[jboss-user] [JBossWS] - Re: implementing wsse:UserNameToken

jason.greene@jboss.com do-not-reply at jboss.com
Wed Oct 11 19:12:46 EDT 2006

"kdeboer" wrote : I did some research in the JBoss WS 103 Sources.
  | It appears that the username token profile is partly supported.
  | The user and password are added to the soap header when the password are added to the call or proxy object
  | However password type attribute and password encoding is not support.
  | According to the basic security profile the type attribute is required.
  | Password disgest is also very nice to have.
  | will these functions be added in the near future?

The basic security profile has been in draft for over a year, and is not expected to be finalized anytime soon so we haven't looked at conforming to it.  WS-Security 1.0 has type as optional, so we dont specify it. The encoding type is only relevant to a Nonce. and as you see currently nonces aren't supported. I have updated the feature request to reflect this.

Currently the priority on this is low, since we are busy working on EE5 / JAX-WS. So, as Thomas said, feel free to contribute if you want to see this sooner.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3977728#3977728

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3977728

More information about the jboss-user mailing list