[jboss-user] [JBossWS] - Username token with password digest?
hugo_th02
do-not-reply at jboss.com
Tue Nov 6 00:00:00 EST 2007
Hi all,
I want to implement username token security to my web service. The problem is that password always appears as plain text in the soap header message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
| <env:Header>
| <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" env:mustUnderstand="1">
| <wsse:UsernameToken wsu:Id="token-7-1194379092000-19904003">
| <wsse:Username>kermit</wsse:Username>
| <wsse:Password>thefrog</wsse:Password>
| </wsse:UsernameToken>
| </wsse:Security>
| </env:Header>
| <env:Body>
| <ns1:wsMethod xmlns="http://ws.secure.res/" xmlns:ns1="http://ws.secure.res/"/>
| </env:Body>
| </env:Envelope>
|
I try to use digest password, but don't know how to config. So anyone successfully use that, please help me...
Thanks.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4102068#4102068
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4102068
More information about the jboss-user
mailing list