You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Matheson, Timothy" <tm...@harris.com> on 2008/01/02 16:44:23 UTC

Signing Body using UsernameToken in WSS4J and Axis

Can anyone provide a working example of a Java client that uses the
UsernameToken to sign the SOAP envelope body, using the WSS4J API and
Axis?

 

Here's some background ... I have had success using the WSS4J API,
combined with Axis, to send UsernameToken to a .NET service (WSE 3.0)
that authenticates the token as one would hope.  This is thanks to some
good examples and documentation.  

 

What I'd like to do next is sign the SOAP Envelope using the
UsernameToken as the key.  I'm using the more "declarative" approach
that seems to be prevalent in the Axis documentation - to place
parameters in a client_deploy.wsdd file.  That said, if anyone wants to
show how to do this programmatically, that would be great as well.

 

Included below are the contents of my current client_deploy.wsdd file.
As you see, I'm not yet using the crypto.properties file (those entries
are commented out).  I'd actually like to not have to, because it seems
that theoretically, I could use the UsernameToken itself for the
signature - though I don't know if it is feasible through the WSS4J
library, combined with Axis.

 

<deployment xmlns="http://xml.apache.org/axis/wsdd/"

            xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

 

 <!-- define the service, using the WSDoAllSender security handler in
request flow -->

 <transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>

 <globalConfiguration>

  <requestFlow>

   <handler name="DoSecuritySender"
type="java:org.apache.ws.axis.security.WSDoAllSender" >

    <parameter name="action" value="UsernameToken"/>

    <parameter name="user" value="Tim"/>

    <parameter name="passwordCallbackClass"
value="MyPlatform.Tim.PWCallback"/>

    <parameter name="passwordType" value="PasswordDigest"/>

    <parameter name="precisionInMilliseconds" value="false"/>

    <!-- parameter name="passwordCallbackClass"
value="org.apache.ws.axis.samples.wssec.doall.PWCallback"/-->

    <!-- <parameter name="action" value="Signature"/> -->

    <!-- <parameter name="action" value="Encrypt Signatur"/> -->

    <!-- <parameter name="action" value="Encrypt"/> -->

    <!-- parameter name="signaturePropFile" value="crypto.properties"
/-->

    <!-- <parameter name="encryptionPropFile" value="crypto.properties"
/> -->

    <!-- parameter name="signatureKeyIdentifier" value="DirectReference"
/-->

    <!-- parameter name="encryptionKeyIdentifier"
value="X509KeyIdentifier" /-->

    <!-- <parameter name="encryptionParts"
value="{Content}{http://example.org/paymentv2}CreditCard;{Element}{}User
Name" /> -->

   </handler>

  </requestFlow>

 </globalConfiguration>

</deployment>

 

Many, many thanks in advance.

 

Tim