[jboss-user] [JBossWS] - Re: Implementing WS-Security Usename Token Profile Authentic
PedroSena
do-not-reply at jboss.com
Mon Jun 1 10:14:13 EDT 2009
Hi,
I'm trying to implement this solution, but for some reason, the authentication mecanism is not reading correctly my Soap Header.
I saw in log:
2009-06-01 11:09:24,265 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null
| 2009-06-01 11:09:24,265 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication failure
| javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
| at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
|
And I'm sending:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://www.netsar.com.br/tnw/bus">
| <soapenv:Header>
| <wsse:Security soapenv:mustUnderstand="1"
| xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
| xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
| <wsse:UsernameToken wsu:Id="token-1-1236072936329-25515818">
| <wsse:Username>submarino</wsse:Username>
| <wsse:Password
| Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">subm4r1n0</wsse:Password>
| </wsse:UsernameToken>
| </wsse:Security>
| </soapenv:Header>
| <soapenv:Body>
| </soapenv:Body>
| </soapenv:Envelope>
I'm testing it from SoapUI, the message was made manually.
I created a new login entry on login-config.xml, its loading properly the users, but its not authenticating.
Would appreciate some help here,
Regards,
PS
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4234486#4234486
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4234486
More information about the jboss-user
mailing list