axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruchith Fernando <ruchith.ferna...@gmail.com>
Subject Re: wss4j and axis2
Date Thu, 02 Feb 2006 15:45:48 GMT
Hi Brian,

Please see my comments below:

On 2/2/06, Brian Shields <brian.shields@geminga.it.nuigalway.ie> wrote:
> Hello,
> I am deploying security handlers in axis2. My question may be very
> simple, apologies if the answer is staring me in the face!!
> Where is the best place to include security tokens in the client? I have
> altered the axis2.xml file to include a parameters in the inflow and
> outflow..
> <parameter name="InflowSecurity">
>         <action>
>             <items>Timestamp</items>
>         </action>
>     </parameter>
>
>     <parameter name="OutflowSecurity">
>         <action>
>             <items>Timestamp</items>
>         </action>
>     </parameter>
>  From what i can make out, the outflowsecurity parmeter refers to any
> security tokens which will be added in the outflow of a service request
> and the inflowsecurity parameters are parameters which are expected for
> the service to be invoked?!?

Correct !!!

The above configuration will ensure that a Timestamp is added to the
outgoing message and it will require all incoming messages to contain
a Timestamp header.

> Where then are they applied to the client? Using the Options parameters?

With the Axis2-0.94 release we support setting the client parameters
in the axis2.xml of the client. And from the next release you will be
able to set the configuration via Options parameters (Using
org.apache.axis2.security.handler.config.InflowConfiguration and
org.apache.axis2.security.handler.config.OutflowConfiguration). This
feature is already available in the SVN HEAD.

Thanks,
Ruchith

> Thanks,
> Brian.
>
> --
> Brian Shields BSc. MSc.,
> PhD Candidate,
> Department of Information Technology,
> National University of Ireland,
> Galway,
> Ireland.
>

Mime
View raw message