axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nandana Mihindukulasooriya" <>
Subject Re: Apache rampart without encryption -> nullpointerException
Date Thu, 14 Feb 2008 14:39:23 GMT
Hi Thomas,
          Sorry for the late reply. According to the given policy you
need to have a encryption crypto defined in the RampartConfig section.
Even though you don't have any message parts to be encrypted, you
still need an encryption crypto as we have to create an encrypted key
in the symmetric binding as I said earlier. That encrypted key will be
used to sign the messages back and forth. You need to get the web
service's certificate and include that in the key store you provide
for encryption crypto. You only need the public key of the web
service. According to the above policy, you don't need a certificate
for yourself. According to the policy, this web service can be
accessed by anonymous clients. This security policy only provides
integrity. It doesn't provide authentication or non repudiation. Hope
this information will help you.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message