Steve,
just remove the action that you don't want from the scenarios, e.g
the encrypt.
On the Callback problem: as the deployment setup overwrights the
progeamatic setup the "passwordCallbackClass parameter"
will be used by the handler. As I can see you define a java
source file here - not a class. pls check your setup and fix
it.
Regards,
Werner
Steve Behrendt schrieb:
Werner,
AFAIK the Secnario 3a (or 2a?) of the interop scenarios
show ho to use the stuff.
The Problem is that the stuff is only shown with encryption etc. But I only
want to use a signature base on the UsernameToken - for an implementation with
Microsoft .NET.
But when I call the method of the service, the handler
(PasswordCallBackHandler) is not passed.
My Handler:
<deployment xmlns="http://xml.apache.org/axis/wsdd/";
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<globalConfiguration >
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameTokenSignature"
/>
<parameter name="passwordCallbackClass"
value="net.weg.service.PWCallback.java" />
</handler>
</requestFlow>
</globalConfiguration>
<transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender"/>
<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<transport name="local"
pivot="java:org.apache.axis.transport.local.LocalSender"/>
</deployment>
and thats a part of my client:
PWCallback pwCallback = new PWCallback();
ServiceInterfaceStub axisPort = (ServiceInterfaceStub)service;
axisPort._setProperty(WSHandlerConstants.USER, usuario); //fixe
o usuario
axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF,pwCallback); //fixe a
classe //do handler
The Message is sent, but hasn't a Header with the UsenameToken or the Signature.
For a little bit of help,
i'm very gratefully.
STEVE
-----Mensagem original-----
De: Dittmann, Werner [mailto:[EMAIL PROTECTED]
Enviada em: quarta-feira, 29 de junho de 2005 11:33
Para: Steve Behrendt; [email protected]
Assunto: AW: How to configure UsernameTokenSignature
Steve,
AFAIK the Secnario 3a (or 2a?) of the interop scenarios
show ho to use the stuff.
We've not fully tested interop with Microsoft or others.
Regards,
Werner
-----Ursprüngliche Nachricht-----
Von: Steve Behrendt [mailto:[EMAIL PROTECTED]
Gesendet: Mittwoch, 29. Juni 2005 14:36
An: [email protected]
Betreff: RES: How to configure UsernameTokenSignature
Hi,
Is there now an existing implementation of the
UsernameTokenSignature "Problem"?
Because my implementation is using only a UsernameToken and I
want to implement more security, but without using keys.
Greets,
Steve
-----Mensagem original-----
De: Davanum Srinivas [mailto:[EMAIL PROTECTED]
Enviada em: terça-feira, 21 de junho de 2005 10:53
Para: Dittmann, Werner
Cc: Granqvist, Hans; [email protected]
Assunto: Re: How to configure UsernameTokenSignature
Hi Werner,
updated the specs directory. Please take a look and let me know if you
need something else.
-- dims
On 6/21/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote:
Hans,
are the drafts publicly available? Can't find
them on the OASIS WSS pages.
Regards,
Werner
-----Ursprüngliche Nachricht-----
Von: Granqvist, Hans [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 20. Juni 2005 17:31
An: [email protected]
Betreff: RE: How to configure UsernameTokenSignature
<quote>
The Username Token profile does not currently define a key
derivation algorithm. The OASIS WSS TC is expected to address
this issue in a subsequent specification. </quote>
The latest (March 2005 and onward) WSS 1.1 draft of the
UsernameToken profile defines key derivation in section 4.
Hans
--
Davanum Srinivas -http://blogs.cocoondev.org/dims/
