Re: What are the configurable ws-security parameters for incoming message

Wed, 05 Nov 2008 18:10:52 -0800 

Vivian Wang wrote:
Thanks! 
But my question is really this: In WS-Policy, what parameters need to be or can 
be configured for incoming message (the response message from a client point of 
view)? I don't see much document in rampart/c site. From a user point of view, 
I would like to see something like soapUI in which the configurable parameters 
for WS-security are very clear. Is there anything like that in rampart/c in a 
configuration file?
Nop, you do not have anything like that in Rampart/C config file. In fact, the policy tells it all, as I mentioned earlier. The kind and format of policies are in sync with WS-SecPolicy spec.Using policy, in place of rampart specific confing ensures interoperability. 

Thanks,
Samisa...



Thanks again!
Vivian


--- On Tue, 11/4/08, Samisa Abeysinghe <[EMAIL PROTECTED]> wrote:


  

From: Samisa Abeysinghe <[EMAIL PROTECTED]>
Subject: Re: What are the configurable ws-security parameters for incoming 
message
To: "Apache AXIS C Developers List" <axis-c-dev@ws.apache.org>
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
Date: Tuesday, November 4, 2008, 10:59 PM
Rampart/C makes use of WS-Policy for configuring how it
behaves.

Samisa...

Vivian Wang wrote:

    

Hi, 


I am trying to use rampart/c along with axis2/c to

      

support WS-security. Just wonder, what are the configurable
ws-security parameters for incoming message, especially from
a web service client point of view, which means, as a web
service client, what can be configured to decrypt/interpret
the response message from the web server.  I've read
through the manuals and also gone through the examples, but
still I am afraid I don't have a complete picture about
what can be configured. Is there any detailed document for
this?

    

I was also looking at soapUI, a free tool for web

      

service testing, which also supports WS-security. In their
manual, they have the following statements:

    

   Incoming WSS configurations are used to process

      

incoming messages   (responses, MockRequest and monitor
requests/response) and decrypt/validate their
encrypted/signed content. Since the WS-Security headers of
an incoming message contain most of the information required
to decrypt or validate a message, the only configuration
needed by soapUI is which keystores that contain referenced
keys and certificates for decryption and signature
validation.

    

Is this statement also true to rampart/c? I mean, the

      

only configuration one need to do is which keystores that
contain referenced keys and certificates for decryption and
signature validation?

    

Thanks much in advance!

Vivian





      




      

---------------------------------------------------------------------

    

To unsubscribe, e-mail:

      

[EMAIL PROTECTED]

    

For additional commands, e-mail:

      

[EMAIL PROTECTED]

    

  

      

------------------------------------------------------------------------

    

Internal Virus Database is out of date.

Checked by AVG - http://www.avg.com 
Version: 8.0.175 / Virus Database: 270.8.5/1759 -
      

Release Date: 10/31/2008 4:10 PM

    

  
      

--

Samisa Abeysinghe 
Director, Engineering; WSO2 Inc.


http://www.wso2.com/ - "The Open Source SOA
Company"


---------------------------------------------------------------------
To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]

    




      


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  
------------------------------------------------------------------------



Internal Virus Database is out of date.

Checked by AVG - http://www.avg.com 
Version: 8.0.175 / Virus Database: 270.8.5/1759 - Release Date: 10/31/2008 4:10 PM



  



--

Samisa Abeysinghe 
Director, Engineering; WSO2 Inc.


http://www.wso2.com/ - "The Open Source SOA Company"


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to