Łukasz Marczuk [http://community.jboss.org/people/lmarczuk] created the discussion
"Re: Problem with securing web service with ws security ( username token )" To view the discussion, visit: http://community.jboss.org/message/561535#561535 -------------------------------------------------------------- ok so now i've got anwser : <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/";> <env:Header/> <env:Body> <env:Fault> <faultcode xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>wsse:InvalidSecurity</faultcode> <faultstring>This service requires <wsse:Security>, which is missing.</faultstring> </env:Fault> </env:Body> </env:Envelope> <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/";> <env:Header/> <env:Body> <env:Fault> <faultcode xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>wsse:InvalidSecurity</faultcode> <faultstring>This service requires <wsse:Security>, which is missing.</faultstring> </env:Fault> </env:Body> </env:Envelope> so i insert only timestamp to my soap request : <soapenv:Envelope xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/"; xmlns:test=" http://test http://test";> <soapenv:Header> <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <wsu:Timestamp wsu:Id="Timestamp-59" xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <wsu:Created>2010-09-13T07:49:59.635Z</wsu:Created> <wsu:Expires>2010-09-13T07:50:59.635Z</wsu:Expires> </wsu:Timestamp> </wsse:Security> </soapenv:Header> <soapenv:Body> <test:sayHello> <arg0>?</arg0> </test:sayHello> </soapenv:Body> </soapenv:Envelope> and i got anwser : <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/";> <env:Header> <wsse:Security env:mustUnderstand="1" xmlns:ds=" http://www.w3.org/2000/09/xmldsig# http://www.w3.org/2000/09/xmldsig#"; xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <wsu:Timestamp wsu:Id="timestamp"> <wsu:Created>2010-09-13T07:50:19.788Z</wsu:Created> <wsu:Expires>2010-09-13T07:55:19.788Z</wsu:Expires> </wsu:Timestamp> </wsse:Security> </env:Header> <env:Body> <test:sayHelloResponse xmlns:test=" http://test http://test";> <return>siemanko ?</return> </test:sayHelloResponse> </env:Body> </env:Envelope> So in my request there is no username token, only timestamp and a got answer. But i need to secure it with username. Any idea? -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/561535#561535] Start a new discussion in JBoss Web Services at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
