Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to set attribute in name-spaced WSSE password element #19

Closed
jsgoecke opened this issue Jan 10, 2010 · 6 comments
Closed

Unable to set attribute in name-spaced WSSE password element #19

jsgoecke opened this issue Jan 10, 2010 · 6 comments

Comments

@jsgoecke
Copy link

I am working with a webservice where it appears the only way to get it to work is if I pass the WSSE password element as:

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">myplaintextpass/wsse:Password

But, Savon produces this:

wsse:Passwordmyplaintextpass/wsse:Password

I don't see anyway to set an attribute for the WSSE password in Savon. I have tinkered with the code to see if I may force it in there, but that is not proving obvious. The reason is that the WSSE uses the wsse:Password format so my skills with Builder are not getting me to where I need to be. The code is from line 96 in lib/wsse.rb:

xml.wsse :Password, password_node

If I had:

xml.Password password_mode

That I would know how to do it. Am I missing something in the API documents, or an obvious way to do this?
@jsgoecke
Copy link
Author

This fixed:

https://github.com/jsgoecke/savon/commit/f1bb059d7b132e21c3cd3bff8128845bb28504e3

But will want to re-factor when I have more time into a proper parameter on that field.

@rubiii
Copy link
Contributor

rubiii commented Jan 14, 2010

i didn't know any service requiring the type attribute up until now. will try to investigate if always passing the type works for all services requiring wsse authentication. if not, i (we) have to come up with some smart way of "enabling" the attribute.

@rubiii
Copy link
Contributor

rubiii commented Jan 16, 2010

so as far as i can see by looking at the oasis document "Web Services Security UsernameToken Profile 1.1 OASIS Standard Specification, 1 February 2006" (http://www.oasis-open.org/committees/download.php/16782/wss-v1.1-spec-os-UsernameTokenProfile.pdf), the password#type attribute is optional.

i implemented it so that it's automatically set to "...#PasswordText" for non-digest authentication and "...#PasswordDigest" for digest authentication.

it's included in the current dev branch and will be included in the next release:
https://github.com/rubiii/savon/commit/af35a79a128da83e6e983cb5266c1d7aaf934796

leaving the issue open until the next version is released.

@ghost
Copy link

ghost commented Jan 16, 2010

Great, thank you. This web service is quite finicky. In some cases the order of the inner elements even makes a difference.

@rubiii
Copy link
Contributor

rubiii commented Jan 16, 2010

sounds funny ;) no honestly, i think being able to force the elements to a specific order is one of the most ungliest parts of soap.

if you haven't figured this out until now, please take a look at the documentation. i added a paragraph on how to specify the order of elements:
http://wiki.github.com/rubiii/savon/soap

@rubiii
Copy link
Contributor

rubiii commented Jan 17, 2010

released version 0.7.2 including a fix for this issue.

@rubiii rubiii mentioned this issue Sep 17, 2012
Closed
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jsgoecke @rubiii