axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aleksander Slominski <as...@cs.indiana.edu>
Subject Re: AW: AW: AW: WSS4J - WS-Security Implementation
Date Fri, 31 Oct 2003 17:55:03 GMT
Dittmann Werner wrote:

>easy. WSS4J is (will be :-)  ) an implementation of the OASIS
>WS Security specifications and is mainly based on the Apache
>XML Sceurity project.
>
>WSS4J takes SOAP Envelopes and signs and/or encrypts the contents
>of it (also decrypts/verifies). Thus it is a generic tools that
>works on SOAP Enevlopes only and this is independent of Axis.
>  
>
hi Werner,

let me know when it is done (or if you get problems i can help). i would like to be able to
drop WSS4J into my WS/XML Util library as pluggable module.

>To use WSS4J there are Axis handlers in the request/response
>flow that take the SOAP Envelope of the message and let it
>process by WSS4J.
>
>And yes - there are very expensive transformations happening
>during that siging/encryption processing. That is the way the
>XML security is specified - you know: security is expensive :-)
>
>  
>
do you know any benchmarks - i have seen results indicating it is by 
order of magnitude slower to use XML signatures (100 smal SOAP msg 
reqs/sec vs 10 or less).

thanks,

alek

>  
>
>>-----Ursprüngliche Nachricht-----
>>Von: Glen Daniels 
>>[mailto:glen+dated+1067967027.d224f4@thoughtcraft.com] 
>>Gesendet: Donnerstag, 30. Oktober 2003 18:30
>>An: axis-dev@ws.apache.org; dims@yahoo.com
>>Betreff: Re: AW: AW: WSS4J - WS-Security Implementation
>>
>>
>>Hm - let me make sure I'm understanding this correctly 
>>(apologies if I'm
>>not).
>>
>>What exactly does this implementation DO if it's not coupled to Axis
>>(disclaimer - I have not looked at the code yet)?  There are 
>>entry points
>>which take a SOAP envelope as a DOM or something, and then 
>>spit out more
>>DOM?  This seems really wrong to me if so - what's the point 
>>of having a web
>>service engine if we have to write extensions for it in some kind of
>>genericized way which causes potentially expensive transformations...?
>>
>>--Glen
>>
>>----- Original Message ----- 
>>From: "Davanum Srinivas" <dims@yahoo.com>
>>To: <axis-dev@ws.apache.org>
>>Sent: Thursday, October 30, 2003 12:03 PM
>>Subject: Re: AW: AW: WSS4J - WS-Security Implementation
>>
>>
>>    
>>
>>>+1. Sounds great!!!
>>>
>>>-- dims
>>>
>>>--- Dittmann Werner <werner.dittmann@siemens.com> wrote:
>>>      
>>>
>>>>an intermediate step was checked in by Dims yesterday.
>>>>As soon as I'm ready with the split I will hand it
>>>>over for checkin.
>>>>
>>>>However, I didn't enhance the wss4j functions, just
>>>>"decoupled" it from basic Axis. The wss4j enhancements
>>>>are next.
>>>>
>>>>Regards,
>>>>Werner
>>>>
>>>>        
>>>>
>>>>>-----Ursprüngliche Nachricht-----
>>>>>Von: Aleksander Slominski [mailto:aslom@cs.indiana.edu]
>>>>>Gesendet: Donnerstag, 30. Oktober 2003 17:13
>>>>>An: axis-dev@ws.apache.org
>>>>>Betreff: Re: AW: WSS4J - WS-Security Implementation
>>>>>
>>>>>
>>>>>Dittmann Werner wrote:
>>>>>
>>>>>          
>>>>>
>>>>>>Dims,
>>>>>>
>>>>>>I hacked the wss4j basic code to be independent of Axis, i.e
>>>>>>all files in org/apache/ws/security except the *Handler.java
>>>>>>files do not contain any refences to basic Axis 
>>>>>>            
>>>>>>
>>classes anymore.
>>    
>>
>>>>>>After that I would propose to move the Axis dependent handlers
>>>>>>to a spearate directory. My idea is to move them to a 
>>>>>>            
>>>>>>
>>new directory
>>    
>>
>>>>>>"org/apache/ws/Axis" (probably with a substructure) so that
>>>>>>org/apache/ws/security/* contains the pure wss4j 
>>>>>>            
>>>>>>
>>implementation.
>>    
>>
>>>>>>Any ideas?
>>>>>>
>>>>>>
>>>>>>            
>>>>>>
>>>>>hi Werner,
>>>>>
>>>>>i think this is great step in direction of making 
>>>>>          
>>>>>
>>things modular and
>>    
>>
>>>>>pluggable. did you put updated code somewhere?
>>>>>
>>>>>thanks,
>>>>>
>>>>>alek
>>>>>
>>>>>-- 
>>>>>If everything seems under control, you're just not going fast
>>>>>enough. -Mario Andretti
>>>>>
>>>>>
>>>>>          
>>>>>
>>>=====
>>>Davanum Srinivas - http://webservices.apache.org/~dims/
>>>
>>>
>>>      
>>>
>
>  
>


-- 
If everything seems under control, you're just not going fast enough. —Mario Andretti



Mime
View raw message