axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nencho Lupanov" <nencholupa...@googlemail.com>
Subject Re: TransportBinding
Date Tue, 29 May 2007 12:58:32 GMT
Hi Dimuthu,

Consider the same client using another service/policy with transport
binding, then it needs
different values, of cource it will overwrite the prevous one but more clear
approach will be to clear the values when not needed any more.
Anyway this is not such a big concern right one, you are right that we can
go for it and just set them every time when we found appropriate rampart
configuration.So this properties shoud be set by the rampart modle itself
right?

Regards,
Nencho


2007/5/29, Dimuthu <muthulee@apache.org>:
>
> Hi Nencho,
>
> My opinion is that we should not un-set the values. Why? According to
> the sec-policy spec, message security will always be provided at the
> transport level as long as Transport binding is used. So as long as we
> are switching on HTTPS, when Transport binding is in use, then things
> should be fine. However Rampart user should be able to configure these
> parameters. These are my thoughts :-).
>
> Regards,
> Dimuthu
>
>
> On Tue, 2007-05-29 at 12:50 +0300, Nencho Lupanov wrote:
> > Hi dimuthu,
> >
> > I've managed to run the Transportbinding sample by generating the
> > keystore for the client,
> > importing the server certificate and setting the properties above.Yes
> > i think that can be automated in rampart but my question is:
> > if we set those properties,when do we un-set them?
> >
> > Regards,
> > Nencho
> >
> >
> >
> > 2007/5/16, Dimuthu <muthulee@apache.org>:
> >         Hi Nencho,
> >
> >         Couple of hours ago I was looking at how to configure ssl in
> >         Axis2
> >         client side becuase of Rampart-42.  I found this article [1].
> >         Basically
> >         if you have JSSE, set the following four parameters in the
> >         client side
> >         properly and things should work smoothly when you give the EPR
> >         correctly.
> >
> >         System.setProperty("javax.net.ssl.keyStorePassword",
> >         "password");
> >         System.setProperty("javax.net.ssl.keyStoreType", "JKS");
> >         System.setProperty("javax.net.ssl.trustStore",
> >         "client-truststore.jks");
> >         System.setProperty("javax.net.ssl.trustStorePassword ",
> >         "trustPass");
> >
> >         I haven't tried it. But it should work.
> >
> >         By the way regarding Rampart-42, we can automate the client
> >         side SSL
> >         configuration as much as possible in the Rampart when it comes
> >         to
> >         TransportBinding assertion, but serverside has to be handled
> >         manually.
> >         What do you think? I don't see a better solution.
> >
> >         Cheers,
> >         Dimuthu
> >
> >         [1]http://java.sun.com/products/jsse/INSTALL.html
> >
> >
> >         On Wed, 2007-05-16 at 13:33 +0300, Nencho Lupanov wrote:
> >         > Hi all,
> >         >
> >         > I am testing the TransportBinding assertion with
> >         UsernameToken.
> >         > Do I need some furthure configuration on tomcat in order to
> >         enable ssl?
> >         > I already configured ssl on port 9443.Is that enough?
> >         >
> >         > Does the enpoint needs to use this port?Do I only have to
> >         change the port at
> >         > the endpoint or something?
> >         >
> >         > Thanks,
> >         > Nencho
> >
> >
> >
> ---------------------------------------------------------------------
> >         To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
> >         For additional commands, e-mail: axis-dev-help@ws.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-dev-help@ws.apache.org
>
>

Mime
View raw message