axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Stanchev" <Gstanc...@serena.com>
Subject [Axis2] rampart/security question
Date Thu, 08 Mar 2007 00:19:05 GMT
Hi,

I am new to axis2/c and I had a use cases that wanted to see if 
it is supported.

Clients of my services are expected to pass a SAML assertion in
wsse header. The header is or it is not tagged with specific actor.
The SAML asserttion needs to be checked for:
* integrity (using its signature)
* trust (using the PK/cert used to sign the assertion - checked against
  a local keystore)
* expiration

Finally, the assertion needs to be passed to the services (or the
services
need to be able to get a hold of it) so they can use it further.

Can someone tell me what in the use case above its possible and what now
currently and may be suggest implementation direction? Should I write
a custom handler if rampart doesn't support this? Does axis2/c allows
access to processed and unprocessed SOAP headers from within the
services?

Thanks in advance!!

George Stanchev


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If
you are not the intended recipient, please contact the sender by reply e-mail and destroy
all copies of the original message.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org


Mime
View raw message