You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-user@axis.apache.org by Murali Konnipati <mu...@altair.com> on 2007/09/24 23:58:15 UTC
how to set the username & password dynamically using Rampart
Hi All,
I am very new to Axis2c. I am trying to develop a client for my .Net Web service. For this .Net web service, i need to send the username & password in the UsernameToken element of the SOAP header.
So, i am planning to use the Rampart API to set the username & password in my code. Can anybody please tell me, how to set the username & password in the client through programmatically..
Thanks & Regards,
Murali Krishna K
Re: how to set the username & password dynamically using Rampart
Posted by Manjula Peiris <ma...@wso2.com>.
Hi Murali,
Please note to use the Rampart/C artifacts Kaushalye has mentioned, you
need Axis2/C 1.1. You can download release artifacts from here.
http://people.apache.org/~samisa/1.1.0-2/
Rampart 1.0 release will not be compatible with Axis2/C 1.0 .
-Manjula.
On Tue, 2007-09-25 at 10:37 +0530, Kaushalye Kapuruge wrote:
> Hi Murali,
> Rampart/C[1] is the security module of Axis2/C. And it is based on the
> security policy assertions. So in order to enable username tokens, you
> need to engage Rampart/C with axis2/C. Please look at the scenario2,
> which shows how to enable user name tokens. And I hope following
> description would be a help.
>
> To add a usernametoken you need to include it under the
> sp:SignedSupportingTokens assertion. This is how you do it in the policy
> file.
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"/>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> In addition you need to tell, which username should be included in the
> Usernametoken. This can be done using following assertion under
> <RampartConfigs>
> <rampc:User>Alice</rampc:User>
>
> Like for the user name we do not specify the password in the
> configuration file. instead we use a password callback mechanism, where
> we get a password for the above mentioned user name. The user has to
> specify a DLL or a module to load the password from. For this, following
> assertion is used.
> <rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:PasswordCallbackClass>
>
> So what Rampart/C does is, first it loads the module dynamically and
> then call the function to get the password, which has to be implemented
> by the user. This gives user flexibility to call databases, flat files
> or any other storage mechanism to extract the password.
>
> The username token profile allows two ways to send a password. Either
> you can send the password in the pain text form or you can send as a
> digest of the password. This can be specified using following assertion.
> <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
>
> Note that we are about to release version 1.0. And the artifacts are
> here. You may use these releases for now. We will announce once the
> version 1.0 is released.
> Cheers,
> Kaushalye
> [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
>
> Murali Konnipati wrote:
> >
> > Hi All,
> >
> > I am very new to Axis2c. I am trying to develop a client for my
> > .Net Web service. For this .Net web service, i need to send the
> > username & password in the UsernameToken element of the SOAP header.
> >
> > So, i am planning to use the Rampart API to set the username &
> > password in my code. Can anybody please tell me, how to set the
> > username & password in the client through programmatically..
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: how to set the username & password dynamically using Rampart
Posted by Murali Konnipati <mu...@altair.com>.
Hi Manjula,
I am unable to open the link you have sent in the reply.
Can you please send me the correct link.
Thanks & Regards,
Murali Krishna K
-----Original Message-----
From: Manjula Peiris
To: Apache AXIS C User List
Sent: 9/25/07 12:02 PM
Subject: Re: how to set the username & password dynamically using Rampart
Hi Murali,
Please note to use the Rampart/C artifacts Kaushalye has mentioned, you
need Axis2/C 1.1. You can download release artifacts from here.
http://people.apache.org/~samisa/1.1.0-2/
Rampart 1.0 release will not be compatible with Axis2/C 1.0 .
-Manjula.
On Tue, 2007-09-25 at 10:37 +0530, Kaushalye Kapuruge wrote:
> Hi Murali,
> Rampart/C[1] is the security module of Axis2/C. And it is based on the
> security policy assertions. So in order to enable username tokens, you
> need to engage Rampart/C with axis2/C. Please look at the scenario2,
> which shows how to enable user name tokens. And I hope following
> description would be a help.
>
> To add a usernametoken you need to include it under the
> sp:SignedSupportingTokens assertion. This is how you do it in the
policy
> file.
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken
>
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/Always"/>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> In addition you need to tell, which username should be included in the
> Usernametoken. This can be done using following assertion under
> <RampartConfigs>
> <rampc:User>Alice</rampc:User>
>
> Like for the user name we do not specify the password in the
> configuration file. instead we use a password callback mechanism,
where
> we get a password for the above mentioned user name. The user has to
> specify a DLL or a module to load the password from. For this,
following
> assertion is used.
>
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
ordCallbackClass>
>
> So what Rampart/C does is, first it loads the module dynamically and
> then call the function to get the password, which has to be
implemented
> by the user. This gives user flexibility to call databases, flat files
> or any other storage mechanism to extract the password.
>
> The username token profile allows two ways to send a password. Either
> you can send the password in the pain text form or you can send as a
> digest of the password. This can be specified using following
assertion.
> <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
>
> Note that we are about to release version 1.0. And the artifacts are
> here. You may use these releases for now. We will announce once the
> version 1.0 is released.
> Cheers,
> Kaushalye
> [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
>
> Murali Konnipati wrote:
> >
> > Hi All,
> >
> > I am very new to Axis2c. I am trying to develop a client for
my
> > .Net Web service. For this .Net web service, i need to send the
> > username & password in the UsernameToken element of the SOAP header.
> >
> > So, i am planning to use the Rampart API to set the username
&
> > password in my code. Can anybody please tell me, how to set the
> > username & password in the client through programmatically..
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: how to set the username & password dynamically using Rampart
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi Murali,
Rampart/C[1] is the security module of Axis2/C. And it is based on the
security policy assertions. So in order to enable username tokens, you
need to engage Rampart/C with axis2/C. Please look at the scenario2,
which shows how to enable user name tokens. And I hope following
description would be a help.
To add a usernametoken you need to include it under the
sp:SignedSupportingTokens assertion. This is how you do it in the policy
file.
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
In addition you need to tell, which username should be included in the
Usernametoken. This can be done using following assertion under
<RampartConfigs>
<rampc:User>Alice</rampc:User>
Like for the user name we do not specify the password in the
configuration file. instead we use a password callback mechanism, where
we get a password for the above mentioned user name. The user has to
specify a DLL or a module to load the password from. For this, following
assertion is used.
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:PasswordCallbackClass>
So what Rampart/C does is, first it loads the module dynamically and
then call the function to get the password, which has to be implemented
by the user. This gives user flexibility to call databases, flat files
or any other storage mechanism to extract the password.
The username token profile allows two ways to send a password. Either
you can send the password in the pain text form or you can send as a
digest of the password. This can be specified using following assertion.
<rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
Note that we are about to release version 1.0. And the artifacts are
here. You may use these releases for now. We will announce once the
version 1.0 is released.
Cheers,
Kaushalye
[1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
Murali Konnipati wrote:
>
> Hi All,
>
> I am very new to Axis2c. I am trying to develop a client for my
> .Net Web service. For this .Net web service, i need to send the
> username & password in the UsernameToken element of the SOAP header.
>
> So, i am planning to use the Rampart API to set the username &
> password in my code. Can anybody please tell me, how to set the
> username & password in the client through programmatically..
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: how to set the username & password dynamically using Rampart
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Murali Konnipati wrote:
>
> Hi Kaushalye,
>
> Thank you very much for an information reply.
> As per your procedure, i need to write the username in the
> configuration file(axis2.xml). But i want to set the username
> dynamically at runtime in the client program.
>
> Is it possible to set the username dynamically in Rampart C API.
> Can you please provide some insights on this.
>
>
> P:S I am using rampart_context_set_user() &
> rampart_context_set_password() methods in RAMPART API to set the
> username & password in my code.
>
Actually this is something we have not supported. You may try to create
and use a rampart context. And please have a look at rampart_context.h
and rampart_usernametoken.h files.
Cheers,
Kaushalye
>
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
> -----Original Message-----
> From: Kaushalye Kapuruge
> To: Apache AXIS C User List
> Sent: 9/25/07 10:37 AM
> Subject: Re: how to set the username & password dynamically using Rampart
>
> Hi Murali,
> Rampart/C[1] is the security module of Axis2/C. And it is based on the
> security policy assertions. So in order to enable username tokens, you
> need to engage Rampart/C with axis2/C. Please look at the scenario2,
> which shows how to enable user name tokens. And I hope following
> description would be a help.
>
> To add a usernametoken you need to include it under the
> sp:SignedSupportingTokens assertion. This is how you do it in the policy
>
> file.
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
> cludeToken/Always"/>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> In addition you need to tell, which username should be included in the
> Usernametoken. This can be done using following assertion under
> <RampartConfigs>
> <rampc:User>Alice</rampc:User>
>
> Like for the user name we do not specify the password in the
> configuration file. instead we use a password callback mechanism, where
> we get a password for the above mentioned user name. The user has to
> specify a DLL or a module to load the password from. For this, following
>
> assertion is used.
> <rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
> ordCallbackClass>
>
> So what Rampart/C does is, first it loads the module dynamically and
> then call the function to get the password, which has to be implemented
> by the user. This gives user flexibility to call databases, flat files
> or any other storage mechanism to extract the password.
>
> The username token profile allows two ways to send a password. Either
> you can send the password in the pain text form or you can send as a
> digest of the password. This can be specified using following assertion.
> <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
>
> Note that we are about to release version 1.0. And the artifacts are
> here. You may use these releases for now. We will announce once the
> version 1.0 is released.
> Cheers,
> Kaushalye
> [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
> <http://people.apache.org/%7Ekaushalye/release/rampart-c/1.0.0/>
>
> Murali Konnipati wrote:
> >
> > Hi All,
> >
> > I am very new to Axis2c. I am trying to develop a client for my
>
> > .Net Web service. For this .Net web service, i need to send the
> > username & password in the UsernameToken element of the SOAP header.
> >
> > So, i am planning to use the Rampart API to set the username &
> > password in my code. Can anybody please tell me, how to set the
> > username & password in the client through programmatically..
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
>
>
> --
> http://kaushalye.blogspot.com/
> http://wso2.org/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: how to set the username & password dynamically using Rampart
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Murali Konnipati wrote:
>
> Hi Kaushalye,
>
> Thank you very much for your help Kaushalye.
> I tried the method you mentioned
>
I assume that you are trying to use the rampart context. Instead of
configuring client using the policy file.
>
> in your reply and but is giving some problem in the client log file.
>
>
> The log message is "Input Stream is NULL in msg_ctx"
>
Could you please attach the complete log? Is this problem occurs only
when you engage Rampart/C ?
>
>
> Can you provide some details on when the client generates this
> type of error.
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
>
>
>
> -----Original Message-----
> From: Kaushalye Kapuruge
> To: Apache AXIS C User List
> Sent: 9/25/07 8:25 PM
> Subject: Re: how to set the username & password dynamically using Rampart
>
> Murali Konnipati wrote:
> >
> > Hi Kaushalye,
> >
> > Thank you very much for an information reply.
> > As per your procedure, i need to write the username in the
> > configuration file(axis2.xml). But i want to set the username
> > dynamically at runtime in the client program.
> >
> > Is it possible to set the username dynamically in Rampart C API.
> > Can you please provide some insights on this.
> >
>
> >
> > P:S I am using rampart_context_set_user() &
> > rampart_context_set_password() methods in RAMPART API to set the
> > username & password in my code.
> >
> Actually this is something we have not supported. You may try to create
> and use a rampart context. And please have a look at rampart_context.h
> and rampart_usernametoken.h files.
> Cheers,
> Kaushalye
> >
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
> > -----Original Message-----
> > From: Kaushalye Kapuruge
> > To: Apache AXIS C User List
> > Sent: 9/25/07 10:37 AM
> > Subject: Re: how to set the username & password dynamically using
> Rampart
> >
> > Hi Murali,
> > Rampart/C[1] is the security module of Axis2/C. And it is based on the
> > security policy assertions. So in order to enable username tokens, you
> > need to engage Rampart/C with axis2/C. Please look at the scenario2,
> > which shows how to enable user name tokens. And I hope following
> > description would be a help.
> >
> > To add a usernametoken you need to include it under the
> > sp:SignedSupportingTokens assertion. This is how you do it in the
> policy
> >
> > file.
> > <sp:SignedSupportingTokens
> > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> > <wsp:Policy>
> > <sp:UsernameToken
> >
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
> > cludeToken/Always"/>
> > </wsp:Policy>
> > </sp:SignedSupportingTokens>
> >
> > In addition you need to tell, which username should be included in the
> > Usernametoken. This can be done using following assertion under
> > <RampartConfigs>
> > <rampc:User>Alice</rampc:User>
> >
> > Like for the user name we do not specify the password in the
> > configuration file. instead we use a password callback mechanism,
> where
> > we get a password for the above mentioned user name. The user has to
> > specify a DLL or a module to load the password from. For this,
> following
> >
> > assertion is used.
> >
> <rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
> > ordCallbackClass>
> >
> > So what Rampart/C does is, first it loads the module dynamically and
> > then call the function to get the password, which has to be
> implemented
> > by the user. This gives user flexibility to call databases, flat files
> > or any other storage mechanism to extract the password.
> >
> > The username token profile allows two ways to send a password. Either
> > you can send the password in the pain text form or you can send as a
> > digest of the password. This can be specified using following
> assertion.
> > <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
> >
> > Note that we are about to release version 1.0. And the artifacts are
> > here. You may use these releases for now. We will announce once the
> > version 1.0 is released.
> > Cheers,
> > Kaushalye
> > [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
> <http://people.apache.org/%7Ekaushalye/release/rampart-c/1.0.0/>
> > <http://people.apache.org/%7Ekaushalye/release/rampart-c/1.0.0/>
> >
> > Murali Konnipati wrote:
> > >
> > > Hi All,
> > >
> > > I am very new to Axis2c. I am trying to develop a client for
> my
> >
> > > .Net Web service. For this .Net web service, i need to send the
> > > username & password in the UsernameToken element of the SOAP header.
> > >
> > > So, i am planning to use the Rampart API to set the username
> &
> > > password in my code. Can anybody please tell me, how to set the
> > > username & password in the client through programmatically..
> > >
> > >
> > > Thanks & Regards,
> > >
> > > Murali Krishna K
> > >
> >
> >
> > --
> > http://kaushalye.blogspot.com/
> > http://wso2.org/
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-c-user-help@ws.apache.org
> >
>
>
> --
> http://kaushalye.blogspot.com/
> http://wso2.org/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: how to set the username & password dynamically using Rampart
Posted by Murali Konnipati <mu...@altair.com>.
Hi Kaushalye,
Thank you very much for your help Kaushalye.
I tried the method you mentioned in your reply and but is giving some problem in the client log file.
The log message is "Input Stream is NULL in msg_ctx"
Can you provide some details on when the client generates this type of error.
Thanks & Regards,
Murali Krishna K
-----Original Message-----
From: Kaushalye Kapuruge
To: Apache AXIS C User List
Sent: 9/25/07 8:25 PM
Subject: Re: how to set the username & password dynamically using Rampart
Murali Konnipati wrote:
>
> Hi Kaushalye,
>
> Thank you very much for an information reply.
> As per your procedure, i need to write the username in the
> configuration file(axis2.xml). But i want to set the username
> dynamically at runtime in the client program.
>
> Is it possible to set the username dynamically in Rampart C API.
> Can you please provide some insights on this.
>
>
> P:S I am using rampart_context_set_user() &
> rampart_context_set_password() methods in RAMPART API to set the
> username & password in my code.
>
Actually this is something we have not supported. You may try to create
and use a rampart context. And please have a look at rampart_context.h
and rampart_usernametoken.h files.
Cheers,
Kaushalye
>
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
> -----Original Message-----
> From: Kaushalye Kapuruge
> To: Apache AXIS C User List
> Sent: 9/25/07 10:37 AM
> Subject: Re: how to set the username & password dynamically using
Rampart
>
> Hi Murali,
> Rampart/C[1] is the security module of Axis2/C. And it is based on the
> security policy assertions. So in order to enable username tokens, you
> need to engage Rampart/C with axis2/C. Please look at the scenario2,
> which shows how to enable user name tokens. And I hope following
> description would be a help.
>
> To add a usernametoken you need to include it under the
> sp:SignedSupportingTokens assertion. This is how you do it in the
policy
>
> file.
> <sp:SignedSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:UsernameToken
>
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
> cludeToken/Always"/>
> </wsp:Policy>
> </sp:SignedSupportingTokens>
>
> In addition you need to tell, which username should be included in the
> Usernametoken. This can be done using following assertion under
> <RampartConfigs>
> <rampc:User>Alice</rampc:User>
>
> Like for the user name we do not specify the password in the
> configuration file. instead we use a password callback mechanism,
where
> we get a password for the above mentioned user name. The user has to
> specify a DLL or a module to load the password from. For this,
following
>
> assertion is used.
>
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
> ordCallbackClass>
>
> So what Rampart/C does is, first it loads the module dynamically and
> then call the function to get the password, which has to be
implemented
> by the user. This gives user flexibility to call databases, flat files
> or any other storage mechanism to extract the password.
>
> The username token profile allows two ways to send a password. Either
> you can send the password in the pain text form or you can send as a
> digest of the password. This can be specified using following
assertion.
> <rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
>
> Note that we are about to release version 1.0. And the artifacts are
> here. You may use these releases for now. We will announce once the
> version 1.0 is released.
> Cheers,
> Kaushalye
> [1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
> <http://people.apache.org/%7Ekaushalye/release/rampart-c/1.0.0/>
>
> Murali Konnipati wrote:
> >
> > Hi All,
> >
> > I am very new to Axis2c. I am trying to develop a client for
my
>
> > .Net Web service. For this .Net web service, i need to send the
> > username & password in the UsernameToken element of the SOAP header.
> >
> > So, i am planning to use the Rampart API to set the username
&
> > password in my code. Can anybody please tell me, how to set the
> > username & password in the client through programmatically..
> >
> >
> > Thanks & Regards,
> >
> > Murali Krishna K
> >
>
>
> --
> http://kaushalye.blogspot.com/
> http://wso2.org/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
RE: how to set the username & password dynamically using Rampart
Posted by Murali Konnipati <mu...@altair.com>.
Hi Kaushalye,
Thank you very much for an information reply.
As per your procedure, i need to write the username in the configuration file(axis2.xml). But i want to set the username dynamically at runtime in the client program.
Is it possible to set the username dynamically in Rampart C API. Can you please provide some insights on this.
P:S I am using rampart_context_set_user() & rampart_context_set_password() methods in RAMPART API to set the username & password in my code.
Thanks & Regards,
Murali Krishna K
-----Original Message-----
From: Kaushalye Kapuruge
To: Apache AXIS C User List
Sent: 9/25/07 10:37 AM
Subject: Re: how to set the username & password dynamically using Rampart
Hi Murali,
Rampart/C[1] is the security module of Axis2/C. And it is based on the
security policy assertions. So in order to enable username tokens, you
need to engage Rampart/C with axis2/C. Please look at the scenario2,
which shows how to enable user name tokens. And I hope following
description would be a help.
To add a usernametoken you need to include it under the
sp:SignedSupportingTokens assertion. This is how you do it in the policy
file.
<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/In
cludeToken/Always"/>
</wsp:Policy>
</sp:SignedSupportingTokens>
In addition you need to tell, which username should be included in the
Usernametoken. This can be done using following assertion under
<RampartConfigs>
<rampc:User>Alice</rampc:User>
Like for the user name we do not specify the password in the
configuration file. instead we use a password callback mechanism, where
we get a password for the above mentioned user name. The user has to
specify a DLL or a module to load the password from. For this, following
assertion is used.
<rampc:PasswordCallbackClass>/home/Alice/my_modules/pwcb.so</rampc:Passw
ordCallbackClass>
So what Rampart/C does is, first it loads the module dynamically and
then call the function to get the password, which has to be implemented
by the user. This gives user flexibility to call databases, flat files
or any other storage mechanism to extract the password.
The username token profile allows two ways to send a password. Either
you can send the password in the pain text form or you can send as a
digest of the password. This can be specified using following assertion.
<rampc:PasswordType>Digest/PlainText</rampc:PasswordType>
Note that we are about to release version 1.0. And the artifacts are
here. You may use these releases for now. We will announce once the
version 1.0 is released.
Cheers,
Kaushalye
[1] http://people.apache.org/~kaushalye/release/rampart-c/1.0.0/
Murali Konnipati wrote:
>
> Hi All,
>
> I am very new to Axis2c. I am trying to develop a client for my
> .Net Web service. For this .Net web service, i need to send the
> username & password in the UsernameToken element of the SOAP header.
>
> So, i am planning to use the Rampart API to set the username &
> password in my code. Can anybody please tell me, how to set the
> username & password in the client through programmatically..
>
>
> Thanks & Regards,
>
> Murali Krishna K
>
--
http://kaushalye.blogspot.com/
http://wso2.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org