[jboss-user] [JBoss Web Services] - Re: Implementing WS-Security Usename Token Profile Authentic
jayblanc54
do-not-reply at jboss.com
Fri Aug 21 06:55:50 EDT 2009
Thanks alessio, setting StubExt.PROPERTY_AUTH_TYPE works fine.
I have also a problem with SoapUI Digest which always give me an Invalid User.
for exemple : using kermit/thefrog, the generated request for SoapUI is :
| <soapenv:Envelope xmlns:hel="http://org.qualipso.factory.ws/helloworld" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
| <soapenv:Header>
| <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
| <wsse:UsernameToken wsu:Id="UsernameToken-10666036" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
| <wsse:Username>kermit</wsse:Username>
| <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">a4QMImbwZWY5ofgqZQK7SqkWF9M=</wsse:Password>
| <wsse:Nonce>bEC2QeCam1oBnj+wpGBPQw==</wsse:Nonce>
| <wsu:Created>2009-08-21T10:47:42.580Z</wsu:Created>
| </wsse:UsernameToken>
| </wsse:Security>
| </soapenv:Header>
| <soapenv:Body>
| <hel:sayHelloWorld/>
| </soapenv:Body>
| </soapenv:Envelope>
|
Whereas the generated request for the same credentials using the jboss endorsed JAX-WS 2.1 client is :
| <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
| <env:Header>
| <wsse:Security env:mustUnderstand='1' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
| <wsu:Timestamp wsu:Id='timestamp'>
| <wsu:Created>2009-08-21T10:49:48.298Z</wsu:Created>
| <wsu:Expires>2009-08-21T10:54:48.298Z</wsu:Expires>
| </wsu:Timestamp>
| <wsse:UsernameToken wsu:Id='token-1-1250851788299-24072801'>
| <wsse:Username>kermit</wsse:Username>
| <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest'>oOxvxKABFwsUfCvOpjE+GfyrQJs=</wsse:Password>
| <wsse:Nonce EncodingType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'>NXS4XKiKBe9eaJdiAjtCG23A1e3w3wZ9j38POOu4Dvg=</wsse:Nonce>
| <wsse:Created>2009-08-21T10:49:48.289Z</wsse:Created>
| </wsse:UsernameToken>
| </wsse:Security>
| </env:Header>
| <env:Body>
| <ns1:sayHelloWorld xmlns:ns1='http://org.qualipso.factory.ws/helloworld'></ns1:sayHelloWorld>
| </env:Body>
| </env:Envelope>
|
I don't understand why the SoapUI client is not able to authenticate using the same configuration...
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250851#4250851
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4250851
More information about the jboss-user
mailing list