Hi Soyer,
Yes, you can do this. You can use WS - Trust support in Apache
Rampart to do this. But your binary token "NGX-SecurityToken-Value" seems to
be a custom one. So need to know what are the exact parameters you need to
send to the STS ( the web service that issue security tokens).
thanks,
nandana
On Thu, Sep 11, 2008 at 1:39 PM, Soyer, Muhammed A. <[EMAIL PROTECTED]>wrote:
> I learnt some extra things,
>
> I first call a different web service to obtain some ticket
> (BinarySecurityToken) then I use this token in the following web calls.
>
> How can I do this?
>
>
>
> Thanks
>
>
>
>
>
> *From:* Soyer, Muhammed A.
> *Sent:* Thursday, September 11, 2008 1:47 PM
> *To:* '[email protected]'
> *Subject:* RE: WS-Security with WSDL file that doesn't contain the
> policies
>
>
>
> IS it possible to figure out something from a sample header?
>
> What is binarySecurityToken ? Is it something custom or a generic thing?
>
>
>
> Thanks
>
>
>
>
>
> <wsu:Timestamp wsu:Id="Timestamp-172be5bd-07e8-42e3-b4a8-07c13b9f7013">
>
> <wsu:Created>2008-09-03T12:30:09Z</wsu:Created>
>
> <wsu:Expires>2008-09-03T12:30:39Z</wsu:Expires>
>
> </wsu:Timestamp>
>
> <wsse:Security xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
>
> <wsse:BinarySecurityToken ValueType="NGX-SecurityToken-Value"
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="SecurityToken-5aec1e4b-e2ad-43e9-903e-40519d328f9a">VILLfdssM027/jJb+iaYGg+M82bLdH1CkcT0yr3rkh0RAAAAAAAAAG4XXx6W1LJNglfYnWWkuck=</wsse:BinarySecurityToken>
>
> </wsse:Security>
>
>
>
>
>
>
>
>
>
> *From:* keith chapman [mailto:[EMAIL PROTECTED]
> *Sent:* Thursday, September 11, 2008 1:24 PM
> *To:* [email protected]
> *Subject:* Re: WS-Security with WSDL file that doesn't contain the
> policies
>
>
>
> If the WSDL does not advertise the policy then you will have speak to the
> guys who host the service and get the required security configurations. ;).
> There is no other way that you will know what to send to the other end. Its
> better if they can give you the security configuration as a policy file.
>
> Thanks,
> Keith.
>
> On Thu, Sep 11, 2008 at 10:40 PM, Soyer, Muhammed A. <[EMAIL PROTECTED]>
> wrote:
>
> Hi,
>
> I have a WSDL file which doesn't have the security policies in it. But
> the server requires me to include the WSSE headers. They are using WSE3 on
> .Net at the server side.
>
> I am trying with rampart and confused about the possibility of achieving
> this with the WSDL file without the policies.
>
> Is it possible?
>
>
>
> I am using axis 1.4.1 and rampart 1.4
>
>
>
> Thanks
>
>
>
>
>
>
>
>
> --
> Keith Chapman
> Senior Software Engineer
> WSO2 Inc.
> Oxygenating the Web Service Platform.
> http://wso2.org/
>
> blog: http://www.keith-chapman.org
>
