axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dimuthu <muthu...@apache.org>
Subject Re: Transport Binding fixed, please review
Date Fri, 01 Jun 2007 12:57:40 GMT
Hi Nencho,

+1 for the proposed fix.
+1 for the name "sslConfig". 

Please attach a patch.

Thank you,
Dimuthu

On Fri, 2007-06-01 at 10:03 +0300, Nencho Lupanov wrote:
> Hi all,
> 
> I've managed to configure ssl on the client side in order to activate a
> transport binding policy.
> The client request is automated - a modified rampart reads a rampart policy
> in order to apply
> jsse properties to the vm. The rampart policy info looks like this for the
> transport binding(ssl):
> 
> 
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> 
>     <ramp:user>alice</ramp:user>
>     <ramp:passwordCallbackClass>
> org.apache.rampart.samples.policy.sample01.PWCBHandler
> </ramp:passwordCallbackClass>
> 
>     <ramp:sslConfig>
>         <ramp:property name="javax.net.ssl.keyStoreType">JKS</ramp:property>
>         <ramp:property name="javax.net.ssl.keyStorePassword
> ">apache</ramp:property>
>         <ramp:property name="javax.net.ssl.keyStore
> ">D:\\policy\\trustStore\\clientKS.jks</ramp:property>
>         <ramp:property name="javax.net.ssl.trustStore
> ">D:\\policy\\trustStore\\clientKS.jks</ramp:property>
>         <ramp:property
> name="javax.net.ssl.trustStorePassword">apache</ramp:property>
> 
>     </ramp:sslConfig>
> 
> </ramp:RampartConfig>
> 
> 
> 
> As you can see, there is a new configuration element - sslConfig(maybe we
> better call that jsseConfig or just jsse).
> 
> there is also a class SSLConfigBuilder that reads the properties and set's
> them like this:
> 
> System.*setProperty*(property_name, property_value);
> 
> Can you review if this is ok.I intend to propose it as a patch?Is the policy
> config ok?Does it need something in addition?Could someone change the
> rampart policy schema in order to affect those changes?
> 
> Thanks,
> 
> Nencho


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-dev-help@ws.apache.org


Mime
View raw message