axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Amila Jayasekara (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RAMPART-374) Not Able to use custom validator for USERNAME_TOKEN during server side validation
Date Tue, 10 Jul 2012 19:50:35 GMT

    [ https://issues.apache.org/jira/browse/RAMPART-374?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13410747#comment-13410747
] 

Amila Jayasekara commented on RAMPART-374:
------------------------------------------

Hi Aravind & Andrew,

At the moment we do not have the ability to specify WSS4J validator using Rampart configuration.
This was introduced in WSS4J 1.6 onwards. We will be implementing this in next release.

Thanks
AmilaJ

                
> Not Able to use custom validator for USERNAME_TOKEN during server side validation
> ---------------------------------------------------------------------------------
>
>                 Key: RAMPART-374
>                 URL: https://issues.apache.org/jira/browse/RAMPART-374
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.6.2
>         Environment: Windows 7 Enterprise Service pack 1, jboss-5.1.0.GA, axis2-1.6.2
(exploded war), rampart-1.6.2
>            Reporter: AravindPS
>              Labels: axis21.6, rampart1.6.2
>
> Hi,
>  We are upgrading from Axis2 1.5.5/ Rampart 1.5.11 to axis2 1.6.2/Rampart1.6.2. Here
we have seen that the USERNAME_TOKEN_UNKNOWN has been deprecated and hence there is no backward
compatibility. At this late stage we cannot implement the code to provide passwords at the
server password callback class. So we have a problem.
>  The server password callback class is asking for the password. We have designed the
services such that for username token authentication we are sending the request to another
directory store for authentication.
>  Is there a way to process this without giving the password at server side. Can we configure
custom validators to pass the authentication for USERNAME_TOKEN without validating the passwords?
> If yes can you tell us how to write/configure custom validators?
> Also, if there is any other solution do let us know.
> Thanks,
> Aravind

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message