Corrected a typo below.... -----Original Message----- From: Sidhu Kiran IT312 Sent: Wednesday, March 08, 2006 4:36 PM To: footh; [email protected] Subject: RE: Axis client to .NET - simple question?
Yes, I have also run into this issue of incompatibility with the way .NET and WSS4J digests the password. In my case the client is .NET and the Web Service is Axis (Using WSS4J 1.1) When I send a response from Axis to .NET Client (with UsernameToken), .NET complains that it could NOT understand the hash algorithm used for Password. It works when .NET sends a request with UsernameToken to Axis, and Axis is able to authenticate the request. -----Original Message----- From: footh [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 4:18 PM To: [email protected] Subject: Axis client to .NET - simple question? I have what I think is a simple question. I'm using an Axis client to invoke a .NET service which uses a simple UsernameToken with a digested password. I'm dynamically setting all the parameters using a "Call" object. Here is the code snippet: call.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); call.setProperty(UsernameToken.PASSWORD_TYPE, WSConstants.PW_DIGEST); call.setProperty(WSHandlerConstants.USER, "user"); call.setProperty(WSHandlerConstants.PW_CALLBACK_REF, new PWCallback()); call.setClientHandlers(new org.apache.ws.axis.security.WSDoAllSender(), null); I am sending what appears to be a valid SOAP request. But, I keep getting a "FailedAuthentication" error. I asked the provider to send me a SOAP message that works, and it looks very similar (obviously, the digest is different). So, I can only conclude that there must be something going on with the hash algorithm? Has an incompatibility ever been discovered with the way .NET and WSS4J digests the password? The service is using WSE 2.0. The only other difference in the SOAP message is the working one has this attribute in the UsernameToken tag: wsu:Id="SecurityToken-0" But, I can't figure out a way to set the Id tag. I've looked through the code and see where it is set, but it is never called. Any help would be appreciated. Regards, JF __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
