ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dittmann, Werner" <werner.dittm...@siemens.com>
Subject AW: SignatureConfirmation with handler chaining
Date Tue, 08 Nov 2005 07:28:13 GMT
Ruchith,

a specific handling for handler chaining is not necessary
anymore. Ut's handled transparently in the SignatureConfirmation
code inside WSS4JHandler. Thus you may go on testing it 
with Axis 2

Regards,
Werner

> -----Urspr√ľngliche Nachricht-----
> Von: Werner Dittmann [mailto:Werner.Dittmann@t-online.de] 
> Gesendet: Freitag, 4. November 2005 14:58
> An: Ruchith Fernando
> Cc: wss4j-dev@ws.apache.org
> Betreff: Re: SignatureConfirmation with handler chaining
> 
> Ruchith,
> 
> need to look at what was wrong when doing chaining. I'll check
> my internal testcases and give you some info tomorrow.
> 
> Regards,
> Werner
> 
> Ruchith Fernando wrote:
> > Hi Werner,
> > 
> > If possible, can you please give me some points as to what 
> we need to
> > do to get sig-confirmation working with handler chaining in 
> Axis 1.x.
> > 
> > I'm trying to do the same with Axis2 security module.
> > 
> > 
> >>Sep 6, 2005: Extending WSS4J to the new OASIS specs - first 
> impl of SignatureConfirmation :
> >>
> >>If anybody is going to test this _and_ uses the handler chaining
> >>feature of WSS4J pls ask for additional info. In this case one
> >>specific modification in the WSDD files may be required.
> > 
> > 
> > 
> > Thanks,
> > Ruchith
> > 
> > On 9/6/05, Werner Dittmann <Werner.Dittmann@t-online.de> wrote:
> > 
> >>All,
> >>
> >>with the next checkin a first step of the SIgnatureConfirmation
> >>feature of WSS 1.1 is done.
> >>
> >>Because of some open issues with the spec this first implementation
> >>assumes:
> >>
> >>- generate SignatureConfirmation for every Signature of every
> >>  wsse:Security header of the request - there my be several
> >>  wsse:Security headers in one request (with different actor/role)
> >>
> >>- place all SignatureConfirmation elements together in one
> >>  wsse:Security header of the response. This because it is not
> >>  necessary that the wsse:Security headers have a one-to-one
> >>  relationship with the request headers.
> >>
> >>- do not sign SignatureConfirmation yet - here are IMHO 
> some open issues
> >>  in the spec
> >>
> >>- do not encrypt even if the Signature block of the request was
> >>  encrypted. I doubt if such an encryption makes sense.
> >>
> >>To enable and test this feature you need to download the source
> >>from SVN (trunk head), set the variable 
> "enableSignatureConfirmation"
> >>to "true" (for the time being it set to "false" by default).
> >>
> >>If anybody is going to test this _and_ uses the handler chaining
> >>feature of WSS4J pls ask for additional info. In this case one
> >>specific modification in the WSDD files may be required.
> >>
> >>Regards,
> >>Werner
> >>
> >>
> >>
> >>
> >>------------------------------------------------------------
> ---------
> >>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> >>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >>
> >>
> > 
> > 
> > 
> > --
> > Ruchith
> > 
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> > 
> > 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message