如何在WSO2 ESB 4.9.0 Digest策略文件中启用代理服务安全性

时间:2019-02-14 08:19:40

标签: web-services authentication wso2esb digest digest-authentication

我在使用wso2 ESB中的rampart签名我的肥皂消息时遇到问题,我使用了附加到传出端点的XML策略,此策略需要指定密码摘要作为用于摘要的算法(AlgorithmSuite:密码摘要)

问题是我的wss安全标头位于其设置的#PasswordText下面

<wsse:UsernameToken wsu:Id="UsernameToken-F8983EC106E3CD7A6915501268083805">
            <wsse:Username>userid</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">2DLoIevf9t75A7jm90+Anw==</wsse:Nonce>
            <wsu:Created>2019-02-14T06:46:48.379Z</wsu:Created>
         </wsse:UsernameToken>`enter code here`

我需要的是wss安全标头,如下所示,应设置#PasswordDiges 

<wsse:UsernameToken wsu:Id="UsernameToken-F8983EC106E3CD7A6915501267560244">
            <wsse:Username>userid</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">SDSDSDDDSDDDDSDD==</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">SDSDRRERRsdDSDSDD==</wsse:Nonce>
            <wsu:Created>2019-02-14T06:45:56.024Z</wsu:Created>
         </wsse:UsernameToken>

我如何使wso2 ESB使用passowrd Digest作为密码摘要的算法方法来签署一条肥皂消息?

1 个答案:

答案 0 :(得分:1)

#PasswordDiges like below 

<sp:UsernameToken sp:IncludeToken="docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/…">
 <wsp:Policy> <sp:HashPassword/> <sp:WssUsernameToken11/> </wsp:Policy>
相关问题
最新问题