You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@servicemix.apache.org by "Torsten Mielke (JIRA)" <ji...@apache.org> on 2008/05/09 15:32:44 UTC

[jira] Created: (SM-1345) servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest

servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
--------------------------------------------------------------------------------------------------

                 Key: SM-1345
                 URL: https://issues.apache.org/activemq/browse/SM-1345
             Project: ServiceMix
          Issue Type: Improvement
          Components: servicemix-http
    Affects Versions: 3.2.1
            Reporter: Torsten Mielke


servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">



-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SM-1345) servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest

Posted by "Torsten Mielke (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/activemq/browse/SM-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42612#action_42612 ] 

Torsten Mielke commented on SM-1345:
------------------------------------

Trying to use a password digest currently results in the following error being raised:

{code}
org.apache.ws.security.WSSecurityException: General security error 
(WSSecurityEngine: Callback supplied no password for: alice); nested exception is: 
javax.security.auth.callback.UnsupportedCallbackException
{code}

> servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
> --------------------------------------------------------------------------------------------------
>
>                 Key: SM-1345
>                 URL: https://issues.apache.org/activemq/browse/SM-1345
>             Project: ServiceMix
>          Issue Type: Improvement
>          Components: servicemix-http
>    Affects Versions: 3.2.1
>            Reporter: Torsten Mielke
>
> servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Commented: (SM-1345) servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest

Posted by "Torsten Mielke (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/activemq/browse/SM-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42615#action_42615 ] 

Torsten Mielke commented on SM-1345:
------------------------------------

For a user alice and password "password" a sample client soap request reads:

{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  soap:mustUnderstand="1">
<wsse:UsernameToken
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
  wsu:Id="UsernameToken-31356055"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
alice
</wsse:Username>
<wsse:PasswordType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
Ox1S2J/olNK4UjwXrCCqamoNywo=
</wsse:Password>
<wsse:Nonce xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
vEUHSaObEfF1yvDt1KEZaA==
</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
2008-05-09T15:23:47.339Z
</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<greetMe xmlns="http://apache.org/hello_world_soap_http/types">
<requestType>ffang</requestType>
</greetMe>
</soap:Body>
</soap:Envelope>
{code}

> servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
> --------------------------------------------------------------------------------------------------
>
>                 Key: SM-1345
>                 URL: https://issues.apache.org/activemq/browse/SM-1345
>             Project: ServiceMix
>          Issue Type: Improvement
>          Components: servicemix-http
>    Affects Versions: 3.2.1
>            Reporter: Torsten Mielke
>
> servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.