Date: 2005-03-02T07:20:48
Editor: SameeraPerera
Wiki: Apache Web Services Wiki
Page: WSS4C
URL: http://wiki.apache.org/ws/WSS4C
no comment
Change Log:
------------------------------------------------------------------------------
@@ -33,25 +33,14 @@
=== Security Tokens ===
=== XML Signature ===
-WSS4C implementation of the XML Digital Signatures for SOAP Message Security, makes heavy
use
-of the Apache’s XML Security libraries (http://xml.apache.org/security).
+This section describes the WSS4C implementation of the Digital Signatures for SOAP Message
Security. Figure 2-1 illustrates the overall goals of the implementation.
-The following schematic diagrams show the current architectural view of the WSS4C SOAP message
-signature validation processes.
+attachment:fig2-1.gif
+"Figure 2-1"
-attachment:verification.gif
+2.1 Architecture of Digital Signature Implementation
-Client process, such as an Axis C++ inflow handler would invoke
-["WSSecurityEngine"]::processSecurityHeader on the incomming SOAP message envelope. This
method
-will step through all elements of the <wsse:Security> header block processing each
sub element
-encountered.
-
-In the context of this section of the WSS4C implementation, this would result in
-1. A list of prefetched WSS Tokens to be used in the Signature validation process (e.g. a
-BinarySecurityToken containing the X.509 certificate). This notion of prefetching is based
on
-the recommendation made in section 8.2 of the WS-Security 2004 specification.
-
-2. A call to SignatureVerifier::verify method on all <ds:Signature> elements encountered.
+2.2 Current Issues
=== XML Encryption ===
The implementation of WSS4C has used Section 9 (Encryption) of OASIS WSS: SOAP Message Security
1.0 specification, as its starting point. As such, the development effort can be viewed as
a “bottom-up” process.
|