[jboss-user] [JBoss Web Services Users] - Re: Authenticating SOAP Requests with WSSE UsernameToken doe

Fri, 25 Sep 2009 18:33:18 -0700 

I did a bit more investigation on this and found the crux of the issue but I'm 
not sure how to solve it.  In the login configuration for the realm you are 
supposed to use a UsernameTokenCallback object to update the digest based on 
the existence of a nonce or created.  However, on debugging, these values are 
always null.  And the init function sends a map with both keys (nonce and 
created) set to null.  So the question is what other configuration do I need to 
tell JBoss to pull out these header nodes and send to the callback handler.

The specific login config is as follows:

  |   <application-policy name="MyRealm">
  |     <authentication>
  |       <login-module 
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
  |         flag="required">
  |     <!--
  |         <module-option 
name="usersProperties">props/myrealm-users.properties</module-option>
  |         <module-option 
name="rolesProperties">props/myrealm-roles.properties</module-option> -->
  |        <module-option name = "dsJndiName">java:/WSExampleDS</module-option>
  |        <module-option name = "principalsQuery">SELECT password FROM users 
WHERE username=?</module-option>
  |        <module-option name = "rolesQuery">SELECT r.role, 'Roles' FROM roles 
r join users u on u.id = r.userid WHERE u.username=?</module-option>
  |       <module-option name="hashAlgorithm">SHA</module-option>
  |       <module-option name="hashEncoding">BASE64</module-option>
  |       <module-option name="hashUserPassword">false</module-option>
  |       <module-option name="hashStorePassword">true</module-option>
  |  
  |         <module-option 
name="unauthenticatedIdentity">anonymous</module-option>
  |       <module-option 
name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
  | 
  |       </login-module>
  |     </authentication>
  |   </application-policy>
  |  

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4257157#4257157

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4257157
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to