Return-Path: Delivered-To: apmail-ws-axis-user-archive@www.apache.org Received: (qmail 56696 invoked from network); 7 Mar 2008 05:06:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Mar 2008 05:06:09 -0000 Received: (qmail 13622 invoked by uid 500); 7 Mar 2008 05:05:57 -0000 Delivered-To: apmail-ws-axis-user-archive@ws.apache.org Received: (qmail 13597 invoked by uid 500); 7 Mar 2008 05:05:57 -0000 Mailing-List: contact axis-user-help@ws.apache.org; run by ezmlm Precedence: bulk Reply-To: axis-user@ws.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list axis-user@ws.apache.org Received: (qmail 13586 invoked by uid 99); 7 Mar 2008 05:05:57 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Mar 2008 21:05:57 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of ruchith.fernando@gmail.com designates 72.14.204.228 as permitted sender) Received: from [72.14.204.228] (HELO qb-out-0506.google.com) (72.14.204.228) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Mar 2008 05:05:18 +0000 Received: by qb-out-0506.google.com with SMTP id e34so159370qbe.6 for ; Thu, 06 Mar 2008 21:05:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=0UqBMM3KCvdziTZSX7fb+zXEkoGO+cWfN0ou0KXFKak=; b=eHZwGqHimKV6LDZFaKMOG1N9vqqicZR8LAeCFsuF7K0SJxiTCSiwFIrRDZtotHk4b5RX/prG4qOwbaNnpmin3ckqaWgsbIf/LoIiT1mEGccAJ/4AjdRIXaFwokIzWiOX1mhVxeD3lVKeaRaPd63iqPxX0vXNtdymRqa7gSDetaU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=BHhCFcQztM4CfZHA+xREjps07lZZ9lUjPQKgyDwwlM6Qlm2hiwdmt2q5k4oRX1WlS7P79uY7/H/L2dPKUmKUxht8R828/Pdl+vHBjBw2hKMAegI49JWAOEN1uN9k4kzqZ5tJXGEnRbIUPiM35ZhTr8lpDJiT5cDaS7Vhou/voiM= Received: by 10.114.167.2 with SMTP id p2mr144007wae.78.1204866328164; Thu, 06 Mar 2008 21:05:28 -0800 (PST) Received: by 10.115.18.13 with HTTP; Thu, 6 Mar 2008 21:05:28 -0800 (PST) Message-ID: <559c463d0803062105l483fe59ej8bde571c1989b45a@mail.gmail.com> Date: Fri, 7 Mar 2008 10:35:28 +0530 From: "Ruchith Fernando" To: axis-user@ws.apache.org Subject: Re: Example policy file needed In-Reply-To: <0CD5E28A763C8D4D84C690F5C463F94A7B3087@ord-mail.serena.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <9e2fff830803050031y77e454ah19419ce7a28198f2@mail.gmail.com> <0CD5E28A763C8D4D84C690F5C463F94A7B3087@ord-mail.serena.com> X-Virus-Checked: Checked by ClamAV on apache.org IMHO we have to improve both Axis2 and Rampart if we are to support policy alternatives. A service can express a set of alternatives that it can handle and right now we should be able to fix Rampart to support this. However at the client side we should have some way of picking the alternative. At this point we have to decide how Axis2 client API has to behave. Thoughts? Thanks, Ruchith On Wed, Mar 5, 2008 at 8:31 PM, George Stanchev wrote: > Hi Nandana, > > Is that Neethi or Rampart shortcoming? I also am in need of alternative > policy support for the same two token types as in Simon's message. > > Do you need a JIRA? > > Best Regards, > George > > > -----Original Message----- > From: Nandana Mihindukulasooriya [mailto:nandana.cse@gmail.com] > > > Sent: Wednesday, March 05, 2008 1:31 AM > To: axis-user@ws.apache.org > Subject: Re: Example policy file needed > > Hi Simon, > Currently Apache Rampart doesn't support alternative security > policies for an endpoint. Current workaround is having two separate EPRs > with the alternative policies. Would that suit your scenario ? If not > you can try to convince the Rampart community to support alternative > security policies starting a thread in the Rampart dev list. > > thanks, > /nandana > > On Tue, Mar 4, 2008 at 10:58 PM, Glenn Dougherty > wrote: > > Nandana, et al, > > > > We are looking for a combined ws-policy example that supports both > > Username Token and SAML assertions. Meaning, we need to provide a > > service that supports the caller passing either a username token or a > SAML assertion. > > Does anyone have an example that shows these two options within in > > one ws-policy file? We have not been successful in configuring the > > Axis2 1.3 stack for this effort. > > > > Regards, > > Glenn > > > > > > -----Original Message----- > > From: Nandana Mihindukulasooriya [mailto:nandana.cse@gmail.com] > > Sent: Thursday, February 21, 2008 3:27 AM > > To: axis-user@ws.apache.org > > Subject: Re: Example policy file needed > > > > Hi Simon, > > Please take a look at samples come with the Apache Rampart > > distribution. They contain policies that defines Sample 01 - Username > > > Token authentication Sample 05 - SAML token > > > > thanks, > > nandana > > > > [1] - > > > > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/module > > s/ramp > > art-samples/policy/sample01/ > > [2] - > > > > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/module > > s/ramp > > art-samples/policy/sample02/ > > > > > > On Thu, Feb 21, 2008 at 12:36 AM, Simon Nunn > wrote: > > > > > > > > > > > > > > > I am trying to use ws-policy for my webservice. I would like for > the > > > service to receive either a saml assertion or a username token for > > > > authetication. I have been unsuccessful in getting a ws-policy > > configured > for this. Does anyone have an example of a policy file > that does this? > > > > > > > > > > > > Thanks, > > > > > > Simon > > > > > > > > > > > > > > -- > > Nandana Mihindukulasooriya > > Software Engineer > > WSO2 inc. > > > > http://nandana83.blogspot.com/ > > http://nandanasm.wordpress.com/ > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org > > For additional commands, e-mail: axis-user-help@ws.apache.org > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org > > For additional commands, e-mail: axis-user-help@ws.apache.org > > > > > > http://nandana83.blogspot.com/ > http://nandanasm.wordpress.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org > For additional commands, e-mail: axis-user-help@ws.apache.org > > > ********************************************************************** > This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. > ********************************************************************** > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org > For additional commands, e-mail: axis-user-help@ws.apache.org > > -- http://blog.ruchith.org http://wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org For additional commands, e-mail: axis-user-help@ws.apache.org