RE: WS-Security with WSDL file that doesn't contain the policies

Thu, 11 Sep 2008 12:45:26 -0700 

I learnt some extra things,
I first call a different web service to obtain some ticket 
(BinarySecurityToken) then I use this token in the following web calls.
How can I do this?

Thanks


From: Soyer, Muhammed A.
Sent: Thursday, September 11, 2008 1:47 PM
To: '[email protected]'
Subject: RE: WS-Security with WSDL file that doesn't contain the policies

IS it possible to figure out something from a sample header?
What is binarySecurityToken ? Is it something custom or a generic thing?

Thanks


<wsu:Timestamp wsu:Id="Timestamp-172be5bd-07e8-42e3-b4a8-07c13b9f7013">
      <wsu:Created>2008-09-03T12:30:09Z</wsu:Created>
      <wsu:Expires>2008-09-03T12:30:39Z</wsu:Expires>
    </wsu:Timestamp>
    <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
      <wsse:BinarySecurityToken ValueType="NGX-SecurityToken-Value" 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 
wsu:Id="SecurityToken-5aec1e4b-e2ad-43e9-903e-40519d328f9a">VILLfdssM027/jJb+iaYGg+M82bLdH1CkcT0yr3rkh0RAAAAAAAAAG4XXx6W1LJNglfYnWWkuck=</wsse:BinarySecurityToken>
    </wsse:Security>




From: keith chapman [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 11, 2008 1:24 PM
To: [email protected]
Subject: Re: WS-Security with WSDL file that doesn't contain the policies

If the WSDL does not advertise the policy then you will have speak to the guys 
who host the service and get the required security configurations. ;). There is 
no other way that you will know what to send to the other end. Its better if 
they can give you the security configuration as a policy file.

Thanks,
Keith.
On Thu, Sep 11, 2008 at 10:40 PM, Soyer, Muhammed A. <[EMAIL 
PROTECTED]<mailto:[EMAIL PROTECTED]>> wrote:

Hi,

  I have a WSDL file which doesn't have the security policies in it. But the 
server requires me to include the WSSE headers. They are using WSE3 on .Net at 
the server side.

I am trying with rampart and confused about the possibility of achieving this 
with the WSDL file without the policies.

Is it possible?



I am using axis 1.4.1 and rampart 1.4



Thanks







--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/

blog: http://www.keith-chapman.org

Reply via email to