You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Nencho Lupanov <ne...@googlemail.com> on 2007/04/27 10:07:03 UTC
axis2 sessions - single sign on
Hi all,
i have a client that is forced (by ws security policy) to send username
token.
I need this client to send the token only one - the first time it contacts
the service, so
how can i dis-aplly(remove) the client side policy info from the client or
how can i change the policy at the client side.
I want that since i need single sign on function relying on the axis2
session management(scope session ) but i still
don't know how rampart will react on the second call?Does axis2 has some
functionality on changing the policies on the server side?
Thanks,
Nencho
Re: axis2 sessions - single sign on
Posted by Nencho Lupanov <ne...@googlemail.com>.
Hi Dimuthu,
I tried this, i have the following in my policy:
<sp:SignedSupportingTokens xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
</wsp:Policy>
</sp:SignedSupportingTokens>
That should include the token only the first time right?
Anyway, i force my client to make 2 subsequent calls and i am monitoring the
soap messages with the tcp monitor.
I can say that the username token along with the actual username and
password is sent on every request.
Is that expected behavior or is it a bug in rampart?
Thanks,
Nencho
2007/4/30, Dimuthu <mu...@apache.org>:
>
> Hi Nencho,
>
> You can use "IncludeToken "attribute as follows.
>
> <sp:UsernameToken
>
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
>
> Refer policy spec available here,
> ftp://www6.software.ibm.com/software/developer/library/ws-secpol122002.pdf
>
>
> Cheers,
> Dimuthu
>
> http://wso2.org
>
>
> On Fri, 2007-04-27 at 11:07 +0300, Nencho Lupanov wrote:
> > Hi all,
> >
> > i have a client that is forced (by ws security policy) to send username
> > token.
> > I need this client to send the token only one - the first time it
> contacts
> > the service, so
> > how can i dis-aplly(remove) the client side policy info from the client
> or
> > how can i change the policy at the client side.
> > I want that since i need single sign on function relying on the axis2
> > session management(scope session ) but i still
> > don't know how rampart will react on the second call?Does axis2 has some
> > functionality on changing the policies on the server side?
> >
> > Thanks,
> > Nencho
>
>
Re: axis2 sessions - single sign on
Posted by Dimuthu <mu...@apache.org>.
Hi Nencho,
You can use "IncludeToken "attribute as follows.
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
Refer policy spec available here,
ftp://www6.software.ibm.com/software/developer/library/ws-secpol122002.pdf
Cheers,
Dimuthu
http://wso2.org
On Fri, 2007-04-27 at 11:07 +0300, Nencho Lupanov wrote:
> Hi all,
>
> i have a client that is forced (by ws security policy) to send username
> token.
> I need this client to send the token only one - the first time it contacts
> the service, so
> how can i dis-aplly(remove) the client side policy info from the client or
> how can i change the policy at the client side.
> I want that since i need single sign on function relying on the axis2
> session management(scope session ) but i still
> don't know how rampart will react on the second call?Does axis2 has some
> functionality on changing the policies on the server side?
>
> Thanks,
> Nencho
Re: axis2 sessions - single sign on
Posted by Dimuthu <mu...@apache.org>.
Hi Nencho,
You can use "IncludeToken "attribute as follows.
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
Refer policy spec available here,
ftp://www6.software.ibm.com/software/developer/library/ws-secpol122002.pdf
Cheers,
Dimuthu
http://wso2.org
On Fri, 2007-04-27 at 11:07 +0300, Nencho Lupanov wrote:
> Hi all,
>
> i have a client that is forced (by ws security policy) to send username
> token.
> I need this client to send the token only one - the first time it contacts
> the service, so
> how can i dis-aplly(remove) the client side policy info from the client or
> how can i change the policy at the client side.
> I want that since i need single sign on function relying on the axis2
> session management(scope session ) but i still
> don't know how rampart will react on the second call?Does axis2 has some
> functionality on changing the policies on the server side?
>
> Thanks,
> Nencho
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org
Re: axis2 sessions - single sign on
Posted by Dimuthu <mu...@apache.org>.
Hi Nencho,
You can use "IncludeToken "attribute as follows.
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Once" />
Refer policy spec available here,
ftp://www6.software.ibm.com/software/developer/library/ws-secpol122002.pdf
Cheers,
Dimuthu
http://wso2.org
On Fri, 2007-04-27 at 11:07 +0300, Nencho Lupanov wrote:
> Hi all,
>
> i have a client that is forced (by ws security policy) to send username
> token.
> I need this client to send the token only one - the first time it contacts
> the service, so
> how can i dis-aplly(remove) the client side policy info from the client or
> how can i change the policy at the client side.
> I want that since i need single sign on function relying on the axis2
> session management(scope session ) but i still
> don't know how rampart will react on the second call?Does axis2 has some
> functionality on changing the policies on the server side?
>
> Thanks,
> Nencho
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org