ws-fx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dittmann, Werner" <werner.dittm...@siemens.com>
Subject AW: RES: How to configure UsernameTokenSignature
Date Tue, 05 Jul 2005 14:52:13 GMT
Steve,

I'm not sure about that. As mentioned before we never had a chance
to do interop tests with UsernameTokenSignature and a .Net
WS Security implementation. Mainly because this specific
Signature was not documented and specified in the OASIS
documents. We had to do same "reverse" engineering here,
used some public infos from Web sites and blogs. Thus
it could well be that the Signature is in fact not computed
correctly on the WSS4J side. 

For the ReplyTo - I don't know because I never used ws-adressing
so far.

Regards
Werner

> -----Ursprüngliche Nachricht-----
> Von: Steve Behrendt [mailto:steve@weg.com.br] 
> Gesendet: Dienstag, 5. Juli 2005 16:21
> An: Dittmann, Werner
> Cc: fx-dev@ws.apache.org
> Betreff: RES: RES: How to configure UsernameTokenSignature
> 
> 
> Werner,
> 
> Sorry, I forgot to tell that I have find that problem and 
> fixed it. I changed the order of the handlers.
> 
> But another Problem is (so many problems today), that the 
> handler don't add a "ReplyTo" attribute. The other attributes 
> he adds perfectly. 
> 
> The .net WebService don't "trust" the Signature. He says the 
> Signature is "invalid".
> 
> AxisFault
>  faultCode: 
> {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-secext-1.0.xsd}FailedCheck
>  faultSubcode: 
>  faultString: Microsoft.Web.Services2.Security.SecurityFault: 
> The signature or decryption was invalid
>    at 
> Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element)
>    at 
> Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMe
> ssage(SoapEnvelope envelope)
>    at 
> Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvel
> ope envelope)
>    at 
> Microsoft.Web.Services2.WebServicesExtension.BeforeDeserialize
> Server(SoapServerMessage message)
>  faultActor: http://localhost/WebServiceGMC/webservicegmc.asmx
>  faultNode: 
>  faultDetail: 
> 
> I think thats because of the missed "ReplyTo" Element. Isn't 
> it? I'm so near at the solution, I think.
> 
> Thanks. STEVE
> 
> -----Mensagem original-----
> De: Dittmann, Werner [mailto:werner.dittmann@siemens.com]
> Enviada em: terça-feira, 5 de julho de 2005 11:15
> Para: Steve Behrendt
> Cc: fx-dev@ws.apache.org
> Assunto: AW: RES: How to configure UsernameTokenSignature
> 
> 
> Steve,
> 
> if you like to sig/encrypt elements of the adressing part
> of the request pls place the security handler _after_ the
> adressing handler. It is necessary that the elements are in
> the request before WSS4J can encrypt/sign the elements.
> 
> Regards,
> Werner
> 
> > -----Ursprüngliche Nachricht-----
> > Von: Steve Behrendt [mailto:steve@weg.com.br] 
> > Gesendet: Dienstag, 5. Juli 2005 15:59
> > An: Steve Behrendt; Dittmann, Werner
> > Cc: fx-dev@ws.apache.org
> > Betreff: RES: RES: How to configure UsernameTokenSignature
> > 
> > 
> > >The problem in this case is, that the process of add the 
> > "action" property doesn't work. It always throws a exception:
> > 
> > I fixed the problem. The URI class only accept a argument 
> > that is conformed to a schema like "http://getclientes". I 
> > changed the "ServiceInterfaceStub.class" like this:
> > 
> > 	    
> > _call.setSOAPActionURI("http://localhost/WebServiceGMC/webserv
> > icegmc.asmx?op=getClientes");
> >         //_call.setSOAPActionURI("getClientes");
> > 
> > It's strange, but it works. Do anyone say why that works that way?
> > 
> > 
> > Steve
> > 
> > -----Mensagem original-----
> > De: Steve Behrendt 
> > Enviada em: terça-feira, 5 de julho de 2005 10:21
> > Para: Dittmann, Werner
> > Cc: fx-dev@ws.apache.org
> > Assunto: RES: RES: How to configure UsernameTokenSignature
> > 
> > 
> > Werner,
> > 
> > Thanks for the hint!! Now I want to add the addributes 
> > "action", "MessageId", "ReplayTo" and "To".
> > When I use the ws-adressing-project, the handler always call 
> > the part of the "action", even I don't define it in the .wsdd 
> > file. I think it's a bug, or isn't it?
> > The problem in this case is, that the process of add the 
> > "action" property doesn't work. It always throws a exception:
> > 
> > AxisFault
> >  faultCode: 
> > {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
> >  faultSubcode: 
> >  faultString: 
> > org.apache.axis.types.URI$MalformedURIException: No scheme 
> > found in URI.
> >  faultActor: 
> >  faultNode: 
> >  faultDetail: 
> > 	
> > {http://xml.apache.org/axis/}stackTrace:org.apache.axis.types.
> > URI$MalformedURIException: No scheme found in URI.
> > 	at org.apache.axis.types.URI.initialize(URI.java:483)
> > 	at org.apache.axis.types.URI.&lt;init&gt;(URI.java:281)
> > 	at org.apache.axis.types.URI.&lt;init&gt;(URI.java:265)
> > 	at 
> > org.apache.axis.message.addressing.handler.AddressingHandler.p
> > rocessClientRequest(AddressingHandler.java:240)
> > 	at 
> > org.apache.axis.message.addressing.handler.AddressingHandler.i
> > nvoke(AddressingHandler.java:108)
> > 	at 
> > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > Strategy.java:32)
> > 	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > 	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > 	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
> > 	at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2748)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2424)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2347)
> > 	at org.apache.axis.client.Call.invoke(Call.java:1804)
> > 	at 
> > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf
> > aceStub.java:284)
> > 	at net.weg.service.client.main(client.java:96)
> > 
> > 	{http://xml.apache.org/axis/}hostname:brjgsd181091
> > 
> > org.apache.axis.types.URI$MalformedURIException: No scheme 
> > found in URI.
> > 	at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
> > 	at 
> > org.apache.axis.message.addressing.handler.AddressingHandler.i
> > nvoke(AddressingHandler.java:121)
> > 	at 
> > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > Strategy.java:32)
> > 	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > 	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > 	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
> > 	at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2748)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2424)
> > 	at org.apache.axis.client.Call.invoke(Call.java:2347)
> > 	at org.apache.axis.client.Call.invoke(Call.java:1804)
> > 	at 
> > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf
> > aceStub.java:284)
> > 	at net.weg.service.client.main(client.java:96)
> > Caused by: org.apache.axis.types.URI$MalformedURIException: 
> > No scheme found in URI.
> > 	at org.apache.axis.types.URI.initialize(URI.java:483)
> > 	at org.apache.axis.types.URI.<init>(URI.java:281)
> > 	at org.apache.axis.types.URI.<init>(URI.java:265)
> > 	at 
> > org.apache.axis.message.addressing.handler.AddressingHandler.p
> > rocessClientRequest(AddressingHandler.java:240)
> > 	at 
> > org.apache.axis.message.addressing.handler.AddressingHandler.i
> > nvoke(AddressingHandler.java:108)
> > 	... 11 more
> > 
> > 
> > My wsdd-File is that:
> > 
> > <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> >             
> > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> >          
> > <globalConfiguration >
> > 	<requestFlow>
> > 		<handler 
> > type="java:org.apache.ws.axis.security.WSDoAllSender" >
> >   			<parameter name="action" 
> > value="Timestamp UsernameTokenSignature" />
> > 	   		<parameter name="passwordCallbackClass" 
> > value="net.weg.service.PWCallback" />				
> > 								  
> > 	   		<parameter name="signatureParts" 
> > value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; 
> > 	   			
> > {Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-
> > wss-wssecurity-utility-1.0.xsd}Timestamp;" />
> > 		</handler>
> > 		
> > 		<handler name="addr" 
> > type="java:org.apache.axis.message.addressing.handler.Addressi
> > ngHandler">  
> > 	       		<parameter 
> > name="referencePropertyNames" 
> > value="{Element}{http://schemas.xmlsoap.org/ws/2004/03/address
> > ing}MessageID;
> >  				
> > {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}ReplayTo;
> >  				
> > {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}To"/>  
> >      	</handler>
> > 		
> > 	</requestFlow>
> > </globalConfiguration>  
> > 
> > <transport name="java" 
> > pivot="java:org.apache.axis.transport.java.JavaSender"/>
> > <transport name="http" 
> > pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> > <transport name="local" 
> > pivot="java:org.apache.axis.transport.local.LocalSender"/>
> >  
> > </deployment>
> > 
> > 
> > The Program throws the exception at this point in the 
> > "org.apache.axis.message.addressing.handler.AddressingHandler"
> >  in the method "processClientRequest"
> > 
> >         // set Action
> >         String action = msgContext.getSOAPActionURI();
> >         if (action != null) {
> >             headers.setAction(new Action(new URI(action))); 
> > ///// Here is the exception thrown --> action has the value 
> > "getClientes" - the name of the method in the webservice.
> >         } else if(headers.getAction() != null) {
> >             msgContext.setUseSOAPAction(true);
> >             // Make SOAP action match
> >             
> > msgContext.setSOAPActionURI(headers.getAction().toString());
> >         }
> > 
> > Thanks to everyone!!!!
> > 
> > Steve
> > 
> > 
> > -----Mensagem original-----
> > De: Dittmann, Werner [mailto:werner.dittmann@siemens.com]
> > Enviada em: terça-feira, 5 de julho de 2005 03:28
> > Para: Steve Behrendt
> > Cc: fx-dev@ws.apache.org
> > Assunto: AW: RES: How to configure UsernameTokenSignature
> > 
> > 
> > Steve.
> > 
> > about the problem "Timestamp" not found, just
> > reverse the actions. That is do "Timestamp"
> > first, then the Signature. The handler works
> > from left to right, builds up the request
> > as it works thru the actions. This, you try
> > to perform a Signature of en element that is 
> > not yet build into the request.
> > 
> > Regards,
> > Werner
> > 
> > > -----Ursprüngliche Nachricht-----
> > > Von: Steve Behrendt [mailto:steve@weg.com.br] 
> > > Gesendet: Montag, 4. Juli 2005 19:28
> > > An: Werner Dittmann
> > > Cc: fx-dev@ws.apache.org
> > > Betreff: RES: RES: How to configure UsernameTokenSignature
> > > 
> > > 
> > > Werner,
> > > 
> > > Thanks for the tip. Now I have another problem. The engine 
> > > don't signate a part of the message. It stops with a 
> > > Exception shown at the bottom of the Mail. 
> > > 
> > > .NET with wse2.0 sp3 uses signature based on usernametoken 
> > > for the "wsa:Action", "wsa:MessageID", "wsa:ReplayTo", 
> > > "wsa:To", "wsu:Timestamp" and the "soap:Body wsu:Id" 
> > > elements. I began with Timestamp, but it downs't work.
> > > 
> > > AxisFault
> > >  faultCode: 
> > > {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
> > >  faultSubcode: 
> > >  faultString: WSDoAllSender: Error during Signatur with 
> > > UsernameToken 
> > > secretorg.apache.ws.security.WSSecurityException: General 
> > > security error (WSEncryptBody/WSSignEnvelope: Element to 
> > > encrypt/sign not found: 
> > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
> > > rity-secext-1.0.xsd, Timestamp)
> > >  faultActor: 
> > >  faultNode: 
> > >  faultDetail: 
> > > 	{http://xml.apache.org/axis/}stackTrace:WSDoAllSender: 
> > > Error during Signatur with UsernameToken 
> > > secretorg.apache.ws.security.WSSecurityException: General 
> > > security error (WSEncryptBody/WSSignEnvelope: Element to 
> > > encrypt/sign not found: 
> > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
> > > rity-secext-1.0.xsd, Timestamp)
> > > 	at 
> > > org.apache.ws.axis.security.WSDoAllSender.performUT_SIGNAction
> > > (WSDoAllSender.java:512)
> > > 	at 
> > > org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender
> > > .java:336)
> > > 	at 
> > > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > > Strategy.java:32)
> > > 	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > > 	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > > 	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
> > > 	at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2748)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2424)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2347)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:1804)
> > > 	at 
> > > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf
> > > aceStub.java:284)
> > > 	at net.weg.service.client.main(client.java:95)
> > > 
> > > 	{http://xml.apache.org/axis/}hostname:brjgsd181091
> > > 
> > > WSDoAllSender: Error during Signatur with UsernameToken 
> > > secretorg.apache.ws.security.WSSecurityException: General 
> > > security error (WSEncryptBody/WSSignEnvelope: Element to 
> > > encrypt/sign not found: 
> > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu
> > > rity-secext-1.0.xsd, Timestamp)
> > > 	at 
> > > org.apache.ws.axis.security.WSDoAllSender.performUT_SIGNAction
> > > (WSDoAllSender.java:512)
> > > 	at 
> > > org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender
> > > .java:336)
> > > 	at 
> > > org.apache.axis.strategies.InvocationStrategy.visit(Invocation
> > > Strategy.java:32)
> > > 	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > > 	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > > 	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
> > > 	at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2748)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2424)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:2347)
> > > 	at org.apache.axis.client.Call.invoke(Call.java:1804)
> > > 	at 
> > > net.weg.service.ServiceInterfaceStub.getClientes(ServiceInterf
> > > aceStub.java:284)
> > > 
> > > 	at net.weg.service.client.main(client.java:95)
> > > 
> > > Here is my .wsdd-File:
> > > 
> > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> > >             
> > > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> > >          
> > > <globalConfiguration >
> > > 	<requestFlow>
> > > 		<handler 
> > > type="java:org.apache.ws.axis.security.WSDoAllSender" >
> > >   			<parameter name="action" 
> > > value="UsernameTokenSignature Timestamp" />
> > > 	   		<parameter name="passwordCallbackClass" 
> > > value="net.weg.service.PWCallback" />				
> > > 								  
> > > 	   		<parameter name="signatureParts" 
> > > value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-
> > > 200401-wss-wssecurity-secext-1.0.xsd}Timestamp" />
> > > 		</handler>
> > > 	</requestFlow>
> > > </globalConfiguration>  
> > > 
> > > <transport name="java" 
> > > pivot="java:org.apache.axis.transport.java.JavaSender"/>
> > > <transport name="http" 
> > > pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> > > <transport name="local" 
> > > pivot="java:org.apache.axis.transport.local.LocalSender"/>
> > >  
> > > </deployment>
> > > 
> > > Any idea?
> > > Thanks!!!
> > > 
> > > Steve
> > > 
> > > -----Mensagem original-----
> > > De: Werner Dittmann [mailto:Werner.Dittmann@t-online.de]
> > > Enviada em: sábado, 2 de julho de 2005 07:42
> > > Para: Steve Behrendt
> > > Cc: fx-dev@ws.apache.org
> > > Assunto: Re: RES: How to configure UsernameTokenSignature
> > > 
> > > 
> > > Steve,
> > > 
> > > just remove the action that you don't want from the scenarios, e.g
> > > the encrypt.
> > > 
> > > On the Callback problem: as the deployment setup overwrights the
> > > progeamatic setup the "passwordCallbackClass parameter"
> > > will be used by the handler. As I can see you define a java
> > > source file here - not a class. pls check your setup and fix
> > > it.
> > > 
> > > Regards,
> > > Werner
> > > 
> > > Steve Behrendt schrieb:
> > > > Werner,
> > > > 
> > > > 
> > > >>AFAIK the Secnario 3a (or 2a?) of the interop scenarios
> > > >>show ho to use the stuff. 
> > > > 
> > > > 
> > > > The Problem is that the stuff is only shown with encryption 
> > > etc. But I only want to use a signature base on the 
> > > UsernameToken - for an implementation with Microsoft .NET.
> > > > But when I call the method of the service, the handler 
> > > (PasswordCallBackHandler) is not passed.
> > > > 
> > > > My Handler:
> > > > 
> > > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> > > >             
> > > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> > > >          
> > > > <globalConfiguration >
> > > > 	<requestFlow>
> > > > 		<handler 
> > > type="java:org.apache.ws.axis.security.WSDoAllSender" >
> > > >   			<parameter name="action" 
> > > value="UsernameTokenSignature" />
> > > > 	   		<parameter name="passwordCallbackClass" 
> > > value="net.weg.service.PWCallback.java" />
> > > > 		</handler>
> > > > 	</requestFlow>
> > > > </globalConfiguration>  
> > > > 
> > > > <transport name="java" 
> > > pivot="java:org.apache.axis.transport.java.JavaSender"/>
> > > > <transport name="http" 
> > > pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> > > > <transport name="local" 
> > > pivot="java:org.apache.axis.transport.local.LocalSender"/>
> > > >  
> > > > </deployment>
> > > > 
> > > > and thats a part of my client:
> > > > 
> > > > 		PWCallback pwCallback = new PWCallback();
> > > > 		ServiceInterfaceStub axisPort = 
> > > (ServiceInterfaceStub)service;
> > > > 		
> > > > 		axisPort._setProperty(WSHandlerConstants.USER, 
> > > usuario); //fixe o usuario
> > > > 		
> > > axisPort._setProperty(WSHandlerConstants.PW_CALLBACK_REF,pwCal
> > > lback); //fixe a classe //do handler
> > > > 
> > > > The Message is sent, but hasn't a Header with the 
> > > UsenameToken or the Signature.
> > > > 
> > > > 
> > > > For a little bit of help,
> > > > i'm very gratefully.
> > > > 
> > > > STEVE
> > > > 
> > > > 
> > > > -----Mensagem original-----
> > > > De: Dittmann, Werner [mailto:werner.dittmann@siemens.com]
> > > > Enviada em: quarta-feira, 29 de junho de 2005 11:33
> > > > Para: Steve Behrendt; fx-dev@ws.apache.org
> > > > Assunto: AW: How to configure UsernameTokenSignature
> > > > 
> > > > 
> > > > Steve,
> > > > 
> > > > AFAIK the Secnario 3a (or 2a?) of the interop scenarios
> > > > show ho to use the stuff. 
> > > > 
> > > > We've not fully tested interop with Microsoft or others.
> > > > 
> > > > Regards,
> > > > Werner
> > > > 
> > > > 
> > > >>-----Ursprüngliche Nachricht-----
> > > >>Von: Steve Behrendt [mailto:steve@weg.com.br] 
> > > >>Gesendet: Mittwoch, 29. Juni 2005 14:36
> > > >>An: fx-dev@ws.apache.org
> > > >>Betreff: RES: How to configure UsernameTokenSignature
> > > >>
> > > >>
> > > >>Hi,
> > > >>
> > > >>Is there now an existing implementation of the 
> > > >>UsernameTokenSignature "Problem"?
> > > >>Because my implementation is using only a UsernameToken and I 
> > > >>want to implement more security, but without using keys.
> > > >>
> > > >>Greets,
> > > >>Steve
> > > >>
> > > >>-----Mensagem original-----
> > > >>De: Davanum Srinivas [mailto:davanum@gmail.com]
> > > >>Enviada em: terça-feira, 21 de junho de 2005 10:53
> > > >>Para: Dittmann, Werner
> > > >>Cc: Granqvist, Hans; fx-dev@ws.apache.org
> > > >>Assunto: Re: How to configure UsernameTokenSignature
> > > >>
> > > >>
> > > >>Hi Werner,
> > > >>
> > > >>updated the specs directory. Please take a look and let me 
> > > know if you
> > > >>need something else.
> > > >>
> > > >>-- dims
> > > >>
> > > >>On 6/21/05, Dittmann, Werner 
> <werner.dittmann@siemens.com> wrote:
> > > >>
> > > >>>Hans,
> > > >>>
> > > >>>are the drafts publicly available? Can't find
> > > >>>them on the OASIS WSS pages.
> > > >>>
> > > >>>Regards,
> > > >>>Werner
> > > >>>
> > > >>>
> > > >>>>-----Ursprüngliche Nachricht-----
> > > >>>>Von: Granqvist, Hans [mailto:hgranqvist@verisign.com]
> > > >>>>Gesendet: Montag, 20. Juni 2005 17:31
> > > >>>>An: fx-dev@ws.apache.org
> > > >>>>Betreff: RE: How to configure UsernameTokenSignature
> > > >>>>
> > > >>>>
> > > >>>>
> > > >>>>><quote>
> > > >>>>>The Username Token profile does not currently define a
key
> > > >>>>>derivation algorithm. The OASIS WSS TC is expected to address
> > > >>>>>this issue in a subsequent specification. </quote>
> > > >>>>
> > > >>>>The latest (March 2005 and onward) WSS 1.1 draft of the
> > > >>>>UsernameToken profile defines key derivation in section 4.
> > > >>>>
> > > >>>>Hans
> > > >>>>
> > > >>>
> > > >>
> > > >>-- 
> > > >>Davanum Srinivas -http://blogs.cocoondev.org/dims/
> > > >>
> > > > 
> > > > 
> > > 
> > > 
> > 
> 

Mime
View raw message