Hi, On 11/18/05, Laurence Brockman <[EMAIL PROTECTED]> wrote: > Exactly! What I'm wondering though is what are the components that make > up the QName? > > The QName would be calculated using two values, the first being a > Namespace and the other being a local name (Or local part according to > the XML specification). > > Would the namespace for the Kerberos instance be > "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1"; > and the local name be "BinarySecurityToken"? > > I read that the namespace above would map to the prefix "wsse" and would > make the Qname be "wsse: BinarySecurityToken".
Seems like the namespace should be : http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd in the case of wsse:BinarySecurityToken And the 'ValueType' attribute of wsse:BinarySecurityToken element should be set appropriately using the URI starting with http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1 > > In the draft on page 10 of 19, they have the following line in the > example: > > <wsse:Security xmlns:wsse="..."> > > Would the contents of this namespace ("...") be the Kerberos namespace > (This "http://docs.oasis-open.org/...)? > > Once I've done the receiver then I will move on to the sender portion, > but for now the critical part of the project I am working on is the > receiver portion. After I've completed the work, would you guys be > interested in the code I implement? > > Thanks! > > -----Original Message----- > From: Werner Dittmann [mailto:[EMAIL PROTECTED] > Sent: November 17, 2005 11:28 PM > To: Laurence Brockman > Cc: [EMAIL PROTECTED]; [email protected] > Subject: Re: WSS4J and Kerberos signatures > > Laurence, > > on the receiver side the code is trigge "automatically" if a > Kerberos QName is detected and the processor gets loaded. > > On the sender side please ahave a look at WSHandler.java, > doSenderAction(). For the sender you shall define an action > (similar to the processor at the receiver). Its the same > technique on both sides (something like a plugin). > > Regards, > Werner > > Laurence Brockman wrote: > > Ok, I feel kind of sheepish about asking this question, but looking at > > the WSDoAllReceiver code I've begun adding in the hooks for the > Kerberos > > code (Adding what I think are the appropriate checks for a new case in > > various classes) I'm not sure what to do to trigger it to actually > > execute the new class that I am making. > > > > The QName has to match in when looking at the security headers to get > it > > to execute the appropriate processor (Kerberos in this case). The > QName > > is created based on the NS and LN attribute for other cases and I'm > > unsure of what to use for the Kerberos cases below to get it to > > instantiate the appropriate QName object. > > > > If anyone could provide some guidance I would definitely appreciate > it. > > I believe the name space should be that defined in the draft > > > ("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1";) > > but I'm not sure of this. > > > > Here's what I have done so far: > > > > In WSConstants.java (This is what I'm not sure of): > > > > /* > > * The definitions for Kerberos -- This is what I am unsure of how > > to set. > > */ > > public static final String KERBEROS_NS = ""; > > public static final String KERBEROS_LN = ""; > > > > And > > > > /* > > * Added by Laurence Nov 16, 2005 for Kerberos authentication > > */ > > public static final int KERBEROS = 0x400; > > > > > > In WSSConfig: > > > > Added a case to the getProcessor method to return > > "org.apache.ws.security.processor.KerberosProcessor" when it matches > > WSSecurityEngine.KERBEROS_TOKEN > > > > > > /** > > * <code>KERBEROS</code> as defined by KERBEROS Specification > > */ > > public static final QName KERBEROS_TOKEN = new > > QName(WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN); > > > > In WSSecurityEngine: > > Added in the new QName to be created: > > public static final QName KERBEROS_TOKEN = new > > QName(WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN); > > > > To WSHandlerConstants: > > I added the below constant > > > > /** > > * Perform a Kerberos identification. > > */ > > public static final String KERBEROS = "Kerberos"; > > > > Within decodeAction: > > } else if (single[i].equals(WSHandlerConstants.KERBEROS)) > { > > doAction |= WSConstants.KERBEROS; > > actions.add(new Integer(WSConstants.KERBEROS)); > > } > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Thanks, -- Ruchith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
