You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "alberto coletti (JIRA)" <ji...@apache.org> on 2007/08/16 12:51:31 UTC
[jira] Updated: (WSS-83) UsernameTokenSignedAction support for
PasswordDigest option
[ https://issues.apache.org/jira/browse/WSS-83?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
alberto coletti updated WSS-83:
-------------------------------
Attachment: UsernameToken.java
UsernameTokenSignedAction.java
These are the modified classess that resolve the issue,
please review them,
bye
> UsernameTokenSignedAction support for PasswordDigest option
> -----------------------------------------------------------
>
> Key: WSS-83
> URL: https://issues.apache.org/jira/browse/WSS-83
> Project: WSS4J
> Issue Type: Improvement
> Reporter: alberto coletti
> Assignee: Davanum Srinivas
> Attachments: UsernameToken.java, UsernameTokenSignedAction.java
>
>
> At now UsernameTokenSignedAction has not support for digested password, this is beacause of the password type is hardcoded inside the class code.
> This kind of action is used for .NET web services interoperability, so it doesn't suffice to make the passwordoption configurable.
> Microsft WSE ( I tested it with version 2.0) use the original password (the one returned from the passwordcallback) to create the secretkey while wss4j use the digegested password, so you need to make the original password avaiable to the method getsecretkey of the Usernametoken class.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org