axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davanum Srinivas <d...@yahoo.com>
Subject RE: FW: WSS4J - WS-Security Implementation (was Re: axis-wsse)
Date Tue, 21 Oct 2003 16:07:08 GMT
Sanjesh,

Updated CVS with your code. I just added TODO items for now, till i get more time to fix the
problems in axis (unable to set mustunderstand and actor). 

Thanks
-- dims

--- Sanjesh Pathak <sanjesh@soapknox.com> wrote:
> Hi Dims,
> 
> Here is my first attempt at building UsernameToken add and
> authentication handler. The zip file contains patch, handlers and a
> sample directory that tests it.
> 
> There is this one thing that needs to be tweaked and I need your help. I
> was not able to set mustunderstand and actor through SOAPHeaderElement
> in WSSUsernameTokenAddHandler (see comment in the code). Apart from that
> everything works fine.
> 
> This is the first time I have ever submitted code and patch to the list.
> So please go easy on me if there are any faults :)
> 
> Sanjesh
> 
> 
> -----Original Message-----
> From: Davanum Srinivas [mailto:dims@yahoo.com] 
> Sent: Tuesday, October 14, 2003 1:04 PM
> To: axis-dev@ws.apache.org
> Subject: Re: FW: WSS4J - WS-Security Implementation (was Re: axis-wsse)
> 
> Sanjesh,
> 
> In the long run, we should be able to do both (handler param as well as
> call's setproperty).
> Patches against the code base in CVS would be REALLY welcome. 
> 
> -- dims
> 
> --- Sanjesh Pathak <sanjesh@soapknox.com> wrote:
> > Dims,
> > 
> > I have been working on developing handlers to add UsernameToken header
> > and also to do UsernameToken header authentication according to
> > WS-Security spec. What I have done is similar to what Filippo is
> doing.
> > The only difference is that I am trying to allow users to configure
> the
> > UsernameToken header through handler's parameters. Filippo is doing
> > through Call's setProperty method.
> > 
> > I wanted to do some more work on the UsernameToken header
> auhentication
> > handler (WSSUsernameTokenAuthenticationHandler.java) before sending
> the
> > code to the list. Since there is now interest on this subject I am
> > sending it now. As it stands the authentication handler just shows a
> > proof of concept that it is working. Although more work is needed on
> it.
> > 
> > I am sending the code here and would appreciate any feedback you might
> > have on it. I am also going to look into your WSS4J code and see how I
> > can integrate this into it.
> > 
> > Thanks,
> > Sanjesh
> > 
> > 
> > 
> > -----Original Message-----
> > From: Davanum Srinivas [mailto:dims@yahoo.com] 
> > Sent: Tuesday, October 14, 2003 6:39 AM
> > To: haddadc@apache.org; berin@ozemail.com.au; kiyer3@yahoo.com;
> > Werner.Dittmann@siemens.com; moorebr@us.ibm.com; jlorgal@netscape.net;
> > pankaj4oss@j2ee-security.net; joachim@progs.be;
> > alerner@grandcentral.com; bhushank@wrq.com;
> > vtpavan@vijayaba.cse.mrt.ac.lk; sanjesh@soapknox.com; ml@eley.it;
> > prasanta@netscape.com; stefanhenke@gmx.de; Geza.Szocs@nokia.com;
> > djm@it-innovation.soton.ac.uk; jgramlich@piocon.com; anne@manes.net;
> > krishnakumarb@mindtree.com; anderson_jonathan@bah.com;
> steve@naweb.com;
> > riho@cisco.com; nisha.menon@wipro.com; NBhatia@sapient.com
> > Subject: Fwd: WSS4J - WS-Security Implementation (was Re: axis-wsse)
> > 
> > Folks,
> > 
> > Am not sure how many of you are following the Axis dev and user
> mailing
> > lists actively. Am sending
> > this email as you expressed interest in a WS-Security Impl at Apache
> > (dug through the the mail
> > archives to get harvest this list). I will not send any other email to
> > you directly, discussions
> > etc will be on Axis developers mailing list as usual.
> > 
> > Thanks,
> > dims
> > 
> > --- Davanum Srinivas <dims@yahoo.com> wrote:
> > > Date: Tue, 14 Oct 2003 05:14:15 -0700 (PDT)
> > > From: Davanum Srinivas <dims@yahoo.com>
> > > Subject: WSS4J - WS-Security Implementation (was Re: axis-wsse)
> > > To: axis-dev@ws.apache.org
> > > 
> > > Filippo, Pankaj, Team,
> > > 
> > > To jumpstart work on WSS4J
> > (http://nagoya.apache.org/wiki/apachewiki.cgi?SecurityProposal) i
> > > have
> > > checked in my sandbox code for WS-Security to ws-axis/contrib
> > > (http://cvs.apache.org/viewcvs/ws-axis/contrib/wss4j/). Please feel
> > free to send/commit patches
> > > for codebase
> >
> (http://nagoya.apache.org/wiki/apachewiki.cgi?AxisProjectPages/SubmitPat
> > ches).
> > > 
> > > Thanks,
> > > dims 
> > > 
> > > --- Filippo Vitale <ml@eley.it> wrote:
> > > > Hi,
> > > > I'm writing some Axis Handler for implementing the WS-Security
> spec.
> > > > 
> > > > In this moment I'm putting on-line the first release that cover
> the
> > security
> > > > token:
> > > > "UsernameToken" in all the 4 password send technique described in
> > the "Web
> > > > Service security UsernameToken Profile - working draft 4, 11
> August
> > 2003".
> > > > 
> > > > I created also a sample for accessing "The Microsoft.com Web
> > Service"
> > > > (ws.microsoft.com) and a quick start at
> > > > http://axis-wsse.sourceforge.net/#demo
> > > > 
> > > > I hope this work will be usefull to some developer.
> > > > Apache Axis team, you can feel free to think about merging it to
> the
> > Axis
> > > > project.
> > > > 
> > > > Suggestions and comments are always welcome,
> > > >     Filippo Vitale
> > > > 
> > > 
> > > 
> > > =====
> > > Davanum Srinivas - http://webservices.apache.org/~dims/
> > 
> > 
> > =====
> > Davanum Srinivas - http://webservices.apache.org/~dims/
> > 
> 
> > ATTACHMENT part 2 application/x-zip-compressed name=simple.zip
> 
> 
> 
> =====
> Davanum Srinivas - http://webservices.apache.org/~dims/
> 

> ATTACHMENT part 2 application/x-zip-compressed name=code.zip



=====
Davanum Srinivas - http://webservices.apache.org/~dims/

Mime
View raw message