You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Nencho Lupanov <ne...@googlemail.com> on 2007/05/02 15:19:27 UTC

[axis2]WS Security Policy includeToken option problem

Hi All ,

I am trying the rampart sample that comes with the distro.
I am going with sample01, only that i wanted it to be slightly different:
I change the sp:IncludeToken attribute, so instead of:


<sp:SignedSupportingTokens xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">

<wsp:Policy>

<sp:UsernameToken sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/
AlwaysToRecipient" />

</wsp:Policy>

</sp:SignedSupportingTokens>



I have:

<sp:SignedSupportingTokens xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">

<wsp:Policy>

<sp:UsernameToken sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />

</wsp:Policy>

</sp:SignedSupportingTokens>

I am saying that in both requests i can found the following soap with
tcpmon:

<wsse:UsernameToken xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-1673653"><wsse:Username>my_username</wsse:Username><wsse:Password
Type="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
">my_password</wsse:Password></wsse:UsernameToken>

Does this means that the username and password will be sent only the first
time?I tryed this but I still get the whole Usernametoken trasffered every
time?Is this supposed to work like this or is there a bug in the rampart
handling of the security policy?

Thanks,

Nencho

Re: [axis2]WS Security Policy includeToken option problem

Posted by Ruchith Fernando <ru...@gmail.com>.

"IncludeToken/Once" is not handled properly in Rampart. Please file a bug [1]

Thanks,
Ruchith

[1] https://issues.apache.org/jira/browse/RAMPART

On 5/2/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> Hi All ,
>
> I am trying the rampart sample that comes with the distro.
> I am going with sample01, only that i wanted it to be slightly different:
> I change the sp:IncludeToken attribute, so instead of:
>
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/
> AlwaysToRecipient" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
>
>
> I have:
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
> I am saying that in both requests i can found the following soap with
> tcpmon:
>
> <wsse:UsernameToken xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="UsernameToken-1673653"><wsse:Username>my_username</wsse:Username><wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">my_password</wsse:Password></wsse:UsernameToken>
>
> Does this means that the username and password will be sent only the first
> time?I tryed this but I still get the whole Usernametoken trasffered every
> time?Is this supposed to work like this or is there a bug in the rampart
> handling of the security policy?
>
> Thanks,
>
> Nencho
>


-- 
www.ruchith.org
www.wso2.org

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org

Re: [axis2]WS Security Policy includeToken option problem

Posted by Ruchith Fernando <ru...@gmail.com>.

"IncludeToken/Once" is not handled properly in Rampart. Please file a bug [1]

Thanks,
Ruchith

[1] https://issues.apache.org/jira/browse/RAMPART

On 5/2/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> Hi All ,
>
> I am trying the rampart sample that comes with the distro.
> I am going with sample01, only that i wanted it to be slightly different:
> I change the sp:IncludeToken attribute, so instead of:
>
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/
> AlwaysToRecipient" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
>
>
> I have:
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
> I am saying that in both requests i can found the following soap with
> tcpmon:
>
> <wsse:UsernameToken xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="UsernameToken-1673653"><wsse:Username>my_username</wsse:Username><wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">my_password</wsse:Password></wsse:UsernameToken>
>
> Does this means that the username and password will be sent only the first
> time?I tryed this but I still get the whole Usernametoken trasffered every
> time?Is this supposed to work like this or is there a bug in the rampart
> handling of the security policy?
>
> Thanks,
>
> Nencho
>


-- 
www.ruchith.org
www.wso2.org

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org

Re: [axis2]WS Security Policy includeToken option problem

Posted by Ruchith Fernando <ru...@gmail.com>.

"IncludeToken/Once" is not handled properly in Rampart. Please file a bug [1]

Thanks,
Ruchith

[1] https://issues.apache.org/jira/browse/RAMPART

On 5/2/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> Hi All ,
>
> I am trying the rampart sample that comes with the distro.
> I am going with sample01, only that i wanted it to be slightly different:
> I change the sp:IncludeToken attribute, so instead of:
>
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/
> AlwaysToRecipient" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
>
>
> I have:
>
> <sp:SignedSupportingTokens xmlns:sp="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>
> <wsp:Policy>
>
> <sp:UsernameToken sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
>
> </wsp:Policy>
>
> </sp:SignedSupportingTokens>
>
> I am saying that in both requests i can found the following soap with
> tcpmon:
>
> <wsse:UsernameToken xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="UsernameToken-1673653"><wsse:Username>my_username</wsse:Username><wsse:Password
> Type="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">my_password</wsse:Password></wsse:UsernameToken>
>
> Does this means that the username and password will be sent only the first
> time?I tryed this but I still get the whole Usernametoken trasffered every
> time?Is this supposed to work like this or is there a bug in the rampart
> handling of the security policy?
>
> Thanks,
>
> Nencho
>


-- 
www.ruchith.org
www.wso2.org