svn commit: r986099 - in /webservices/wss4j/trunk: interop/org/apache/ws/axis/oasis/ interop/org/apache/ws/axis/oasis/ping/ src/org/apache/ws/security/action/ src/org/apache/ws/security/handler/ test/interop/ test/wssec/ xdocs/

coheigea Mon, 16 Aug 2010 12:07:20 -0700

Author: coheigea
Date: Mon Aug 16 19:05:57 2010
New Revision: 986099

URL: http://svn.apache.org/viewvc?rev=986099&view=rev
Log:
[WSS-233] - Allow configuration of UsernameTokenSpec 1.1 derived key 
functionality through WSHandler.
 - Note that unlike 1_5_fixes, the password is referenced through
  USERNAME_TOKEN_UNKNOWN on both the outbound and inbound sides.


Added:
    webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1In.java
    webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1Out.java
Removed:
    webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1.java
Modified:
    webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd
    webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd
    
webservices/wss4j/trunk/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
    webservices/wss4j/trunk/src/org/apache/ws/security/handler/RequestData.java
    webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
    
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
    webservices/wss4j/trunk/test/interop/TestJAXRPCHandler.java
    webservices/wss4j/trunk/test/wssec/TestWSSecurityNew13.java
    webservices/wss4j/trunk/test/wssec/TestWSSecurityUTSignature.java
    webservices/wss4j/trunk/xdocs/package.xml

Modified: 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd 
(original)
+++ webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd 
Mon Aug 16 19:05:57 2010
@@ -23,7 +23,7 @@
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
     <parameter name="user" value="Chris"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="action" value="UsernameToken"/>
     <parameter name="passwordType" value="PasswordText" />
    </handler>
@@ -36,7 +36,7 @@
     <parameter name="action" value="UsernameToken Encrypt"/>
     <parameter name="user" value="Chris"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="passwordType" value="PasswordText" />
     <parameter name="addUTElements" value="Nonce Created" />
     <parameter name="encryptionPropFile" value="wsstest.properties" />
@@ -56,14 +56,15 @@
     <parameter name="action" value="UsernameTokenSignature Encrypt Timestamp"/>
     <parameter name="user" value="Chris"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="encryptionPropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
     <parameter name="encryptionSymAlgorithm" 
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />    
     <!-- Use the Server's cert/key to encrypt the request -->
     <parameter name="encryptionUser" value="bob" />
     <parameter name="encryptionParts" 
-      
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";
 />  
+      
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";
 />
+    <parameter name="useDerivedKey" value="false" />  
    </handler>
   </requestFlow>
   </service>
@@ -74,11 +75,11 @@
     <parameter name="action" value="UsernameTokenSignature Timestamp"/>
     <parameter name="user" value="Chris"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="passwordType" value="PasswordDigest" />
     <parameter name="signatureParts" 
       
value="Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";
 />  
-    
+    <parameter name="useDerivedKey" value="false" />
    </handler>
   </requestFlow>
   </service>
@@ -90,7 +91,7 @@
     <!-- Use the Client's cert/key to sign the request -->
     <parameter name="user" value="alice"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
@@ -101,7 +102,7 @@
   <responseFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -115,13 +116,13 @@
     <!-- Use the Client's cert/key to sign the request -->
     <parameter name="user" value="alice"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="EmbeddedKeyName" />
     <parameter name="encryptionSymAlgorithm" 
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />
     <parameter name="EmbeddedKeyCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1" />
+      value="org.apache.ws.axis.oasis.PWCallback1Out" />
     <parameter name="EmbeddedKeyName" value="SessionKey" />
    </handler>
   </requestFlow>
@@ -143,7 +144,7 @@
     <!-- Use the Client's cert/key to sign the request -->
     <parameter name="user" value="alice"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="signatureParts" value="{}{http://xmlsoap.org/Ping}ticket"; 
/>    
@@ -153,7 +154,7 @@
     <!-- Use the Client's cert/key to sign the request -->
     <parameter name="user" value="alice"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="SKIKeyIdentifier" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>  
@@ -167,7 +168,7 @@
     <!-- Use the Client's cert/key to sign the request -->
     <parameter name="user" value="alice"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
@@ -178,7 +179,7 @@
   </requestFlow>
   <responseFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Encrypt Signature Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -191,7 +192,7 @@
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="user" value="alice"/>
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signatureParts"
       value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;STRTransform"; />
@@ -205,7 +206,7 @@
   <responseFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="decryptionPropFile" value="wsstest.properties" />

Added: 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1In.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1In.java?rev=986099&view=auto
==============================================================================
--- webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1In.java 
(added)
+++ webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1In.java 
Mon Aug 16 19:05:57 2010
@@ -0,0 +1,117 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * @author Werner Dittmann (werner.dittm...@siemens.com)
+ */
+package org.apache.ws.axis.oasis;
+
+import org.apache.ws.security.WSPasswordCallback;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+
+
+/**
+ * Class PWCallback
+ */
+public class PWCallback1In implements CallbackHandler {
+
+    /** Field key */
+    private static final byte[] key = {
+        (byte) 0x31, (byte) 0xfd, (byte) 0xcb, (byte) 0xda, (byte) 0xfb,
+        (byte) 0xcd, (byte) 0x6b, (byte) 0xa8, (byte) 0xe6, (byte) 0x19,
+        (byte) 0xa7, (byte) 0xbf, (byte) 0x51, (byte) 0xf7, (byte) 0xc7,
+        (byte) 0x3e, (byte) 0x80, (byte) 0xae, (byte) 0x98, (byte) 0x51,
+        (byte) 0xc8, (byte) 0x51, (byte) 0x34, (byte) 0x04,
+
+    };
+
+
+    /*
+     * (non-Javadoc)
+     * @see 
javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
+     */
+
+
+    /**
+     * Method handle
+     * 
+     * @param callbacks 
+     * @throws java.io.IOException                  
+     * @throws javax.security.auth.callback.UnsupportedCallbackException 
+     */
+    public void handle(Callback[] callbacks)
+            throws IOException, UnsupportedCallbackException {
+
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) {
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+
+                /*
+                 * This usage type is used only in case we received a
+                 * username token with a password of type PasswordText or
+                 * an unknown password type.
+                 * 
+                 * This case the WSPasswordCallback object contains the
+                 * identifier (aka username), the password we received, and
+                 * the password type string to identify the type.
+                 * 
+                 * Here we perform only a very simple check.
+                 */
+
+                if (pc.getUsage() == 
WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
+                    if(pc.getIdentifier().equals("Ron") && 
pc.getPassword().equals("noR")) {
+                        return;
+                    }
+                    if (pc.getPassword().equals("sirhC")) {
+                        return;
+                    }
+                    throw new UnsupportedCallbackException(callbacks[i],
+                    "check failed");
+                }
+                
+                /*
+                 * here call a function/method to lookup the password for
+                 * the given identifier (e.g. a user name or keystore alias)
+                 * e.g.: 
pc.setPassword(passStore.getPassword(pc.getIdentfifier))
+                 * for Testing we supply a fixed name here.
+                 */
+
+                if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
+                    pc.setKey(key);
+                } else if(pc.getIdentifier().equals("alice")) {
+                    pc.setPassword("password");
+                } else if(pc.getIdentifier().equals("bob")) {
+                    pc.setPassword("password");
+                } else if(pc.getIdentifier().equals("Ron")) {
+                    pc.setPassword("noR");
+                } else {
+                    pc.setPassword("sirhC");
+                }
+                
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i],
+                        "Unrecognized Callback");
+            }
+        }
+    }
+}
+

Added: 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1Out.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1Out.java?rev=986099&view=auto
==============================================================================
--- 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1Out.java 
(added)
+++ 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/PWCallback1Out.java 
Mon Aug 16 19:05:57 2010
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * @author Werner Dittmann (werner.dittm...@siemens.com)
+ */
+package org.apache.ws.axis.oasis;
+
+import org.apache.ws.security.WSPasswordCallback;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import java.io.IOException;
+
+
+/**
+ * Class PWCallback
+ */
+public class PWCallback1Out implements CallbackHandler {
+
+    /** Field key */
+    private static final byte[] key = {
+        (byte) 0x31, (byte) 0xfd, (byte) 0xcb, (byte) 0xda, (byte) 0xfb,
+        (byte) 0xcd, (byte) 0x6b, (byte) 0xa8, (byte) 0xe6, (byte) 0x19,
+        (byte) 0xa7, (byte) 0xbf, (byte) 0x51, (byte) 0xf7, (byte) 0xc7,
+        (byte) 0x3e, (byte) 0x80, (byte) 0xae, (byte) 0x98, (byte) 0x51,
+        (byte) 0xc8, (byte) 0x51, (byte) 0x34, (byte) 0x04,
+
+    };
+
+
+    /*
+     * (non-Javadoc)
+     * @see 
javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
+     */
+
+
+    /**
+     * Method handle
+     * 
+     * @param callbacks 
+     * @throws java.io.IOException                  
+     * @throws javax.security.auth.callback.UnsupportedCallbackException 
+     */
+    public void handle(Callback[] callbacks)
+            throws IOException, UnsupportedCallbackException {
+
+        for (int i = 0; i < callbacks.length; i++) {
+            if (callbacks[i] instanceof WSPasswordCallback) {
+                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+
+
+                /*
+                 * here call a function/method to lookup the password for
+                 * the given identifier (e.g. a user name or keystore alias)
+                 * e.g.: 
pc.setPassword(passStore.getPassword(pc.getIdentfifier))
+                 * for Testing we supply a fixed name here.
+                 */
+
+                if (pc.getUsage() == WSPasswordCallback.KEY_NAME) {
+                    pc.setKey(key);
+                } else if(pc.getIdentifier().equals("alice")) {
+                    pc.setPassword("password");
+                } else if(pc.getIdentifier().equals("bob")) {
+                    pc.setPassword("password");
+                } else if(pc.getIdentifier().equals("Ron")) {
+                    pc.setPassword("noR");
+                } else {
+                    pc.setPassword("sirhC");
+                }
+            } else {
+                throw new UnsupportedCallbackException(callbacks[i],
+                        "Unrecognized Callback");
+            }
+        }
+    }
+}
+

Modified: 
webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd 
(original)
+++ webservices/wss4j/trunk/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd 
Mon Aug 16 19:05:57 2010
@@ -39,7 +39,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="UsernameToken"/>
    </handler>
   </requestFlow>
@@ -67,7 +67,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="UsernameToken Encrypt"/>
     <parameter name="decryptionPropFile" value="wsstest.properties" />
    </handler>
@@ -96,9 +96,10 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="UsernameTokenSignature UsernameToken 
Encrypt Timestamp"/>
     <parameter name="decryptionPropFile" value="wsstest.properties" />
+    <parameter name="useDerivedKey" value="false" />
    </handler>
   </requestFlow>
   </service>
@@ -125,8 +126,9 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="UsernameTokenSignature UsernameToken 
Timestamp"/>
+    <parameter name="useDerivedKey" value="false" />
    </handler>
   </requestFlow>
   </service>
@@ -153,7 +155,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -164,7 +166,7 @@
     <!-- Use the Server's cert/key to sign the response -->
     <parameter name="user" value="bob"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="DirectReference" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
@@ -197,7 +199,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -208,13 +210,13 @@
     <!-- Use the Server's cert/key to sign the response -->
     <parameter name="user" value="bob"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="SKIKeyIdentifier" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="EmbeddedKeyName" />
     <parameter name="encryptionSymAlgorithm" 
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />    
     <parameter name="EmbeddedKeyCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1" />
+      value="org.apache.ws.axis.oasis.PWCallback1Out" />
     <parameter name="EmbeddedKeyName" value="SessionKey" />
    </handler>
   </responseFlow>
@@ -242,7 +244,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Signature Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -271,7 +273,7 @@
       />
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Encrypt Signature Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
    </handler>
@@ -282,7 +284,7 @@
     <!-- Use the Server's cert/key to sign the response -->
     <parameter name="user" value="bob"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="SKIKeyIdentifier" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionKeyIdentifier" value="DirectReference" />
@@ -316,7 +318,7 @@
 
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
-    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordCallbackClass" 
value="org.apache.ws.axis.oasis.PWCallback1In"/>
     <parameter name="action" value="Signature Encrypt Timestamp"/>
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="decryptionPropFile" value="wsstest.properties" />
@@ -328,7 +330,7 @@
     <!-- Use the Server's cert/key to sign the response -->
     <parameter name="user" value="bob"/>
     <parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/>
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/>
     <parameter name="signatureKeyIdentifier" value="SKIKeyIdentifier" />
     <parameter name="signaturePropFile" value="wsstest.properties" />
     <parameter name="encryptionPropFile" value="wsstest.properties" />

Modified: 
webservices/wss4j/trunk/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/action/UsernameTokenSignedAction.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
 (original)
+++ 
webservices/wss4j/trunk/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
 Mon Aug 16 19:05:57 2010
@@ -53,8 +53,15 @@ public class UsernameTokenSignedAction i
 
         WSSecUsernameToken builder = new WSSecUsernameToken();
         builder.setWsConfig(reqData.getWssConfig());
-        builder.setPasswordType(reqData.getPwType());  // enhancement by 
Alberto Coletti
-        builder.setSecretKeyLength(reqData.getSecretKeyLength());
+        
+        if (reqData.isUseDerivedKey()) {
+            int iterations = reqData.getDerivedKeyIterations();
+            boolean useMac = reqData.isUseDerivedKeyForMAC();
+            builder.addDerivedKey(useMac, null, iterations);
+        } else {
+            builder.setPasswordType(reqData.getPwType());  // enhancement by 
Alberto Coletti
+            builder.setSecretKeyLength(reqData.getSecretKeyLength());
+        }
         
         builder.setUserInfo(reqData.getUsername(), password);
         builder.addCreated();
@@ -83,10 +90,15 @@ public class UsernameTokenSignedAction i
         sign.setCustomTokenId(builder.getId());
         sign.setSecretKey(builder.getSecretKey());
         sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
-        sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
         if (reqData.getSigDigestAlgorithm() != null) {
             sign.setDigestAlgo(reqData.getSigDigestAlgorithm());
         }
+        
+        if (reqData.getSigAlgorithm() != null) {
+            sign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+        } else {
+            sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
+        }
 
         sign.prepare(doc, null, reqData.getSecHeader());
 

Modified: 
webservices/wss4j/trunk/src/org/apache/ws/security/handler/RequestData.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/RequestData.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/RequestData.java 
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/RequestData.java 
Mon Aug 16 19:05:57 2010
@@ -24,6 +24,7 @@ import org.apache.ws.security.WSConstant
 import org.apache.ws.security.WSSConfig;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.message.token.UsernameToken;
 
 import java.util.List;
 import java.util.Vector;
@@ -62,6 +63,9 @@ public class RequestData {
     private WSSecHeader secHeader = null;
     private boolean encSymmetricEncryptionKey = true;
     private int secretKeyLength = WSConstants.WSE_DERIVED_KEY_LEN;
+    private boolean useDerivedKey = true;
+    private int derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
+    private boolean useDerivedKeyForMAC = true;
 
     public void clear() {
         soapConstants = null;
@@ -77,6 +81,9 @@ public class RequestData {
         encSymmetricEncryptionKey = true;
         secretKeyLength = WSConstants.WSE_DERIVED_KEY_LEN;
         signatureUser = null;
+        useDerivedKey = true;
+        derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
+        useDerivedKeyForMAC = true;
     }
 
     public Object getMsgContext() {
@@ -297,4 +304,53 @@ public class RequestData {
     public void setSecHeader(WSSecHeader secHeader) {
         this.secHeader = secHeader;
     }
+    
+    /**
+     * @param derivedKey Set whether to derive keys as per the 
+     *        UsernameTokenProfile 1.1 spec. Default is true.
+     */
+    public void setUseDerivedKey(boolean derivedKey) {
+        useDerivedKey = derivedKey;
+    }
+    
+    /**
+     * Return whether to derive keys as per the UsernameTokenProfile 
+     * 1.1 spec. Default is true.
+     */
+    public boolean isUseDerivedKey() {
+        return useDerivedKey;
+    }
+    
+    /**
+     * Set the derived key iterations. Default is 1000.
+     * @param iterations The number of iterations to use when deriving a key
+     */
+    public void setDerivedKeyIterations(int iterations) {
+        derivedKeyIterations = iterations;
+    }
+    
+    /**
+     * Get the derived key iterations.
+     * @return The number of iterations to use when deriving a key
+     */
+    public int getDerivedKeyIterations() {
+        return derivedKeyIterations;
+    }
+    
+    /**
+     * Whether to use the derived key for a MAC.
+     * @param useMac Whether to use the derived key for a MAC.
+     */
+    public void setUseDerivedKeyForMAC(boolean useMac) {
+        useDerivedKeyForMAC = useMac;
+    }
+    
+    /**
+     * Whether to use the derived key for a MAC.
+     * @return Whether to use the derived key for a MAC.
+     */
+    public boolean isUseDerivedKeyForMAC() {
+        return useDerivedKeyForMAC;
+    }
+    
 }

Modified: 
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java 
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java 
Mon Aug 16 19:05:57 2010
@@ -527,6 +527,24 @@ public abstract class WSHandler {
         if (add != null) {
             reqData.setUtElements(StringUtil.split(add, ' '));
         }
+        
+        String derived = getString(WSHandlerConstants.USE_DERIVED_KEY, mc);
+        if (derived != null) {
+            boolean useDerivedKey = Boolean.parseBoolean(derived);
+            reqData.setUseDerivedKey(useDerivedKey);
+        }
+        
+        String derivedMAC = getString(WSHandlerConstants.USE_DERIVED_KEY, mc);
+        boolean useDerivedKeyForMAC = Boolean.parseBoolean(derivedMAC);
+        if (useDerivedKeyForMAC) {
+            reqData.setUseDerivedKeyForMAC(useDerivedKeyForMAC);
+        }
+        
+        String iterations = 
getString(WSHandlerConstants.DERIVED_KEY_ITERATIONS, mc);
+        if (iterations != null) {
+            int iIterations = Integer.parseInt(iterations);
+            reqData.setDerivedKeyIterations(iIterations);
+        }
     }
 
     protected void decodeSignatureParameter(RequestData reqData) 
@@ -882,9 +900,11 @@ public abstract class WSHandler {
 
         switch (doAction) {
         case WSConstants.UT:
-        case WSConstants.UT_SIGN:
             reason = WSPasswordCallback.USERNAME_TOKEN;
             break;
+        case WSConstants.UT_SIGN:
+            reason = WSPasswordCallback.USERNAME_TOKEN_UNKNOWN;
+            break;
         case WSConstants.SIGN:
             reason = WSPasswordCallback.SIGNATURE;
             break;

Modified: 
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
 (original)
+++ 
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
 Mon Aug 16 19:05:57 2010
@@ -602,6 +602,25 @@ public class WSHandlerConstants {
      * The default value is 16 bytes.
      */
     public static final String WSE_SECRET_KEY_LENGTH = "wseSecretKeyLength";
+    
+    /**
+     * This parameter sets whether to use UsernameToken Key Derivation, as 
defined 
+     * in the UsernameTokenProfile 1.1 specification. The default is true. If 
false,
+     * then it falls back to the old behaviour of WSE derived key 
functionality.
+     */
+    public static final String USE_DERIVED_KEY = "useDerivedKey";
+    
+    /**
+     * This parameter sets whether to use the Username Token derived key for a 
MAC
+     * or not. The default is true.
+     */
+    public static final String USE_DERIVED_KEY_FOR_MAC = "useDerivedKeyForMAC";
+    
+    /**
+     * This parameter sets the number of iterations to use when deriving a key
+     * from a Username Token. The default is 1000. 
+     */
+    public static final String DERIVED_KEY_ITERATIONS = "derivedKeyIterations";
 
     /**
      * The name of the crypto property file to use for SOAP Encryption.

Modified: webservices/wss4j/trunk/test/interop/TestJAXRPCHandler.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/interop/TestJAXRPCHandler.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/interop/TestJAXRPCHandler.java (original)
+++ webservices/wss4j/trunk/test/interop/TestJAXRPCHandler.java Mon Aug 16 
19:05:57 2010
@@ -58,7 +58,7 @@ public class TestJAXRPCHandler extends T
         config.put("action", "UsernameToken");
         config.put("user", "Chris");
         config.put("passwordType", "PasswordText");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         invokeService (config, 1);
     }
     public void testScenario2() throws Exception {
@@ -72,7 +72,7 @@ public class TestJAXRPCHandler extends T
         config.put("encryptionPropFile", "wsstest.properties");
         config.put("encryptionKeyIdentifier", "SKIKeyIdentifier");
         config.put("encryptionUser", "bob");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("encryptionParts", 
"{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";);
  
         invokeService (config, 2);
     }
@@ -81,7 +81,7 @@ public class TestJAXRPCHandler extends T
         config.put("deployment", "client");
         config.put("action", "Signature Encrypt Timestamp");
         config.put("user", "alice");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("signatureKeyIdentifier", "DirectReference");
         config.put("signaturePropFile", "wsstest.properties");
         config.put("encryptionKeyIdentifier", "SKIKeyIdentifier");
@@ -93,12 +93,12 @@ public class TestJAXRPCHandler extends T
         config.put("deployment", "client");
         config.put("action", "Signature Encrypt Timestamp");
         config.put("user", "alice");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("signatureKeyIdentifier", "DirectReference");
         config.put("signaturePropFile", "wsstest.properties");
         config.put("encryptionKeyIdentifier", "EmbeddedKeyName");
         config.put("encryptionSymAlgorithm", 
"http://www.w3.org/2001/04/xmlenc#tripledes-cbc";);
-        config.put("EmbeddedKeyCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("EmbeddedKeyCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("EmbeddedKeyName", "SessionKey");
         invokeService (config, 4);
     }
@@ -111,7 +111,7 @@ public class TestJAXRPCHandler extends T
         config.put("deployment", "client");
         config.put("action", "Signature NoSerialization");
         config.put("user", "alice");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("signatureKeyIdentifier", "DirectReference");
         config.put("signaturePropFile", "wsstest.properties");
         config.put("signatureParts", "{}{http://xmlsoap.org/Ping}ticket";);
@@ -122,7 +122,7 @@ public class TestJAXRPCHandler extends T
         config.put("deployment", "client");
         config.put("action", "Encrypt Signature Timestamp");
         config.put("user", "alice");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("signatureKeyIdentifier", "DirectReference");
         config.put("signaturePropFile", "wsstest.properties");
         config.put("encryptionKeyIdentifier", "SKIKeyIdentifier");
@@ -134,7 +134,7 @@ public class TestJAXRPCHandler extends T
         config.put("deployment", "client");
         config.put("action", "Signature Encrypt Timestamp");
         config.put("user", "alice");
-        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1");
+        config.put("passwordCallbackClass", 
"org.apache.ws.axis.oasis.PWCallback1Out");
         config.put("signatureKeyIdentifier", "DirectReference");
         config.put("signaturePropFile", "wsstest.properties");
         config.put("encryptionKeyIdentifier", "SKIKeyIdentifier");

Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNew13.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew13.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityNew13.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNew13.java Mon Aug 16 
19:05:57 2010
@@ -196,6 +196,7 @@ public class TestWSSecurityNew13 extends
         config.put("password", "verySecret");
         config.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
         config.put(WSHandlerConstants.WSE_SECRET_KEY_LENGTH, "32");
+        config.put(WSHandlerConstants.USE_DERIVED_KEY, "false");
         reqData.setUsername("wernerd");
         reqData.setMsgContext(config);
         

Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityUTSignature.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityUTSignature.java?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityUTSignature.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityUTSignature.java Mon Aug 
16 19:05:57 2010
@@ -24,12 +24,15 @@ import junit.framework.TestSuite;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSConfig;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.WSPasswordCallback;
 import org.apache.ws.security.WSSecurityEngine;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.message.WSSecSignature;
 import org.apache.ws.security.message.WSSecUsernameToken;
@@ -174,6 +177,98 @@ public class TestWSSecurityUTSignature e
     }
     
     /**
+     * Test using a UsernameToken derived key for signing a SOAP body via 
WSHandler
+     */
+    public void testHandlerSignature() throws Exception {
+        
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        java.util.Map messageContext = new java.util.TreeMap();
+        messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, this);
+        messageContext.put(WSHandlerConstants.USE_DERIVED_KEY, "true");
+        reqData.setMsgContext(messageContext);
+        reqData.setUsername("bob");
+        
+        final java.util.Vector actions = new java.util.Vector();
+        actions.add(new Integer(WSConstants.UT_SIGN));
+        
+        Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+        MyHandler handler = new MyHandler();
+        handler.send(
+            WSConstants.UT_SIGN, 
+            doc, 
+            reqData, 
+            actions,
+            true
+        );
+        
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+        assertTrue(outputString.indexOf("wsse:Username") != -1);
+        assertTrue(outputString.indexOf("wsse:Password") == -1);
+        assertTrue(outputString.indexOf("wsse11:Salt") != -1);
+        assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug(outputString);
+        }
+        
+        List results = verify(doc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.UT_SIGN);
+        java.security.Principal principal = 
+            (java.security.Principal) 
actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+        assertTrue(principal.getName().indexOf("bob") != -1);
+    }
+    
+    /**
+     * Test using a UsernameToken derived key for signing a SOAP body via 
WSHandler
+     */
+    public void testHandlerSignatureIterations() throws Exception {
+        
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        java.util.Map messageContext = new java.util.TreeMap();
+        messageContext.put(WSHandlerConstants.PW_CALLBACK_REF, this);
+        messageContext.put(WSHandlerConstants.USE_DERIVED_KEY, "true");
+        messageContext.put(WSHandlerConstants.DERIVED_KEY_ITERATIONS, "1234");
+        reqData.setMsgContext(messageContext);
+        reqData.setUsername("bob");
+        
+        final java.util.Vector actions = new java.util.Vector();
+        actions.add(new Integer(WSConstants.UT_SIGN));
+        
+        Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+        MyHandler handler = new MyHandler();
+        handler.send(
+            WSConstants.UT_SIGN, 
+            doc, 
+            reqData, 
+            actions,
+            true
+        );
+        
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+        assertTrue(outputString.indexOf("wsse:Username") != -1);
+        assertTrue(outputString.indexOf("wsse:Password") == -1);
+        assertTrue(outputString.indexOf("wsse11:Salt") != -1);
+        assertTrue(outputString.indexOf("wsse11:Iteration") != -1);
+        assertTrue(outputString.indexOf("1234") != -1);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug(outputString);
+        }
+        
+        List results = verify(doc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.UT_SIGN);
+        java.security.Principal principal = 
+            (java.security.Principal) 
actionResult.get(WSSecurityEngineResult.TAG_PRINCIPAL);
+        assertTrue(principal.getName().indexOf("bob") != -1);
+    }
+    
+    /**
      * Verifies the soap envelope.
      * 
      * @param env soap envelope

Modified: webservices/wss4j/trunk/xdocs/package.xml
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/xdocs/package.xml?rev=986099&r1=986098&r2=986099&view=diff
==============================================================================
--- webservices/wss4j/trunk/xdocs/package.xml (original)
+++ webservices/wss4j/trunk/xdocs/package.xml Mon Aug 16 19:05:57 2010
@@ -59,7 +59,7 @@ on the client (application) side.
     &lt;parameter name="user" value="werner"/&gt;
     &lt;parameter name="passwordType" value="PasswordText" /&gt;
     &lt;parameter name="passwordCallbackClass" 
-      value="org.apache.ws.axis.oasis.PWCallback1"/&gt;
+      value="org.apache.ws.axis.oasis.PWCallback1Out"/&gt;
    &lt;/handler&gt;
   &lt;/requestFlow&gt;
   &lt;/service&gt;



---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org

svn commit: r986099 - in /webservices/wss4j/trunk: interop/org/apache/ws/axis/oasis/ interop/org/apache/ws/axis/oasis/ping/ src/org/apache/ws/security/action/ src/org/apache/ws/security/handler/ test/interop/ test/wssec/ xdocs/

Reply via email to