[jboss-user] [JBossWS] - Re: implementing wsse:UserNameToken
sappenin
do-not-reply at jboss.com
Mon Oct 2 18:33:18 EDT 2006
Any update on this? Has a JIRA todo been created? I'm running into the same problem. I'd like to base64(SHA1(nonce + createdTimeStamp + password)) and send that value in the SOAP Header as part of the WSSE UsernameToken. However, JBoss appears to not be doing anything with this when the actual authentication occurs on the server-side....In order to get WSSE auth working, I have to send a clear password as the value of the 'password' element in the Security header.
Is full WSSE functionality something that has to be implemented in a LoginModule, or will this be implemented in a later rev of JbossWS?
David
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975628#3975628
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975628
More information about the jboss-user
mailing list