This document discusses how the SOAP/HTTP Binding Component can be configured, in a service provider and in a service consumer, to use WS-Security 1.0 (2004) Username Token Profile support. WS-Security 1.0 (2004) provided support for the Username Token, which could be sent over the wire in the clear. This was insecure but Sun JAX-RPC libraries allowed this, since the standard allowed this. Through Project Metro release 1.4 it was impossibly to formulate a WS-Security policy that decorated a SOAP message with the Username Token headers, without requiring to also encrypt parts of the message. This prevented solutions built on top Metro 1.4, or earlier, from supporting cleartext Username Token. Metro 1.5 relaxed this requirement. The WS-Security policy configured using the GlassFish ESB NetBeans WS-Security wizard will be modified to require and provide a Plain text Username Token.
The document is here: 02_Configuring_HTTP_BC_for_WS-Security_UsernameToken.pdf
The companion archive containing all projects is here: WSSecPolicies_PersonUsernamePlain.zip
Excellent article Michael,
I just have one doubt, when I use soapUI, the program does not find the server http://mcz02.aus.sun.com:29080/PersonSvc_CA-sun-http-binding/PersonSvc/Person.xsd and I can not prove the connection between my server and my server client services.
How I can solve this problem in my Web Services?
Regards,
Marcelo
Hello, Marcelo.
You need to change the URL to use your host. The host mcz02.aus.sun.com was my host and it no longer exists anyway 🙂
Regards
Michael
Hello Michael,
Thank you for your contribution to the area of ??Web Services security, how I can
implement XML Signature and XML Encryption in your example?
Best regards,
Marcelo
Hello, Marcelo.
Please have a look at https://blogs.czapski.id.au/2010/01/glassfish-esb-v2-x-bpel-ssl-mutual-auth-mk-ii-and-using-jbi-ws-addressing-for-explicit-routing-exploring-effects-of-security-policies-rev-0-4-1 to see if it helps.
I am out of teh OpenESB and HTTP BC business so what I contributed on these toipic is it from me.
All the best
Michael