Please see inline. Pls have a look into the test/interop/TestJAXRPCHandler class to get some real good examples how to do it all programatically.
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Gesendet: Donnerstag, 9. Februar 2006 21:18 > An: Dittmann, Werner > Cc: [email protected] > Betreff: Re: AW: wss4j usernametoken question : possible 2 bugs > > Hi Werner > I looked up ur prev responses and figured a way out to call > that security > handler while using the Call interface [DII client]. But I > think I fould 2 > bugs in the process. > Pls take a look at the code below: > [Bug 1????] Here if I set the PWCallBack instance using the > REF property I've tested this an it works. The REF variant need a object, not a classname as string. > then it does not work - it only works if I set the class name > property. > [Bug 2????] Here even though I set the .PASSWORD_TYPE, > WSConstants.PASSWORD_TEXT - I see the soap message on wire > using tcpmon and This sould read WSConstants.PW_TEXT > I can see the password digest going through. So what I am > missing?? OR this > is a bug? > > > Question: > Its not possible for the application to have the clear text > password ready > to set into the PWCallBack class in the server side. The > users might be > configured in the LDAP or j2ee containers user registry and > there is no way > that the call back code can get the password in clear text > format or not > get the password at all. So in that case I am not sure how > does the axis > WSS work for username token profile. Does anyone see the > problem here or I > am missing something? > > > private static EngineConfiguration > createClientConfig(String username, > String password) > { > try > { > SimpleProvider clientConfig=new SimpleProvider(); > > Handler securityHandler= (Handler)new WSDoAllSender(); > > securityHandler.setOption(WSHandlerConstants.ACTION, > "UsernameToken"); > > > > > //securityHandler.setOption(WSHandlerConstants.SIG_PROP_FILE,t > his.WSS_SIG_PR > //OPERTIES); > > securityHandler.setOption(WSHandlerConstants.PASSWORD_TYPE, > WSConstants.PASSWORD_TEXT); > > securityHandler.setOption(WSHandlerConstants.USER, username); > > > securityHandler.setOption(WSHandlerConstants.PW_CALLBACK_CLASS, > "psdi.iface.webservices.PWCallBack"); > > SimpleChain reqHandler=new SimpleChain(); > > SimpleChain respHandler=new SimpleChain(); > > // add the handler to the request > > reqHandler.addHandler(securityHandler); > > Handler pivot=(Handler)new HTTPSender(); > > Handler transport=new > SimpleTargetedChain(reqHandler, pivot, > null); > > clientConfig.deployTransport(HTTPTransport.DEFAULT_TRANSPORT_N > AME,transport); > > > return clientConfig; > > } > catch(Exception e) > { > e.printStackTrace(); > return null; > } > } > > thanks > Anamitra > > > > > > "Dittmann, > > Werner" > > <werner.dittmann@ > To > siemens.com> > <[EMAIL PROTECTED]>, > > <[email protected]> > 02/09/2006 02:06 > cc > AM > > > Subject > AW: wss4j > usernametoken question > > > > > > > > > > > > > > > > > Anamitra, > > do you have set up an Axis deployment file for your > client that instructs Axis to use the security handler? > > Just setting the properties is not enough to invoke > the security handler. Please have a look in the interop/* > directories or consult the WSS4J Wiki pages. > > Regards, > Werner > > > -----Ursprüngliche Nachricht----- > > Von: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > Gesendet: Mittwoch, 8. Februar 2006 21:37 > > An: [email protected] > > Betreff: wss4j usernametoken question > > > > > > Hi > > I am trying to write a JAX-RPC DII client [so no stubs > > generated] to invoke > > a axis web service that has usernametoken ws security > > enabled. Have gone > > through all the docs and not able to figure out how to set > > username/password properties in the Call object to invoke the > > web service > > with WS security headers. My old code used to have > > > > call.setProperty(Call.USERNAME_PROPERTY, username); > > call.setProperty(Call.PASSWORD_PROPERTY, password); > > > > This doesn ot work anymore as it was prsumably setting into the http > > header. > > > > I tried this code > > > > call.setProperty(UsernameToken.PASSWORD_TYPE, > > WSConstants.PASSWORD_TEXT); > > call.setProperty(WSHandlerConstants.USER, username); > > > > call.setProperty(WSHandlerConstants.PW_CALLBACK_REF, > > Class.forName("psdi.iface.webservices.PWCallBack").newInstance()); > > > > > > And it does not generate the ws sec headers for username token. Just > > wondering how can I write a client in a standard way to do this > > invovocation? > > > > thanks > > Anamitra > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
