Fixed the issue. It had to do with providing both the UsernameToken and Signature within. Using the fixes on the 1.5.x branch, related to Issue WSS-194 <https://issues.apache.org/jira/browse/WSS-194>, did the trick.
Had to further customize the WSPasswordCallback instance to provide two passwords based on the "usage" flag in WSPasswordCallback. Then everything worked like a charm. Tony On Tue, Jul 21, 2009 at 7:30 PM, Anthony Bargnesi <[email protected]>wrote: > As a follow-up, this situation is a Java CXF client speaking to a .NET > webservice. > > The .NET service requires a UsernameToken with a service specific GUID as > the user and an account password for the "PasswordText". The .NET service > also allows Signature, but I'm not sure how to provide both through WSS4J > since you need to set: > > WSHandlerConstants.USER -> Keystore Alias > WSHandlerConstants.PW_CALLBACK_REF -> Lookup Keystore Password > > Hope this clarifies, > > Tony > > > On Tue, Jul 21, 2009 at 12:43 PM, Anthony Bargnesi <[email protected]>wrote: > >> Hello again, >> >> I have a webservice that requires both a UsernameToken and an xml >> signature to be provided in a ws-security header, but I'm running into >> trouble configuring the user and pass. >> >> For the UsernameToken I need to provide the webservice endpoint >> credentials, but for the xml signature I need to provide the keystore alias >> and password. >> >> Does this mean my keystore alias/password has to match the 3rd-party >> credentials in order to provide both UsernameToken + XML Signature? >> >> Thanks, >> Tony >> > >
