Hi,
So what would be the simplest way to implement this using Axis2? I need WS-Addressing, and i'm not confident in Axis1's addressing support. Could i use an OperationClient to sign and encrypt the SOAP DOM using WSS4J? (I'm not clear how this might work.) Or do i need to create my own module? Or should i go with the code in SVN HEAD?
You can go ahead and use the "rahas-SNASHOT.mar" (available in the modules/security/target/ dir after the build) and try it out right now. Even though code in wss4j supports both sign and encrypt using SCT and derived keys as of now you can only configure rahas to encrypt the body of the soap messages using SCT/derived key. Please have a look at the follwing this [1] (line 87) to see how one can set the configuration in the ServiceClient's options using the RahasConfiguration class. You must look at the implementation of getClientRahasConfiguration() in the RahasScenario3Test [2] class to see the how a RahasConfiguration instance is used to obtain the parameter to be set in the options in [1]. RahasScenario3Test is a test case similar to your case where the client creates its own SCT and propergates it to the service and uses it to encrypt the soap body. Having said the above please understand that we _will_ be moving all these features (and more) to "rampart" :-) and there will be no "rahas" module in a few days. :-) Thanks, Ruchith [1] http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/TestClient.java [2] http://svn.apache.org/repos/asf/webservices/axis2/trunk/java/modules/integration/test/org/apache/axis2/security/rahas/RahasScenario3Test.java --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
