Hi Werner, If possible, can you please give me some points as to what we need to do to get sig-confirmation working with handler chaining in Axis 1.x.
I'm trying to do the same with Axis2 security module. > Sep 6, 2005: Extending WSS4J to the new OASIS specs - first impl of > SignatureConfirmation : > > If anybody is going to test this _and_ uses the handler chaining > feature of WSS4J pls ask for additional info. In this case one > specific modification in the WSDD files may be required. Thanks, Ruchith On 9/6/05, Werner Dittmann <[EMAIL PROTECTED]> wrote: > All, > > with the next checkin a first step of the SIgnatureConfirmation > feature of WSS 1.1 is done. > > Because of some open issues with the spec this first implementation > assumes: > > - generate SignatureConfirmation for every Signature of every > wsse:Security header of the request - there my be several > wsse:Security headers in one request (with different actor/role) > > - place all SignatureConfirmation elements together in one > wsse:Security header of the response. This because it is not > necessary that the wsse:Security headers have a one-to-one > relationship with the request headers. > > - do not sign SignatureConfirmation yet - here are IMHO some open issues > in the spec > > - do not encrypt even if the Signature block of the request was > encrypted. I doubt if such an encryption makes sense. > > To enable and test this feature you need to download the source > from SVN (trunk head), set the variable "enableSignatureConfirmation" > to "true" (for the time being it set to "false" by default). > > If anybody is going to test this _and_ uses the handler chaining > feature of WSS4J pls ask for additional info. In this case one > specific modification in the WSDD files may be required. > > Regards, > Werner > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Ruchith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
