Return-Path: 
 <axis-dev-return-24304-apmail-ws-axis-dev-archive=ws.apache.org@ws.apache.org>
Delivered-To: apmail-ws-axis-dev-archive@www.apache.org
Received: (qmail 5078 invoked from network); 14 Oct 2003 19:04:06 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 14 Oct 2003 19:04:06 -0000
Received: (qmail 70123 invoked by uid 500); 14 Oct 2003 19:03:53 -0000
Delivered-To: apmail-ws-axis-dev-archive@ws.apache.org
Received: (qmail 69951 invoked by uid 500); 14 Oct 2003 19:03:51 -0000
Mailing-List: contact axis-dev-help@ws.apache.org; run by ezmlm
Precedence: bulk
Reply-To: axis-dev@ws.apache.org
list-help: <mailto:axis-dev-help@ws.apache.org>
list-unsubscribe: <mailto:axis-dev-unsubscribe@ws.apache.org>
list-post: <mailto:axis-dev@ws.apache.org>
Delivered-To: mailing list axis-dev@ws.apache.org
Received: (qmail 69940 invoked from network); 14 Oct 2003 19:03:51 -0000
Message-ID: <20031014190356.18170.qmail@web12811.mail.yahoo.com>
Date: Tue, 14 Oct 2003 12:03:56 -0700 (PDT)
From: Davanum Srinivas <dims@yahoo.com>
Reply-To: dims@yahoo.com
Subject: Re: FW: WSS4J - WS-Security Implementation (was Re: axis-wsse)
To: axis-dev@ws.apache.org
In-Reply-To: <000001c39285$7a250ce0$238b77d8@devel>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Sanjesh,

In the long run, we should be able to do both (handler param as well as call's setproperty).
Patches against the code base in CVS would be REALLY welcome. 

-- dims

--- Sanjesh Pathak <sanjesh@soapknox.com> wrote:
> Dims,
> 
> I have been working on developing handlers to add UsernameToken header
> and also to do UsernameToken header authentication according to
> WS-Security spec. What I have done is similar to what Filippo is doing.
> The only difference is that I am trying to allow users to configure the
> UsernameToken header through handler's parameters. Filippo is doing
> through Call's setProperty method.
> 
> I wanted to do some more work on the UsernameToken header auhentication
> handler (WSSUsernameTokenAuthenticationHandler.java) before sending the
> code to the list. Since there is now interest on this subject I am
> sending it now. As it stands the authentication handler just shows a
> proof of concept that it is working. Although more work is needed on it.
> 
> I am sending the code here and would appreciate any feedback you might
> have on it. I am also going to look into your WSS4J code and see how I
> can integrate this into it.
> 
> Thanks,
> Sanjesh
> 
> 
> 
> -----Original Message-----
> From: Davanum Srinivas [mailto:dims@yahoo.com] 
> Sent: Tuesday, October 14, 2003 6:39 AM
> To: haddadc@apache.org; berin@ozemail.com.au; kiyer3@yahoo.com;
> Werner.Dittmann@siemens.com; moorebr@us.ibm.com; jlorgal@netscape.net;
> pankaj4oss@j2ee-security.net; joachim@progs.be;
> alerner@grandcentral.com; bhushank@wrq.com;
> vtpavan@vijayaba.cse.mrt.ac.lk; sanjesh@soapknox.com; ml@eley.it;
> prasanta@netscape.com; stefanhenke@gmx.de; Geza.Szocs@nokia.com;
> djm@it-innovation.soton.ac.uk; jgramlich@piocon.com; anne@manes.net;
> krishnakumarb@mindtree.com; anderson_jonathan@bah.com; steve@naweb.com;
> riho@cisco.com; nisha.menon@wipro.com; NBhatia@sapient.com
> Subject: Fwd: WSS4J - WS-Security Implementation (was Re: axis-wsse)
> 
> Folks,
> 
> Am not sure how many of you are following the Axis dev and user mailing
> lists actively. Am sending
> this email as you expressed interest in a WS-Security Impl at Apache
> (dug through the the mail
> archives to get harvest this list). I will not send any other email to
> you directly, discussions
> etc will be on Axis developers mailing list as usual.
> 
> Thanks,
> dims
> 
> --- Davanum Srinivas <dims@yahoo.com> wrote:
> > Date: Tue, 14 Oct 2003 05:14:15 -0700 (PDT)
> > From: Davanum Srinivas <dims@yahoo.com>
> > Subject: WSS4J - WS-Security Implementation (was Re: axis-wsse)
> > To: axis-dev@ws.apache.org
> > 
> > Filippo, Pankaj, Team,
> > 
> > To jumpstart work on WSS4J
> (http://nagoya.apache.org/wiki/apachewiki.cgi?SecurityProposal) i
> > have
> > checked in my sandbox code for WS-Security to ws-axis/contrib
> > (http://cvs.apache.org/viewcvs/ws-axis/contrib/wss4j/). Please feel
> free to send/commit patches
> > for codebase
> (http://nagoya.apache.org/wiki/apachewiki.cgi?AxisProjectPages/SubmitPat
> ches).
> > 
> > Thanks,
> > dims 
> > 
> > --- Filippo Vitale <ml@eley.it> wrote:
> > > Hi,
> > > I'm writing some Axis Handler for implementing the WS-Security spec.
> > > 
> > > In this moment I'm putting on-line the first release that cover the
> security
> > > token:
> > > "UsernameToken" in all the 4 password send technique described in
> the "Web
> > > Service security UsernameToken Profile - working draft 4, 11 August
> 2003".
> > > 
> > > I created also a sample for accessing "The Microsoft.com Web
> Service"
> > > (ws.microsoft.com) and a quick start at
> > > http://axis-wsse.sourceforge.net/#demo
> > > 
> > > I hope this work will be usefull to some developer.
> > > Apache Axis team, you can feel free to think about merging it to the
> Axis
> > > project.
> > > 
> > > Suggestions and comments are always welcome,
> > >     Filippo Vitale
> > > 
> > 
> > 
> > =====
> > Davanum Srinivas - http://webservices.apache.org/~dims/
> 
> 
> =====
> Davanum Srinivas - http://webservices.apache.org/~dims/
> 

> ATTACHMENT part 2 application/x-zip-compressed name=simple.zip



=====
Davanum Srinivas - http://webservices.apache.org/~dims/