ws-fx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aws Ismail" <>
Subject Cascaded security tokens order and the Configuration
Date Sat, 09 Jul 2005 16:57:03 GMT
I have configured my web service client to Use WSDoAllSender to sign the
soap request (create Signature token) and to also to create a Username token
like this:


<deployment xmlns=""

      <transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender" />




                        <parameter name="user" value="user1" />

                        <parameter name="passwordCallbackClass"
value="PWCallback" />

                        <parameter name="action" value="Signature
NoSerialization" />

                        <parameter name="signaturePropFile"
value="" />

                        <parameter name="mustUnderstand" value="0" />



                        <parameter name="action" value="UsernameToken" />

                        <parameter name="user" value="User1" />

                        <parameter name="passwordCallbackClass"
value="PWCallback" />

                        <parameter name="passwordType" value="digested" />

                        <parameter name="mustUnderstand" value="0" />


            </requestFlow >

      </globalConfiguration >



And in the Server configuration is: 


<handler type="">

<parameter name="passwordCallbackClass" value="PWCallback" />

      <parameter name="action" value="Signature UsernameToken" />

      <parameter name="signaturePropFile" value="" />



Question 1:

Everything works fine if the order of security tokens in the client side was
like above, however it does not work if they were revered?! And I don't have
the control on all the clients to send first the user token then the
signature in the Security header all the times?


Question 2:

The PWCallback class required that I have to set the password for the
identifier (on the server side) so that it can be authenticated; I have the
need to authenticate through the LDAP, what is the best way to accomplish


Question 3:

I could configure the to read the needed keys for signing
and validating the signature from a keystore stored on the file system, how
can I configure Merlin to utilize Digital Certificates stored in LDAP to do
the Signature Validation?



Thanks in advanced.


Aws Ismail


View raw message