| Author |
Message
|
| PEPERO |
 Posted: Thu Mar 13, 2014 1:45 am Post subject: UsernameToken with WS-SECURITY |
 |
|
Disciple
Joined: 30 May 2011
Posts: 177
|
Hi all;
I have a web service provider flow in which authentication using UsernameToken and WS-Security using policy set and policy set bindings are activated.
When i turn off the authentication, the signed and encrypted message is received (decrypted and verified). In this case the response is also signed and encrypted successfully.
When turning off the ws-security and activating authentication , employing an LDAP server, every thing is ok too.
But when i turn on ws-security and authentication, it seems that authentication is going to be checked before message decryption because an error code 'CWWSS5509E' is issued which implies :
| Quote: |
A security token whose type is [http://docs.oasis-open.org/wss/2004/01/oasis-2000401-wss-username-token-profile-1.0#UsernameToken] is required.
|
Please help me to resolve the problem. |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Thu Mar 13, 2014 4:38 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Where is the username token? In the Ws-Security header? Or in the HTTP headers?
If it is the HTTP header, I suspect you will have to use an HTTP node instead of a SOAP node to do the authentication, and then use a SecurityPep node to do WS-Security.
But it would be very odd for it to be in the HTTP header. |
|
| Back to top |
|
|
| PEPERO |
| Posted: Thu Mar 13, 2014 4:46 am Post subject: |
|
|
Disciple
Joined: 30 May 2011
Posts: 177
|
It's within the soap Header, under the Security tag.
| Quote: |
.
.
.
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="unt_907818524">wmbuser1</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">user1pw</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
.
.
.
.
|
|
|
| Back to top |
|
|
| mqjeff |
| Posted: Thu Mar 13, 2014 4:54 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Ok.
Sounds like a product issue. I'd suggest a PMR. |
|
| Back to top |
|
|
| ganesh |
| Posted: Thu Mar 13, 2014 9:32 am Post subject: |
|
|
Master
Joined: 18 Jul 2010
Posts: 294
|
| Code: |
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>*****</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">******</wsse:Password>
</wsse:UsernameToken>
|
Try the above format. |
|
| Back to top |
|
|
| PEPERO |
| Posted: Sat Mar 15, 2014 12:17 am Post subject: |
|
|
Disciple
Joined: 30 May 2011
Posts: 177
|
|
| Back to top |
|
|
| ganesh |
| Posted: Sun Mar 16, 2014 9:33 am Post subject: |
|
|
Master
Joined: 18 Jul 2010
Posts: 294
|
| What is BIP message number you get and also a user trace for this message flow will reveal more on the error. |
|
| Back to top |
|
|
|
|
