Merged Werner's changes from the trunk to the 1.5.3 branch

commit: 920756115a129bc7574f7ca7f3376cbd7b8b10c2 [log] [tgz]
author: Ruchith Udayanga Fernando <ruchithf@apache.org> Sun Aug 19 18:31:04 2007 +0000
committer: Ruchith Udayanga Fernando <ruchithf@apache.org> Sun Aug 19 18:31:04 2007 +0000
tree: cf7bcdf8b0ef1e0c618d8893d3e2a45a96da55d5
parent: 5cf03f528b3f586fd6d791cf5bd73ebdbb6223e0 [diff]
diff --git a/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd b/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd
index b7f443a..a6f6fae 100644
--- a/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd
+++ b/interop/org/apache/ws/axis/oasis/Client_deploy.wsdd

@@ -68,6 +68,21 @@
   </requestFlow>
   </service>
 
+ <service name="Ping2b">
+  <requestFlow>
+   <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
+    <parameter name="action" value="UsernameTokenSignature Timestamp"/>
+    <parameter name="user" value="Chris"/>
+    <parameter name="passwordCallbackClass" 
+      value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="passwordType" value="PasswordDigest" />
+    <parameter name="signatureParts" 
+      value="Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken" />  
+    
+   </handler>
+  </requestFlow>
+  </service>
+
  <service name="Ping3">
   <requestFlow>
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >

diff --git a/interop/org/apache/ws/axis/oasis/Scenario2b.java b/interop/org/apache/ws/axis/oasis/Scenario2b.java
new file mode 100644
index 0000000..ab9e492
--- /dev/null
+++ b/interop/org/apache/ws/axis/oasis/Scenario2b.java

@@ -0,0 +1,101 @@
+/*

+ * Copyright  2003-2004 The Apache Software Foundation.

+ *

+ *  Licensed under the Apache License, Version 2.0 (the "License");

+ *  you may not use this file except in compliance with the License.

+ *  You may obtain a copy of the License at

+ *

+ *      http://www.apache.org/licenses/LICENSE-2.0

+ *

+ *  Unless required by applicable law or agreed to in writing, software

+ *  distributed under the License is distributed on an "AS IS" BASIS,

+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ *  See the License for the specific language governing permissions and

+ *  limitations under the License.

+ *

+ */

+

+package org.apache.ws.axis.oasis;

+

+import org.apache.axis.utils.Options;

+import org.apache.ws.axis.oasis.ping.PingPort;

+import org.apache.ws.axis.oasis.ping.PingServiceLocator;

+

+import javax.xml.rpc.holders.StringHolder;

+

+/**

+ * Class Scenario2b

+ */

+public class Scenario2b {

+

+    /** Field address */

+    private static final java.lang.String address =

+            "http://localhost:9080/axis/services/Ping2b";

+

+    /**

+     * Method main

+     * 

+     * @param args 

+     * @throws Exception 

+     */

+    public static void main(String[] args) throws Exception {

+

+        Options opts = new Options(args);

+        opts.setDefaultURL(address);

+

+        /*

+         *     Start to prepare service call. Once this is done, several

+         *     calls can be made on the port (see below)

+         *

+         *     Fist: get the service locator. This implements the functionality

+         *     to get a client stub (aka port).

+         */

+        PingServiceLocator service = new PingServiceLocator();

+

+        /*

+         *     this is a JAX-RPC compliant call. It uses a preconfigured

+         *     endpoint address (usually contained in the WSDL). Note the

+         *     cast.

+         *    

+         * SecPort port = (SwaPort)service.getPort(SwaPortType.class);

+         */

+

+        /*

+         *     Here we use an Axis specific call that allows to override the

+         *     port address (service endpoint address) with an own URL. Comes

+         *     in handy for testing.

+         */

+        java.net.URL endpoint;

+

+        try {

+            endpoint = new java.net.URL(opts.getURL());

+        } catch (java.net.MalformedURLException e) {

+            throw new javax.xml.rpc.ServiceException(e);

+        }

+

+        PingPort port = (PingPort) service.getPing2b(endpoint);

+

+        /*

+         *     At this point all preparations are done. Using the port we can

+         *     now perform as many calls as necessary.

+         */

+

+        // perform call

+        StringHolder text =

+                new StringHolder("WSS4J - Scenario 2b text");

+        port.ping(new org.apache.ws.axis.oasis.ping.TicketType("WSS4J"), text);

+        System.out.println(text.value);

+

+        if (opts.isFlagSet('t') > 0) {

+            long startTime = System.currentTimeMillis();

+

+            for (int i = 0; i < 20; i++) {

+                port.ping(new org.apache.ws.axis.oasis.ping.TicketType("WSS4J"), text);

+            }

+

+            long endTime = System.currentTimeMillis();

+

+            System.out.println("Time used: " + (endTime - startTime) + "ms");

+        }

+    }

+}


diff --git a/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd b/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd
index 0771acc..6976047 100644
--- a/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd
+++ b/interop/org/apache/ws/axis/oasis/ping/deploy.wsdd

@@ -103,6 +103,34 @@
   </requestFlow>
   </service>
 
+  <service name="Ping2b" provider="java:RPC" style="wrapped" use="literal">
+      <parameter name="wsdlTargetNamespace" value="http://xmlsoap.org/Ping"/>
+      <parameter name="wsdlServiceElement" value="PingService"/>
+      <parameter name="wsdlServicePort" value="Ping2"/>
+      <parameter name="className" value="org.apache.ws.axis.oasis.ping.PingBindingImpl"/>
+      <parameter name="wsdlPortType" value="PingPort"/>
+      <operation name="ping" qname="operNS:Ping" xmlns:operNS="http://xmlsoap.org/Ping" >
+        <parameter qname="pns:ticket" xmlns:pns="http://xmlsoap.org/Ping" type="tns:ticketType" xmlns:tns="http://xmlsoap.org/Ping"/>
+        <parameter qname="pns:text" xmlns:pns="http://xmlsoap.org/Ping" type="tns:string" xmlns:tns="http://www.w3.org/2001/XMLSchema" mode="INOUT"/>
+      </operation>
+      <parameter name="allowedMethods" value="ping"/>
+
+      <typeMapping
+        xmlns:ns="http://xmlsoap.org/Ping"
+        qname="ns:ticketType"
+        type="java:org.apache.ws.axis.oasis.ping.TicketType"
+        serializer="org.apache.axis.encoding.ser.SimpleSerializerFactory"
+        deserializer="org.apache.axis.encoding.ser.SimpleDeserializerFactory"
+        encodingStyle=""
+      />
+  <requestFlow>
+   <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
+    <parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback1"/>
+    <parameter name="action" value="UsernameTokenSignature UsernameToken Timestamp"/>
+   </handler>
+  </requestFlow>
+  </service>
+
   <service name="Ping3" provider="java:RPC" style="wrapped" use="literal">
       <parameter name="wsdlTargetNamespace" value="http://xmlsoap.org/Ping"/>
       <parameter name="wsdlServiceElement" value="PingService"/>

diff --git a/interop/ping.wsdl b/interop/ping.wsdl
index c470868..ca687b8 100644
--- a/interop/ping.wsdl
+++ b/interop/ping.wsdl

@@ -70,6 +70,9 @@
         <port name="Ping2a" binding="tns:PingBinding">
             <soap:address location="http://localhost:9080/pingservice/Ping2a"/>
         </port>
+        <port name="Ping2b" binding="tns:PingBinding">
+            <soap:address location="http://localhost:9080/pingservice/Ping2b"/>
+        </port>        
         <port name="Ping3" binding="tns:PingBinding">
             <soap:address location="http://localhost:9080/pingservice/Ping3"/>
         </port>

diff --git a/src/org/apache/ws/security/action/UsernameTokenSignedAction.java b/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
index ecac48c..4041066 100644
--- a/src/org/apache/ws/security/action/UsernameTokenSignedAction.java
+++ b/src/org/apache/ws/security/action/UsernameTokenSignedAction.java

@@ -1,5 +1,5 @@
 /*

- * Copyright  2003-2004 The Apache Software Foundation.

+ * Copyright  2003-2007 The Apache Software Foundation.

  *

  *  Licensed under the Apache License, Version 2.0 (the "License");

  *  you may not use this file except in compliance with the License.

@@ -17,15 +17,31 @@
 

 package org.apache.ws.security.action;

 

+import java.util.Vector;

+

+import org.apache.ws.security.SOAPConstants;

 import org.apache.ws.security.WSConstants;

+import org.apache.ws.security.WSEncryptionPart;

 import org.apache.ws.security.WSSecurityException;

 import org.apache.ws.security.handler.RequestData;

 import org.apache.ws.security.handler.WSHandler;

 import org.apache.ws.security.handler.WSHandlerConstants;

 import org.apache.ws.security.message.WSSecUsernameToken;

 import org.apache.ws.security.message.WSSecSignature;

+import org.apache.ws.security.message.WSSecHeader;

+import org.apache.ws.security.util.WSSecurityUtil;

 import org.apache.xml.security.signature.XMLSignature;

 import org.w3c.dom.Document;

+import org.w3c.dom.Element;

+

+/**

+ * Sign a request using a secret key derived from UsernameToken data.

+ * 

+ * Enhanced by Alberto Coletti to support digest password type for 

+ * username token signature

+ * 

+ * @author Werner Dittmann (Werner.Dittmann@t-online.de)

+ */

 

 public class UsernameTokenSignedAction implements Action {

     public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)

@@ -37,28 +53,66 @@
 

         WSSecUsernameToken builder = new WSSecUsernameToken();

         builder.setWsConfig(reqData.getWssConfig());

-        builder.setPasswordType(WSConstants.PASSWORD_TEXT);

+        builder.setPasswordType(reqData.getPwType());  // enhancement by Alberto Coletti

+        

         builder.setUserInfo(reqData.getUsername(), password);

         builder.addCreated();

         builder.addNonce();

         builder.prepare(doc);

+

+        // Now prepare to sign.

+        // First step:  Get a WS Signature object and set config parameters

+        // second step: set user data and algorithm parameters. This

+        //              _must_ be done before we "prepare"

+        // third step:  Call "prepare". This creates the internal WS Signature

+        //              data structures, XML element, fills in the algorithms

+        //              and other data.

+        // fourth step: Get the references. These references identify the parts

+        //              of the document that will be included into the 

+        //              signature. If no references are given sign the message

+        //              body by default.

+        // fifth step:  compute the signature

+        //

+        // after "prepare" the Signature XML element is ready and may prepend

+        // this to the security header.

         

         WSSecSignature sign = new WSSecSignature();

         sign.setWsConfig(reqData.getWssConfig());

 

-        if (reqData.getSignatureParts().size() > 0) {

-            sign.setParts(reqData.getSignatureParts());

-        }

         sign.setUsernameToken(builder);

         sign.setKeyIdentifierType(WSConstants.UT_SIGNING);

         sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

+

+        sign.prepare(doc, null, reqData.getSecHeader());

+

+        // prepend in this order: first the Signature Element and then the

+        // UsernameToken Element. This way the server gets the UsernameToken

+        // first, can check it and are prepared to compute the Signature key.  

+        sign.prependToHeader(reqData.getSecHeader());

+        builder.prependToHeader(reqData.getSecHeader());

+

+        Vector parts = null;

+        if (reqData.getSignatureParts().size() > 0) {

+            parts = reqData.getSignatureParts();

+        }

+        else {

+            SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc

+                    .getDocumentElement());

+            

+            parts = new Vector();

+            WSEncryptionPart encP = new WSEncryptionPart(soapConstants

+                    .getBodyQName().getLocalPart(), soapConstants

+                    .getEnvelopeURI(), "Content");

+            parts.add(encP);

+        }

+        sign.addReferencesToSign(parts, reqData.getSecHeader());

+

         try {

-            sign.build(doc, null, reqData.getSecHeader());

+            sign.computeSignature();

             reqData.getSignatureValues().add(sign.getSignatureValue());

         } catch (WSSecurityException e) {

             throw new WSSecurityException("WSHandler: Error during Signature with UsernameToken secret"

                     + e);

         }

-        builder.prependToHeader(reqData.getSecHeader());

     }

 }


diff --git a/src/org/apache/ws/security/message/WSSecSignature.java b/src/org/apache/ws/security/message/WSSecSignature.java
index 8a94760..f31c6eb 100644
--- a/src/org/apache/ws/security/message/WSSecSignature.java
+++ b/src/org/apache/ws/security/message/WSSecSignature.java

@@ -710,8 +710,6 @@
 			log.debug("Beginning signing...");
 		}
 
-		Element securityHeader = secHeader.getSecurityHeader();
-
 		prepare(doc, cr, secHeader);
 
 		SOAPConstants soapConstants = WSSecurityUtil.getSOAPConstants(doc

diff --git a/src/org/apache/ws/security/message/token/UsernameToken.java b/src/org/apache/ws/security/message/token/UsernameToken.java
index fce63f2..c7206cf 100644
--- a/src/org/apache/ws/security/message/token/UsernameToken.java
+++ b/src/org/apache/ws/security/message/token/UsernameToken.java

@@ -1,5 +1,5 @@
 /*
- * Copyright  2003-2004 The Apache Software Foundation.
+ * Copyright  2003-2007 The Apache Software Foundation.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -44,13 +44,17 @@
 /**
  * UsernameToken according to WS Security specifications, UsernameToken profile.
  * 
+ * Enhanced to support digest password type for username token signature
+ * 
  * @author Davanum Srinivas (dims@yahoo.com)
- * @author Werner Dittmann (Werner.Dittmann@siemens.com)
+ * @author Werner Dittmann (Werner.Dittmann@t-online.de)
  */
 public class UsernameToken {
     private static Log log = LogFactory.getLog(UsernameToken.class.getName());
 
     public static final String PASSWORD_TYPE = "passwordType";
+    
+    private String raw_password;        // enhancment by Alberto Coletti
 
     protected Element element = null;
 
@@ -325,7 +329,7 @@
 
     /**
      * Gets the password string. This is the password as it is in the password
-     * element of a username, token. Thus it can be either plain text or the
+     * element of a username token. Thus it can be either plain text or the
      * password digest value.
      * 
      * @return the password string or <code>null</code> if no such node
@@ -397,6 +401,7 @@
         if (pwd == null) {
             throw new IllegalArgumentException("pwd == null");
         }
+        raw_password = pwd;             // enhancement by Alberto coletti
         Text node = getFirstNode(this.elementPassword);
         try {
             if (!hashed) {
@@ -413,6 +418,15 @@
         }
     }
 
+    /**
+     * Set the raw (plain text) password used to compute secret key.
+     * 
+     * @param raw_password the raw_password to set
+     */
+    public void setRawPassword(String raw_password) {
+        this.raw_password = raw_password;
+    }
+    
     public static String doPasswordDigest(String nonce, String created,
             String password) {
         String passwdDigest = null;
@@ -541,7 +555,7 @@
         byte[] key = null;
         try {
             Mac mac = Mac.getInstance("HMACSHA1");
-            byte[] password = getPassword().getBytes("UTF-8");
+            byte[] password = raw_password.getBytes("UTF-8"); // enhancement by Alberto Coletti
             byte[] label = labelString.getBytes("UTF-8");
             byte[] nonce = Base64.decode(getNonce());
             byte[] created = getCreated().getBytes("UTF-8");
@@ -571,6 +585,8 @@
         }
         return key;
     }
+    
+  
 
     /**
      * This static method generates a derived key as defined in WSS Username

diff --git a/src/org/apache/ws/security/processor/SignatureProcessor.java b/src/org/apache/ws/security/processor/SignatureProcessor.java
index 4ce95e4..967efb3 100644
--- a/src/org/apache/ws/security/processor/SignatureProcessor.java
+++ b/src/org/apache/ws/security/processor/SignatureProcessor.java

@@ -203,14 +203,17 @@
                 QName el = new QName(token.getNamespaceURI(), token

                         .getLocalName());

                 if (el.equals(WSSecurityEngine.usernameToken)) {

-                    ut = new UsernameToken(token);

+                    String id = token.getAttributeNS(WSConstants.WSU_NS, "Id");

+                    UsernameTokenProcessor utProcessor = 

+                        (UsernameTokenProcessor) wsDocInfo.getProcessor(id);

+                    ut = utProcessor.getUt();

                     secretKey = ut.getSecretKey();

                 } else if(el.equals(WSSecurityEngine.DERIVED_KEY_TOKEN_05_02) ||

                         el.equals(WSSecurityEngine.DERIVED_KEY_TOKEN_05_12)) {

                     dkt = new DerivedKeyToken(token);

                     String id = dkt.getID();

-                    DerivedKeyTokenProcessor dktProcessor = (DerivedKeyTokenProcessor) wsDocInfo

-                            .getProcessor(id);

+                    DerivedKeyTokenProcessor dktProcessor = 

+                        (DerivedKeyTokenProcessor) wsDocInfo.getProcessor(id);

                     String signatureMethodURI = sig.getSignedInfo().getSignatureMethodURI();

                     int keyLength = (dkt.getLength() > 0) ? dkt.getLength() : 

                         WSSecurityUtil.getKeyLength(signatureMethodURI);


diff --git a/src/org/apache/ws/security/processor/UsernameTokenProcessor.java b/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
index 1be619b..9dcfaa8 100644
--- a/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
+++ b/src/org/apache/ws/security/processor/UsernameTokenProcessor.java

@@ -41,6 +41,7 @@
     private static Log log = LogFactory.getLog(UsernameTokenProcessor.class.getName());

 

     private String utId;

+    private UsernameToken ut;

     

     public void handleToken(Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb, WSDocInfo wsDocInfo, Vector returnResults, WSSConfig wsc) throws WSSecurityException {

         if (log.isDebugEnabled()) {

@@ -75,7 +76,7 @@
      * @throws WSSecurityException

      */

     public WSUsernameTokenPrincipal handleUsernameToken(Element token, CallbackHandler cb) throws WSSecurityException {

-        UsernameToken ut = new UsernameToken(token);

+        ut = new UsernameToken(token);

         String user = ut.getName();

         String password = ut.getPassword();

         String nonce = ut.getNonce();

@@ -87,6 +88,8 @@
         }

 

         Callback[] callbacks = new Callback[1];

+        String origPassword = null;

+        

         if (ut.isHashed()) {

             if (cb == null) {

                 throw new WSSecurityException(WSSecurityException.FAILURE,

@@ -106,7 +109,7 @@
                         "noPassword",

                         new Object[]{user}, e);

             }

-            String origPassword = pwCb.getPassword();

+            origPassword = pwCb.getPassword();

             if (log.isDebugEnabled()) {

                 log.debug("UsernameToken callback password " + origPassword);

             }

@@ -120,6 +123,7 @@
                     throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION);

                 }

             }

+            ut.setRawPassword(origPassword);

         } else if (cb != null) {

             WSPasswordCallback pwCb = new WSPasswordCallback(user, password,

                     pwType, WSPasswordCallback.USERNAME_TOKEN_UNKNOWN);

@@ -133,8 +137,8 @@
                 throw new WSSecurityException(WSSecurityException.FAILURE,

                         "noPassword", new Object[]{user});

             }

+            ut.setRawPassword(password);

         }

-

         WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed());

         principal.setNonce(nonce);

         principal.setPassword(password);

@@ -149,5 +153,14 @@
      */

     public String getId() {

     	return utId;

+    }

+

+    /**

+     * Get the processed USernameToken.

+     * 

+     * @return the ut

+     */

+    public UsernameToken getUt() {

+        return ut;

     }    

 }


diff --git a/test/interop/TestScenario2b.java b/test/interop/TestScenario2b.java
new file mode 100644
index 0000000..a98a43c
--- /dev/null
+++ b/test/interop/TestScenario2b.java

@@ -0,0 +1,65 @@
+/*

+ * Copyright  2003-2004 The Apache Software Foundation.

+ *

+ *  Licensed under the Apache License, Version 2.0 (the "License");

+ *  you may not use this file except in compliance with the License.

+ *  You may obtain a copy of the License at

+ *

+ *      http://www.apache.org/licenses/LICENSE-2.0

+ *

+ *  Unless required by applicable law or agreed to in writing, software

+ *  distributed under the License is distributed on an "AS IS" BASIS,

+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+ *  See the License for the specific language governing permissions and

+ *  limitations under the License.

+ *

+ */

+

+package interop;

+

+import junit.framework.Test;

+import junit.framework.TestCase;

+import junit.framework.TestSuite;

+import org.apache.ws.axis.oasis.Scenario2b;

+

+/**

+ * WS-Security Test Case

+ * <p/>

+ * 

+ * @author Davanum Srinivas (dims@yahoo.com)

+ */

+public class TestScenario2b extends TestCase {

+    /**

+     * TestScenario1 constructor

+     * <p/>

+     * 

+     * @param name name of the test

+     */

+    public TestScenario2b(String name) {

+        super(name);

+    }

+

+    /**

+     * JUnit suite

+     * <p/>

+     * 

+     * @return a junit test suite

+     */

+    public static Test suite() {

+        return new TestSuite(TestScenario2b.class);

+    }

+

+    /**

+     * Main method

+     * <p/>

+     * 

+     * @param args command line args

+     */

+    public static void main(String[] args) throws Exception {

+        Scenario2b.main(args);

+    }

+

+    public void testScenario2b() throws Exception {

+        Scenario2b.main(new String[]{"-lhttp://localhost:8080/axis/services/Ping2b"});

+    }

+}


diff --git a/test/wssec/TestWSSecurityNew13.java b/test/wssec/TestWSSecurityNew13.java
index bb96f72..65571ae 100644
--- a/test/wssec/TestWSSecurityNew13.java
+++ b/test/wssec/TestWSSecurityNew13.java

@@ -142,7 +142,7 @@
         sign.setUsernameToken(builder);

         sign.setKeyIdentifierType(WSConstants.UT_SIGNING);

         sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

-        log.info("Before signing....");

+        log.info("Before signing with UT text....");

         sign.build(doc, null, secHeader);

         log.info("Before adding UsernameToken PW Text....");

         builder.prependToHeader(secHeader);

@@ -156,6 +156,45 @@
         log.info("After adding UsernameToken PW Text....");

         verify(signedDoc);

     }

+    

+    /**

+     * Test the specific signing mehtod that use UsernameToken values

+     * <p/>

+     * 

+     * @throws java.lang.Exception Thrown when there is any problem in signing or verification

+     */

+    public void testUsernameTokenSigningDigest() throws Exception {

+        Document doc = unsignedEnvelope.getAsDocument();

+

+        WSSecHeader secHeader = new WSSecHeader();

+        secHeader.insertSecurityHeader(doc);

+

+        WSSecUsernameToken builder = new WSSecUsernameToken();

+        builder.setPasswordType(WSConstants.PASSWORD_DIGEST);

+        builder.setUserInfo("wernerd", "verySecret");

+        builder.addCreated();

+        builder.addNonce();

+        builder.prepare(doc);

+        

+        WSSecSignature sign = new WSSecSignature();

+        sign.setUsernameToken(builder);

+        sign.setKeyIdentifierType(WSConstants.UT_SIGNING);

+        sign.setSignatureAlgorithm(XMLSignature.ALGO_ID_MAC_HMAC_SHA1);

+        log.info("Before signing with UT digest....");

+        sign.build(doc, null, secHeader);

+        log.info("Before adding UsernameToken PW Digest....");

+        builder.prependToHeader(secHeader);

+        Document signedDoc = doc;

+        Message signedMsg = SOAPUtil.toAxisMessage(signedDoc);

+        if (log.isDebugEnabled()) {

+            log.debug("Message with UserNameToken PW Digest:");

+            XMLUtils.PrettyElementToWriter(signedMsg.getSOAPEnvelope().getAsDOM(), new PrintWriter(System.out));

+        }

+        signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();

+        log.info("After adding UsernameToken PW Digest....");

+        verify(signedDoc);

+    }

+

     /**

      * Verifies the soap envelope

      * <p/>
commit	920756115a129bc7574f7ca7f3376cbd7b8b10c2	[log] [tgz]
author	Ruchith Udayanga Fernando <ruchithf@apache.org>	Sun Aug 19 18:31:04 2007 +0000
committer	Ruchith Udayanga Fernando <ruchithf@apache.org>	Sun Aug 19 18:31:04 2007 +0000
tree	cf7bcdf8b0ef1e0c618d8893d3e2a45a96da55d5
parent	5cf03f528b3f586fd6d791cf5bd73ebdbb6223e0 [diff]