed.
Not only true for Rampart.
For me it is very clear what .-2 wants, but the solution given by .-1
is confusing me. Why do I need to think about a policy based approach if
I have such a simple demand as .-2 wants?
At least documentation or the answer could go and say in
which case or configuration or architecture or design one has to use
> options.setUserName("bob");
> options.setPassword("wspwd");
and in which case one has to use the proposed approache given by .-1
If I read ...
> the username is hardcoded within the OuflowSecurity element in
> the client config file (client.axis2.xml) as shown below:
HARDCODED ... I become a bit crazzy. How often do we need it like that and
how often do we need the dynamic approach as .-2 is asking for/attempts to
have implemented by an easy approach.
Please Rampart developers become clear about when to use which approach.
And include a working example for each possible approach you can think
of. Rampart has been tested and hence often examples can just be taken from
the tests caes, but for that test code has to be provided.
I will have the same issue in a few weeks from now and hope to get it done
the easy way. :-)
Josef.Stadelmann@
axa-winterthur.ch
-----Ursprüngliche Nachricht-----
Von: Dimuthu Leelarathne [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 17. Januar 2008 04:03
An: [email protected]
Betreff: Re: Dynamically setting the username/password with Rampart.
Hi,
Since you have used the configuration parameters username/password will
not be picked up from the options object. Username/password will be
given priority if you are using policy based configuration only.
This is how you set username/password dynamically if you are using
configuration parameter approach.
OutflowConfiguration ofc = new OutflowConfiguration();
ofc.setActionItems("UsernameToken");
options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY,
ofc.getProperty());
myCallback.setUTUsername("bob");
myCallback.setUTPassword("bobpass");
options.put(WSHandlerConstants.PW_CALLBACK_REF, myCallback);
/*
myCallback is an instance of a class extending from
org.apache.ws.security.WSPasswordCallback.
You should implement it.
*/
Then remove the password callback class given in the client.axis2.xml
because there Rampart doesn't give priority to PW_CALLBAK_REF.
Thanks,
Dimuthu.
On Wed, 2008-01-16 at 11:36 +0000, Sanjay Vivek wrote:
> Hi everyone,
>
> I'm attempting to call a simple Web Service (an Echo Service) that is
> protected by WS-Security UsernameToken. I'm using Axis2-1.3 and Rampart
> 1.3. I've been looking at the samples given in the Apache Rampart distro
> and it makes sense to me. However, in the samples given in the Rampart
> distro, the username is hardcoded within the OuflowSecurity element in
> the client config file (client.axis2.xml) as shown below:
>
> <parameter name="OutflowSecurity">
> <action>
> <items>UsernameToken Timestamp</items>
> <user>bob</user>
>
> <passwordCallbackClass>org.apache.rampart.samples.sample02.PWCBHandler</
> passwordCallbackClass>
> </action>
> </parameter>
>
>
> However, I want to set username/password dynamically, and I'm attempting
> to use the ServiceClient to do just this.
>
> The code snippet below shows how I've gone about using the ServiceClient
> to set the username and password:
>
> ConfigurationContext ctx = ConfigurationContextFactory
> .createConfigurationContextFromFileSystem(axis2ConfPath, null);
>
> ServiceClient client = new ServiceClient(ctx, null);
> OMElement payload = client.sendReceive(getPayload("Hello world"));
>
> Options options = new Options();
> client.engageModule(new QName("rampart"));
>
> options.setTo(targetEPR);
> options.setAction("urn:echo");
>
> options.setUserName("bob");
> options.setPassword("wspwd");
>
> client.setOptions(options);
> result = client.sendReceive(payload);
>
> However, the client seems to be picking up the value within the <user>
> element in the "OutflowSecurity" element which is defined in
> client.axis2.xml (from axis2ConfPath/conf). How do I override the "user"
> value in client.axis2.xml so that the client picks up the username from
> 'options.setUserName("bob")'? Any help would be appreciated. Cheers.
>
> Regards
> --------------
> Sanjay Vivek
> Web Analyst
> Middleware Team
> ISS
> University of Newcastle Upon Tyne
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
