Hi Amila, On Wed, 14 Sep 2011 21:52:48 +0530 Amila Jayasekara <ami...@wso2.com> wrote:
> > > > That may make sense. Updating to Neethi 3, removing the Axiom > > stuff (would be a requirement for use with CXF), etc... is also a > > big step. We'd likely need to look at the CXF policy model and > > double check on new things. We've added support for a bunch of > > extra token types (like Kerberos and SAML and others) that would > > likely need to be pulled back in. We've also added a bunch of > > validation things (for post processing) that we'd likely want to > > make sure work in the streaming cases as well. (like the XPath > > expressions and such) > > Marc,Dan > I am trying to figure out possible effects on apache rampart, with > above change. Ideally we would like to plug swsf independently. I am > having following concerns related to this. > > I am +1 for the idea of having a sub-module for WS-Policy code. > Dan, i am bit concerned about "removing axiom stuff" > First is this change going to be a custom development for CXF only or > else are we planning to apply this to new (2.0) WSS4J framework ? > After swiftly going through swsf code, i realised that it still uses > axiom in its policy processing code. If we are planning to apply this > change to WSS4J 2.0 framework, what are we going to use in-place of > axiom ? swssf has no need to use Axiom. It's just a dependency from Neethi 2.0.4 to read the policies. Whatever neethi uses to build the policy so will swssf. > > Marc, in addition i also saw a dependency to cxf-rt-bindings-soap. > Could you please explain the usage of this within swsf ? cxf dependencies are just there for an cxf-integration test and to demonstrate the easy integration into cxf. It will be removed. To be clear: swssf has in reality just the following dependencies: Of course there is a StAX Parser needed. swssf should work with any StAX parser. Woodstox just seems to be the fastest: <groupId>org.codehaus.woodstox</groupId> <artifactId>wstx-asl</artifactId> I like commons-logging so this was choosen as logging wrapper: <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> For streaming Base64 encoding/decoding: <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> Policy parsing: <groupId>org.apache.neethi</groupId> <artifactId>neethi</artifactId> SAML Token processing: <groupId>org.opensaml</groupId> <artifactId>opensaml</artifactId> replay detection etc: <groupId>jcs</groupId> <artifactId>jcs</artifactId> That's it. All other dependencies are either pulled in by these deps or used for demonstration. Everything else would be a bug in swssf. Marc > > Thanks > AmilaJ > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org