Also, in addition to my last question, for clarity, is the Security Policy really just understanding and using the syntax from the OASIS WS-Security Policy documentation and only the <ramp:RampartConfig>...</ramp:RampartConfig> parts actually what is used to incorporate Rampart?
Thanks. =>RY -----Original Message----- From: Roxanne Yee [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:17 AM To: [email protected] Subject: RE: Newbie Basics: Security Policy Actually, I'm using soapUI as the client, so it is possible to ignore all files with the word "client" in them? -----Original Message----- From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] Sent: Mon 7/14/2008 8:01 AM To: [email protected] Subject: Re: Newbie Basics: Security Policy Hi Roxane, This is the policy to be used. Hope you know how to attach this policy to services.xml and to a client. Please go through the Rampart policy samples and you will be able to see how that is done. If you have further questions, please feel free to throw them in. regards, nandana <wsp:Policy wsu:Id="UT" xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:SupportingTokens xmlns:sp=" http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:UsernameToken sp:IncludeToken=" http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"; /> </wsp:Policy> </sp:SupportingTokens> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:user>username</ramp:user> <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample01.PWCBHandler</ramp:passwordCallbackClass> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> On Mon, Jul 14, 2008 at 11:53 PM, Roxanne Yee <[EMAIL PROTECTED]> wrote: > If I simply wanted to implement a web service that used a User Name Token > authentication system with a Username and Password in Plaintext (no SSL for > now, cause I'm a little sketchy on how to actually set that up), what would > I need to do if using the Policy handler configuration? > > Thanks. > > => RY >
