Return-Path: 
 <axis-user-return-6829-apmail-xml-axis-user-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-axis-user-archive@xml.apache.org
Received: (qmail 15904 invoked by uid 500); 3 Sep 2002 15:33:39 -0000
Mailing-List: contact axis-user-help@xml.apache.org; run by ezmlm
Precedence: bulk
Reply-To: axis-user@xml.apache.org
list-help: <mailto:axis-user-help@xml.apache.org>
list-unsubscribe: <mailto:axis-user-unsubscribe@xml.apache.org>
list-post: <mailto:axis-user@xml.apache.org>
Delivered-To: mailing list axis-user@xml.apache.org
Received: (qmail 15855 invoked from network); 3 Sep 2002 15:33:38 -0000
Date: Tue, 3 Sep 2002 11:33:38 -0400 (EDT)
From: arh14@cornell.edu
X-Sender: arh14@travelers.mail.cornell.edu
To: axis-user@xml.apache.org
Subject: Custom security
Message-ID: 
 <Pine.SOL.3.91.1020903111511.26340H-100000@travelers.mail.cornell.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Status: O
X-Status: 
X-Keywords: 


Hello all,

  I have just begun digging into Axis to see if it is feasible to 
implement transparent Kerberos security.  It appears as if I can register 
handlers to append credentials after a call is invoked on the client, and 
authenticate credentials before the call is invoked on the server.  
However, there seem to be many places in which to register handlers (and 
in fact the Axis engines themselves are handlers!), and I am not sure 
where to start.  I have looked at the examples and understand how the 
WSDD config document is loaded, but I would rather make this as 
transparent to the developer as possible, and manually register handlers in 
special subclasses (instead of forcing the use of arbitrary XML 
configuration files or strings)...unfortunately I don't see where the WSDD 
config is sticking the handlers it reads out of the file.  There seem to be 
two places to register handlers on the client:  1) Through overriding (I can 
see no other way) the AxisEngine to return your handlers in getGlobalRequest 
and getGlobalResponse methods 2) through calling getHandlerRegistry on the 
Service object...however this API only gets/sets a list of HandlerInfoS, so 
I'm not sure where to actually stick the handler.

The second requirement I have is to be able to encrypt the SOAP request.  
The best bet looks to me to subclass the Message object which the Call 
sticks in the MessageContext, and override the 'writeTo' method, and 
simply write the encrypted bytes.  This is called by HTTPSender.  However 
I see no HTTPReceiver analogue on the server side, by which I can 
transparently decrypt the contents of the message before it is interpreted.

Any advice?

Aaron Hamid
CIT/I&D
Cornell University

Flow:

* client creates KerberizedService (** client handler is registered?? **)
* client gets KerberizedCall through createCall
  KerberizedCall overrides setRequestMessage() to use Message subclass 
which encrypts upon writeTo
* somehow add credentials to message context/headers
* HTTPSender sends request and contents are encrypted from writeTo

* server receives request, authenticates credentials in headers, and 
decrypts body (** authentication must occur before decryption... 
apparently no hook prior to XML parsing?? **)
* encryption key is stashed (probably in MessageContext)
* reverse process ensues to encrypt the contents again on the way out

* client receives response and decrypts it