You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by gr...@bt.com on 2005/08/22 14:01:54 UTC
RequestSecurityToken - any working examples?
Hi, I'm using Axis 1.2.1 and WSS4J 1.0 and I'm building a client to
connect to a .NET service that is issuing security tokens conforming to
WS-Trust spec. No WSDL file is available.
I need to create a SOAP envelope that looks like the following:
<soap:Envelope
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Iss
ue</wsa:Action>
<wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anony
mous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>urn:System-Services:external:1.00:SecurityTokenService</wsa:To>
<wsse:Security>
<wsu:Timestamp
wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">
<wsu:Created>2005-07-01T11:03:11Z</wsu:Created>
<wsu:Expires>2005-07-01T11:08:11Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<wst:RequestSecurityToken
xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
<wst:TokenType>urn:System-Services:external:1.00:token#Token</wst:TokenT
ype>
<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Is
sue</wst:RequestType>
<wst:Base>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
urity-utility-1.0.xsd"
wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">
<wsse:Username>MyUsername</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
oken-profile-1.0#PasswordDigest">
NXJ3ynAa8Sy136aifThXJl8vLoE=
</wsse:Password>
<wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>
<wsu:Created>2005-07-01T11:03:10Z</wsu:Created>
</wsse:UsernameToken>
</wst:Base>
<wsp:AppliesTo
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsa:EndpointReference>
<wsa:Address>urn:System-Services:external:1.00:WebServices</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:LifeTime>
<wsu:Expires>2005-07-01T15:03:11Z</wsu:Expires>
</wst:LifeTime>
</wst:RequestSecurityToken>
</soap:Body>
</soap:Envelope>
Does anyone have or know the whereabouts of any working examples of
sending a similar envelope from an Axis / wss4j client and receiving a
response?
Also, should I be using Axis2? Is this the way to go for better
integration of the WS-* standards, in particular WS-Trust?
Grateful for any assistance. Thanks.
Graham Sweetland
Re: RequestSecurityToken - any working examples?
Posted by Davanum Srinivas <da...@gmail.com>.
There's some code in WSS4J sandbox. Would you be willing to help fix it?
http://cvs.apache.org/viewcvs.cgi/ws-wss4j/src/org/apache/ws/sandbox/security/trust2/
Thanks,
dims
On 8/22/05, graham.sweetland@bt.com <gr...@bt.com> wrote:
>
>
>
> Hi, I'm using Axis 1.2.1 and WSS4J 1.0 and I'm building a client to connect
> to a .NET service that is issuing security tokens conforming to WS-Trust
> spec. No WSDL file is available.
>
>
>
> I need to create a SOAP envelope that looks like the following:
>
>
>
> <soap:Envelope
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>
> <soap:Header>
>
>
> <wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
>
>
> <wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>
>
> <wsa:ReplyTo>
>
>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
>
> </wsa:ReplyTo>
>
>
> <wsa:To>urn:System-Services:external:1.00:SecurityTokenService</wsa:To>
>
> <wsse:Security>
>
> <wsu:Timestamp
> wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">
>
>
> <wsu:Created>2005-07-01T11:03:11Z</wsu:Created>
>
>
> <wsu:Expires>2005-07-01T11:08:11Z</wsu:Expires>
>
> </wsu:Timestamp>
>
> </wsse:Security>
>
> </soap:Header>
>
> <soap:Body>
>
> <wst:RequestSecurityToken
> xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
>
>
> <wst:TokenType>urn:System-Services:external:1.00:token#Token</wst:TokenType>
>
>
> <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
>
> <wst:Base>
>
>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">
>
>
> <wsse:Username>MyUsername</wsse:Username>
>
>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
>
> NXJ3ynAa8Sy136aifThXJl8vLoE=
>
>
> </wsse:Password>
>
>
> <wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>
>
>
> <wsu:Created>2005-07-01T11:03:10Z</wsu:Created>
>
>
> </wsse:UsernameToken>
>
> </wst:Base>
>
> <wsp:AppliesTo
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
>
>
> <wsa:EndpointReference>
>
>
> <wsa:Address>urn:System-Services:external:1.00:WebServices</wsa:Address>
>
>
> </wsa:EndpointReference>
>
> </wsp:AppliesTo>
>
> <wst:LifeTime>
>
>
> <wsu:Expires>2005-07-01T15:03:11Z</wsu:Expires>
>
> </wst:LifeTime>
>
> </wst:RequestSecurityToken>
>
> </soap:Body>
>
> </soap:Envelope>
>
>
>
>
>
> Does anyone have or know the whereabouts of any working examples of sending
> a similar envelope from an Axis / wss4j client and receiving a response?
>
>
>
> Also, should I be using Axis2? Is this the way to go for better integration
> of the WS-* standards, in particular WS-Trust?
>
>
>
> Grateful for any assistance. Thanks.
>
>
>
>
> Graham Sweetland
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: RequestSecurityToken - any working examples?
Posted by Davanum Srinivas <da...@gmail.com>.
There's some code in WSS4J sandbox. Would you be willing to help fix it?
http://cvs.apache.org/viewcvs.cgi/ws-wss4j/src/org/apache/ws/sandbox/security/trust2/
Thanks,
dims
On 8/22/05, graham.sweetland@bt.com <gr...@bt.com> wrote:
>
>
>
> Hi, I'm using Axis 1.2.1 and WSS4J 1.0 and I'm building a client to connect
> to a .NET service that is issuing security tokens conforming to WS-Trust
> spec. No WSDL file is available.
>
>
>
> I need to create a SOAP envelope that looks like the following:
>
>
>
> <soap:Envelope
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
>
> <soap:Header>
>
>
> <wsa:Action>http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/Issue</wsa:Action>
>
>
> <wsa:MessageID>uuid:39610e5b-162b-4491-9301-85578046a583</wsa:MessageID>
>
> <wsa:ReplyTo>
>
>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
>
> </wsa:ReplyTo>
>
>
> <wsa:To>urn:System-Services:external:1.00:SecurityTokenService</wsa:To>
>
> <wsse:Security>
>
> <wsu:Timestamp
> wsu:Id="Timestamp-201ebb7a-d2f4-44d5-85e4-b8bb4c71ed54">
>
>
> <wsu:Created>2005-07-01T11:03:11Z</wsu:Created>
>
>
> <wsu:Expires>2005-07-01T11:08:11Z</wsu:Expires>
>
> </wsu:Timestamp>
>
> </wsse:Security>
>
> </soap:Header>
>
> <soap:Body>
>
> <wst:RequestSecurityToken
> xmlns:wst="http://schemas.xmlsoap.org/ws/2004/04/trust">
>
>
> <wst:TokenType>urn:System-Services:external:1.00:token#Token</wst:TokenType>
>
>
> <wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>
>
> <wst:Base>
>
>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="SecurityToken-94d12e0f-400b-4412-bde8-e03357eb0692">
>
>
> <wsse:Username>MyUsername</wsse:Username>
>
>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
>
> NXJ3ynAa8Sy136aifThXJl8vLoE=
>
>
> </wsse:Password>
>
>
> <wsse:Nonce>4nJy2oD6xC79zatTHvuywg==</wsse:Nonce>
>
>
> <wsu:Created>2005-07-01T11:03:10Z</wsu:Created>
>
>
> </wsse:UsernameToken>
>
> </wst:Base>
>
> <wsp:AppliesTo
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
>
>
> <wsa:EndpointReference>
>
>
> <wsa:Address>urn:System-Services:external:1.00:WebServices</wsa:Address>
>
>
> </wsa:EndpointReference>
>
> </wsp:AppliesTo>
>
> <wst:LifeTime>
>
>
> <wsu:Expires>2005-07-01T15:03:11Z</wsu:Expires>
>
> </wst:LifeTime>
>
> </wst:RequestSecurityToken>
>
> </soap:Body>
>
> </soap:Envelope>
>
>
>
>
>
> Does anyone have or know the whereabouts of any working examples of sending
> a similar envelope from an Axis / wss4j client and receiving a response?
>
>
>
> Also, should I be using Axis2? Is this the way to go for better integration
> of the WS-* standards, in particular WS-Trust?
>
>
>
> Grateful for any assistance. Thanks.
>
>
>
>
> Graham Sweetland
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org