In my WebService I need to log the caller's id, but wsContext.getUserPrincipal() returns null even though the user was authenticated using WS-Security with password authentication. According to the JavaDocs for JAX-WS 2.1 WSContext.getUserPrincipal() should only return null if the user has not been authenticated. Do I have to do someth...
Hi, I need in WCF ensure soap header like this: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"> <wsse:BinarySecurityToken xmlns:wsu="http:...
I am using latest Apache CXF to create a webservice. I have configured ws-security using org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor. In my passwordCallbackClass I can access the user or identifier by calling getIdentifier() method of org.apache.ws.security.WSPasswordCallback class. I am also using spring for the whole setup. I...
I'm inspecting a WCF request message in order to implement part of the WS-Security standard to have iPhone <-> WCF intercommunication (I'm using certificate security over basicHttpBinding). After reading the standard xmlenc-core I could decrypt both the SignedInfo and the Body tags, but I see 16 bytes at the beginning of both unencrypted...
Okay, so we have a legacy ASMX web service that is currently running in .NET 3.5 and we're using Visual Studio 2008. The problem is, we need to add authentication and would like to take advantage of the WS-Security model without breaking any existing internal clients who don't need to authenticate currently. We've thought about adding ...
Hi, Using Websphere 6.1, I'm attempting to call a secured web service (using a custom authentication token) from a message-driven bean. However, the call repeatedly fails because the required token is not added to the SOAP message being sent. The settings to call the relevant TokenGenerator are specified in the deployment descriptor of ...
How to call a webservice (created in java) with ws security, they provided a certificate file , username & password, i tried using Web Services Enhancements (WSE) 3.0, Inherited the service proxy from Microsoft.Web.Services3.WebServicesClientProtocol used username password tocken UsernameToken tocken = new UsernameToken("uname", "pw...
I have successfully created a WS client that works correctly when NOT using authentication. However, the server (WebSphere) now requires adding a ws-security username token, and I'm having a hard time doing this. The resulting SOAP message is supposed to look something like this: <soapenv:Envelope xmlns:ns="http://foo.bar/1.0" xm...
i need to visit a secure web service, every request in the header need to carry a token. i know the endpoint to the web service, i also know how to create the token. but i cannot see the WSDL for the webservice. is there a way in C#, to create a soap client, without the WSDL file. ...
The extent of my ability is in vba and asp. I'm interested in consuming a SOAP web service from Excel or Access, mostly because it's easier for me. I've also got the wsdls for the web service which is using ws-security. Is this even possible? From what I've read, .net is my logical option, but there's obviously a gap in my skill. Is...
I have a WCF client/service app that relies on secure communication between two machines and I want to use use x509 certificates installed in the certificate store to identify the server and client to each other. I do this by configuring the binding as <security authenticationMode="MutualCertificate"/>. There is only client machine. The...
I need to call axis2 web service with ws-security (username token) from xfire client over https. I could do the exercise via xfire dynamic client, but no luck with wsdl base client (i.e. generate java stub from wsdl). Could anybody point me out what could be wrong (stub, ws-security something else)? Exception: Exception in thread "m...
Hello, I am trying to create a standalone client to consume some web services. I must add my username and password to the SOAP Header. I tried adding the credentials as follows: OTSWebSvcsService service = new OTSWebSvcsService(); OTSWebSvcs port = service.getOTSWebSvcs(); BindingProvider prov = (BindingProvider)port; prov.getRequest...
I am trying to get a WCF service configured with message security (no transport security) such that it can communicate with Java clients. I have been using SoapUI to test, and have overcome numerous hurdles. Now, WCF seems to be authenticating the message, but it is routing it to the operation without decrypting it. I am getting the foll...
I'm writing a JAXWS-RI client that must call a .NET Web Service that is using WS-Security. The service's WSDL does not contain any WS-Security info, but I have an example soap message from the service's authors and know that I must include wsse:Security headers, including X:509 tokens. I've been researching, and I've seen example of fo...
I have an application that connects via https to a SOAP-based web service that implements WS-Security. The web service is written in Java, expects a plain text password as well as a properly set timestamp. After a great deal of googling and experimentation, I can't figure out how to configure my WCF client to interact with this service...
Below is the style of header I need to create. I am expected to use either a public/private key or a SSL style certificate. I don't know for certain, but I think my counter-party is using some form of Java. <soap-env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <ds:Signature xmlns:ds="ht...
Hello, I'm new here and I'm facing a problem. I need to know if it is possible to implement the WS-Security protocol with X.509 certificates on a native iPhone application. I haven't found much information on the web, except this information from Apple about security services. I just want to ask, is it possible? has it been made before?...
Basically I need to setup my ASMX file so that when I pull it up in a browser to display the WebMethod specification the Soap Header conforms to this format: <soap:Header> <wsse:Security> <wsse:UsernameToken wsu:Id='SecurityToken-securityToken'> <wsse:Username>Username</wsse:Username> <wsse:Password>Password</...
I have a web service which implements WS-Security but does not define a policy in the WSDL. I am able to consume this web service successfully using Axis 2 as client. I am trying to consume the same web service using Metro 2 but the wsse:security headers are not going. It works only if the service defines the security policy which is no...