axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "AravindPS (JIRA)" <>
Subject [jira] [Commented] (RAMPART-374) Not Able to use custom validator for USERNAME_TOKEN during server side validation
Date Sat, 16 Jun 2012 09:54:42 GMT


AravindPS commented on RAMPART-374:

 Can anyone tell whether this is an existing issue and is slated to be fixed in a later version?
Do let us know if there is any work around for this. Can we configure the WSS4J provided NoOpValidator
using Rampart configurations?

> Not Able to use custom validator for USERNAME_TOKEN during server side validation
> ---------------------------------------------------------------------------------
>                 Key: RAMPART-374
>                 URL:
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.6.2
>         Environment: Windows 7 Enterprise Service pack 1, jboss-5.1.0.GA, axis2-1.6.2
(exploded war), rampart-1.6.2
>            Reporter: AravindPS
>              Labels: axis21.6, rampart1.6.2
> Hi,
>  We are upgrading from Axis2 1.5.5/ Rampart 1.5.11 to axis2 1.6.2/Rampart1.6.2. Here
we have seen that the USERNAME_TOKEN_UNKNOWN has been deprecated and hence there is no backward
compatibility. At this late stage we cannot implement the code to provide passwords at the
server password callback class. So we have a problem.
>  The server password callback class is asking for the password. We have designed the
services such that for username token authentication we are sending the request to another
directory store for authentication.
>  Is there a way to process this without giving the password at server side. Can we configure
custom validators to pass the authentication for USERNAME_TOKEN without validating the passwords?
> If yes can you tell us how to write/configure custom validators?
> Also, if there is any other solution do let us know.
> Thanks,
> Aravind

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message