If you are interested you could use JavaScript with the E4X extension to
access this secured service using the WSO2 Mashup Server [1]. Accessing
Secured services using the Mashup Server is pretty simple and is as easy as
this,
Assuming that there is a service called foo which requires request to be
signed using a X509 certificate (I create a Dummy service called foo in the
Mashup Server itself and secured it so that clients have to sign the
request. This can be done with the click of a button ;)). The foo service
has a operation called bar which requires two parameters name and age. Here
is my client for this scenario,
function invokeBar(){
var request = new WSRequest();
request.openWSDL("http://localhost:7762/services/keith/foo?wsdl",false,
new Array());
var payload = keith26;// I can
construct the payload in this fashion because the Mashup Server supports
E4X. This makes XML a first class data type.
request.send("bar",payload);
return request.responseXML;
}
This simple client can access the secured service created above.
Now one might wonder where are the keystores to be used for this scenario.
Well each user in the Mashup Server has his own keystore and in this case
the Mashup Server processors the WSDL of the service and realizes that the
request message needs to be signed. And hence it uses the private key of the
user to sign this message. Private keys can be uploaded to the Server using
the UI.
For more details you can refer the Mashup Server Documentation [2]. The WSO2
Mashup Server is built on top of Axis2 and uses rampart to secure and access
secured services. Its available under the apache license hence you can
download it and give it a try.
Please feel free to ask any questions if your interested.
Thanks,
Keith.
[1] http://wso2.org/project/mashup
[2] http://wso2.org/project/mashup/1.5/docs/index.html
On Mon, Jul 21, 2008 at 4:49 PM, Tomás Tormo <[EMAIL PROTECTED]> wrote:
> Hello!
>
> I have to communicate with a webservice wich needs signed SOAP messages in
> order to ensure communications. I'm using Axis in order to create the SOAP
> messages but my problem is that i don't really know how to sign the messages
> before sending them. I've been told that I should add a reference to a
> subclass of BasicHandler in my client-config.wsdd and use that subclass in
> order to access the generated XML and sign it with the XMLSecurity library.
> I've never used the client-config.wsdd file to communicate with a
> webservice...
>
> ¿Could anybody provide me any example/link about this? ¿Or how to modify a
> SOAP message?
>
> --
> Un saludo,
>
> Tomás Tormo Franco
>
> Indenova, S.L.
> Tels.: +34 963 81 99 47 ext.519http://www.indenova.commailto:[EMAIL
> PROTECTED] <[EMAIL PROTECTED]>
>
>
--
Keith Chapman
Senior Software Engineer
WSO2 Inc.
Oxygenating the Web Service Platform.
http://wso2.org/
blog: http://www.keith-chapman.org
