[jboss-user] [JBossWS] - Re: implementing wsse:UserNameToken

[rayymlai]

Further to the last email thread:

1. A colleague of mine shows me the source code UsernameToken.java from JBossWS 1.0.3 GA. it looks like UsernameToken(Element) method does read the "Username" and "Password" from the SOAP message.

e.g.
   public UsernameToken(Element element) throws WSSecurityException  {
      this.doc = element.getOwnerDocument();
      String id = element.getAttributeNS(Constants.WSU_NS, Constants.ID);
      ... 
      Element child = Util.getFirstChildElement(element);
      if (child == null || ! Constants.WSSE_NS.equals(child.getNamespaceURI()) || ! "Username".equals(child.getLocalName()))

         throw new WSSecurityException("Username child expected in UsernameToken element");
      this.username = XMLUtils.getFullTextChildrenFromElement(child);
      child = Util.getNextSiblingElement(child);
      ...
   }


I've tried the following permutation of changes, but I still can't make the WSS 1.0 username token profile work in JBossWS.

1. in both jboss-wsse-server.xml and jboss-wsse-client.xml, specify , e.g.

  
     
  

2. in the jboss-wsse*.xml, specify  and  (derived from the source code UsernameToken.java):
   
     manager
     manager
  

3. Specify username and password in the SOAP stub
(as per advice from the previous email threads)

- refer to previous reply

4. Control test - Don't specify anything in the jboss-wsse*.xml. Don't add any user or password in the SOAP stub. This is a control test, to ensure whether  or  has made any difference.
- no difference when running the wss samples.


Any advice?

Thanks.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3982175#3982175

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3982175