On Mon, May 7, 2012 at 10:04 AM, Jorge Infante Osorio <[email protected]> wrote: > Hi Amila. > > I also do it like you say but with no success. > > The problem is this: > > 1. The policy is upload successfully to the registry´s governance pace. > 2. In the security section I select the Policy From Registry. > 3. In the service wsdl, I don´t see the <sp:HashPassword/> inside the > Policy. > 4. In the service dashboard in QoS configuration, when I go to the Policies > option I don´t see the <sp:HashPassword/> in any Binding. > 5. If I try to edit the policy in any binding, the modifications disappears. > > 6. Also I don’t see any error in the console to this behavior. The > <sp:HashPassword/> just disappear. > 7. If it´s something wrong with the policy I just expected to see an error > in the console. > > > This is a policy part in the registry as I upload it. > > <sp:SupportingTokens > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/I > ncludeToken/AlwaysToRecipient"> > <wsp:Policy> > <sp:HashPassword/> > </wsp:Policy> > </sp:UsernameToken> > </wsp:Policy> > </sp:SupportingTokens> > > And this is how I see in the wsdl: > > <sp:SupportingTokens > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:UsernameToken > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/I > ncludeToken/AlwaysToRecipient" /> > </wsp:Policy> > </sp:SupportingTokens> > > Any idea? I put the policy as attachment.
Hi Jorge, What is the Policy wsu:Id you gave ? If it is same as UTOverTransport, probably system will interpret policy as user name token scenario 1. Can you please try changing wsu:Id of uploading policy and see whether issue is resolved ? Thanks AmilaJ > > Saludos, > Ing. Jorge Infante Osorio. > J´Dpto Soluciones SOA. > CDAE. > Fac. 5. > UCI. > > De: [email protected] [mailto:[email protected]] En > nombre de Amila Jayasekara > Enviado el: domingo, 06 de mayo de 2012 23:52 > Para: [email protected] > Asunto: Re: [Architecture] Hide password in UsernameToken policy with hash > > Hi Jorge, > > I hope you applied UT security from scenarios and tried to modify the policy > file through policy editor ? If that is the case, we generally do not > recommend to change existing policy files in scenarios, as it will change > the semantics described by the scenario. > > Best method is to save UT policy to a file and add <sp:HashPassword/> to UT > in file. Then upload file to registry's governance space. Then when applying > security you can select the file from governance space. > > Thanks > AmilaJ > On Sat, May 5, 2012 at 10:41 PM, Jorge Hernandez Rosello <[email protected]> > wrote: > Hi all. > > I am trying to consume a secure service with UT scenario but this time > adding a hash to politics for the password don´t travel in clear text. The > problem is that when I associate the policy to the WSDL of the service, the > Application Server (home service) is removing me from politics the tab > "<sp:HashPassword/>", which precisely hides the password using a hash. When > consuming the service, the client is sending a request message with the > encrypted password and the service returns an authentication error because > they do not understand the password sent by the client. > > I'm working with version 4.1.2 of wso2as. > > Any idea what might be happening? > > Thanks, > > Jorge H. > > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > > > -- > Mobile : +94773330538 > > > 10mo. ANIVERSARIO DE LA CREACION DE LA UNIVERSIDAD DE LAS CIENCIAS > INFORMATICAS... > CONECTADOS AL FUTURO, CONECTADOS A LA REVOLUCION > > http://www.uci.cu > http://www.facebook.com/universidad.uci > http://www.flickr.com/photos/universidad_uci > -- Mobile : +94773330538 _______________________________________________ User mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/user
