Hi Simon,
Thanks for the explanations. I will download and have a look to the
calculator example you mention.
However, I already have seen the sample/helloworld-ws-reference
(service)-secure and I do not know whether and how I can use the
policies they define ; indeed, as I said, I use to bind to a non-SCA
web service - say the web service is not encapsulated in a SCA
component.
So, in this case, can I use the manner you indicate to me ? if yes,
what are the changes to introduce in the policy description
(definitions.xml and/or other files)?
Regards,
Marina.
samples/helloworld-ws-reference-secure and
samples/helloworld-ws-service-secure
Le 7 mai 08 à 12:13, Simon Laws a écrit :
On Mon, May 5, 2008 at 4:11 PM, Marina Deslaugiers <
[EMAIL PROTECTED]> wrote:
Hi,
Hello,
I am coming back to you as I now have to connect to an external web
service with user/password authentication and I do not know how
this can be
done (using policies I guess) in tuscany.
I use a coding analogue to the one in the simple HelloWorld Web
service
example provided (and corrected by you) in
* [jira] Commented: (TUSCANY-2268) Exceptions errors on binding
toexternal web services*
The WSDL of the web service seems to be in "document literal"
encoding.
However, the web service (accessible at the following URL ttp://
161.105.181.118/xml/SMSEnabler/V2.0/SMSSenderSEI which is
different of the
one mentioned in the WSDL file) is private to our company so it is
not
publicly available.
Attached to this e-mail is the WSDL file.
Can you help me again, please ?
thanks.
*Regards,*
**
*Marina.*
**
**
*
*
Hi Marina
The sample samples/calculator-ws-secure-webapp shows some username
and
password based authentication. For example, you will note that some
of the
references/service require authentication..
<component name="CalculatorServiceComponent">
<implementation.java
class="calculator.CalculatorServiceImpl"/>
<reference name="addService" >
<interface.java interface="calculator.AddService" />
<binding.ws uri="
http://localhost:8080/sample-calculator-ws-secure-webapp/
AddServiceComponent
"
requires="authentication" />
</reference>
....
<component name="AddServiceComponent">
<implementation.java class="calculator.AddServiceImpl"/>
<service name="AddService">
<interface.java interface="calculator.AddService" />
<binding.ws requires="authentication"/>
</service>
In this case the definitions.xml file defines service and reference
policy
sets that implement this intent as follows
<sca:policySet name="calc:wsAuthenticationPolicy"
provides="sca:authentication"
appliesTo="sca:service/sca:binding.ws"
<tuscany:wsConfigParam>
<parameter name="InflowSecurity">
<action>
<items>UsernameToken</items>
<passwordCallbackClass>calculator.security.ServerPWCBHandler</
passwordCallbackClass>
</action>
</parameter>
</tuscany:wsConfigParam>
</sca:policySet>
<sca:policySet name="calc:wsClientAuthenticationPolicy"
provides="sca:authentication"
appliesTo="sca:reference/sca:binding.ws">
<tuscany:wsConfigParam>
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
<user>CalculatorUser</user>
<passwordCallbackClass>calculator.security.ClientPWCBHandler</
passwordCallbackClass>"
+
<passwordType>PasswordText</passwordType>
</action>
</parameter>
</tuscany:wsConfigParam>
</sca:policySet>
</component>
These policy sets configure Axis2 to call out to the callback classes
specified in order to get the username and password to be included
in the
soap envelope. There is another, non-webapp, example of this in
samples/helloworld-ws-reference-secure and
samples/helloworld-ws-service-secure
Hope that helps
Simon
