You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by Simon Sekat <se...@gmail.com> on 2007/08/03 15:06:07 UTC
How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
I'd like to invoke an external web service that requires WS UsernameToken
header. The following is an example request that carries username, nonce,
digested password, created timestamp to the service.
http://incubator.apache.org/servicemix/ws-security.html talked about how a
HTTP consumer endpoint uses WS UsernameToken. Can someone enlighten me how
to develop a HTTP provider endpoint using WS UsernameToken? Thank you.
<?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> soapenv:mustUnderstand="1"
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
> <wsse:UsernameToken wsu:Id="LOGIN"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <wsse:Username>admin</wsse:Username>
> <wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> ">
> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> </wsse:Password>
> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body>
> <Login
> xmlns="http://testserver.com/test1/TWebService/Login">
> <userLoginId>admin</userLoginId>
> </Login>
> </soapenv:Body>
> </soapenv:Envelope>
>
--
Simon S.
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Simon Sekat <se...@gmail.com>.
Michal,
Thank you for your kind response. I have enough information to start trying
this route.
On 8/6/07, Michal <ca...@yahoo.com> wrote:
>
>
> 1. Create a component which inherits from TransformComponentSupport
> 2. implement transform method. Example below.
> 3. wrap sending service in EIP component (I used static-routing-slip). EIP
> component first calls component which add the header then it calls http
> provider
> 4. now in the flow instead of calling directly http provider, call EIP
> component
>
> good luck
>
>
> protected boolean transform(MessageExchange _exchange,
> NormalizedMessage
> _in, NormalizedMessage _out)
> throws Exception
> {
> // fetch soap headers
> Map<QName, DocumentFragment> props = (Map<QName, DocumentFragment>)
> _out.getProperty(JbiConstants.SOAP_HEADERS);
> if (props == null)
> {
> // if not exists then create them
> props = new HashMap<QName, DocumentFragment> ();
> }
> // put Security headers
> props.put(new QName("Security", "UsernameToken"), createDocument());
> // put headers to OUT message - since this will be sent to the
> client
> _out.setProperty(JbiConstants.SOAP_HEADERS, props);
> // use IN message in OUT message
> _out.setContent(_in.getContent());
> return true;
> }
>
> --
> View this message in context:
> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a12017073
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
>
>
--
Simon S.
Re: How can I develop a HTTP provider endpoint invoking web
services that use WS UsernameToken?
Posted by Michal <ca...@yahoo.com>.
1. Create a component which inherits from TransformComponentSupport
2. implement transform method. Example below.
3. wrap sending service in EIP component (I used static-routing-slip). EIP
component first calls component which add the header then it calls http
provider
4. now in the flow instead of calling directly http provider, call EIP
component
good luck
protected boolean transform(MessageExchange _exchange, NormalizedMessage
_in, NormalizedMessage _out)
throws Exception
{
// fetch soap headers
Map<QName, DocumentFragment> props = (Map<QName, DocumentFragment>)
_out.getProperty(JbiConstants.SOAP_HEADERS);
if (props == null)
{
// if not exists then create them
props = new HashMap<QName, DocumentFragment> ();
}
// put Security headers
props.put(new QName("Security", "UsernameToken"), createDocument());
// put headers to OUT message - since this will be sent to the client
_out.setProperty(JbiConstants.SOAP_HEADERS, props);
// use IN message in OUT message
_out.setContent(_in.getContent());
return true;
}
--
View this message in context: http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a12017073
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Simon Sekat <se...@gmail.com>.
Michal,
Knowing that you have tried it before and came up with an alternative, I'd
like to follow suit. Can you post your workaround in detail please,
preferably a working example (as I am a newbie to ServiceMix). Thanks.
On 8/6/07, Michal <ca...@yahoo.com> wrote:
>
>
> I was looking for the same feature. Password supposed to be provided by
> CallbackHandler which is constructed in WSSecurityHandler (see handler
> field).
> However, it seems that currently (FUSE 3.2.0.0) the handler does not
> support
> it - the method throws exception UnsupportedCallbackException.
>
> When is it going to be handled?
> Is there any other way to achieve usernametoken security (in provider
> endpoint)?
>
> Currently, the only workaround that I come up is to have an intermediary
> step which adds to SOAP_HEADERS UsernameToken nodes.
>
>
>
> Simon Sekat wrote:
> >
> > Guillaume,
> >
> > Thanks for the response. Any direction on how I can specify the
> password
> > and password type (e.g. wsse:PasswordText or
> wsse:PasswordDigest)? Thanks
> > again.
> >
> > On 8/6/07, Guillaume Nodet <gn...@gmail.com> wrote:
> >>
> >> You should try something along those lines:
> >>
> >> <http:policies>
> >> <soap:ws-security sendAction="UsernameToken" username="smx" />
> >> </http:policies>
> >>
> >> Cheers,
> >> Guillaume Nodet
> >>
> >> On 8/6/07, Simon Sekat <se...@gmail.com> wrote:
> >> > My question still stands. Could anyone give direction on developing
> a
> >> HTTP
> >> > provider endpoint invoking web services that use WS UsernameToken?
> >> >
> >> > Thanks.
> >> >
> >> > On 8/3/07, Simon Sekat <se...@gmail.com> wrote:
> >> > >
> >> > > I was asking for HTTP provider endpoint.
> >> > >
> >> > > But I thank you for your suggestion about http consumer. Would you
> >> have
> >> > > any HTTP consumer examples that I can learn from. Thank you.
> >> > >
> >> > > On 8/3/07, netflexity <mf...@netflexity.com> wrote:
> >> > > >
> >> > > >
> >> > > > I've done it before by adding http policy to http consumer:
> >> > > >
> >> > > > <http:policies>
> >> > > > <soap:ws-security receiveAction="NoSecurity
> >> UsernameToken"/>
> >> > > > </http:policies>
> >> > > >
> >> > > >
> >> > > > Simon Sekat wrote:
> >> > > > >
> >> > > > > I'd like to invoke an external web service that requires WS
> >> > > > UsernameToken
> >> > > > > header. The following is an example request that carries
> >> username,
> >> > > > nonce,
> >> > > > > digested password, created timestamp to the service.
> >> > > > >
> >> > > > > http://incubator.apache.org/servicemix/ws-security.html talked
> >> about
> >> > > > how a
> >> > > > > HTTP consumer endpoint uses WS UsernameToken. Can someone
> >> enlighten
> >> > > > me
> >> > > > > how
> >> > > > > to develop a HTTP provider endpoint using WS UsernameToken?
> >> Thank
> >> > > > you.
> >> > > > >
> >> > > > > <?xml version="1.0" encoding="UTF-8"?>
> >> > > > >> <soapenv:Envelope
> >> > > > >> xmlns:soapenv="
> >> http://schemas.xmlsoap.org/soap/envelope/
> >> "
> >> > > > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> >> > > > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> >> > > > >> <soapenv:Header>
> >> > > > >> <wsse:Security
> >> > > > >>
> >> > > > >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> >> > > > >> soapenv:mustUnderstand="1"
> >> > > > >> xmlns:wsse="
> >> > > > >>
> >> > > >
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >> > > > >> ">
> >> > > > >> <wsse:UsernameToken wsu:Id="LOGIN"
> >> > > > >> xmlns:wsu="
> >> > > > >>
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> > > >
> >> > > > >> ">
> >> > > > >> <wsse:Username>admin</wsse:Username>
> >> > > > >> <wsse:Password
> >> > > > >> Type="
> >> > > > >>
> >> > > >
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> >> > > > >> ">
> >> > > > >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> >> > > > >> </wsse:Password>
> >> > > > >>
> >> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> >> > > > >>
> >> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> >> > > > >> </wsse:UsernameToken>
> >> > > > >> </wsse:Security>
> >> > > > >> </soapenv:Header>
> >> > > > >> <soapenv:Body>
> >> > > > >> <Login
> >> > > > >> xmlns="
> >> http://testserver.com/test1/TWebService/Login
> >> > > > ">
> >> > > > >> <userLoginId>admin</userLoginId>
> >> > > > >> </Login>
> >> > > > >> </soapenv:Body>
> >> > > > >> </soapenv:Envelope>
> >> > > > >>
> >> > > > >
> >> > > > > --
> >> > > > >
> >> > > > > Simon S.
> >> > > > >
> >> > > > >
> >> > > >
> >> > > > --
> >> > > > View this message in context:
> >> > > >
> >>
> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
> >> > > > Sent from the ServiceMix - User mailing list archive at
> Nabble.com.
> >> > > >
> >> > > >
> >> > >
> >> > >
> >> > > --
> >> > >
> >> > > Simon S.
> >> >
> >> >
> >> >
> >> >
> >> > --
> >> >
> >> > Simon S.
> >> >
> >>
> >>
> >> --
> >> Cheers,
> >> Guillaume Nodet
> >> ------------------------
> >> Principal Engineer, IONA
> >> Blog: http://gnodet.blogspot.com/
> >>
> >
> >
> >
> > --
> >
> > Simon S.
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a12016386
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
>
>
--
Simon S.
Re: How can I develop a HTTP provider endpoint invoking web
services that use WS UsernameToken?
Posted by Michal <ca...@yahoo.com>.
I was looking for the same feature. Password supposed to be provided by
CallbackHandler which is constructed in WSSecurityHandler (see handler
field).
However, it seems that currently (FUSE 3.2.0.0) the handler does not support
it - the method throws exception UnsupportedCallbackException.
When is it going to be handled?
Is there any other way to achieve usernametoken security (in provider
endpoint)?
Currently, the only workaround that I come up is to have an intermediary
step which adds to SOAP_HEADERS UsernameToken nodes.
Simon Sekat wrote:
>
> Guillaume,
>
> Thanks for the response. Any direction on how I can specify the password
> and password type (e.g. wsse:PasswordText or wsse:PasswordDigest)? Thanks
> again.
>
> On 8/6/07, Guillaume Nodet <gn...@gmail.com> wrote:
>>
>> You should try something along those lines:
>>
>> <http:policies>
>> <soap:ws-security sendAction="UsernameToken" username="smx" />
>> </http:policies>
>>
>> Cheers,
>> Guillaume Nodet
>>
>> On 8/6/07, Simon Sekat <se...@gmail.com> wrote:
>> > My question still stands. Could anyone give direction on developing a
>> HTTP
>> > provider endpoint invoking web services that use WS UsernameToken?
>> >
>> > Thanks.
>> >
>> > On 8/3/07, Simon Sekat <se...@gmail.com> wrote:
>> > >
>> > > I was asking for HTTP provider endpoint.
>> > >
>> > > But I thank you for your suggestion about http consumer. Would you
>> have
>> > > any HTTP consumer examples that I can learn from. Thank you.
>> > >
>> > > On 8/3/07, netflexity <mf...@netflexity.com> wrote:
>> > > >
>> > > >
>> > > > I've done it before by adding http policy to http consumer:
>> > > >
>> > > > <http:policies>
>> > > > <soap:ws-security receiveAction="NoSecurity
>> UsernameToken"/>
>> > > > </http:policies>
>> > > >
>> > > >
>> > > > Simon Sekat wrote:
>> > > > >
>> > > > > I'd like to invoke an external web service that requires WS
>> > > > UsernameToken
>> > > > > header. The following is an example request that carries
>> username,
>> > > > nonce,
>> > > > > digested password, created timestamp to the service.
>> > > > >
>> > > > > http://incubator.apache.org/servicemix/ws-security.html talked
>> about
>> > > > how a
>> > > > > HTTP consumer endpoint uses WS UsernameToken. Can someone
>> enlighten
>> > > > me
>> > > > > how
>> > > > > to develop a HTTP provider endpoint using WS UsernameToken?
>> Thank
>> > > > you.
>> > > > >
>> > > > > <?xml version="1.0" encoding="UTF-8"?>
>> > > > >> <soapenv:Envelope
>> > > > >> xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/
>> "
>> > > > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> > > > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> > > > >> <soapenv:Header>
>> > > > >> <wsse:Security
>> > > > >>
>> > > > >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
>> > > > >> soapenv:mustUnderstand="1"
>> > > > >> xmlns:wsse="
>> > > > >>
>> > > >
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> > > > >> ">
>> > > > >> <wsse:UsernameToken wsu:Id="LOGIN"
>> > > > >> xmlns:wsu="
>> > > > >>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> > > >
>> > > > >> ">
>> > > > >> <wsse:Username>admin</wsse:Username>
>> > > > >> <wsse:Password
>> > > > >> Type="
>> > > > >>
>> > > >
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
>> > > > >> ">
>> > > > >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
>> > > > >> </wsse:Password>
>> > > > >>
>> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
>> > > > >>
>> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
>> > > > >> </wsse:UsernameToken>
>> > > > >> </wsse:Security>
>> > > > >> </soapenv:Header>
>> > > > >> <soapenv:Body>
>> > > > >> <Login
>> > > > >> xmlns="
>> http://testserver.com/test1/TWebService/Login
>> > > > ">
>> > > > >> <userLoginId>admin</userLoginId>
>> > > > >> </Login>
>> > > > >> </soapenv:Body>
>> > > > >> </soapenv:Envelope>
>> > > > >>
>> > > > >
>> > > > > --
>> > > > >
>> > > > > Simon S.
>> > > > >
>> > > > >
>> > > >
>> > > > --
>> > > > View this message in context:
>> > > >
>> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
>> > > > Sent from the ServiceMix - User mailing list archive at Nabble.com.
>> > > >
>> > > >
>> > >
>> > >
>> > > --
>> > >
>> > > Simon S.
>> >
>> >
>> >
>> >
>> > --
>> >
>> > Simon S.
>> >
>>
>>
>> --
>> Cheers,
>> Guillaume Nodet
>> ------------------------
>> Principal Engineer, IONA
>> Blog: http://gnodet.blogspot.com/
>>
>
>
>
> --
>
> Simon S.
>
>
--
View this message in context: http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a12016386
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Simon Sekat <se...@gmail.com>.
Guillaume,
Thanks for the response. Any direction on how I can specify the password
and password type (e.g. wsse:PasswordText or wsse:PasswordDigest)? Thanks
again.
On 8/6/07, Guillaume Nodet <gn...@gmail.com> wrote:
>
> You should try something along those lines:
>
> <http:policies>
> <soap:ws-security sendAction="UsernameToken" username="smx" />
> </http:policies>
>
> Cheers,
> Guillaume Nodet
>
> On 8/6/07, Simon Sekat <se...@gmail.com> wrote:
> > My question still stands. Could anyone give direction on developing a
> HTTP
> > provider endpoint invoking web services that use WS UsernameToken?
> >
> > Thanks.
> >
> > On 8/3/07, Simon Sekat <se...@gmail.com> wrote:
> > >
> > > I was asking for HTTP provider endpoint.
> > >
> > > But I thank you for your suggestion about http consumer. Would you
> have
> > > any HTTP consumer examples that I can learn from. Thank you.
> > >
> > > On 8/3/07, netflexity <mf...@netflexity.com> wrote:
> > > >
> > > >
> > > > I've done it before by adding http policy to http consumer:
> > > >
> > > > <http:policies>
> > > > <soap:ws-security receiveAction="NoSecurity UsernameToken"/>
> > > > </http:policies>
> > > >
> > > >
> > > > Simon Sekat wrote:
> > > > >
> > > > > I'd like to invoke an external web service that requires WS
> > > > UsernameToken
> > > > > header. The following is an example request that carries
> username,
> > > > nonce,
> > > > > digested password, created timestamp to the service.
> > > > >
> > > > > http://incubator.apache.org/servicemix/ws-security.html talked
> about
> > > > how a
> > > > > HTTP consumer endpoint uses WS UsernameToken. Can someone
> enlighten
> > > > me
> > > > > how
> > > > > to develop a HTTP provider endpoint using WS UsernameToken? Thank
> > > > you.
> > > > >
> > > > > <?xml version="1.0" encoding="UTF-8"?>
> > > > >> <soapenv:Envelope
> > > > >> xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/
> "
> > > > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > > > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> > > > >> <soapenv:Header>
> > > > >> <wsse:Security
> > > > >>
> > > > >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> > > > >> soapenv:mustUnderstand="1"
> > > > >> xmlns:wsse="
> > > > >>
> > > >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > > > >> ">
> > > > >> <wsse:UsernameToken wsu:Id="LOGIN"
> > > > >> xmlns:wsu="
> > > > >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> > > >
> > > > >> ">
> > > > >> <wsse:Username>admin</wsse:Username>
> > > > >> <wsse:Password
> > > > >> Type="
> > > > >>
> > > >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> > > > >> ">
> > > > >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> > > > >> </wsse:Password>
> > > > >> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> > > > >>
> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> > > > >> </wsse:UsernameToken>
> > > > >> </wsse:Security>
> > > > >> </soapenv:Header>
> > > > >> <soapenv:Body>
> > > > >> <Login
> > > > >> xmlns="
> http://testserver.com/test1/TWebService/Login
> > > > ">
> > > > >> <userLoginId>admin</userLoginId>
> > > > >> </Login>
> > > > >> </soapenv:Body>
> > > > >> </soapenv:Envelope>
> > > > >>
> > > > >
> > > > > --
> > > > >
> > > > > Simon S.
> > > > >
> > > > >
> > > >
> > > > --
> > > > View this message in context:
> > > >
> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
> > > > Sent from the ServiceMix - User mailing list archive at Nabble.com.
> > > >
> > > >
> > >
> > >
> > > --
> > >
> > > Simon S.
> >
> >
> >
> >
> > --
> >
> > Simon S.
> >
>
>
> --
> Cheers,
> Guillaume Nodet
> ------------------------
> Principal Engineer, IONA
> Blog: http://gnodet.blogspot.com/
>
--
Simon S.
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Guillaume Nodet <gn...@gmail.com>.
You should try something along those lines:
<http:policies>
<soap:ws-security sendAction="UsernameToken" username="smx" />
</http:policies>
Cheers,
Guillaume Nodet
On 8/6/07, Simon Sekat <se...@gmail.com> wrote:
> My question still stands. Could anyone give direction on developing a HTTP
> provider endpoint invoking web services that use WS UsernameToken?
>
> Thanks.
>
> On 8/3/07, Simon Sekat <se...@gmail.com> wrote:
> >
> > I was asking for HTTP provider endpoint.
> >
> > But I thank you for your suggestion about http consumer. Would you have
> > any HTTP consumer examples that I can learn from. Thank you.
> >
> > On 8/3/07, netflexity <mf...@netflexity.com> wrote:
> > >
> > >
> > > I've done it before by adding http policy to http consumer:
> > >
> > > <http:policies>
> > > <soap:ws-security receiveAction="NoSecurity UsernameToken"/>
> > > </http:policies>
> > >
> > >
> > > Simon Sekat wrote:
> > > >
> > > > I'd like to invoke an external web service that requires WS
> > > UsernameToken
> > > > header. The following is an example request that carries username,
> > > nonce,
> > > > digested password, created timestamp to the service.
> > > >
> > > > http://incubator.apache.org/servicemix/ws-security.html talked about
> > > how a
> > > > HTTP consumer endpoint uses WS UsernameToken. Can someone enlighten
> > > me
> > > > how
> > > > to develop a HTTP provider endpoint using WS UsernameToken? Thank
> > > you.
> > > >
> > > > <?xml version="1.0" encoding="UTF-8"?>
> > > >> <soapenv:Envelope
> > > >> xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/"
> > > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> > > >> <soapenv:Header>
> > > >> <wsse:Security
> > > >>
> > > >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> > > >> soapenv:mustUnderstand="1"
> > > >> xmlns:wsse="
> > > >>
> > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > > >> ">
> > > >> <wsse:UsernameToken wsu:Id="LOGIN"
> > > >> xmlns:wsu="
> > > >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> > >
> > > >> ">
> > > >> <wsse:Username>admin</wsse:Username>
> > > >> <wsse:Password
> > > >> Type="
> > > >>
> > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> > > >> ">
> > > >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> > > >> </wsse:Password>
> > > >> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> > > >> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> > > >> </wsse:UsernameToken>
> > > >> </wsse:Security>
> > > >> </soapenv:Header>
> > > >> <soapenv:Body>
> > > >> <Login
> > > >> xmlns=" http://testserver.com/test1/TWebService/Login
> > > ">
> > > >> <userLoginId>admin</userLoginId>
> > > >> </Login>
> > > >> </soapenv:Body>
> > > >> </soapenv:Envelope>
> > > >>
> > > >
> > > > --
> > > >
> > > > Simon S.
> > > >
> > > >
> > >
> > > --
> > > View this message in context:
> > > http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
> > > Sent from the ServiceMix - User mailing list archive at Nabble.com.
> > >
> > >
> >
> >
> > --
> >
> > Simon S.
>
>
>
>
> --
>
> Simon S.
>
--
Cheers,
Guillaume Nodet
------------------------
Principal Engineer, IONA
Blog: http://gnodet.blogspot.com/
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Simon Sekat <se...@gmail.com>.
My question still stands. Could anyone give direction on developing a HTTP
provider endpoint invoking web services that use WS UsernameToken?
Thanks.
On 8/3/07, Simon Sekat <se...@gmail.com> wrote:
>
> I was asking for HTTP provider endpoint.
>
> But I thank you for your suggestion about http consumer. Would you have
> any HTTP consumer examples that I can learn from. Thank you.
>
> On 8/3/07, netflexity <mf...@netflexity.com> wrote:
> >
> >
> > I've done it before by adding http policy to http consumer:
> >
> > <http:policies>
> > <soap:ws-security receiveAction="NoSecurity UsernameToken"/>
> > </http:policies>
> >
> >
> > Simon Sekat wrote:
> > >
> > > I'd like to invoke an external web service that requires WS
> > UsernameToken
> > > header. The following is an example request that carries username,
> > nonce,
> > > digested password, created timestamp to the service.
> > >
> > > http://incubator.apache.org/servicemix/ws-security.html talked about
> > how a
> > > HTTP consumer endpoint uses WS UsernameToken. Can someone enlighten
> > me
> > > how
> > > to develop a HTTP provider endpoint using WS UsernameToken? Thank
> > you.
> > >
> > > <?xml version="1.0" encoding="UTF-8"?>
> > >> <soapenv:Envelope
> > >> xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/"
> > >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> > >> <soapenv:Header>
> > >> <wsse:Security
> > >>
> > >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> > >> soapenv:mustUnderstand="1"
> > >> xmlns:wsse="
> > >>
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > >> ">
> > >> <wsse:UsernameToken wsu:Id="LOGIN"
> > >> xmlns:wsu="
> > >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >
> > >> ">
> > >> <wsse:Username>admin</wsse:Username>
> > >> <wsse:Password
> > >> Type="
> > >>
> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> > >> ">
> > >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> > >> </wsse:Password>
> > >> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> > >> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> > >> </wsse:UsernameToken>
> > >> </wsse:Security>
> > >> </soapenv:Header>
> > >> <soapenv:Body>
> > >> <Login
> > >> xmlns=" http://testserver.com/test1/TWebService/Login
> > ">
> > >> <userLoginId>admin</userLoginId>
> > >> </Login>
> > >> </soapenv:Body>
> > >> </soapenv:Envelope>
> > >>
> > >
> > > --
> > >
> > > Simon S.
> > >
> > >
> >
> > --
> > View this message in context:
> > http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
> > Sent from the ServiceMix - User mailing list archive at Nabble.com.
> >
> >
>
>
> --
>
> Simon S.
--
Simon S.
Re: Best practices for using ServiceMix
Posted by Kit Plummer <ki...@gmail.com>.
I'm thinking the simplest solution is the best. The least amount of parts
that need to be maintained/versioned is always better. That
said...deploying ServiceMix as the "server" would be best - especially from
an external integration perspective too.
On 8/4/07, Bruce Snyder <br...@gmail.com> wrote:
>
> On 8/3/07, Jeffrey Puro <jp...@sterlingtesting.com> wrote:
> > Is it considered better to deploy ServiceMix as a standalone product as
> > opposed to having it deployed in JBoss AS?
>
> Because ServiceMix is a deployment platform, it provides multiple
> deployment models for maximum flexibility. One deployment model is not
> necessarily better than another one. It's more a matter of what fits
> the given situation best which is oftentimes just simply a judgment
> call.
>
> Bruce
> --
> perl -e 'print
> unpack("u30","D0G)U8V4\@4VYY9&5R\"F)R=6-E+G-N>61E<D\!G;6%I;\"YC;VT*"
> );'
>
> Apache Geronimo - http://geronimo.apache.org/
> Apache ActiveMQ - http://activemq.org/
> Apache ServiceMix - http://servicemix.org/
> Castor - http://castor.org/
>
--
Kit Plummer
Nobody-in-Charge @ Black:Hole:Logic
http://www.blackholelogic.com
Re: Best practices for using ServiceMix
Posted by Bruce Snyder <br...@gmail.com>.
On 8/3/07, Jeffrey Puro <jp...@sterlingtesting.com> wrote:
> Is it considered better to deploy ServiceMix as a standalone product as
> opposed to having it deployed in JBoss AS?
Because ServiceMix is a deployment platform, it provides multiple
deployment models for maximum flexibility. One deployment model is not
necessarily better than another one. It's more a matter of what fits
the given situation best which is oftentimes just simply a judgment
call.
Bruce
--
perl -e 'print unpack("u30","D0G)U8V4\@4VYY9&5R\"F)R=6-E+G-N>61E<D\!G;6%I;\"YC;VT*"
);'
Apache Geronimo - http://geronimo.apache.org/
Apache ActiveMQ - http://activemq.org/
Apache ServiceMix - http://servicemix.org/
Castor - http://castor.org/
Best practices for using ServiceMix
Posted by Jeffrey Puro <jp...@sterlingtesting.com>.
Is it considered better to deploy ServiceMix as a standalone product as
opposed to having it deployed in JBoss AS?
-Jeff
This email (and any attachments) is intended only for the use of the individual or entity named above and may contain information that is privileged and confidential. If you are not the intended recipient, or have unauthorized access, you are hereby notified that copying, disseminating, distributing or taking any action in reliance on this email is strictly prohibited<br />
Opinions, conclusions and other information in this message that do not relate to the official business of our firm shall be understood as neither given nor endorsed by it.
Re: How can I develop a HTTP provider endpoint invoking web services that use WS UsernameToken?
Posted by Simon Sekat <se...@gmail.com>.
I was asking for HTTP provider endpoint.
But I thank you for your suggestion about http consumer. Would you have any
HTTP consumer examples that I can learn from. Thank you.
On 8/3/07, netflexity <mf...@netflexity.com> wrote:
>
>
> I've done it before by adding http policy to http consumer:
>
> <http:policies>
> <soap:ws-security receiveAction="NoSecurity UsernameToken"/>
> </http:policies>
>
>
> Simon Sekat wrote:
> >
> > I'd like to invoke an external web service that requires WS
> UsernameToken
> > header. The following is an example request that carries username,
> nonce,
> > digested password, created timestamp to the service.
> >
> > http://incubator.apache.org/servicemix/ws-security.html talked about how
> a
> > HTTP consumer endpoint uses WS UsernameToken. Can someone enlighten me
> > how
> > to develop a HTTP provider endpoint using WS UsernameToken? Thank you.
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> >> <soapenv:Envelope
> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> >> <soapenv:Header>
> >> <wsse:Security
> >>
> >> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
> >> soapenv:mustUnderstand="1"
> >> xmlns:wsse="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> >> ">
> >> <wsse:UsernameToken wsu:Id="LOGIN"
> >> xmlns:wsu="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> >> ">
> >> <wsse:Username>admin</wsse:Username>
> >> <wsse:Password
> >> Type="
> >>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
> >> ">
> >> eDQUHeku0Mr188gx8Eo88Ik1tK8=
> >> </wsse:Password>
> >> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
> >> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
> >> </wsse:UsernameToken>
> >> </wsse:Security>
> >> </soapenv:Header>
> >> <soapenv:Body>
> >> <Login
> >> xmlns="http://testserver.com/test1/TWebService/Login">
> >> <userLoginId>admin</userLoginId>
> >> </Login>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >
> > --
> >
> > Simon S.
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
>
>
--
Simon S.
Re: How can I develop a HTTP provider endpoint invoking web
services that use WS UsernameToken?
Posted by netflexity <mf...@netflexity.com>.
I've done it before by adding http policy to http consumer:
<http:policies>
<soap:ws-security receiveAction="NoSecurity UsernameToken"/>
</http:policies>
Simon Sekat wrote:
>
> I'd like to invoke an external web service that requires WS UsernameToken
> header. The following is an example request that carries username, nonce,
> digested password, created timestamp to the service.
>
> http://incubator.apache.org/servicemix/ws-security.html talked about how a
> HTTP consumer endpoint uses WS UsernameToken. Can someone enlighten me
> how
> to develop a HTTP provider endpoint using WS UsernameToken? Thank you.
>
> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> <soapenv:Header>
>> <wsse:Security
>>
>> soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
>> soapenv:mustUnderstand="1"
>> xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> ">
>> <wsse:UsernameToken wsu:Id="LOGIN"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>> <wsse:Username>admin</wsse:Username>
>> <wsse:Password
>> Type="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest
>> ">
>> eDQUHeku0Mr188gx8Eo88Ik1tK8=
>> </wsse:Password>
>> <wsse:Nonce>MTE4NjA4NDcyNDYxMA==</wsse:Nonce>
>> <wsu:Created>2007-08-02T19:58:44Z</wsu:Created>
>> </wsse:UsernameToken>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body>
>> <Login
>> xmlns="http://testserver.com/test1/TWebService/Login">
>> <userLoginId>admin</userLoginId>
>> </Login>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>
> --
>
> Simon S.
>
>
--
View this message in context: http://www.nabble.com/How-can-I-develop-a-HTTP-provider-endpoint-invoking-web-services-that-use-WS-UsernameToken--tf4212467s12049.html#a11989341
Sent from the ServiceMix - User mailing list archive at Nabble.com.