axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nandana Mihindukulasooriya" <nandana....@gmail.com>
Subject Re: [Rampart] What is the correct way to secure a JAX-WS service?
Date Thu, 08 May 2008 03:50:33 GMT
Hi Alex,
      Have you looked at  this thread  [1] ?

thanks,
nandana

[1] -
http://markmail.org/message/dkwjvskrh3gysvnw?q=list:org%2Eapache%2Ews%2Eaxis-user+can+I+use+use+rampart


On Wed, May 7, 2008 at 10:26 PM, Savitsky, Alex <
Alex.Savitsky@tdsecurities.com> wrote:

>  Hi,
>
> Usually, Axis2 services are secured using Rampart, by engaging the module,
> and specifying the policy in services.xml. However, this won't do for
> services deployed via JAX-WS annotations, as there's no services.xml file
> there. The module could still be deployed, as long as it's placed in
> WEB-INF/modules - but where would one have to place the policy file, for it
> to be picked up by the Rampart? Are there any annotations one has to specify
> on the service endpoint, to specify that the service is using WS-Security?
>
> I looked at the @HandlerCHain annotation, but the Rampart handlers are not
> based on the JAX-WS handler interfaces, but on some internal Axis2 ones, and
> thus cannot be used in JAX-WS handler chains
>
> And final question - does Rampart even support JAX-WS style services?
>
> Thanks,
>
> Alex
>
> ********************
> NOTICE OF CONFIDENTIALITY
> This communication including any information transmitted with it is
> intended only for the use of the addressees and is confidential.
> If you are not an intended recipient or responsible for delivering
> the message to an intended recipient, any review, disclosure,
> conversion to hard copy, dissemination, reproduction or other use
> of any part of this communication is strictly prohibited, as is the
> taking or omitting of any action in reliance upon this communication.
> If you receive this communication in error or without authorization
> please notify us immediately by return e-mail or otherwise and
> permanently delete the entire communication from any computer,
> disk drive, or other storage medium.
>
> If the above disclaimer is not properly readable, it can be found at www.td.com/legal
>
> AVERTISSEMENT DE CONFIDENTIALITE
> Ce courriel, ainsi que tout renseignement ci-inclus, destiné uniquement
> aux destinataires susmentionnés,  est confidentiel.  Si vous
> n'êtes pas le destinataire prévu ou un agent responsable de la
> livraison de ce courriel, tout examen, divulgation, copie, impression,
> reproduction, distribution, ou autre utilisation d'une partie de ce
> courriel est strictement interdit de même que toute intervention ou
> abstraction à cet égard.  Si vous avez reçu ce message par erreur ou
> sans autorisation, veuillez en aviser immédiatement l'expéditeur par
> retour de courriel ou par un autre moyen et supprimer immédiatement
> cette communication entière de tout système électronique.
>
> Si l'avis de non-responsabilité ci-dessus n'est pas lisible, vous
> pouvez le consulter à www.td.com/francais/legale
>
>

Mime
View raw message