Re: Adding security header to STSClient in rahas

Wed, 11 Mar 2009 00:55:43 -0700 

Hi

Yes, I've got this in the policy

<sp:SupportingTokens
                xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                <wsp:Policy>
                    <sp:UsernameToken
                        sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
/>
                </wsp:Policy>
            </sp:SupportingTokens>

After I define the symmetricbinding element. Do you know if what I asked
about how to test if the callback handler should provide a password to the
keystore or actually check username and password was correct?

cheers, Håkon


2009/3/10 Massimiliano Masi <m...@math.unifi.it>

> Hi,
>
> Did you add in your STS policy something like:
>
>  <wsp:Policy>
>              <sp:UsernameToken sp:IncludeToken="
> http://docs.oasis-open.org/ws-s
> x/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
>                <wsp:Policy>
>                        <sp:HashPassword />
>                    </wsp:Policy>
>              </sp:UsernameToken>
>            </wsp:Policy>
>
>
>
>
> Quoting Håkon Sagehaug <hakon.sageh...@bccs.uib.no>:
>
>  Hi all,
>>
>> I wanted to add username/password token in my request to my sts service.
>> I'm
>> using the STSClient from rahas and tried with this
>>
>> Options options = new Options();
>>        options.setUserName("user");
>>        options.setPassword("pass");
>>        options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
>>                loadPolicy("policy/sts_policy.xml"));
>>        stsClient.setOptions(options);
>>
>> But the messages don't have a security header.
>>
>> Alos how should I configure the callback handler, since it need to both
>> validate the username password and fetch the certificate for validating
>> the
>> signed message. Should it be something like this
>>
>> if(pwcb.getUsage() == WSPasswordCallback.USERNAME_TOKEN){
>>   /* Do password validation*/
>> }
>>
>> if(pwcb.getUsage() == WSPasswordCallback.SIGNATURE){
>> /* Do set password for keystore*/
>> }
>>
>> cheers, Håkon
>> --
>> Håkon Sagehaug, Scientific Programmer
>> Parallab, Bergen Center for Computational Science (BCCS)
>> UNIFOB AS (University of Bergen Research Company)
>>
>>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
>


-- 
Håkon Sagehaug, Scientific Programmer
Parallab, Bergen Center for Computational Science (BCCS)
UNIFOB AS (University of Bergen Research Company)

Reply via email to