You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Kai Wei <we...@gmail.com> on 2004/12/04 00:41:10 UTC
ws-security (wss4j) question
All the client-config.wsdd files I have seen use a callback class to
return the password, as shown below.
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameToken"/>
<parameter name="user" value="user"/>
<parameter name="passwordType" value="PasswordText" />
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback"/>
</handler>
</requestFlow>
My question is: Is there anyway I can specify the password inline in
client-config.wsdd?
thanks a lot in advance.
Re: possible memory leak in WSSignEnvelope build
Posted by Davanum Srinivas <da...@gmail.com>.
Can you please open a bug report with a small test case?
thanks,
dims
On Wed, 8 Dec 2004 09:53:42 -0500, Ifelsethen CS <ol...@gmail.com> wrote:
> Hi,
>
> I wonder if anyone has experienced the same problem.
>
> I put WSSignEnvelope build operation in a for loop; input soap is
> about 1 mega bytes.
> Windows XP and Linux are slightly different but on both of them
> OutOfMemoryError is thrown after 2-4 runs with default heap setting.
>
> Sizing heap makes the error appear only later.
>
> --
> oldcat
>
--
Davanum Srinivas - http://webservices.apache.org/~dims/
possible memory leak in WSSignEnvelope build
Posted by Ifelsethen CS <ol...@gmail.com>.
Hi,
I wonder if anyone has experienced the same problem.
I put WSSignEnvelope build operation in a for loop; input soap is
about 1 mega bytes.
Windows XP and Linux are slightly different but on both of them
OutOfMemoryError is thrown after 2-4 runs with default heap setting.
Sizing heap makes the error appear only later.
--
oldcat
Re: ws-security (wss4j) question
Posted by Werner Dittmann <We...@t-online.de>.
No, there is no way to do it unless you change the source.
Setting a password in the deployment files is a bad idea because these
files are cleartext and thus a password is not secure anymore.
regards,
Werner
Kai Wei schrieb:
>All the client-config.wsdd files I have seen use a callback class to
>return the password, as shown below.
>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
> <parameter name="action" value="UsernameToken"/>
> <parameter name="user" value="user"/>
> <parameter name="passwordType" value="PasswordText" />
> <parameter name="passwordCallbackClass"
> value="org.apache.ws.axis.oasis.PWCallback"/>
> </handler>
> </requestFlow>
>
>My question is: Is there anyway I can specify the password inline in
>client-config.wsdd?
>
>thanks a lot in advance.
>
>
>