axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pete <pwkp...@yahoo.com>
Subject Re: Encryption configuration problems
Date Tue, 04 Dec 2007 13:45:42 GMT
Thanks for the reply Nandana.

You have the scenario correct... Except, it could also be the same request going to multiple
endpoints, each request needs to be encrypted differently.

I am going to a policy configuration because OutflowConfiguration (and InflowConfiguration)
are deprecated.

Your policy configuration example is perfect, is there some javadoc on the RampartConfig and
related classes? Nothing came with the 1.3 zipped release. Hope I'm not missing something
obvious.

I appreciate the help!

-P



----- Original Message ----
From: Nandana Mihindukulasooriya <nandana.cse@gmail.com>
To: axis-user@ws.apache.org
Sent: Tuesday, December 4, 2007 12:33:26 AM
Subject: Re: Encryption configuration problems


Hi,
    If I got the scenario correct, what you want is to encrypt different requests ( to different
endpoints ) with different
certificates, right ?
     Which certificate to use in encryption is defined in the property "encryptionUser". This
can be set programatically

in both basic configuration and policy based configuration. We have to set the correct certificate
alias as the  "encryptionUser"
property.

In basic configuration,

OutflowConfiguration ofc = new OutflowConfiguration();

ofc.setEncryptionUser("XXX");
options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY, ofc);

In policy based configuration,
      
StAXOMBuilder builder = new StAXOMBuilder(xmlPath);

      Policy policy = PolicyEngine.getPolicy(builder.getDocumentElement());

      RampartConfig rampartConfig = new RampartConfig();
      rampartConfig.setUser("Alan");
      rampartConfig.setEncryptionUser

("Someone");
      ...      
      rampartConfig.setSigCryptoConfig(sigCryptoConfig);
      rampartConfig.setEncrCryptoConfig(encrCrypto);

      policy.addAssertion(rampartConfig); 










On Nov 29, 2007 11:56 PM, Pete <pwkpete@yahoo.com> wrote:

Hello all,

Currently I have my client encrypting AXIS2 SOAP messages with the same key to all endpoints.
(Axis2/Rampart v1.3)


The problem is that we would like each destination to use a different key.

The service is the same (same WSDL) at each endpoint and other than the IP/port.
(Same service definition, multiple endpoints each with a unique key)

Programatically I know where to route it and set the endpoint, however I am having difficulties
setting up the encryption values on the fly.


I see that OutflowSecurity is deprecated.
I've also tried manually building the XML OutflowSecurityParameter and setting it in the options
before enabling rampart. That didn't go over well...

        Parameter p = new Parameter("OutflowSecurity", "
Encryptmykeyclient.propertieshttp://www.w3.org/2001/04/xmlenc#tripledes-cbc");
        stub._getServiceClient().getAxisConfiguration().addParameter(p);

I've looked at the examples and searched for a decent tutorial on WS-Policy using 
policy.xml for configuration. What I have found, does not lead me to believe that it will
give me the right solution. Maybe I'm not finding the right answer or asking the right question?!
I really haven't found a good reference to using 
policy.xml that I can relate to. (decode)

Any assistance would be greatly appreciated. Thanks!
-P




      ____________________________________________________________________________________

Never miss a thing.  Make Yahoo your home page.
http://www.yahoo.com/r/hs

---------------------------------------------------------------------
To unsubscribe, e-mail: 
axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org












      ____________________________________________________________________________________
Be a better sports nut!  Let your teams follow you 
with Yahoo Mobile. Try it now.  http://mobile.yahoo.com/sports;_ylt=At9_qDKvtAbMuh1G1SQtBI7ntAcJ
Mime
View raw message