Re: RM+Security

Wed, 26 Jul 2006 10:25:13 -0700 

Hi All,
The "Security Considerations" section in the WS-RM specification (http://xml.coverpages.org/ws-reliablemessaging20030313.pdf) provides few recommendations regarding the use of RM and Security. 


So it seems to me that we should have some understanding in WS-Security 
regarding the RM specific messages such as create sequence to adhere to 
those recommendations. So mere knowledge in the module level will not be 
enough.


Any thoughts?

Thanks,
-Jaliya



----- Original Message ----- 


From: "Sanjiva Weerawarana" <[EMAIL PROTECTED]>
To: "Matthew Lovett" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Wednesday, July 26, 2006 12:29 PM
Subject: Re: RM+Security



On Wed, 2006-07-26 at 12:14 +0100, Matthew Lovett wrote:

Hi Chamikara,

Sorry for the delay - I was on vacation for a couple of days. I'm afraid
the integration with Rampart is an exercise for the reader (as they say!)
The code I contributed should allow Sandesha to be composed with any
security provider. The interface is fairly generic, and I think it
represents the minimum required for successful integration. Have you any
specific comments about the code?


The handoff between Security and RM is encapsulated in the 
SecurityManager
and SecurityToken interfaces. I included javadoc to explain their 
methods,

as well as an overview at the top of each class.

I would like to see Sandesha composed with Rampart, but I don't know
enough about Rampart to know if it can fulfil these interfaces.


I'm not an expert on RM+Security but I'd like to understand why module
level composition cannot be sufficient to solve this. That is, I'd like
to understand the security requirement from RM point of view to see
whether it can be solved by "dropping in" the Rampart module. Can you
please give a high level explanation of the bits and how they partake at
runtime?

Thanks,

Sanjiva.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to