Securing Axis2 with UsernameToken and Digest Password

[David Eagan <da...@hotmail.com>]

I am attempting to secure an Axis2 webservice with UsernameToken and Digest 
Password. I have successfully been able to secure the service using a 
plaintext password, but am running into issues when attempting to switch to 
a digest password.

I'm using JDeveloper to create the client which creates the UsernameToken 
and handles all the SOAP on the client side. Using a SOAP monitoring tool I 
can see the message being sent by my client and it contains the appropriate 
security header information with the digest, nonce, and create objects. From 
this I'm assuming that the issue has to be inside of the Axis2/web service 
configuration and not the client.

My understanding of the CallbackHandler is that in the case of a digest 
password it should set the password. Mine looks like this:
public class PWCBHandler implements CallbackHandler {
public void handle(Callback[] callbacks) throws IOException, 
UnsupportedCallbackException {

for (int i = 0; i WSPasswordCallback pwcb
=(WSPasswordCallback)callbacks ;
String id = pwcb.getIdentifer();
if("user".equals(id)){
pwcb.setPassword("userpwd");
}
else {
throw new UnsupportedCallbackException(callbacks ,
"Unrecognized Callback");
}
}

The error i'm getting is on the client end:
javax.xml.rpc.soap.SOAPFaultException: WSDoAllReceiver: security processing 
failed

Any ideas? Am I using the callbackHandler incorrectly? Something in the 
Axis2 configuration that I'm missing? Is there a way to get more logging out 
of Axis2 to know what exactly it is failing?

thanks
deagan

_________________________________________________________________
Find a local pizza place, movie theater, and more….then map the best route! 
http://maps.live.com/default.aspx?v=2&ss=yp.bars~yp.pizza~yp.movie%20theater&cp=42.358996~-71.056691&style=r&lvl=13&tilt=-90&dir=0&alt=-1000&scene=950607&encType=1&FORM=MGAC01