Re: UserToken policy not working (Help very urgent)

Glen Mazza Wed, 04 Apr 2012 08:53:24 -0700

http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile might helpyou.


Glen


On 04/04/2012 11:36 AM, semecxf wrote:

Here is my use case, I don't want sign, encrypt messages and send user name
and password with my web service calls. Signing and encryption work fine
but, user token is not being included in soap message.
Any idea what is wrong my policy?
Does any body can provide a sample policy and code to that?



<wsp:Policy wsu:Id="SignEncr"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
     <wsp:ExactlyOne>
       <wsp:All>
         <sp:AsymmetricBinding
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
           <wsp:Policy>
             <sp:InitiatorToken>
               <wsp:Policy>
                 <sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient"/>
               </wsp:Policy>
             </sp:InitiatorToken>
             <sp:RecipientToken>
               <wsp:Policy>
                 <sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never";>
                   <wsp:Policy>
                     <sp:RequireThumbprintReference/>
                   </wsp:Policy>
                 </sp:X509Token>
               </wsp:Policy>
             </sp:RecipientToken>
             <sp:AlgorithmSuite>
               <wsp:Policy>
                 <sp:TripleDesRsa15/>
               </wsp:Policy>
             </sp:AlgorithmSuite>
             <sp:Layout>
               <wsp:Policy>
                 <sp:Strict/>
               </wsp:Policy>
             </sp:Layout>
             <sp:IncludeTimestamp/>
             <sp:OnlySignEntireHeadersAndBody/>
           </wsp:Policy>
         </sp:AsymmetricBinding>
         <sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
           <sp:Body/>
         </sp:SignedParts>
         <sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
           <sp:Body/>
         </sp:EncryptedParts>

       </wsp:All>
     </wsp:ExactlyOne>
</wsp:Policy>

<wsp:Policy wsu:Id="UsernameToken_Policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>

       <sp:SupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
        <wsp:Policy>
                <sp:UsernameToken
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always";>
                        <wsp:Policy>
                                <sp:WssUsernameToken11/>
                        </wsp:Policy>
                </sp:UsernameToken>
        </wsp:Policy>
     </sp:SupportingTokens>
  </wsp:Policy>

--
View this message in context: 
http://cxf.547215.n5.nabble.com/UserToken-policy-not-working-Help-very-urgent-tp5618115p5618115.html
Sent from the cxf-user mailing list archive at Nabble.com.



--
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza

Re: UserToken policy not working (Help very urgent)

Reply via email to