[
https://issues.apache.org/jira/browse/AXIOM-316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andreas Veithen resolved AXIOM-316.
-----------------------------------
Resolution: Won't Fix
Fix Version/s: (was: 1.3)
This will probably never be included in the Axiom code base. Reasons:
* This JIRA issue is stalled for more than two years and there is obviously no
longer any interest of the authors to integrate that code into Axiom (and to
maintain it).
* In contrast to what has been claimed in one of the previous comments, the
code is clearly a fork of the Santuario project (org.apache.xml.security).
Although there is no legal issue with that, for obvious reasons we would have
to discuss that with the Santuario folks before adding the code to Axiom.
* In order to have a full Axiom-only WS-Security implementation in Axis2, one
would also have to fork WSS4J. [1] explains why this is not a good approach.
[1] http://markmail.org/thread/nomij6tx66fqwad2
> Axiom based XML Security Implemenation
> --------------------------------------
>
> Key: AXIOM-316
> URL: https://issues.apache.org/jira/browse/AXIOM-316
> Project: Axiom
> Issue Type: Improvement
> Reporter: Saliya Ekanayake
> Assignee: Nandana Mihindukulasooriya
> Attachments: thomara.zip, thomara_updated.zip
>
>
> Apache Axis2 has proven its performance over other Web services engines over
> the past couple of years. Its success mainly comes through the usage of
> Apache Axiom, which is an XML infoset model based on the StAX API. Axis2,
> however, handles Web services security by means of the Apache Rampart which
> in turn depends on DOM based implementations of XML security and WS-Security.
> The main deficiency of this is the performance loss due to object model
> conversion. Therefore, it is mandatory to come up with an Axiom based
> security implementation to regain the performance of Axis2 in the case of
> handling secured messages.
> The zip file included in the JIRA contains a completely Axiom based
> implementation of XML Security which implements the following two
> specifications.
> 1. XML Encryption Syntax and Processing at http://www.w3.org/TR/xmlenc-core/
> 2. XML Signature Syntax and Processing (Second Edition) at
> http://www.w3.org/TR/xmldsig-core/
> Thus, it would be useful for the Apache community and for others who use
> Axis2 to have this code under Apache. A WS-Security implementation based on
> Axiom could follow up on top of this afterwards to fulfi the requirement of
> an Axiom based security implementation.
> Thanks,
> Saliya
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
