ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gene...@ws.apache.org
Subject [Apache Web Services Wiki] Updated: WSS4C
Date Sat, 04 Dec 2004 11:34:48 GMT
   Date: 2004-12-04T03:34:48
   Editor: SameeraPerera <sameera@gamebox.net>
   Wiki: Apache Web Services Wiki
   Page: WSS4C
   URL: http://wiki.apache.org/ws/WSS4C

   no comment

Change Log:

------------------------------------------------------------------------------
@@ -29,6 +29,25 @@
 === Security Tokens ===
 
 === XML Signature ===
+WSS4C implementation of the XML Digital Signatures for SOAP Message Security, makes heavy
use 
+of the Apache&#8217;s XML Security libraries (http://xml.apache.org/security).
+
+The following schematic diagrams show the current architectural view of the WSS4C SOAP message

+signature validation processes.
+
+attachment:verification.gif
+
+Client process, such as an Axis C++ inflow handler would invoke 
+["WSSecurityEngine"]::processSecurityHeader on the incomming SOAP message envelope. This
method 
+will step through all elements of the <wsse:Security> header block processing each
sub element 
+encountered.
+
+In the context of this section of the WSS4C implementation, this would result in
+1. A list of prefetched WSS Tokens to be used in the Signature validation process (e.g. a

+BinarySecurityToken containing the X.509 certificate). This notion of prefetching is based
on 
+the recommendation made in section 8.2 of the WS-Security 2004 specification.
+
+2. A call to SignatureVerifier::verify method on all <ds:Signature> elements encountered.
 
 === XML Encryption ===
 The implementation of WSS4C has used Section 9 (Encryption) of OASIS WSS: SOAP Message Security
1.0 specification, as its starting point. As such, the development effort can be viewed as
a &#8220;bottom-up&#8221; process.
@@ -37,7 +56,7 @@
 
 attachment:archi001.gif
 
-A client class (e.g. an Axis Handler) of the library would simply make a function call on
to WSEncryptBody which in turn will carry out the encryption of the specified SOAP message
as par to the above mentioned specification.
+A client class (e.g. an Axis Handler) of the library would simply make a function call on
to ["WSEncryptBody"] which in turn will carry out the encryption of the specified SOAP message
as par to the above mentioned specification.
 Following diagram reflects the current state of the library.
 
 == Deployment ==

Mime
View raw message