Hi all! I'm writing a client application that needs to authenticate in the server using WSS Username Token Profile. The password must be encrypted unsing the password digest as described in the specification: Base64 ( SHA-1 ( nonce + created + password ) ).
For that purpose I'm using the WSS4JOutInterceptor as follows: Map<String, Object> outProps = new HashMap<String, Object>(); String username = "aUsername"; String password = "aPassword"; outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); outProps.put(WSHandlerConstants.USER, username); outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_DIGEST); outProps.put(WSHandlerConstants.PW_CALLBACK_REF, new ClientPasswordCallbackHandler(username, password)); WSS4JOutInterceptor wssInterceptor = new WSS4JOutInterceptor(outProps); The resulting XML is being created with the elements: 'Username', 'Password', 'Nonce' and 'Created'. The 'Nonce' is beign created like this: <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>kG8i5U4s1I6AbolCG/AYkw==</wsse:Nonce> As I undertand this is right, but the server is not authenticating my request. The guys responsible for the server said that the 'Nonce' must not be encoded in Base64 and that encoding is optional. This is right? What I want to know is: there's any other way to send the 'Nonce' using another encoding other than Base64? Thanks, FelipeGC -- View this message in context: http://cxf.547215.n5.nabble.com/Nonce-encoding-tp3288305p3288305.html Sent from the cxf-user mailing list archive at Nabble.com.
