You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Torsten Mielke (JIRA)" <ji...@apache.org> on 2008/05/09 15:32:44 UTC
[jira] Created: (SM-1345) servicemix-http bc to support WS-Security
UsernameToken with passwords of type wsse:PasswordDigest
servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
--------------------------------------------------------------------------------------------------
Key: SM-1345
URL: https://issues.apache.org/activemq/browse/SM-1345
Project: ServiceMix
Issue Type: Improvement
Components: servicemix-http
Affects Versions: 3.2.1
Reporter: Torsten Mielke
servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SM-1345) servicemix-http bc to support
WS-Security UsernameToken with passwords of type wsse:PasswordDigest
Posted by "Torsten Mielke (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/SM-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42612#action_42612 ]
Torsten Mielke commented on SM-1345:
------------------------------------
Trying to use a password digest currently results in the following error being raised:
{code}
org.apache.ws.security.WSSecurityException: General security error
(WSSecurityEngine: Callback supplied no password for: alice); nested exception is:
javax.security.auth.callback.UnsupportedCallbackException
{code}
> servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
> --------------------------------------------------------------------------------------------------
>
> Key: SM-1345
> URL: https://issues.apache.org/activemq/browse/SM-1345
> Project: ServiceMix
> Issue Type: Improvement
> Components: servicemix-http
> Affects Versions: 3.2.1
> Reporter: Torsten Mielke
>
> servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SM-1345) servicemix-http bc to support
WS-Security UsernameToken with passwords of type wsse:PasswordDigest
Posted by "Torsten Mielke (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/activemq/browse/SM-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=42615#action_42615 ]
Torsten Mielke commented on SM-1345:
------------------------------------
For a user alice and password "password" a sample client soap request reads:
{code:xml}
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soap:mustUnderstand="1">
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-31356055"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
alice
</wsse:Username>
<wsse:PasswordType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
Ox1S2J/olNK4UjwXrCCqamoNywo=
</wsse:Password>
<wsse:Nonce xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
vEUHSaObEfF1yvDt1KEZaA==
</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
2008-05-09T15:23:47.339Z
</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
<greetMe xmlns="http://apache.org/hello_world_soap_http/types">
<requestType>ffang</requestType>
</greetMe>
</soap:Body>
</soap:Envelope>
{code}
> servicemix-http bc to support WS-Security UsernameToken with passwords of type wsse:PasswordDigest
> --------------------------------------------------------------------------------------------------
>
> Key: SM-1345
> URL: https://issues.apache.org/activemq/browse/SM-1345
> Project: ServiceMix
> Issue Type: Improvement
> Components: servicemix-http
> Affects Versions: 3.2.1
> Reporter: Torsten Mielke
>
> servicemix-http bc currently does not support WS-Security UsernameToken formats, where the password is a digest as opposed to a clear text password. Please add support for this password type.
> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.