yes. it's usable. if u have a build problem, ask for help on fx-dev mailing list
On Fri, 29 Oct 2004 22:07:05 +0000, Ben Anderson <[EMAIL PROTECTED]> wrote: > is wss4j even usable at this point? I downloaded the source > yesterday, but it wouldn't build. > > On Fri, 29 Oct 2004 13:04:34 -0400, Greg Michalopoulos > <[EMAIL PROTECTED]> wrote: > > Check out wss4j from Apache (http://ws.apache.org/ws-fx/wss4j/). This is an > > implementation of the WS-Security spec. Documentation is a little weak at > > this point in time, but I was about to use the UsernameToken in the SOAP > > header and a password callback class to authenticate a user making a > > request. The spec outlines ways to encrypt and sign SOAP messages as well. > > > > Greg > > > > > > > > -----Original Message----- > > From: Wagle, Shriniwas [mailto:[EMAIL PROTECTED] > > Sent: Friday, October 29, 2004 10:23 AM > > To: [EMAIL PROTECTED] > > Subject: RE: adding security to webservices in axis > > > > We implemented security at the transport level using SSL with > > client-authentication. > > The good thing about this is the web services code does not have to deal > > with security related aspects at all. It works well, and in a predictable > > manner. > > We had a binary level of security - either a client can invoke the web > > service or not. We didn't have tiered security or diff levels of > > authorization. Having to deal with that will complicate this solution. > > > > The negative aspect is the overhead in managing all the certs and keys > > floating around and ensuring the security policy is well understood and > > adhered to. > > > > The latest JAX RPC comes with message level security. You might want to > > explore that but I believe the standardization in that area is not yet > > complete. So not sure about the level of interoperability needs on your > > project and the impact of using something non-standard. > > > > -----Original Message----- > > From: Marco Mistroni [mailto:[EMAIL PROTECTED] > > Sent: Thursday, October 28, 2004 4:43 AM > > To: [EMAIL PROTECTED] > > Subject: adding security to webservices in axis > > > > Hello all, > > I have a question for axis mailing list.. > > I would like to add security to my axis webservice, and I am looking For > > tips.. > > What I want to avoid is to going and modify the web.xml in tomcat for adding > > Users.... > > I am sure that there is at least someone on this list which came across This > > problem... > > > > Any hints will be appreciated... > > > > Thanks in advance and regards > > marco > > > > > -- Davanum Srinivas - http://webservices.apache.org/~dims/
