Axis2 support WS-Security via Apache Rampart module. I had develop the SOAP client based on tutorial : UsernameToken Authentication with Rampart
However, the default implementation of Apache Rampart will not generate Nonce when plain text password was used.
After some google, I found this page talk about a configuration called "addUTElements".
So below are the modified configuration fragment:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <parameter name="OutflowSecurity"> | |
| <action> | |
| <items>UsernameToken Timestamp</items> | |
| <user>bob</user> | |
| <passwordCallbackClass>org.apache.rampart.samples.sample03.PWCBHandler</passwordCallbackClass> | |
| <passwordType>PasswordText</passwordType> | |
| <addUTElements>Nonce Created</addUTElements> | |
| </action> | |
| </parameter> |
Posts
No comments:
Post a Comment