axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Jayasekara <ami...@wso2.com>
Subject Re: Rampart Policy - how to introduce a supporting token
Date Thu, 03 Feb 2011 06:28:17 GMT
Hi Shyameni,
 Policy information is again process in the
org.apache.rampart.policy.RampartPolicyBuilder. In-fact this is the
place where we build RampartPolicyData object.
I am not sure what exactly going wrong in your setup. But its worth
looking RampartPolicyBuilder class also. Specially "build" and
"processSupportingTokens" methods.

Also, if possible send the complete policy file you are using.

Thanks
AmilaJ

On Thu, Feb 3, 2011 at 10:55 AM, Shyameni Wijekoon <shyameniw@gmail.com> wrote:
> Hi,
> I have debugged theAssertionBuilderFactory class and it successfully
> registers the OpenIDTokenBuilder and it is under the registeredBuilders
> object.
>
> But still the RampartPolicyData object does not contain the OpenID token as
> a Signed Supporting Token. What could possibly go wrong.
>
> we appreciate any assistance!
>
> On Thu, Feb 3, 2011 at 9:19 AM, Shyameni Wijekoon <shyameniw@gmail.com>
> wrote:
>>
>> hi,
>> What i meant by
>>
>> "But the problem is Rampart is not recognizing this new token as a
>>  SignedSupportingToken."
>>
>> is that in Rampart Policy data object (msgctx > rmd > rpd) OpenIDToken is
>> not under SignedSupporting Tokens.
>>
>> I will try bebugging the class you've mentioned and thanks for the reply.
>>
>> On Thu, Feb 3, 2011 at 8:37 AM, Amila Jayasekara <amilaj@wso2.com> wrote:
>>>
>>> On Wed, Feb 2, 2011 at 9:26 PM, Shyameni Wijekoon <shyameniw@gmail.com>
>>> wrote:
>>> > Hi,
>>> > We group of students of University of Moratuwa are working on a project
>>> > to integrate OpenID and WS-Security. We are planing to introduce a new
>>> > token
>>> > to rampart policy which wraps openid tokens. this new token will be
>>> > created
>>> > similar to the Username token.
>>> >
>>> > So far we have added
>>> >
>>> > a Model and
>>> > a Builder for this token and
>>> > added an entry in org.apache.neethi.builders.AssertionBuilder file.
>>> >
>>> > The policy.xml configurations are as follows.
>>> >
>>> > <sp:SignedSupportingTokens
>>> > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>> >             <wsp:Policy>
>>> >                 <sp:OpenIDToken
>>> >
>>> > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"
>>> > />
>>> >           </wsp:Policy>
>>> > </sp:SignedSupportingTokens>
>>> >
>>> > But the problem is Rampart is not recognizing this new token as a
>>> > SignedSupportingToken.
>>>
>>> "But the problem is Rampart is not recognizing this new token as a
>>>  SignedSupportingToken."
>>>
>>> Can you explain what exactly you meant by above statement ?
>>> Is it that,
>>>          1. OpenIDToken token is not loaded into the rampart ? OR
>>>          2. In the message generated, the openId token is not signed ?
>>>
>>> It seems you have done everything correctly in-order to load
>>> OpenIdToken in Rampart. To confirm this you can debug and have a break
>>> point in org.apache.neethi.AssertionBuilderFactory and check
>>> registeredBuilders map. If openId assertion builder is properly
>>> configured then it should appear in the registeredBuilders map.
>>>
>>> Thanks
>>> AmilaJ
>>>
>>> >
>>> > Is there any additional configurations we have to do in order to make
>>> > Rampart to recognize this OpenIDToken as a SignedSupporting Token
>>> >
>>> > we appreciate any assistance!
>>> >
>>> > --
>>> > Thanks and Regards,
>>> > Shyameni Wijekoon.
>>> >
>>> >
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>
>>
>>
>>
>> --
>> Thanks and Regards,
>> Shyameni Wijekoon.
>>
>
>
>
> --
> Thanks and Regards,
> Shyameni Wijekoon.
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message