14 years ago
Support for no password in Username Token
Hi,
This is my first post here so I would like to thank for this great tool I use almost everyday.
Coming back to the subject, I often use web services secured that require username token without password. If I don't type password in Project View -> Security Configurations -> Outgoing Security Configurations -> my security configuration -> Username in Password field I get nasty exception:
Tue Sep 14 09:45:57 CEST 2010:ERROR:java.lang.IllegalArgumentException: pwd == null but a password is needed
java.lang.IllegalArgumentException: pwd == null but a password is needed
at org.apache.ws.security.message.token.UsernameToken.setPassword(UsernameToken.java:435)
at org.apache.ws.security.message.WSSecUsernameToken.prepare(WSSecUsernameToken.java:171)
at org.apache.ws.security.message.WSSecUsernameToken.build(WSSecUsernameToken.java:226)
at com.eviware.soapui.impl.wsdl.support.wss.entries.AddUsernameEntry.process(AddUsernameEntry.java:90)
at com.eviware.soapui.impl.wsdl.support.wss.OutgoingWss.processOutgoing(OutgoingWss.java:157)
at com.eviware.soapui.impl.wsdl.submit.filters.WssRequestFilter.filterWsdlRequest(WssRequestFilter.java:58)
...
It comes from the fact that wss4j expects to pass a password if passwordType is PASSWORD_TEXT. But wss4j enables to pass null
So I propose to add new option to Password Type combo - NoPassword. I implemented this in the attached patch.
I would be greatful if you could add NoPassword option to the SoapUI. This could help me a great deal and supposedly a few other developers.
This is my first post here so I would like to thank for this great tool I use almost everyday.
Coming back to the subject, I often use web services secured that require username token without password. If I don't type password in Project View -> Security Configurations -> Outgoing Security Configurations -> my security configuration -> Username in Password field I get nasty exception:
Tue Sep 14 09:45:57 CEST 2010:ERROR:java.lang.IllegalArgumentException: pwd == null but a password is needed
java.lang.IllegalArgumentException: pwd == null but a password is needed
at org.apache.ws.security.message.token.UsernameToken.setPassword(UsernameToken.java:435)
at org.apache.ws.security.message.WSSecUsernameToken.prepare(WSSecUsernameToken.java:171)
at org.apache.ws.security.message.WSSecUsernameToken.build(WSSecUsernameToken.java:226)
at com.eviware.soapui.impl.wsdl.support.wss.entries.AddUsernameEntry.process(AddUsernameEntry.java:90)
at com.eviware.soapui.impl.wsdl.support.wss.OutgoingWss.processOutgoing(OutgoingWss.java:157)
at com.eviware.soapui.impl.wsdl.submit.filters.WssRequestFilter.filterWsdlRequest(WssRequestFilter.java:58)
...
It comes from the fact that wss4j expects to pass a password if passwordType is PASSWORD_TEXT. But wss4j enables to pass null
. Then no Password element is added to the token.
when no password is needed
So I propose to add new option to Password Type combo - NoPassword. I implemented this in the attached patch.
I would be greatful if you could add NoPassword option to the SoapUI. This could help me a great deal and supposedly a few other developers.