Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-76

"SecurityToken" inside "UsernameToken"

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Invalid
    • None
    • None
    • None
    • None
    • Servre : .net WSE 3.0
      Client AXIS2 1.1.1

    Description

      Hi,

      Header Requirement of connectivity is written below.

      <wsse:Security soap:mustUnderstand="1">
      <wsu:Timestamp wsu:Id="Timestamp-137c795a-60b3-4d28-acce-0abf868de8ce">
      <wsu:Created>2006-12-05T23:42:15Z</wsu:Created>
      <wsu:Expires>2006-12-05T23:47:15Z</wsu:Expires>
      </wsu:Timestamp>
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-e1d2ddef-25f1-455e-a535-42aec1f8a1fc">
      <wsse:Username>DMRC</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
      <wsse:Nonce>mI0DNp0NZZ9BRlGYQn7xdQ==</wsse:Nonce>
      <wsu:Created>2006-12-05T23:42:15Z</wsu:Created>
      </wsse:UsernameToken>
      </wsse:Security>

      But What I am able to generate is written below.

      <?xml version='1.0' encoding='UTF-8'?>
      <soapenv:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
      <soapenv:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
      <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-27646795">
      <wsu:Created>2007-05-21T17:57:10.175Z</wsu:Created>
      <wsu:Expires>2007-05-21T18:02:10.175Z</wsu:Expires>
      </wsu:Timestamp>
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-9102426">
      <wsse:Username>DMRC</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
      <wsse:Nonce>iOuOBQmQN+nPg8Q1JiJ36A==</wsse:Nonce>
      </wsse:UsernameToken>
      </wsse:Security>

      Differences are here.

      1. Time stamp in my heade is differn than requird.
      WSSConfig wsConfig = WSSConfig.getDefaultWSConfig();
      System.out.println("mili8sec>>>>>" +wsConfig.isPrecisionInMilliSeconds());
      if(wsConfig.isPrecisionInMilliSeconds())
      wsConfig.setPrecisionInMilliSeconds(false);

      I don't know how I can I set this WSSConfig value in header.

      2. I am not ablt to generate "<wsu:Created>2006-12-05T23:42:15Z</wsu:Created>".

      o.setProperty(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.CREATED_LN);
      o.setProperty(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN);

      if I do above way, NONCE_LN over rite the value of CREATED_LN

      3. Not able to generate "SecurityToken" inside the "UsernameToken" as I don't know how to do that.
      And requirement is genrate "SecurityToken" inside "UsernameToken".

      Your help is very appriciated.

      Thanks & Regards,
      Shweta Desai.

      Attachments

        Issue Links

          Blocked

          Wish - General wishlist item. WSS-568 How to generate SOAP Header username token to consume SOAP WSDL

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              dims Davanum Srinivas
              setuset_desai Shweta Desai
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: