On 8/21/06, Dennis Sosnoski <[EMAIL PROTECTED]> wrote:
Hi Ruchith,
I'd looked at these samples before writing my email. It's not very clear
from the presentation slides exactly what some of the samples are doing,
so I hadn't realized this one matched what I was looking for.
I will try to add some details to explain what each sample does.
Sample 11 shows how to combine different actions and to configure it
dynamically using the InflowConfiguration and OutflowConfiguration
instances.
Example: Following configures rampart to add a Timestamp and sign and
encrypt the outgoing message:
OutflowConfiguration ofc = new OutflowConfiguration();
ofc.setActionItems("Timestamp Signature Encrypt");
Thanks,
Ruchith
In any case, I'd already decided to switch to just using WSS4J directly.
For what I'm doing the Axis2 benefits would have been minimal, and using
WSS4J directly gives me full control over the security details. I was
surprised that I immediately ran into a bug in WSS4J, but I fixed it and
now everything looks good.
- Dennis
Ruchith Fernando wrote:
> Hi Dennis,
>
> Please have a look at Sample 11 in the samples provided with this [1]
> presentation. That has answers to both questions.
>
> Thanks,
> Ruchith
>
> [1]
> http://www.wso2.net/presentations/wss4j/java/2006/08/04/apache-rampart
>
> On 8/17/06, Dennis Sosnoski <[EMAIL PROTECTED]> wrote:
>> Hi Ruchith,
>>
>> I've been trying to do some similar things with Rampart, and running
>> into a few unknowns. First off, how do I set the configuration to do
>> multiple steps in the outflow and inflow? In my case, I need to sign the
>> outgoing message with my local private key, then encrypt with the
>> server's public key (from the certificate in my keystore).
>>
>> Secondly, how do I control the type of SecurityTokenReference used in
>> the message? By default I get an X509Data with X509IssuerSerial; I'd
>> prefer to use a KeyIdentifier instead. I tried:
>>
>>
>> ofc.setSignatureKeyIdentifier(WSSHandlerConstants.X509_KEY_IDENTIFIER);
>>
>> But this didn't appear to have any effect.
>>
>> - Dennis
>>
>> Dennis M. Sosnoski
>> SOA, Web Services, and XML
>> Training and Consulting
>> http://www.sosnoski.com - http://www.sosnoski.co.nz
>> Seattle, WA +1-425-296-6194 - Wellington, NZ +64-4-298-6117
>>
>>
>>
>> Ruchith Fernando wrote:
>> > Please add the axis2-security-SNAPSHOT.jar [1] into your classpath to
>> > access the OutflowConfiguration/InflowConfiguration classes.
>> >
>> > Latest rampart-SNAPSHOT.mar is available here : [2].
>> >
>> > Thanks,
>> > Ruchith
>> >
>> > [1]
>> >
>> http://people.apache.org/repository/axis2/jars/axis2-security-SNAPSHOT.jar
>>
>> >
>> > [2]
>> http://people.apache.org/repository/axis2/mars/rampart-SNAPSHOT.mar
>> >
>> > On 8/10/06, Brecht Yperman <[EMAIL PROTECTED]> wrote:
>> >> Ok,
>> >>
>> >> Apparently I'm shit at using Axis2, no progress last two days...
>> >>
>> >> Where can I find the latest rampart.mar-build?
>> >> Can I rename the .mar-file to .jar and add it to my build path (to
>> use
>> >> the OutflowConfiguration class)?
>> >>
>> >> Thanks,
>> >> Brecht
>> >>
>> >> -----Original Message-----
>> >> From: Ruchith Fernando [mailto:[EMAIL PROTECTED]
>> >> Sent: donderdag 10 augustus 2006 10:02
>> >> To: axis-user@ws.apache.org
>> >> Subject: Re: [Axis2] Configure Rampart dynamically
>> >>
>> >> Hi Brecht,
>> >>
>> >> Yes it is possible. Please see here:
>> >> http://marc.theaimsgroup.com/?l=axis-user&m=115517624610919&w=2
>> >>
>> >> Thanks,
>> >> Ruchith
>> >>
>> >> On 8/10/06, Brecht Yperman <[EMAIL PROTECTED]> wrote:
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > Hi,
>> >> >
>> >> >
>> >> >
>> >> > how do I configure Rampart dynamically?
>> >> >
>> >> >
>> >> >
>> >> > I tried something like this, but it does not work...
>> >> >
>> >> >
>> >> >
>> >> > private void configureSecurity(ServiceClient client) throws
>> AxisFault
>> >> {
>> >> >
>> >> > if (true /*security == on*/) {
>> >> >
>> >> > Parameter parm = new Parameter();
>> >> >
>> >> > parm.setName("OutflowSecurity");
>> >> >
>> >> >
>> >> >
>> >> > OMFactory fact =
>> OMAbstractFactory.getOMFactory();
>> >> >
>> >> >
>> >> >
>> >> > OMNamespace emptyNS =
>> fact.createOMNamespace(null,
>> >> "");
>> >> >
>> >> > OMElement actionEl =
>> fact.createOMElement("action",
>> >> > emptyNS);
>> >> >
>> >> >
>> >> >
>> >> > OMElement itemsEl = fact.createOMElement("items",
>> >> > emptyNS);
>> >> >
>> >> > itemsEl.setText("UsernameToken");
>> >> >
>> >> > actionEl.addChild(itemsEl);
>> >> >
>> >> >
>> >> >
>> >> > OMElement userEl = fact.createOMElement("user",
>> >> emptyNS);
>> >> >
>> >> > userEl.setText("bob");
>> >> >
>> >> > actionEl.addChild(userEl);
>> >> >
>> >> >
>> >> >
>> >> > OMElement pwCbEl =
>> >> > fact.createOMElement("passwordCallbackClass", emptyNS);
>> >> >
>> >> > pwCbEl.setText("CallbackHandler");
>> >> >
>> >> > actionEl.addChild(pwCbEl);
>> >> >
>> >> >
>> >> >
>> >> > parm.setParameterElement(actionEl);
>> >> >
>> >> >
>> >> >
>> >> > client.engageModule(new QName("rampart-1.0"));
>> >> >
>> >> > }
>> >> >
>> >> > }
>> >> >
>> >> >
>> >> >
>> >> > Thanks,
>> >> >
>> >> > Brecht
>> >> >
>> >> >
>> >> >
>> >> > Invenso - The "Integration Software" specialists.
>> >> > _____________________________________________
>> >> >
>> >> > Brecht Yperman
>> >> > Development team
>> >> >
>> >> > Direct: +32 (0)3 780 30 05
>> >> > Email: [EMAIL PROTECTED]
>> >> >
>> >> > INVENSO bvba
>> >> > Industriepark-West 75
>> >> > 9100 Sint-Niklaas
>> >> > Belgium - Europe
>> >> >
>> >> > Phone: +32 (0)3 780 30 02
>> >> > Fax: +32 (0)3 780 30 03
>> >> > Email: [EMAIL PROTECTED]
>> >> > Website: www.invenso.com
>> >> >
>> >> > "E-mail disclaimer: This e-mail, and any attachments thereto, is
>> >> intended
>> >> > only for use by the addressee(s) named herein and may contain
>> legally
>> >> > privileged and/or confidential information. If you are not the
>> >> intended
>> >> > recipient, please note that any review, dissemination, disclosure,
>> >> > alteration, printing, copying or transmission of this e-mail and/or
>> >> any file
>> >> > transmitted with it, is strictly prohibited and may be unlawful. If
>> >> you have
>> >> > received this e-mail by mistake, please immediately notify the
>> sender
>> >> and
>> >> > permanently delete the original as well as any copy of any
>> e-mail and
>> >> any
>> >> > printout thereof."
>> >> >
>> >> >
>> >>
>> >>
>> >> --
>> >> www.ruchith.org
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> >> For additional commands, e-mail: [EMAIL PROTECTED]
>> >>
>> >>
>> >
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
