axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nencho Lupanov" <nencholupa...@googlemail.com>
Subject Transport Binding fixed, please review
Date Fri, 01 Jun 2007 07:03:21 GMT
Hi all,

I've managed to configure ssl on the client side in order to activate a
transport binding policy.
The client request is automated - a modified rampart reads a rampart policy
in order to apply
jsse properties to the vm. The rampart policy info looks like this for the
transport binding(ssl):


<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">

    <ramp:user>alice</ramp:user>
    <ramp:passwordCallbackClass>
org.apache.rampart.samples.policy.sample01.PWCBHandler
</ramp:passwordCallbackClass>

    <ramp:sslConfig>
        <ramp:property name="javax.net.ssl.keyStoreType">JKS</ramp:property>
        <ramp:property name="javax.net.ssl.keyStorePassword
">apache</ramp:property>
        <ramp:property name="javax.net.ssl.keyStore
">D:\\policy\\trustStore\\clientKS.jks</ramp:property>
        <ramp:property name="javax.net.ssl.trustStore
">D:\\policy\\trustStore\\clientKS.jks</ramp:property>
        <ramp:property
name="javax.net.ssl.trustStorePassword">apache</ramp:property>

    </ramp:sslConfig>

</ramp:RampartConfig>



As you can see, there is a new configuration element - sslConfig(maybe we
better call that jsseConfig or just jsse).

there is also a class SSLConfigBuilder that reads the properties and set's
them like this:

System.*setProperty*(property_name, property_value);

Can you review if this is ok.I intend to propose it as a patch?Is the policy
config ok?Does it need something in addition?Could someone change the
rampart policy schema in order to affect those changes?

Thanks,

Nencho

Mime
View raw message