|
Hello Chris, I don’t know if it
would be possible “to invoke dynamically the WSS4J security
handlers” (I am currently reading an article about dynamic handler chains
in Axis2). I guess that it would be
easier to use the WSS4J API for WS-Security processing directly. Check this: http://ws.apache.org/wss4j/api.html De : Chris Nappin
[mailto:[EMAIL PROTECTED] Hi, I have a requirement to use two different
security solutions on one web service: -
HTTPS -
HTTP with WSS (TBC,
probably Signatures) Ideally I’d like to be able to deploy the service
as one web application on one JVM. Is it possible to invoke the WSS4J security
handlers dynamically from within my service? For example, when first receiving
the request: if (!request.isSecure()) { ..check
signature is valid.. } else { ..don’t
need to worry.. } Then when sending a response: if (!request.isSecure()) { ..sign
the response.. } else { ..leave
response alone.. } Thanks,
Technical Architect CONFIDENTIALITY &
PRIVILEGE NOTICE This e-mail is
confidential to its intended recipient. It may also be privileged. Neither the
confidentiality nor any privilege attaching to this e-mail is waived lost or
destroyed by reason that it has been mistakenly transmitted to a person or
entity other than its intended recipient. If you are not the intended recipient
please notify us immediately by telephone or fax at the numbers provided above
or e-mail by Reply To Author and return the printed e-mail to us by post at our
expense. We believe, but do not warrant, that this e-mail and any attachments
are virus-free, but you should check. We may monitor traffic data of both
business and personal e-mails. We are not liable for any opinions expressed by
the sender where this is a non-business e-mail. If you do not receive all the message,
or if you have difficulty with the transmission, please telephone us
immediately. |
TR: Dynamic server security configration?
zze-ELSOKHON Tony RD-BIZZ-ISS Tue, 06 Sep 2005 02:57:45 -0700
