Processing for WCF non-spec compliant Username Tokens was added as part of WSS4J 1.5.8:
https://issues.apache.org/jira/browse/WSS-199 You need to set the configuration option WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES to "true". Colm. On Tue, Nov 23, 2010 at 11:51 PM, George Stanchev <[email protected]> wrote: > https://issues.apache.org/jira/browse/WSS-148 > https://issues.apache.org/jira/browse/WSS-151 > > It’s a problem with the .NET client (as you have already figured it out). Not > sure about a workaround though. There was a discussion about adding a > "compatibility" switch (google "WSS-148 WCF interop issue: Namespace not > honored incase of attributes." for related discussion) but I don't think > anything was put in. Colm or Werner can confirm. > > Your best bet is to fix your client to send standard-conforming SOAP messages. > > George > > -----Original Message----- > From: Wellen Lau [mailto:[email protected]] > Sent: Tuesday, November 23, 2010 4:28 PM > To: [email protected] > Cc: [email protected] > Subject: Does anyone who are using VB with WSS4J - running issue with > password's type in wss4j-1.5.9.jar with VB/.net generated username token > > > Hi All, > > Does anyone who are using VB with WSS4J - running issue with password's type > in wss4j-1.5.9.jar with VB[using generated username token ? > > the SvcUtil.exe that I use to convert the wsdl. > This is the command line that I use to run the svcutil > SvcUtil /language:vb http://localhost/System.1.wsdl > > > > This piece code is generated from VB. > <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> > <s:Header> > <o:Security s:mustUnderstand="1" > xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> > <o:UsernameToken > u:Id="uuid-8af81bba-cc2b-4591-b4db-7445e312f340-2"><o:Username>John</o:Username> > <o:Password > o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>John</o:Password></o:UsernameToken></o:Security> > </s:Header> > <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > <XXXX_Parameters > xmlns="http://xmlns.oracle.com/Enterprise/Tools/schemas/XXXX_Parameters.V1"/></s:Body></s:Envelope> > > > The reason why WSS4J failed as invalid security token because of o:Type in > the password attribute. > <o:Password > o:Type=?http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText?>. > . > It should be <o:Password > Type=?http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText?> > > Any suggestion ? > > Thanks, > WEllen. > ~ Hope can be ignited by a spark of encouragement. > Thankfulness finds something good in > every circumstance. > > - > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
