axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <>
Subject Selecting policy version for a given secure conversation scenario
Date Sun, 16 Jan 2011 16:36:57 GMT
Hi All,

Rampart supports 2 versions of policy specs.
They are,
   1.WS - Security Policy - 1.1 - July 2005
   2. WS - Security Policy - 1.2

For secure conversation Rampart uses following namespaces irrespective
of the policy version used.
          addressing -
          secure conversation -
          trust -

But above namespaces are only defined in "WS - Security Policy - 1.1 -
July 2005" specification. (Which is a non standard specification)

Standard policy specification (WS - Security Policy - 1.2) mentioned
following namespaces for above specifications,
          addressing -
          secure conversation -
          trust -

But current implementation does not take care about the policy version
and always goes with the namespaces defined for "WS - Security Policy
- 1.1 - July 2005".
This behaviour is reported in issue [1].

What is the best way to decide which namespace to be used in a secure
conversation scenario ? (for addressing, secure conversation and trust

IMO, we should select namespaces based on the policy version. i.e.
select namespace for addressing,
if the policy version is standard, else select as addressing version
if the policy refers to July 2005 spec.

Please give feedback on how to select namespace version for a given scenario.


Thank you

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message