Hi Michael
I´m currently looking into Paul´s advisements. I must admit that I
have no idea about how to write a policy for ws-security with username
token authentication and a custom callback class. If you could point
me to an example or provide one I´ll certainly look into it.
The example # 102 is somewhat similar to this..
http://ws.apache.org/synapse/Synapse_Samples.html#Sample102
If you run the client say using the policy_1.xml, it would send out the
request as shown below. The password is validated by the
"samples.userguide.PWCallback" class thats specified.
C:\Java\SynapseDist\synapse-0.91\samples\axis2Client>ant stockquote
-Durl=http://localhost:8080/axis2/services/StockQuoteProxy
-Dsecpolicy=..\..\repository\conf\sample\resources\policy\policy_1.xml
<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope xmlns:wsa="http://www.w3.org/2005/08/addressing";
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
soapenv:mustUnderstand="1">
<wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Timestamp-3686501">
<wsu:Created>2007-01-05T18:41:14.937Z</wsu:Created>
<wsu:Expires>2007-01-09T06:01:14.937Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="UsernameToken-11732976">
<wsse:Username>alice</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";>
password
</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<wsa:To>http://localhost:8080/axis2/services/StockQuoteProxy
</wsa:To>
<wsa:ReplyTo>
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:MessageID>urn:uuid:4D33AD0CECA3CF1FFC1168022474594</wsa:MessageID>
<wsa:Action>urn:getQuote</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<m0:getQuote xmlns:m0="http://services.samples/xsd";>
<m0:request>
<m0:symbol>IBM</m0:symbol>
</m0:request>
</m0:getQuote>
</soapenv:Body>
</soapenv:Envelope>
Now, the above policy expects the reply to also be secured.. if you do
not want this, you could alter the policy to do this. Please write to
the axis2-dev and include 'rampart' in the subject to get more
information on the policies.
Yes I´m planing to use https with the proxy-services. I guess that can
be configured in axis2.xml (transportReceiver) and synapse.xml
(transports=https).
Unfortunately not.. as currently Synapse uses the default standalone
Axis2 http transport which does not support https. We are actively
working on supporting both http and https along with our NIO based
transport soon for 1.0. However if you need this urgently, let me know
as I could point you to an alternative.
asankha
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
