Juergen, did you look at http://ws.apache.org/ws-fx/wss4j/ ???
-- dims On Mon, 13 Sep 2004 16:07:57 +0200 (CEST), [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi there, > > I would like to propose to add a branch (well, a namespace) > to the sources containing some classes to facilitate > adding WSS features to the axis-SOAP-engine. The classes i wrote, > i wrote using apache xml security, so maybe i thought it would > be nice to add them either to the official source or to the samples. > > I have the following use cases completed: > - signing of requests > - signing of responses > (both cases configurable if a JKS keystore or a PKCS12-container holds > the keys - it is certainly possible to implement a wider variety here!) > - simple verification of signed requests (actually this is pretty much > the same as the axis sample) > - simple verification of signed responses (actually this is pretty much > the same as the axis sample) > - configurable verification of requests/responses > - must the request/response be signed? > - must the certificate be trusted? > - must the certificate contain a CRLDP? > - must the CRL be accessible? > - ... this can certainly be extended with configuration options for > a finer grained policy. > The last variant is depending on the IAIK crypto provider (because of its > inbuilt support for easily retrieving and checking of CRLs) > > The Encryption support currently is being tested. There is only one use case > as of yet: > - responses to signed requests are encrypted using the public key found > in the certificate, nodes to encrypt are selected based on xpath > expressions > specified in the server-config.wsdd. > > Do you think, this could be an useful extension of project xml-security? > I am a little hesitant, because it hinges on two dependencies: axis and > xml-security - do you think it would be better off below axis? > > Juergen Key > -- Davanum Srinivas - http://webservices.apache.org/~dims/
