ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Werner Dittmann <Werner.Dittm...@t-online.de>
Subject Re: WSS4J and Kerberos signatures
Date Fri, 18 Nov 2005 06:27:39 GMT
Laurence,

on the receiver side the code is trigge "automatically" if a
Kerberos QName is detected and the processor gets loaded.

On the sender side please ahave a look at WSHandler.java,
doSenderAction(). For the sender you shall define an action
(similar to the processor at the receiver). Its the same
technique on both sides (something like a plugin).

Regards,
Werner

Laurence Brockman wrote:
> Ok, I feel kind of sheepish about asking this question, but looking at
> the WSDoAllReceiver code I've begun adding in the hooks for the Kerberos
> code (Adding what I think are the appropriate checks for a new case in
> various classes) I'm not sure what to do to trigger it to actually
> execute the new class that I am making.
> 
> The QName has to match in when looking at the security headers to get it
> to execute the appropriate processor (Kerberos in this case). The QName
> is created based on the NS and LN attribute for other cases and I'm
> unsure of what to use for the Kerberos cases below to get it to
> instantiate the appropriate QName object.
> 
> If anyone could provide some guidance I would definitely appreciate it.
> I believe the name space should be that defined in the draft
> ("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1")
> but I'm not sure of this.
> 
> Here's what I have done so far:
> 
> In WSConstants.java (This is what I'm not sure of):
> 
>     /*
>      * The definitions for Kerberos -- This is what I am unsure of how
> to set.
>      */
>     public static final String KERBEROS_NS = "";
>     public static final String KERBEROS_LN = "";
> 
> And
> 
>     /*
>      * Added by Laurence Nov 16, 2005 for Kerberos authentication
>      */
>     public static final int KERBEROS = 0x400;
> 
> 
> In WSSConfig:
> 
>     Added a case to the getProcessor method to return
> "org.apache.ws.security.processor.KerberosProcessor" when it matches
> WSSecurityEngine.KERBEROS_TOKEN
> 
>     
>     /**
>      * <code>KERBEROS</code> as defined by KERBEROS Specification
>      */
>     public static final QName KERBEROS_TOKEN = new
> QName(WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN);
> 
> In WSSecurityEngine:
> 	Added in the new QName to be created:
> 	public static final QName KERBEROS_TOKEN = new
> QName(WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN);
> 
> To WSHandlerConstants:
> 	I added the below constant
> 
>     /**
>      * Perform a Kerberos identification.
>      */
>     public static final String KERBEROS = "Kerberos";
> 
> Within decodeAction:
>             } else if (single[i].equals(WSHandlerConstants.KERBEROS)) {
>             	doAction |= WSConstants.KERBEROS;
>             	actions.add(new Integer(WSConstants.KERBEROS));
> 		}
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message