axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dennis Sosnoski <...@sosnoski.com>
Subject Re: [Axis2] Configure Rampart dynamically
Date Mon, 21 Aug 2006 06:51:11 GMT
Hi Ruchith,

I'd looked at these samples before writing my email. It's not very clear 
from the presentation slides exactly what some of the samples are doing, 
so I hadn't realized this one matched what I was looking for.

In any case, I'd already decided to switch to just using WSS4J directly. 
For what I'm doing the Axis2 benefits would have been minimal, and using 
WSS4J directly gives me full control over the security details. I was 
surprised that I immediately ran into a bug in WSS4J, but I fixed it and 
now everything looks good.

  - Dennis

Ruchith Fernando wrote:
> Hi Dennis,
>
> Please have a look at Sample 11 in the samples provided with this [1]
> presentation. That has answers to both questions.
>
> Thanks,
> Ruchith
>
> [1] 
> http://www.wso2.net/presentations/wss4j/java/2006/08/04/apache-rampart
>
> On 8/17/06, Dennis Sosnoski <dms@sosnoski.com> wrote:
>> Hi Ruchith,
>>
>> I've been trying to do some similar things with Rampart, and running
>> into a few unknowns. First off, how do I set the configuration to do
>> multiple steps in the outflow and inflow? In my case, I need to sign the
>> outgoing message with my local private key, then encrypt with the
>> server's public key (from the certificate in my keystore).
>>
>> Secondly, how do I control the type of SecurityTokenReference used in
>> the message? By default I get an X509Data with X509IssuerSerial; I'd
>> prefer to use a KeyIdentifier instead. I tried:
>>
>>   
>> ofc.setSignatureKeyIdentifier(WSSHandlerConstants.X509_KEY_IDENTIFIER);
>>
>> But this didn't appear to have any effect.
>>
>>   - Dennis
>>
>> Dennis M. Sosnoski
>> SOA, Web Services, and XML
>> Training and Consulting
>> http://www.sosnoski.com - http://www.sosnoski.co.nz
>> Seattle, WA +1-425-296-6194 - Wellington, NZ +64-4-298-6117
>>
>>
>>
>> Ruchith Fernando wrote:
>> > Please add the axis2-security-SNAPSHOT.jar [1] into your classpath to
>> > access the OutflowConfiguration/InflowConfiguration classes.
>> >
>> > Latest rampart-SNAPSHOT.mar is available here : [2].
>> >
>> > Thanks,
>> > Ruchith
>> >
>> > [1]
>> > 
>> http://people.apache.org/repository/axis2/jars/axis2-security-SNAPSHOT.jar 
>>
>> >
>> > [2] 
>> http://people.apache.org/repository/axis2/mars/rampart-SNAPSHOT.mar
>> >
>> > On 8/10/06, Brecht Yperman <Brecht.Yperman@invenso.com> wrote:
>> >> Ok,
>> >>
>> >> Apparently I'm shit at using Axis2, no progress last two days...
>> >>
>> >> Where can I find the latest rampart.mar-build?
>> >> Can I rename the .mar-file to .jar and add it to my build path (to 
>> use
>> >> the OutflowConfiguration class)?
>> >>
>> >> Thanks,
>> >> Brecht
>> >>
>> >> -----Original Message-----
>> >> From: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
>> >> Sent: donderdag 10 augustus 2006 10:02
>> >> To: axis-user@ws.apache.org
>> >> Subject: Re: [Axis2] Configure Rampart dynamically
>> >>
>> >> Hi Brecht,
>> >>
>> >> Yes it is possible. Please see here:
>> >> http://marc.theaimsgroup.com/?l=axis-user&m=115517624610919&w=2
>> >>
>> >> Thanks,
>> >> Ruchith
>> >>
>> >> On 8/10/06, Brecht Yperman <Brecht.Yperman@invenso.com> wrote:
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > Hi,
>> >> >
>> >> >
>> >> >
>> >> > how do I configure Rampart dynamically?
>> >> >
>> >> >
>> >> >
>> >> > I tried something like this, but it does not work...
>> >> >
>> >> >
>> >> >
>> >> > private void configureSecurity(ServiceClient client) throws 
>> AxisFault
>> >> {
>> >> >
>> >> >             if (true /*security == on*/) {
>> >> >
>> >> >                   Parameter parm = new Parameter();
>> >> >
>> >> >                   parm.setName("OutflowSecurity");
>> >> >
>> >> >
>> >> >
>> >> >                   OMFactory fact = 
>> OMAbstractFactory.getOMFactory();
>> >> >
>> >> >
>> >> >
>> >> >                   OMNamespace emptyNS = 
>> fact.createOMNamespace(null,
>> >> "");
>> >> >
>> >> >                   OMElement actionEl = 
>> fact.createOMElement("action",
>> >> > emptyNS);
>> >> >
>> >> >
>> >> >
>> >> >                   OMElement itemsEl = fact.createOMElement("items",
>> >> > emptyNS);
>> >> >
>> >> >                   itemsEl.setText("UsernameToken");
>> >> >
>> >> >                   actionEl.addChild(itemsEl);
>> >> >
>> >> >
>> >> >
>> >> >                   OMElement userEl = fact.createOMElement("user",
>> >> emptyNS);
>> >> >
>> >> >                   userEl.setText("bob");
>> >> >
>> >> >                   actionEl.addChild(userEl);
>> >> >
>> >> >
>> >> >
>> >> >                   OMElement pwCbEl =
>> >> > fact.createOMElement("passwordCallbackClass", emptyNS);
>> >> >
>> >> >                   pwCbEl.setText("CallbackHandler");
>> >> >
>> >> >                   actionEl.addChild(pwCbEl);
>> >> >
>> >> >
>> >> >
>> >> >                   parm.setParameterElement(actionEl);
>> >> >
>> >> >
>> >> >
>> >> >                   client.engageModule(new QName("rampart-1.0"));
>> >> >
>> >> >             }
>> >> >
>> >> >       }
>> >> >
>> >> >
>> >> >
>> >> > Thanks,
>> >> >
>> >> > Brecht
>> >> >
>> >> >
>> >> >
>> >> > Invenso - The "Integration Software" specialists.
>> >> >  _____________________________________________
>> >> >
>> >> > Brecht Yperman
>> >> >  Development team
>> >> >
>> >> >  Direct: +32 (0)3 780 30 05
>> >> >  Email: brecht.yperman@invenso.com
>> >> >
>> >> > INVENSO bvba
>> >> >  Industriepark-West 75
>> >> >  9100 Sint-Niklaas
>> >> >  Belgium - Europe
>> >> >
>> >> >  Phone: +32 (0)3 780 30 02
>> >> >  Fax: +32 (0)3 780 30 03
>> >> >  Email: info@invenso.com
>> >> >  Website: www.invenso.com
>> >> >
>> >> > "E-mail disclaimer: This e-mail, and any attachments thereto, is
>> >> intended
>> >> > only for use by the addressee(s) named herein and may contain 
>> legally
>> >> > privileged and/or confidential information. If you are not the
>> >> intended
>> >> > recipient, please note that any review, dissemination, disclosure,
>> >> > alteration, printing, copying or transmission of this e-mail and/or
>> >> any file
>> >> > transmitted with it, is strictly prohibited and may be unlawful. If
>> >> you have
>> >> > received this e-mail by mistake, please immediately notify the 
>> sender
>> >> and
>> >> > permanently delete the original as well as any copy of any 
>> e-mail and
>> >> any
>> >> > printout thereof."
>> >> >
>> >> >
>> >>
>> >>
>> >> --
>> >> www.ruchith.org
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message