I had the same requirement. Sign the body only.
I started out trying to combine policy samples 1 & 2 to meet my
requirements. I added the Username token to policy 2. It worked as a
"signed supporting token" but "supporting token" does not work. (See Jira
Rampart-84). I also needed a plain text password, but did not discover a
way to specify one with a policy statement. In general I found that the
policy samples all worked perfectly, but any deviation from the beaten path
was likely to uncover a bug.
The only way that I could meet my requirement with the Axis 1.3 and Rampart
1.3 was to use the basic route. It is very much simpler to use. You just
list what you want in the "Actions" and that is exactly what you get. When
the policy stuff is more mature I would like to migrate to it, but simply
cannot do so at this time.
Jon
tballen wrote:
>
> Is the basic method deprecated and the policy method the
> generally-accepted way to go now?
> I ask since I have a need to implement a user name token with
> Rampart. It works now with the basic method but I'd rather use a
> method that is not deprecated.
>
> Any input is appreciated.
>
>
> At 06:09 PM 10/18/2007, Jon Hanshew wrote:
>
>>Forget the Policy road.
>>
>>Look at the "basic" samples. Way simpler way to achieve what you want.
>>
>>
>>tirtza wrote:
>> >
>> > I am using Axis2-1.3 and Rampart 1.3.
>> > I am the client and my requests need to be signed.
>> >
>> > My axis.client.xml includes the following
>> >
>> > <module ref="rampart" />
>> >
>> > <parameter name="OutflowSecurity">
>> > <action>
>> > <items>Signature</items>
>> > <user>wally</user>
>> > <signaturePropFile>crypto.properties</signaturePropFile>
>> >
>> >
>> <passwordCallbackClass>net.idt.svp.security.PWCallback</passwordCallbackClas
>> > s>
>> >
>> <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
>> > </action>
>> > </parameter>
>> >
>> > <parameter name="InflowSecurity">
>> > <action>
>> > <items>Signature</items>
>> > <signaturePropFile>crypto.properties</signaturePropFile>
>> > </action>
>> > </parameter>
>> >
>> > My crypto.properties
>> >
>> >
>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry
>> > pto.Merlin
>> > org.apache.ws.security.crypto.merlin.keystore.type=jks
>> >
>> org.apache.ws.security.crypto.merlin.file=J:\svp_prime\trunk\security\test.j
>> > ks
>> > org.apache.ws.security.crypto.merlin.keystore.password=pswd
>> >
>> > My Client includes the following:
>> > _serviceClient.getOptions().setTo(new
>> > org.apache.axis2.addressing.EndpointReference(targetEndpoint));
>> >
>> >
>> _serviceClient.getOptions().setUseSeparateListener(useSeparateListener);
>> >
>> > StAXOMBuilder builder = new
>> StAXOMBuilder("resources/policy.xml");
>> >
>> > Policy clientPolicy =
>> > PolicyEngine.getPolicy(builder.getDocumentElement());
>> >
>> >
>> _serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLIC
>> > Y, clientPolicy);
>> > _serviceClient.engageModule("rampart");
>> >
>> > My problem is that I have no clue how to set up the policy.xml.
>> Rampart's
>> > examples do not include an example of pure signature only (no
>> timestamp).
>> >
>> >
>> > Can someone supply me with an example?
>> > Thanks.
>> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Rampart-signature-tf4641583.html#a13296860
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
