axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mauro Brasil <mauro.bra...@piscar.com.br>
Subject Problems with rampartc token reference...
Date Wed, 02 Mar 2011 12:57:40 GMT
Hello there!

I'm trying to improve security on a application suite we have here by adding
ws-security encryption. We were using just ws-security's Username Token for
authentication, but now we need to encrypt message's content because some
sensitive information will be added to it.

We use JBossWS running on "JBoss-4.2.3.GA" at server side and
axis2c/rampartc on clients side.

First problems we detected was the absense of tokenReference configuration
what led us to a clear message on server "Invalid message,
SecurityTokenRefence is empty".
Having a closer look at JBossWS configuration I've noticed that it accepts 3
types of token references, that are: directReference *(default*),
keyIdentifier and x509IssuerSerial.


I couldn't find a usable rampartc policy file configuration for first option
"directReference" and I'm not sure if it's provided at all. I've found a
reference for second option "keyIdentifier" but the addition on policy file
(through "<sp:RequireKeyIdentifierReference/>" tag) resulted again on empty
SecurityTokenReference, and the last option "x509IssuerSerial" works for
rampartc but server refuses it.

So, I would like to ask someone about the other two options
"directReference" and "keyIdentifier" token references. Does anyone know how
to config rampartc policy file to send those kind of token references?

Note.: I'm using axis2c version 1.6.0 and rampartc version 1.3.0.

Thanks a lot and best regards,
Mauro.

Mime
View raw message