Hello!
I've managed to configure UsernameToken authentication which is
working perfectly with PasswordType digest and text.
I'm having an issue though with Nonce and Created; I don't need them
all the time, if I try to not addNonce or addCreated it gets added
anyway!
Example code:
...
ut.setCreated(false)
ut.setNonce(false)
ut.setDigest(true)
...
private WSSecUsernameToken getUsernameToken(String username, String
password, UsernameToken ut, Document doc) {
WSSecUsernameToken secut = null;
if (username != null && username.trim().length() > 0 && password
!= null && password.trim().length() > 0) {
secut = new WSSecUsernameToken();
if (ut.isDigest())
secut.setPasswordType(WSConstants.PASSWORD_DIGEST);
else
secut.setPasswordType(WSConstants.PASSWORD_TEXT);
secut.setUserInfo(ut.getUsername(), ut.getPassword());
if (ut.isCreated())
secut.addCreated();
if (ut.isNonce())
secut.addNonce();
secut.prepare(doc);
}
return secut;
}
Resulting UsernameToken element
<wsse:UsernameToken wsu:Id="UsernameToken-512309528"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<wsse:Username>
Sender </wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>
sEdkxj9EZIUBn4UHDDioUXwhCCo= </wsse:Password>
<wsse:Nonce>
M3jvBuDs0fchIotm83Wjuw== </wsse:Nonce>
<wsu:Created>
2009-03-04T08:28:53.173Z </wsu:Created>
</wsse:UsernameToken>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
