Re: Setting WS-Addressing/WS-Trust/WS-SC versions for SCT request

Tue, 11 May 2010 23:02:48 -0700 

Hi Nandana,
I'll create a Jira with suggested changes, but I was hoping there was some way to set the versions already and I just wasn't seeing it. Are you saying there isn't? 

 - Dennis

Nandana Mihindukulasooriya wrote:

Hi Dennis,
         Can you please create JIRA for this. Better yet, as you are
familiar with the code, can you please attach a patch fixing the issue.

Best Regards,
Nandana

On Wed, May 12, 2010 at 6:17 AM, Dennis Sosnoski <[email protected]> wrote:


  

I'm running some WS-SecureConversation tests with Axis2 1.5.1 and Rampart
1.5, and saw that Rampart is using the
http://schemas.xmlsoap.org/ws/2005/02/trust namespace and actions for the
request to the STS, along with the
http://schemas.xmlsoap.org/ws/2004/08/addressing WS-Addressing and
http://schemas.xmlsoap.org/ws/2005/02/sc WS-SecureConversation versions.
How can I set Rampart to use the newer versions of these standards?

I'm using WS-SecurityPolicy 1.2, and have <sp:Trust13> and
<wsap:UsingAddressing xmlns="http://www.w3.org/2006/05/wsdl"/> tokens
included in the policy, so Rampart appears to be ignoring the policy and
just going with defaults for the request.

I did see that there's some logic in RampartMessageData to set these
versions from properties in the message context, but that logic appears
flawed (lines 168-178):

          //Extract known properties from the msgCtx
                    if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
              this.wstVersion =
TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
          }
                    if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
              this.secConvVersion =
TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
          }
         Note that this is calling TrustUtil.getWSTVersion() for both the
WS-Trust and the WS-SecureConversation version, so you'd have to use the
WS-Trust namespaces as values of the wscVersion property in order for this
to work. Worse, though, is that it looks like the options set on the
original Client are not passed in to the STSClient used by Rampart for the
STS request, so I don't see any way of setting the properties for the
STSClient from my application code.

Thanks,

 - Dennis

--
Dennis M. Sosnoski
XML and Web Services in Java
Training and Consulting
http://www.sosnoski.com - http://www.sosnoski.co.nz
Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117



    



  






















					Reply via email to