Sorry if this a strange question, but I'm very new to web service security topic.
Let me list my situation and needs step by step:
1) I have many clients
2) Each client has its own certificate
3) Each client send SOAP messages by signing with its certificate
4) I use Axis2 and WS-Security extentions
5) I need to recognize each sender uniquely and verify the message according to the sender's own certificate.
6) AFAIK, it's not necessary to use Username-token profile if I verify each message with sender's certificate.
Some of the items seems very odd. If you beleive I'm going through correct way, please tell me how to build these up with Axis2. Otherwise, please let me know what kind of approach should I use to handle multiple client certificates.
Thanks in advance,
Ali Sadik Kumlali
Yahoo! Mail
Bring photos to life! New PhotoMail makes sharing a breeze.
