Thank you. This will shave a good lump of time off when i start reading through the code.
On Mon, Sep 17, 2012 at 5:48 PM, Colm O hEigeartaigh <[email protected]>wrote: > Hi Martin, > > You can find more information on what goes in the Signature Crypto > properties here (first section): > > http://ws.apache.org/wss4j/config.html > > Colm. > > On Sun, Sep 9, 2012 at 7:51 PM, martin <[email protected]> wrote: > > > In that case, i will respond in both places as well:) > > I clearly see the advantage of using the security policy instead, and i > > will. But my primary question still stands. Where do i find some more > > in-depth documentation of what exactly is possible to define in the > > security policies? Looking at > > http://cxf.apache.org/docs/ws-securitypolicy.html, i see more > > tutorial/example material, and that's well and good for understanding the > > basics. However, when i look in the security constants, as i said in my > > first post i only see information like. > > SIGNATURE_PROPERTIES > > > > public static final String > > <http://download.oracle.com/javase/1.5.0/docs/api/java/lang/String.html> > > *SIGNATURE_PROPERTIES* > > > > The Crypto property configuration to use for signature, if > > SIGNATURE_CRYPTO is > > not set instead. The value of this tag must be either: a) A Java > Properties > > object that contains the Crypto configuration. b) The path of the Crypto > > property file that contains the Crypto configuration. c) A URL that > points > > to the Crypto property file that contains the Crypto configuration. > > > > *See Also:*Constant Field > > Values< > > > http://cxf.apache.org/javadoc/latest/constant-values.html#org.apache.cxf.ws.security.SecurityConstants.SIGNATURE_PROPERTIES > > > > > What goes into this configuration? What kind of Java Properties object? > > These are the kinds of questions i would like answers to. I just cant > seem > > to find anything more concrete and in-depth than this. Does it exist? > > > > > > On Fri, Sep 7, 2012 at 8:41 PM, Daniel Kulp [via CXF] < > > [email protected]> wrote: > > > > > > > > I responded to your question on StackOverflow, but I'll repeat it here: > > > > > > Honestly, I would recommend NOT using the WSS4J interceptors directly > in > > > CXF at this point. Instead, define a WS-Security policy fragment that > > will > > > accurately describe the security requirements and attach that in the > > WSDL. > > > Then add the appropriate properties (described > > > http://cxf.apache.org/docs/ws-securitypolicy.html ) for the additional > > > information the policy runtime will need. > > > > > > The WS-Security Policy stuff is completely standards based and would be > > > supported by all the various runtimes. The security requirement become > > part > > > of the contract (WSDL) which is also important. > > > > > > > > > Dan > > > > > > > > > > > > On Sep 7, 2012, at 8:58 AM, martin <[hidden email]< > > http://user/SendEmail.jtp?type=node&node=5713715&i=0>> > > > wrote: > > > > > > > I walked through a number of tutorials and got a fairly simple > > timestamp > > > > signature encryption scheme going. > > > > But now i have to implement a more advanced solution, where each user > > > has > > > > their own keys and those keys can be found in multiple locations. > > > Needless > > > > to say i would have to post a lot of questions to get it to work. > > > Instead i > > > > have been looking for some documentation for the WS.Security In and > Out > > > > interceptors, more specifically what can go in the constructor map > and > > > how > > > > those objects should be structured, but i can't find anything apart > > from > > > a > > > > very non-helpful CXF api. > > > > > > > > Does anyone know where i can find some actual documentation/manual > type > > > > documents for the security interceptors and callback classes? Or does > > no > > > > such thing exist? > > > > > > > > > > > > > > > > -- > > > > View this message in context: > > > > > > http://cxf.547215.n5.nabble.com/Documentation-for-wss4j-interceptors-tp5713696.html > > > > Sent from the cxf-user mailing list archive at Nabble.com. > > > > > > -- > > > Daniel Kulp > > > [hidden email] <http://user/SendEmail.jtp?type=node&node=5713715&i=1> > - > > > http://dankulp.com/blog > > > > > > Talend Community Coder - http://coders.talend.com > > > > > > > > > > > > ------------------------------ > > > If you reply to this email, your message will be added to the > discussion > > > below: > > > > > > > > > http://cxf.547215.n5.nabble.com/Documentation-for-wss4j-interceptors-tp5713696p5713715.html > > > To unsubscribe from Documentation for wss4j interceptors, click here< > > > http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=5713696&code=c2t1bWxlcmVuQGdtYWlsLmNvbXw1NzEzNjk2fC0xNTEyNDYwMDA3 > > > > > > . > > > NAML< > > > http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml > > > > > > > > > > > > > > > > -- > > View this message in context: > > > http://cxf.547215.n5.nabble.com/Documentation-for-wss4j-interceptors-tp5713696p5713739.html > > Sent from the cxf-user mailing list archive at Nabble.com. > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
