axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Philippe A." <futhar...@gmail.com>
Subject Re: How to choose Key Identifier Type?
Date Wed, 18 Apr 2012 16:35:18 GMT
Not sure what a SKI is exactly, but I see plenty of references to this in
the ws-securitypolicy 1.2 standard. This doc has been of great help to me.
I suggest reading it.

Maybe the solution is simply to add a sp:RequireKeyIdentifierReference at
the right place in your policy? Like:

          <sp:ProtectionToken>
            <wsp:Policy>
              <sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
">
                <wsp:Policy>
                  <sp:RequireKeyIdentifierReference/>
                   ...
                </wsp:Policy>
              </sp:X509Token>
            </wsp:Policy>
          </sp:ProtectionToken>

Good luck!

2012/4/10 Gabriel Millaire <gabriel.millaire@boku.com>

>  Hello,****
>
> ** **
>
> I have been looking around for a way to choose the Key Identifier Type for
> signature using Axis2 Rampart.****
>
> ** **
>
> I seem to only be able to find the "old" way of doing it, through
> OutflowSecurity:****
>
> ** **
>
> <parameter name="OutflowSecurity">****
>
>         <action>****
>
>             <items>Timestamp Signature</items>****
>
>               <user>jack</user>****
>
>             <signaturePropFile>security.properties</signaturePropFile>****
>
>             <passwordCallbackClass>****
>
>                org.swview.test.axis2.client.PWCallbackHandler****
>
>             </passwordCallbackClass>****
>
>             *
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>*
>
>             <signatureParts>****
>
>             </signatureParts>****
>
>         </action>****
>
>     </parameter>****
>
> ** **
>
> What I am looking for is how to through the Policy in a WSDL file, or
> programmatically via RampartConfig or related means.****
>
> ** **
>
> Does anyone have a clue how to do that?****
>
>
> Thanks,****
>
> Gabriel****
>



-- 
Philippe

Mime
View raw message