|
the HTML style is inspired from: "'br.kernelnewbies.org-beta2' by Caio Begotti" @ http://www.oswd.org |
|
|
:: Home :: Scope :: Arch :: Test :: Project :: Impl :: Links :: Release :: Demo :: |
| Releases |
| Demo - Quick Start Try axis-wsse on ws.microsoft.com doing this:
The result will be something like: yourToken = [B8ffemWZ1***hidden***wYJJW4bua0+] yourPin = [**hidden*] URLstring = [http://ws.microsoft.com/mscomservice/mscom.asmx] ---------- cut here ------ cut here ------ cut here ---------- Microsoft.Com Platform Services 1.0 Beta...TCP sniffing the request to ws.microsoft.com
POST /mscomservice/mscom.asmx HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.1
Host: ws.microsoft.com
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "http://www.microsoft.com/GetVersion"
Content-Length: 911
Authorization: Basic QjhmZQvNE***hidden***QjhmZQvNE
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="0"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext">
<wsse:UsernameToken>
<wsse:Username xsi:type="xsd:string">
B8ffemWZ1***hidden***wYJJW4bua0+</wsse:Username>
<wsse:Password Type="wsse:PasswordDigest"
xsi:type="xsd:string">
BF3utb***hidden***0lKZz4quA=</wsse:Password>
<wsse:Nonce xsi:type="xsd:string">
msJPTHku44rHAqPIRvbNQA==</wsse:Nonce>
<wsu:Created xsi:type="xsd:string"
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
2003-10-13T19:50:57Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<GetVersion xmlns=""/>
</soapenv:Body>
</soapenv:Envelope>
...and the response:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2003 18:50:52 GMT
Server: Microsoft-IIS/6.0
P3P: CP='ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI
TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI'
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Content-Length: 607
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Header>
<wsu:Timestamp
xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility">
<wsu:Created>
2003-10-13T18:50:52Z
</wsu:Created>
<wsu:Expires>
2003-10-13T18:55:52Z
</wsu:Expires>
</wsu:Timestamp>
</soap:Header>
<soap:Body>
<GetVersionResponse xmlns="http://www.microsoft.com">
<GetVersionResult>
Microsoft.Com Platform Services 1.0 Beta
</GetVersionResult>
</GetVersionResponse>
</soap:Body>
</soap:Envelope>
The core of this sample is based on the configuration of the *unmodified* org.apache.axis.client.Call:
Service service = new Service();
Call call = (Call)service.createCall();
call.setTargetEndpointAddress(new java.net.URL(urlS));
call.setOperation("GetVersion");
call.setSOAPActionURI("http://www.microsoft.com/GetVersion");
call.setUseSOAPAction(true);
call.setUsername(usernameS);
call.setPassword(passwordS);
call.setProperty(WsseClientHandler.PASSWORD_OPTION,
WsseClientHandler.PASSWORD_DIGEST_WITH_NONCE);
call.setClientHandlers(new WsseClientHandler(), null);
System.out.print((String)call.invoke(new Object[] {}));
With axis-wsse now you can try all the web service that require single-message authentication based on UsernameToken in all the 4 password send technique. If you have suggestions or comments, feel free to contact me: |
| Links Apache Axis Axis mailing list Web Service security UsernameToken Profile (working draft 4, 11 August 2003) Is WS-Security in Java so hard? WS-Security Authentication and Digital Signatures with Web Services Enhancements |
|