You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by falom <fa...@yahoo.com.cn> on 2006/11/04 18:42:28 UTC
回复: WSS4J and UsernameToken replay
Hi,
I think you can retrieve the desired nonce directly from the soap header.
falom
Christian Keiler <ch...@web.de> 写道: Hi,
I'm using Axis2 in connection with the rampart module. I want to
authenticate users by an UsernameToken using digests. Considering
possible replay attacks I want to save some nonce values within my
service implementation and do not want to accept twice used "nonce" in a
given time. Does one of you know, how to do this with the mentioned
frameworks? The WSPasswordCallback is missing a getNonce() and a
getCreated() method as well...is this "just" a bug or are there other
possibilities to manage my problem?
Thanks in advance,
Christian
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
---------------------------------
雅虎免费邮箱-3.5G容量,20M附件