axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Praveen Palwai <praveenpal...@yahoo.com>
Subject WS-Security Policy - Password in Clear Text
Date Fri, 09 Nov 2007 20:18:10 GMT
Hi,I am using Axis2 1.3, rampart 1.3 to send username token to a Web
 Service running on websphere. 
I am using RampartConfig to set the user and the password callback
 class. My question is using this configuration, the security header always
 has nonce, timestamp included and the password is of type digest. What
 do I need to do so that the request doesn't contain nonce, timestamp
 and the password is sent in clear text instead of digest. I have the
 following policy.xml file

<?xml version="1.0" encoding="UTF-8"?>
    <wsp:ExactlyOne>
      <wsp:All>
            <wsp:Policy>
                <sp:UsernameToken/>
          </wsp:Policy>
        </sp:SignedSupportingTokens>
 </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>

code snippet:
_serviceClient.engageModule("rampart");
RampartConfig rc = new RampartConfig();
rc.setUser("patadmin");
rc.setPwCbClass("PWCBHandler");
Policy policy = loadPolicy("policy.xml");
policy.addAssertion(rc);
       
_serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
  policy);

Thanks,
Praveen Palwai.




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
Mime
View raw message