RequestSecurityToken - any working examples?

[graham.sweetland]

Hi, I’m using Axis 1.2.1 and WSS4J 1.0 and I’m building a client to connect to a .NET service that is issuing security tokens conforming to WS-Trust spec. No WSDL file is available.   I need to create a SOAP envelope that looks like the following:   <soap:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">             <soap:Header>                         <wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>                         <wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>                         <wsa:ReplyTo>                                     <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>                         </wsa:ReplyTo>                         <wsa:To>urn:System-Services:external:1.00:SecurityTokenService</wsa:To>                         <wsse:Security>                                     <wsu:Timestamp wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">                                                 <wsu:Created>2005-07-01T11:03:11Z</wsu:Created>                                                 <wsu:Expires>2005-07-01T11:08:11Z</wsu:Expires>                                     </wsu:Timestamp>                         </wsse:Security>             </soap:Header>             <soap:Body>                         <wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">                                     <wst:TokenType>urn:System-Services:external:1.00:token#Token</wst:TokenType>                                     <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>                                     <wst:Base>                                                 <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">                                                             <wsse:Username>MyUsername</wsse:Username>                                                             <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">          NXJ3ynAa8Sy136aifThXJl8vLoE=                                                             </wsse:Password>                                                             <wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>                                                             <wsu:Created>2005-07-01T11:03:10Z</wsu:Created>                                                 </wsse:UsernameToken>                                     </wst:Base>                                     <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">                                                 <wsa:EndpointReference>                                                             <wsa:Address>urn:System-Services:external:1.00:WebServices</wsa:Address>                                                 </wsa:EndpointReference>                                     </wsp:AppliesTo>                                     <wst:LifeTime>                                                 <wsu:Expires>2005-07-01T15:03:11Z</wsu:Expires>                                     </wst:LifeTime>                         </wst:RequestSecurityToken>             </soap:Body> </soap:Envelope>     Does anyone have or know the whereabouts of any working examples of sending a similar envelope from an Axis / wss4j client and receiving a response?   Also, should I be using Axis2? Is this the way to go for better integration of the WS-* standards, in particular WS-Trust?   Grateful for any assistance. Thanks.   Graham Sweetland