You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Laurent COLLET <la...@predict.fr> on 2005/08/31 12:03:13 UTC
WSS4J Client and DOTNET server
Hi,
I have written a client in Java using WSS4J. I would like to make a
helloWorld() request on a server.
The first step is to use a UsernameToken. Here is my WSDD file
<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender">
<parameter name="action" value="UsernameToken" />
<parameter name="user" value="esial" />
<parameter name="passwordCallbackClass"
value="ws.PWCallback" />
<parameter name="addUTElement" value="Nonce Created" />
<parameter name="passwordType" value="PasswordText" />
</handler>
</requestFlow>
</globalConfiguration>
</deployment>
My server is written in C# .NET and works fine with a .NET client.
Here is the response I get after invoking helloWorld() method:
Microsoft.Web.Services2.Security.SecurityFault: An invalid security
token was provided ---> System.Exception: WSE567: The incoming Username
token must contain both a nonce and a creation time for the replay
detection feature.
I thought UsernameToken contain a nonce and a creation time thanks to
<parameter name="addUTElement" value="Nonce Created" />. So I don't
understand the mistake
main class:
public static void main( String args[] )
{
try
{
EngineConfiguration config = new FileProvider("deploy.wsdd");
Service1Locator sLoc = new Service1Locator( config );
Service1Soap_PortType port = sLoc.getService1Soap();
System.out.println( port.helloWorld() );
}
catch (Exception e)
{
System.err.println( e.toString() );
e.printStackTrace();
}
}
thanks in advance for any help!
laurent
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSS4J Client and DOTNET server
Posted by Laurent COLLET <la...@predict.fr>.
Thanks for your help.
I found the response of my pb. There is a bug in the tutorial!!
page: http://ws.apache.org/wss4j/package.html
section: Combining security actions
first code snipet:
<parameter name="addUTElement" value="Nonce Created" />
must be replaced by
<parameter name="addUTElements" value="Nonce Created" />
all this time for a little "s" ! ;)
bye
Laurent
Werner Dittmann a écrit :
>Laurent,
>
>yes, this parameter adds created and nonce elements. I don't know much
>about .Net WSE, but my guess would be:
>- Add a Timestamp element - prepend "Timestamp" to "UsernameToken"
>- try to use PasswordDigest instead of cleartext password
>
>Regards,
>Werner
>
>Laurent COLLET wrote:
>
>
>>Hi,
>>
>>I have written a client in Java using WSS4J. I would like to make a
>>helloWorld() request on a server.
>>
>>The first step is to use a UsernameToken. Here is my WSDD file
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><deployment xmlns="http://xml.apache.org/axis/wsdd/"
>>xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
>> <transport name="http"
>>pivot="java:org.apache.axis.transport.http.HTTPSender"/>
>> <globalConfiguration>
>> <requestFlow>
>> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
>> <parameter name="action" value="UsernameToken" />
>> <parameter name="user" value="esial" />
>> <parameter name="passwordCallbackClass"
>>value="ws.PWCallback" />
>> <parameter name="addUTElement" value="Nonce Created" />
>> <parameter name="passwordType" value="PasswordText" />
>> </handler>
>> </requestFlow>
>> </globalConfiguration>
>></deployment>
>>
>>
>>My server is written in C# .NET and works fine with a .NET client.
>>
>>
>>Here is the response I get after invoking helloWorld() method:
>>Microsoft.Web.Services2.Security.SecurityFault: An invalid security
>>token was provided ---> System.Exception: WSE567: The incoming Username
>>token must contain both a nonce and a creation time for the replay
>>detection feature.
>>
>>I thought UsernameToken contain a nonce and a creation time thanks to
>><parameter name="addUTElement" value="Nonce Created" />. So I don't
>>understand the mistake
>>
>>
>>
>>
>>main class:
>>public static void main( String args[] )
>>{
>> try
>> {
>> EngineConfiguration config = new FileProvider("deploy.wsdd");
>> Service1Locator sLoc = new Service1Locator( config );
>> Service1Soap_PortType port = sLoc.getService1Soap();
>> System.out.println( port.helloWorld() );
>> }
>> catch (Exception e)
>> {
>> System.err.println( e.toString() );
>> e.printStackTrace();
>> }
>>}
>>
>>
>>thanks in advance for any help!
>>
>>laurent
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSS4J Client and DOTNET server
Posted by Laurent COLLET <la...@predict.fr>.
Thanks for your help.
I found the response of my pb. There is a bug in the tutorial!!
page: http://ws.apache.org/wss4j/package.html
section: Combining security actions
first code snipet:
<parameter name="addUTElement" value="Nonce Created" />
must be replaced by
<parameter name="addUTElements" value="Nonce Created" />
all this time for a little "s" ! ;)
bye
Laurent
Werner Dittmann a écrit :
>Laurent,
>
>yes, this parameter adds created and nonce elements. I don't know much
>about .Net WSE, but my guess would be:
>- Add a Timestamp element - prepend "Timestamp" to "UsernameToken"
>- try to use PasswordDigest instead of cleartext password
>
>Regards,
>Werner
>
>Laurent COLLET wrote:
>
>
>>Hi,
>>
>>I have written a client in Java using WSS4J. I would like to make a
>>helloWorld() request on a server.
>>
>>The first step is to use a UsernameToken. Here is my WSDD file
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><deployment xmlns="http://xml.apache.org/axis/wsdd/"
>>xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
>> <transport name="http"
>>pivot="java:org.apache.axis.transport.http.HTTPSender"/>
>> <globalConfiguration>
>> <requestFlow>
>> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
>> <parameter name="action" value="UsernameToken" />
>> <parameter name="user" value="esial" />
>> <parameter name="passwordCallbackClass"
>>value="ws.PWCallback" />
>> <parameter name="addUTElement" value="Nonce Created" />
>> <parameter name="passwordType" value="PasswordText" />
>> </handler>
>> </requestFlow>
>> </globalConfiguration>
>></deployment>
>>
>>
>>My server is written in C# .NET and works fine with a .NET client.
>>
>>
>>Here is the response I get after invoking helloWorld() method:
>>Microsoft.Web.Services2.Security.SecurityFault: An invalid security
>>token was provided ---> System.Exception: WSE567: The incoming Username
>>token must contain both a nonce and a creation time for the replay
>>detection feature.
>>
>>I thought UsernameToken contain a nonce and a creation time thanks to
>><parameter name="addUTElement" value="Nonce Created" />. So I don't
>>understand the mistake
>>
>>
>>
>>
>>main class:
>>public static void main( String args[] )
>>{
>> try
>> {
>> EngineConfiguration config = new FileProvider("deploy.wsdd");
>> Service1Locator sLoc = new Service1Locator( config );
>> Service1Soap_PortType port = sLoc.getService1Soap();
>> System.out.println( port.helloWorld() );
>> }
>> catch (Exception e)
>> {
>> System.err.println( e.toString() );
>> e.printStackTrace();
>> }
>>}
>>
>>
>>thanks in advance for any help!
>>
>>laurent
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSS4J Client and DOTNET server
Posted by Werner Dittmann <We...@t-online.de>.
Laurent,
yes, this parameter adds created and nonce elements. I don't know much
about .Net WSE, but my guess would be:
- Add a Timestamp element - prepend "Timestamp" to "UsernameToken"
- try to use PasswordDigest instead of cleartext password
Regards,
Werner
Laurent COLLET wrote:
> Hi,
>
> I have written a client in Java using WSS4J. I would like to make a
> helloWorld() request on a server.
>
> The first step is to use a UsernameToken. Here is my WSDD file
>
> <?xml version="1.0" encoding="UTF-8"?>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
> <parameter name="action" value="UsernameToken" />
> <parameter name="user" value="esial" />
> <parameter name="passwordCallbackClass"
> value="ws.PWCallback" />
> <parameter name="addUTElement" value="Nonce Created" />
> <parameter name="passwordType" value="PasswordText" />
> </handler>
> </requestFlow>
> </globalConfiguration>
> </deployment>
>
>
> My server is written in C# .NET and works fine with a .NET client.
>
>
> Here is the response I get after invoking helloWorld() method:
> Microsoft.Web.Services2.Security.SecurityFault: An invalid security
> token was provided ---> System.Exception: WSE567: The incoming Username
> token must contain both a nonce and a creation time for the replay
> detection feature.
>
> I thought UsernameToken contain a nonce and a creation time thanks to
> <parameter name="addUTElement" value="Nonce Created" />. So I don't
> understand the mistake
>
>
>
>
> main class:
> public static void main( String args[] )
> {
> try
> {
> EngineConfiguration config = new FileProvider("deploy.wsdd");
> Service1Locator sLoc = new Service1Locator( config );
> Service1Soap_PortType port = sLoc.getService1Soap();
> System.out.println( port.helloWorld() );
> }
> catch (Exception e)
> {
> System.err.println( e.toString() );
> e.printStackTrace();
> }
> }
>
>
> thanks in advance for any help!
>
> laurent
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSS4J Client and DOTNET server
Posted by Werner Dittmann <We...@t-online.de>.
Laurent,
yes, this parameter adds created and nonce elements. I don't know much
about .Net WSE, but my guess would be:
- Add a Timestamp element - prepend "Timestamp" to "UsernameToken"
- try to use PasswordDigest instead of cleartext password
Regards,
Werner
Laurent COLLET wrote:
> Hi,
>
> I have written a client in Java using WSS4J. I would like to make a
> helloWorld() request on a server.
>
> The first step is to use a UsernameToken. Here is my WSDD file
>
> <?xml version="1.0" encoding="UTF-8"?>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
> <parameter name="action" value="UsernameToken" />
> <parameter name="user" value="esial" />
> <parameter name="passwordCallbackClass"
> value="ws.PWCallback" />
> <parameter name="addUTElement" value="Nonce Created" />
> <parameter name="passwordType" value="PasswordText" />
> </handler>
> </requestFlow>
> </globalConfiguration>
> </deployment>
>
>
> My server is written in C# .NET and works fine with a .NET client.
>
>
> Here is the response I get after invoking helloWorld() method:
> Microsoft.Web.Services2.Security.SecurityFault: An invalid security
> token was provided ---> System.Exception: WSE567: The incoming Username
> token must contain both a nonce and a creation time for the replay
> detection feature.
>
> I thought UsernameToken contain a nonce and a creation time thanks to
> <parameter name="addUTElement" value="Nonce Created" />. So I don't
> understand the mistake
>
>
>
>
> main class:
> public static void main( String args[] )
> {
> try
> {
> EngineConfiguration config = new FileProvider("deploy.wsdd");
> Service1Locator sLoc = new Service1Locator( config );
> Service1Soap_PortType port = sLoc.getService1Soap();
> System.out.println( port.helloWorld() );
> }
> catch (Exception e)
> {
> System.err.println( e.toString() );
> e.printStackTrace();
> }
> }
>
>
> thanks in advance for any help!
>
> laurent
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org