In the Parameter config, the username/password has to be hardcoded in
the client.axis2.xml file. So it essentially means that you have to
change the username/password for every new user (or maybe have separate
installations for every user).
With the Policy config however, the username/password combo is retrieved
via the password callback handler class. The username/password can be
retrieved from any authentication backend you can think of. As such, you
can dynamically set the username/password from the client code.
Cheers
Sanjay
-Original Message-
From: Roxanne Yee [mailto:[EMAIL PROTECTED]
Sent: 15 July 2008 08:09
To: axis-user@ws.apache.org
Subject: RE: Rampart: Policy versus Parameters
Dynamically? How so?
Thanks.
=RY
-Original Message-
From: Sanjay Vivek [mailto:[EMAIL PROTECTED]
Sent: Mon 7/14/2008 8:25 PM
To: axis-user@ws.apache.org
Subject: RE: Rampart: Policy versus Parameters
The policy method is far more flexible. It allows you to
dynammically set the username/password (which cannot be done
by the Parameter method) and much more.
Cheers
Sanjay
-Original Message-
From: Roxanne Yee [mailto:[EMAIL PROTECTED]
Sent: Mon 14/07/2008 18:35
To: axis-user@ws.apache.org
Subject: Rampart: Policy versus Parameters
I was just wondering, what method of WS-Security with Rampart
do most people use and find the easiest: the Policy method
(with the RampConfig element) or the Parameter method (with
the InflowSecurity and OutflowSecurity parameters in services.xml)?
Thanks.
= RY
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]