Return-Path: X-Original-To: apmail-axis-java-dev-archive@www.apache.org Delivered-To: apmail-axis-java-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D44C46549 for ; Mon, 25 Jul 2011 12:39:34 +0000 (UTC) Received: (qmail 11783 invoked by uid 500); 25 Jul 2011 12:39:33 -0000 Delivered-To: apmail-axis-java-dev-archive@axis.apache.org Received: (qmail 11639 invoked by uid 500); 25 Jul 2011 12:39:33 -0000 Mailing-List: contact java-dev-help@axis.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: java-dev@axis.apache.org Delivered-To: mailing list java-dev@axis.apache.org Received: (qmail 11626 invoked by uid 99); 25 Jul 2011 12:39:32 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Jul 2011 12:39:32 +0000 X-ASF-Spam-Status: No, hits=-2001.2 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.116] (HELO hel.zones.apache.org) (140.211.11.116) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Jul 2011 12:39:31 +0000 Received: from hel.zones.apache.org (hel.zones.apache.org [140.211.11.116]) by hel.zones.apache.org (Postfix) with ESMTP id 4735384C0F for ; Mon, 25 Jul 2011 12:39:11 +0000 (UTC) Date: Mon, 25 Jul 2011 12:39:11 +0000 (UTC) From: "Gergan Dimitrov (JIRA)" To: java-dev@axis.apache.org Message-ID: <880428016.3657.1311597551288.JavaMail.tomcat@hel.zones.apache.org> In-Reply-To: <2143688620.3639.1311597190064.JavaMail.tomcat@hel.zones.apache.org> Subject: [jira] [Updated] (RAMPART-335) X509V3 KeyIdentifier cannot be set dynmaically MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/RAMPART-335?page=3Dcom.atlassi= an.jira.plugin.system.issuetabpanels:all-tabpanel ] Gergan Dimitrov updated RAMPART-335: ------------------------------------ Attachment: patch.txt Patch fixing this issue, SVN revision 1150660 > X509V3 KeyIdentifier cannot be set dynmaically > ---------------------------------------------- > > Key: RAMPART-335 > URL: https://issues.apache.org/jira/browse/RAMPART-335 > Project: Rampart > Issue Type: Improvement > Affects Versions: 1.6.0 > Reporter: Gergan Dimitrov > Attachments: patch.txt > > Original Estimate: 1h > Remaining Estimate: 1h > > Hi all, > for our SOA solution, we use AXIS2 and Rampart for security. But we confi= gure the rampart policy at runtime, because we support different users with= different security settings and preferences. Therefore, we use classes fro= m the Rampart api as AsymmetricBinding, X509Token, etc. to configure. So, w= e need to support with ValueType=3D"http://docs.oasis-= open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3". Unfor= tunately, we are not able to do so through the api, because we use the X509= Token.require* methods to specify how the certificate is referenced. And we= have only the option setRequireKeyIdentifierReference(), which by default = uses SubjectKeyIdentifer, which is implemented in the RampartUitl class. Th= erefore, I think the API can be extended with method such as setRequireX509= V3KeyIdentifierReference, and the RampartUtil.setKeyIdentifierType method t= o be extended, so that it can set the WSConstants.X509_KEY_IDENTIFIER. The = code changes are really small, and I am ready to provide patch for this. Of= course, it could be better to extend the api to support providing the Valu= eType as parameter, rather than using boolean flags, but I leave this decis= ion up to you.=20 > Thank for your time and attention. > Regards, > Gergan Dimitrov. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org For additional commands, e-mail: java-dev-help@axis.apache.org