http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
i think I found an element we can use
(where both noonce and Password would be child elements of wsc:DerivedKeyToken)
so here is the TestCase org.apache.rampart.handler.config.OutflowConfiguration
ofc = new org.apache.rampart.handler.config.OutflowConfiguration();
ofc.setActionItems("UsernameToken Encrypt");
ofc.setUser("Mohammed");
ofc.setAddUTElements("Nonce Created"); //Noonce
ofc.setEncryptionParts("{Element}{" + WSSE_NS + "}UsernameToken");
ofc.setEncryptionUser("osama");
ofc.setEncryptionPropFile("interop.properties");
ofc.setPasswordCallbackClass("org.apache.axis2.security.PWCallback");
ofc.setEncryptionSymAlgorithm(WSConstants.TRIPLE_DES); //change this to MD5
or SHA-1
ofc.setPasswordType(WSConstants.PW_TEXT);
ofc.setEncryptionKeyIdentifier(WSSHandlerConstants.SKI_KEY_IDENTIFIER);
//so here is the new OutFlowConfiguration Element
ofc.setPassword("YadaYadaYada");
return ofc;
//org.apache.rampart.handler.config.OutflowConfiguration change public void
setPassword(String passwordType) {
this.actionList[this.currentAction].put(
WSHandlerConstants.PASSWORD, password);
}//org.apache.ws.security.dom.handler.WSHandlerConstants add this element
public static final String PASSWORD = "password"
//correct ...why touch WSS4J for one minor update to a constant ..(maybe using
constant "password" is better)
//org.apache.rampart.handler.config.OutflowConfiguration change with constant
public void setPassword(String passwordType) {
this.actionList[this.currentAction].put(
"password", password);
}
reference
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
WDYT?Martin></xsd:
