Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Actually, according to WSS4J developer Colm O Heigeartaigh, it was more strange before the change to work with validator interfaces, see <a href="http://coheigea.blogspot.se/2011/02/usernametoken-processing-changes-in.html" rel="nofollow">his first</a>, <a href="http://coheigea.blogspot.se/2011/02/wspasswordcallback-changes-in-wss4j-16.html" rel="nofollow">his second</a> and <a href="http://coheigea.blogspot.se/2011/04/wss4j-16-introducing-validators.html" rel="nofollow">his third</a> blog posts about the new validator design in WSS4J 1.6.</p> <p>The <code>WSPasswordCallback</code> shouldn't handle authentication, it is thought of as bad design and against separation of concerns, and therefor they (WSS4J developers) rewrote this part of WSS4J.</p> <p>However, as far as I know, Rampart dev team haven't yet implemented a way for developers to apply custom validators, nor is there a way to apply WSS4J validators such as the <code>NoOpValidator</code> - even though it's available in WSS4J. There is an issue registered in their (Rampart's) project JIRA (<a href="https://issues.apache.org/jira/browse/RAMPART-205#comment-13583029" rel="nofollow">read it here</a>), but it has a low priority and as of the moment this is being written; that issue is not included in the next minor (1.6.3) or major (1.7.0) release.</p> <p>So, you will have to do either of following three things, in order of my own preference:</p> <ul> <li>Use transport layer based authentication ,I would recommend auth headers with HTTPS transport.</li> <li>Downgrade Axis2 and Rampart to 1.5.x, which is still maintained (critical bug fixes).</li> <li>Edit source of wss4j and compile a new jar.</li> <li>Write a module for Axis2 that solves this.</li> </ul> <p>If there are additional solutions/workarounds, please feel free to comment/correct me.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload