[jboss-user] [JBossWS] - Username token with password digest?

hugo_th02 do-not-reply at jboss.com
Tue Nov 6 00:00:00 EST 2007

Hi all,
I want to implement username token security to my web service. The problem is that password always appears as plain text in the soap header message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  | <env:Header>
  | <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" env:mustUnderstand="1">
  | <wsse:UsernameToken wsu:Id="token-7-1194379092000-19904003">
  | <wsse:Username>kermit</wsse:Username>
  | <wsse:Password>thefrog</wsse:Password>
  | </wsse:UsernameToken>
  | </wsse:Security>
  | </env:Header>
  | <env:Body>
  | <ns1:wsMethod xmlns="http://ws.secure.res/" xmlns:ns1="http://ws.secure.res/"/>
  | </env:Body>
  | </env:Envelope>

I try to use digest password, but don't know how to config. So anyone successfully use that, please help me...

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4102068#4102068

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4102068

More information about the jboss-user mailing list