Thanks Ruchith.. One aspect of the prototype that I'm developing is demonstration of agile policy enforcement, i.e., coordinated adjustment of security policies when conditions warrant.
Looking at the sample software provided with rampart, specifically sample11, it appears that OutflowConfiguration and InflowConfiguration support runtime policy changes. These classes are deprecated in the rampart v1.1.1 release - is there an alternative set of classes that I can use to provide this? Thanks again, Jackson Wynn -----Original Message----- From: Ruchith Fernando [mailto:[EMAIL PROTECTED] Sent: Monday, January 29, 2007 8:39 PM To: [email protected] Subject: Re: rahas v1.1 capabilities.. You can post rampart/rahas related questions to [email protected] list :-) Thanks, Ruchith On 1/30/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > Hi, > > > On 1/30/07, Wynn, Jackson E. <[EMAIL PROTECTED]> wrote: > > > > > > Apologies to all if this is posted to the wrong group... > > > > I am developing a prototype using Axis 2 and would like to learn more about > > what WS-Trust capabilities rahas v1.1 supports. After reviewing the rampart > > 1.1 code base, it appears that the STS implemented with rahas v1.1 supports > > issuance and cancellation of SAML v1.1 and SCT tokens only. STS token > > renewal and challenge/response are not supported. > > > > Is this a correct assessment? Is <SignChallenge> or Key Exchange Tokens > > supported? > > Yes the statement is correct! We do not support challange/response > protocol and we don't have any renewers by default with rahas *yet*. > > > > > When I enable rahas for a web service, the ?wsdl for that services does not > > include STS request functions - is there a wsdl specification for the STS > > service that a web client application would use to request security tokens? > > This is another issue that we will have to improve. Please raise a > JIRA issue [1] on this. > > However this2] is the wsdl for the STS defined by the WS-Trust spec. > Thanks, > Ruchith > > [1] https://issues.apache.org/jira/browse/RAMPART > [2] http://schemas.xmlsoap.org/ws/2005/02/trust/WS-Trust.wsdl > > > > > Thanks, > > > > Jackson Wynn > > > > Lead INFOSEC Engineer > > The MITRE Corporation > > Bedford, MA > > > > (781) 271-3419 > > > -- > www.ruchith.org > www.wso2.org > -- www.ruchith.org www.wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
