How does one change the xmlns on a Security Header?

[Acadaca <ph...@acadaca.com>]

I have generated stub and am constructing a client for a secured webservice.
It appears that I need to switch my security header namespace, but I can't
figure out how to do that all.

My client uses WSS4JOutInterceptor to configure the token, callback,
username and password. The server is throwing the following error:

 com.ibm.wsspi.wssecurity.SoapSecurityException: The Application Server
expected a Security header with the
http://schemas.xmlsoap.org/ws/2003/06/secext or
http://schemas.xmlsoap.org/ws/2002/07/secext or
http://schemas.xmlsoap.org/ws/2002/04/secext namespace, but it was not
found.

My payload has:

 		<wsse:Security 		
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 		
soap:mustUnderstand="1"> 			<wsse:UsernameToken 			
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 			
wsu:Id="UsernameToken-1"> 				<wsse:Username>username</wsse:Username> 			
<wsse:Password 				
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password> 		
</wsse:UsernameToken> 		</wsse:Security>
-- 
View this message in context: http://www.nabble.com/How-does-one-change-the-xmlns-on-a-Security-Header--tp24118201p24118201.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: How does one change the xmlns on a Security Header?

[Acadaca <ph...@acadaca.com>]

So I managed to get my client workimg by manually building and adding the
soap header through my own SOAPHandler. What is so silly about all this is
that the content of my header did not need to change beyond the value for
the attribute "xmlns:wsse".

In other words, WSS4J does seem to support
"http://schemas.xmlsoap.org/ws/2003/06/secext", there is just know way to
enable it. I believe the best way to resolve this would likely by on the
server, by changing the security policy to accept
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
but in cases where this is not an option it would be nice to be able to
change this manually on the client.


dkulp wrote:
> 
> 
> I don't think so.   It LOOKS like that is kind of hard wired into WSS4J.  
> 
> Dan
> 
>  
> On Mon June 22 2009 12:21:02 pm Acadaca wrote:
>> Bump.
>>
>> To put the question another way-
>>
>> Can CXF support in wsse:Security
>> http://schemas.xmlsoap.org/ws/2003/06/secext? Is there a way to override
>> the dault which is
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur
>>ity-secext-1.0.xsd"?
>>
>> Thanks!
> 
> -- 
> Daniel Kulp
> dkulp@apache.org
> http://www.dankulp.com/blog
> 
> 

-- 
View this message in context: http://www.nabble.com/How-does-one-change-the-xmlns-on-a-Security-Header--tp24118201p24154188.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: How does one change the xmlns on a Security Header?

[Daniel Kulp <dk...@apache.org>]

I don't think so.   It LOOKS like that is kind of hard wired into WSS4J.  

Dan

 
On Mon June 22 2009 12:21:02 pm Acadaca wrote:
> Bump.
>
> To put the question another way-
>
> Can CXF support in wsse:Security
> http://schemas.xmlsoap.org/ws/2003/06/secext? Is there a way to override
> the dault which is
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur
>ity-secext-1.0.xsd"?
>
> Thanks!

-- 
Daniel Kulp
dkulp@apache.org
http://www.dankulp.com/blog

Re: How does one change the xmlns on a Security Header?

[Acadaca <ph...@acadaca.com>]

Bump.

To put the question another way-

Can CXF support in wsse:Security
http://schemas.xmlsoap.org/ws/2003/06/secext? Is there a way to override the
dault which is
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"?

Thanks!
-- 
View this message in context: http://www.nabble.com/How-does-one-change-the-xmlns-on-a-Security-Header--tp24118201p24150605.html
Sent from the cxf-user mailing list archive at Nabble.com.