axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Jordahl <>
Subject RE: WS-security
Date Mon, 09 Dec 2002 16:19:10 GMT

Make sure you take a look at the XML-Sec stuff already built in to Axis that supports digitally
signing messages.

Get together and work as a team on this, that's the Apache way.  We use axis-dev and IRC to
communicate between team members, so you should not be afraid to jump in and start talking.

Axis can always use more developers/committers.

Tom Jordahl
Macromedia Server Development

-----Original Message-----
From: Darren Marvin []
Sent: Monday, December 09, 2002 11:13 AM
Subject: FW: WS-security


I have also written (as part of company projects) some axis handlers for digitally signing
and verifying messages based on suggestions in the W3C SOAP Digital Signature Note. They are
completely reusable and open source. It is slightly different from the XML Signature stuff
proposed for WS-Security but is not inconsistent. We have used HTTPS to provide a secure channel
but are interested in using XML Encryption instead with a view to adopting WS-Security and
later OGSA Grid Security Specifications. I would be interested in helping out with any extensions
to Axis, although some restrictions may exist over the stuff already created.



-----Original Message-----
From: Joachim (PROGS) []
Sent: 09 December 2002 15:50
Subject: Re: WS-security

> This is a great idea. Maybe I can help too. I just wrote
>some handlers that can digitally sign/verify messages. The truth is that
>they contain project-specific code, but this can be removed.
>I'm using apache-xml-security framework but the handlers
>support WS-Security and WSS-Core recommendations.[ Well "support"
>may be too strong, but anyway - they try ... :) ]

That is basically the kind of functionality I would need. So your code may
just about fit my requiremenents, and be a good start to have full support.


View raw message