:: Home :: Scope :: Arch :: Test :: Project :: Impl :: Links :: Release :: Demo :: |
Releases |
Demo - Quick Start Try axis-wsse on ws.microsoft.com doing this:
The result will be something like: yourToken = [B8ffemWZ1***hidden***wYJJW4bua0+] yourPin = [**hidden*] URLstring = [http://ws.microsoft.com/mscomservice/mscom.asmx] ---------- cut here ------ cut here ------ cut here ---------- Microsoft.Com Platform Services 1.0 Beta...TCP sniffing the request to ws.microsoft.com POST /mscomservice/mscom.asmx HTTP/1.0 Content-Type: text/xml; charset=utf-8 Accept: application/soap+xml, application/dime, multipart/related, text/* User-Agent: Axis/1.1 Host: ws.microsoft.com Cache-Control: no-cache Pragma: no-cache SOAPAction: "http://www.microsoft.com/GetVersion" Content-Length: 911 Authorization: Basic QjhmZQvNE***hidden***QjhmZQvNE <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Header> <wsse:Security soapenv:mustUnderstand="0" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"> <wsse:UsernameToken> <wsse:Username xsi:type="xsd:string"> B8ffemWZ1***hidden***wYJJW4bua0+</wsse:Username> <wsse:Password Type="wsse:PasswordDigest" xsi:type="xsd:string"> BF3utb***hidden***0lKZz4quA=</wsse:Password> <wsse:Nonce xsi:type="xsd:string"> msJPTHku44rHAqPIRvbNQA==</wsse:Nonce> <wsu:Created xsi:type="xsd:string" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"> 2003-10-13T19:50:57Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> <soapenv:Body> <GetVersion xmlns=""/> </soapenv:Body> </soapenv:Envelope>...and the response: HTTP/1.1 200 OK Connection: close Date: Mon, 13 Oct 2003 18:50:52 GMT Server: Microsoft-IIS/6.0 P3P: CP='ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI' X-Powered-By: ASP.NET X-AspNet-Version: 1.1.4322 Cache-Control: private, max-age=0 Content-Type: text/xml; charset=utf-8 Content-Length: 607 <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Header> <wsu:Timestamp xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility"> <wsu:Created> 2003-10-13T18:50:52Z </wsu:Created> <wsu:Expires> 2003-10-13T18:55:52Z </wsu:Expires> </wsu:Timestamp> </soap:Header> <soap:Body> <GetVersionResponse xmlns="http://www.microsoft.com"> <GetVersionResult> Microsoft.Com Platform Services 1.0 Beta </GetVersionResult> </GetVersionResponse> </soap:Body> </soap:Envelope> The core of this sample is based on the configuration of the *unmodified* org.apache.axis.client.Call: Service service = new Service(); Call call = (Call)service.createCall(); call.setTargetEndpointAddress(new java.net.URL(urlS)); call.setOperation("GetVersion"); call.setSOAPActionURI("http://www.microsoft.com/GetVersion"); call.setUseSOAPAction(true); call.setUsername(usernameS); call.setPassword(passwordS); call.setProperty(WsseClientHandler.PASSWORD_OPTION, WsseClientHandler.PASSWORD_DIGEST_WITH_NONCE); call.setClientHandlers(new WsseClientHandler(), null); System.out.print((String)call.invoke(new Object[] {})); With axis-wsse now you can try all the web service that require single-message authentication based on UsernameToken in all the 4 password send technique. If you have suggestions or comments, feel free to contact me: |
Links Apache Axis Axis mailing list Web Service security UsernameToken Profile (working draft 4, 11 August 2003) Is WS-Security in Java so hard? WS-Security Authentication and Digital Signatures with Web Services Enhancements |
|