[jboss-user] [JBoss Web Services] - Re: Problem with securing web service with ws security ( username token )

Łukasz Marczuk [http://community.jboss.org/people/lmarczuk] created the discussion "Re: Problem with securing web service with ws security ( username token )" To view the discussion, visit: http://community.jboss.org/message/561535#561535 -------------------------------------------------------------- ok so now i've got anwser : <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/">    <env:Header/>    <env:Body>       <env:Fault>          <faultcode xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...          <faultstring>This service requires &lt;wsse:Security>, which is missing.</faultstring>       </env:Fault>    </env:Body> </env:Envelope> <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/">    <env:Header/>    <env:Body>       <env:Fault>          <faultcode xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...          <faultstring>This service requires &lt;wsse:Security>, which is missing.</faultstring>       </env:Fault>    </env:Body> </env:Envelope> so i insert only timestamp to my soap request : <soapenv:Envelope xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/" xmlns:test=" http://test http://test">    <soapenv:Header>       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...          <wsu:Timestamp wsu:Id="Timestamp-59" xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...             <wsu:Created>2010-09-13T07:49:59.635Z</wsu:Created>             <wsu:Expires>2010-09-13T07:50:59.635Z</wsu:Expires>          </wsu:Timestamp>       </wsse:Security>    </soapenv:Header>    <soapenv:Body>       <test:sayHello>          <arg0>?</arg0>       </test:sayHello>    </soapenv:Body> </soapenv:Envelope> and i got anwser : <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/">    <env:Header>       <wsse:Security env:mustUnderstand="1" xmlns:ds=" http://www.w3.org/2000/09/xmldsig# http://www.w3.org/2000/09/xmldsig#" xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext... xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit... http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...          <wsu:Timestamp wsu:Id="timestamp">             <wsu:Created>2010-09-13T07:50:19.788Z</wsu:Created>             <wsu:Expires>2010-09-13T07:55:19.788Z</wsu:Expires>          </wsu:Timestamp>       </wsse:Security>    </env:Header>    <env:Body>       <test:sayHelloResponse xmlns:test=" http://test http://test">          <return>siemanko ?</return>       </test:sayHelloResponse>    </env:Body> </env:Envelope> So in my request there is no username token, only timestamp and a got answer. But i need to secure it with username. Any idea? -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/561535#561535] Start a new discussion in JBoss Web Services at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]