ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Davanum Srinivas <dava...@gmail.com>
Subject Re: WSS4J and Kerberos signatures
Date Mon, 14 Nov 2005 22:02:13 GMT
Please see what is being done for SAML and use that as a template for Kerberos.

thanks,
dims

On 11/14/05, Laurence Brockman <laurence.brockman@sjrb.ca> wrote:
> Correct me if I'm wrong here, but this is what I'm thinking:
>
> After grabbing the source from SVN and looking at the documentation, I
> believe the right place for me to start would be to extend the
> org.apache.ws.axis.security class to handle the Kerberos requirements
> specified in the OASIS document.
>
> Forgive me for so many questions, but I'm new to Axis/WSS4J and I want
> to make sure that I'm heading down the right path.
>
> Specifically, what we are looking to implement is just the
> authentication portion of Kerberos and not the encryption portion (We
> want to authenticate incoming SOAP requests against a KDC). Down the
> road we will likely look at the encryption portion, but that won't
> likely be for a few months at least.
>
> Thanks again!!
> Laurence
>
> -----Original Message-----
> From: Davanum Srinivas [mailto:davanum@gmail.com]
> Sent: November 11, 2005 8:18 PM
> To: Laurence Brockman
> Cc: wss4j-dev@ws.apache.org
> Subject: Re: WSS4J and Kerberos signatures
>
> Laurence,
>
> I believe you start with taking a look at the Kerberos Token Profile
> at the OASIS WSS TC web site:
>
> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss
>
> There's lots of refactoring in the latest SVN, which makes it easy to
> plugin a new token profile. So please get the latest SVN code and
> start asking more questions :)
>
> thanks,
> dims
>
> On 11/10/05, Laurence Brockman <laurence.brockman@sjrb.ca> wrote:
> >
> >
> >
> > Hello,
> >
> >
> >
> > Sorry if this is a FAQ but I have been looking for answers to this
> high and
> > low and have not seen this on the list.
> >
> >
> >
> > We are going to try and use Kerberos to authenticate users on our SOAP
> > server. What we envision is having the client send down the SOAP
> request
> > with a service ticket from a KDC. The server (Axis using WSS4J on
> Tomcat)
> > would then authenticate this user against said KDC. After briefly
> looking at
> > the documentation within the WSS4J code I think what we would want to
> do is
> > extend the WSDoAllHandler class (From the
> > org.apache.axis.security.handler package). Is this the
> > right direction to be going in? Has anybody looked at this? I'm
> relatively
> > new to Axis/WSS4J and some guidance would be awesome!
> >
> >
> >
> > Thanks,
> >
> > Laurence
> >
> >
> >
> > Laurence Brockman
> >  Server Specialist, Shaw Operations Centre
> >  Shaw Communications Inc.
> >  Phone : (403) 303-4805
> >  E-mail : laurence.brockman@sjrb.ca
> >
> >
> >
> > ACCOUNTABLE    BALANCE    CUSTOMER FOCUSED    INTEGRITY    LOYALTY
> > POSITIVE, CAN DO ATTITUDE    TEAM PLAYER
> >
> >
>
>
> --
> Davanum Srinivas : http://wso2.com/blogs/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>


--
Davanum Srinivas : http://wso2.com/blogs/

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message