Edson Camargo and I have recently been experimenting with the
implementation in the trust2 directory. I think that implementation does
work, although it requires some wsdd configuration that might not be
documented anywhere (see the end of this email for specifics). I think
Edson is working on trying to add support for SAML tokens.
It does work as both a client and server implementation, but I'm sure
it's not feature complete. If we could integrate some of your work, we
might be able to fill in some of the gaps. Sound any good?
I do see value in supporting both specification versions, although the
older one is probably the higher priority as you mention.
David
WSDD Configuration for trust2 Sample Service:
...
<service name="SampleSecurityTokenService" style="document" use="literal">
<parameter name="allowedMethods" value="*"/>
<parameter name="className"
value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust";
qname="ns:RequestSecurityToken"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
encodingStyle=""/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust";
qname="ns:RequestSecurityTokenResponse"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
encodingStyle=""/>
<operation name="exchange" qname="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust";
returnQName="ns1:RequestSecurityTokenResponse"
returnType="ns1:RequestSecurityTokenResponse">
<parameter qname="ns1:RequestSecurityToken"
type="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
</operation>
</service>
Matt Lewis wrote:
I had a look at the two in the sandbox packages and they weren't very
functional. It would be great to get one of these fully working. Would
you see value in attempting to support both WS-T specifications
(2004-04/2005-02)? Due to the server implementation I'm restricted to
2004-04.
Matt
David Del Vecchio wrote:
There actually are already a couple of WS-Trust implementations in the
WSS4J repository, but perhaps we could integrate and merge your efforts.
David
Matt Lewis said:
As part of a work related project I've been responsible for a WS-Trust
web service client implementation. This is now fully functional and
implemented in Java making very basic use of Apache Axis 1.2.1 (for the
SOAP envelope and call). The WS-Trust server is entirely Microsoft
based.
I'd very much like to contribute to the WSS4J project - clearly WS-T is
going to be a major MS webservices component in the near future and it
would be great to have an Open Source Java implementation out there.
Regards,
Matt Lewis
Davanum Srinivas wrote:
+1 from me. Have they sent the interop doc yet? or the endpoints for
WS-T and WS-SecConv?
-- dims
On 9/30/05, Granqvist, Hans >[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED] For
additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
