I am trying to consume a .NET web service using UsernameToken plain
text password authentication.
Here is my .wsdd configuration file:
<!-- Using the WSDoAllSender security handler in request flow -->
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSen der"/>
<globalConfiguration>
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSend er" >
<parameter name="action" value="UsernameToken"/>
<parameter name="user" value="hyonyim"/>
<parameter name="passwordType" value="PasswordText"/>
<!--<parameter name="password" value="hyonyim1"/>-->
<parameter name="passwordCallbackClass"
value="com.bsi.main.CTCallback"/>
<parameter name="mustUnderstand" value="false" />
</handler>
</requestFlow >
</globalConfiguration>
</deployment>
I am using axis 1.2.1 and wss4j 1.5.1. When I try to consume the
service, I get the following error:
AxisFault
faultCode: {http://docs.oasis-open.org/wss/2004/...is-200401-wss-
wssecurity-
secext-1.0.xsd}InvalidSecurityToken
faultSubcode:
faultString: An invalid security token was provided
The code seems to trying to check the semantics of the SOAP request,
even though the mustUnderstand parameter is set to false in the config
file.
Any help is appreciated.