1 Reply Latest reply on Jul 24, 2008 10:34 AM by Alessio Soldano

    Username token password type?

    Jeff Rhodes Newbie

      I'm using a JBossWS Native 3.0.2 client to invoke a secure Web service running on WebLogic. When the JBoss client creates a username token it looks like this:

      <wsse:UsernameToken wsu:Id="token-1-1216905572050-4347715">
      <wsse:Username>awdadmin</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#PasswordText">awdadmin</wsse:Password>
      </wsse:UsernameToken>

      Note the ".xsd" in the Type value. WebLogic fails to process the UNT header because it does not recognize the password type.

      When I invoke this Web service with another client, it generates a different password type - without the ".xsd" in the Type value:
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="unt_2gqSjWLYhMUDJeu4">
      <wsse:Username>awdadmin</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">awdadmin</wsse:Password>
      </wsse:UsernameToken>

      WebLogic is able to process the above UNT header and I can successfully consume the service.

      Is Native 3.0.2 client mistakenly putting the .xsd on the password Type? I don't think I've seen the ".xsd" on any examples of UNT password type.