I know it but it's over ssl and therefore i use tomcat.
I try to made up two different authoritation method: one with jaas-tomcat real
and one with ssl+axis basi auth.
Thanks,
Aloha
-> Hi Rudi,
->
-> What we have done is implement Axis/JAX-RPC client and server side
-> handlers. The client side handler attaches a credential in the HTTP
-> header ("Authorization" heaer), and the server side handler
-> authenticates it, and makes the user id available in both the 1)
-> MessageContext in AuthenticatedUser axis object (I believe) and also in
-> 2) getRemoteUser() of the servletrequest (using a servletrequest
-> wrapper). You can get configure and get parameters into the server side
-> handler through the server side deployment descriptor (wsdd). You can
-> get configuration parameters into your client-side handler by
-> dynamically registering it with a handlerinfo and Map with params, and
-> runtime parameters by using _setProperty on the stub object (i think).
-> The stub properties get propagated to the MessageContext of the client
-> handler (this is true at least in 1.1, but not in 1.0).
->
-> We went this way because it doesn't seem like WSSE is fully cooked (or
-> at least fully implemented and easy to use).
->
-> I also tried using SOAP headers in the envelope themselves (instead of
-> out of band HTTP headers), but could not retrieve them in the server
-> side handler for some reason, so I gave up on that.
->
-> The whole thing can be thrown over SSL so that should provide your
-> on-wire safety.
->
-> Aaron Hamid
-> CIT/I&D
-> Cornell University
->
-> Rudi Verago [vlain] wrote:
->
-> >I need user/call authentication in a swing application.
-> >Beginnig I want to use SAML and SSO but opensaml implementation has no
documentation and samples, then I try
-> >XACML but nothing; same thing for xml security at Apache: without sample
it's hard.
-> >Axis auth methods aren't safe.
-> >Now I try to implement JAAS real on tomcat and ssl connection.
-> >Is it the "simple" only solution?
-> >Thanks,
-> >
-> >~~~~~~~~~~~~~~~
-> >Rudi Verago [vLAiN]
-> >[EMAIL PROTECTED]
-> >~~~~~~~~~~~~~~~
-> >
-> >
-> >
->
->
~~~~~~~~~~~~~~~
Rudi Verago [vLAiN]
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~
