On Mon, Oct 11, 2010 at 20:03, Daniel Kulp dk...@apache.org wrote:
On Saturday 09 October 2010 9:13:27 am Andreas Veithen wrote:
On Fri, Oct 8, 2010 at 18:13, Daniel Kulp dk...@apache.org wrote:
And I think this is where the issues may start popping up, but definitely
resolvable. If you
On Saturday 09 October 2010 9:13:27 am Andreas Veithen wrote:
On Fri, Oct 8, 2010 at 18:13, Daniel Kulp dk...@apache.org wrote:
And I think this is where the issues may start popping up, but definitely
resolvable. If you look at the CXF survey, one of the MAJOR areas of
improvement for
On Fri, Oct 8, 2010 at 18:13, Daniel Kulp dk...@apache.org wrote:
On Friday 08 October 2010 7:23:55 am Andreas Veithen wrote:
The other alternative is to leave WSS4J unchanged and to let the SAAJ
implementation materialize the different parts of the object model on
demand. I have a working PoC
On Tue, Sep 28, 2010 at 22:58, Daniel Kulp dk...@apache.org wrote:
On Tuesday 28 September 2010 3:00:27 pm Oliver Wulff wrote:
Hi all
CXF delegates all the incoming security token processing down to WSS4J
which requires the SAAJ interceptor due to the requirement of a dom tree.
If you don't
On Friday 08 October 2010 7:23:55 am Andreas Veithen wrote:
The other alternative is to leave WSS4J unchanged and to let the SAAJ
implementation materialize the different parts of the object model on
demand. I have a working PoC that does this. It currently implements
an alternative
Hi all
CXF delegates all the incoming security token processing down to WSS4J which
requires the SAAJ interceptor due to the requirement of a dom tree.
If you don't use a SAML token as a signing or encryption token (holder-of-key)
you can validate the soap header and its signature without