Re: mapping .net ws policies to client wsdd-properties

Fri, 10 Nov 2006 09:58:07 -0800 

Ed,

Please look at the Security Policy support in Axis2/Rampart.

thanks,
dims

On 11/10/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:


you will find what you're looking for in in the 
<wss4j-install-dir>\interop\org\apache\ws\axis\oasis.  in there you will find 
configs for client and corresponding server config.

Thanks,
Ed





To: "wss4j-dev" <[email protected]>

Subject: mapping .net ws policies to client wsdd-properties
I've surfed the internet looking for a tutorial on how to invoke a secured .net 
web service from a java client using WSS4J but till now I haven't successed.
 I have the p12 file needed to invoke the web service but I have no idea on how 
to write the wsdd file for the client, the cripto.properties because the only 
available examples on the internet are on username token while i need signature 
+ encrypting.

 How should I map the info contained in the following .net policies file to the 
wsdd file?

 Thanks in advance.

 Davide Palena

 <policies xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " 
xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy"; xmlns:wssp="http://schemas.xmlsoap.org/ws/2002/12/secext " 
xmlns:wse="http://schemas.microsoft.com/wse/2003/06/Policy"; xmlns:wsse=" 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; 
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing";>
     <wsp:Policy wsu:Id="Richiesta">
       <wssp:Integrity wsp:Usage="wsp:Required">
         <wssp:Algorithm Type="wssp:AlgSignature" URI=" 
http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
         <wssp:TokenInfo>
           <wssp:SecurityToken>
             <wssp:TokenType> 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wssp:TokenType>
             <wssp:TokenIssuer>C=IT, S=MI, L=Segrate, O=CILEA, CN=cacert.cilea.it , 
[EMAIL PROTECTED]</wssp:TokenIssuer>
             <wssp:Claims>
               <wssp:SubjectName MatchType="wssp:Exact">C=IT, S=MI, L=Segrate, 
O=CILEA, CN=MetaMotore, E= [EMAIL PROTECTED]</wssp:SubjectName>
               <wssp:X509Extension OID="2.5.29.14" 
MatchType="wssp:Exact">CpnvqsNwR07wtZZ27UKWxKRqfTU=</wssp:X509Extension>
             </wssp:Claims>
           </wssp:SecurityToken>
         </wssp:TokenInfo>
         <wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part "> 
wsp:Body() wsp:Header(wsa:Action) wsp:Header(wsa:From) wsp:Header(wsa:MessageID) wsp:Header(wsa:To) 
wse:Timestamp() </wssp:MessageParts>
       </wssp:Integrity>
       <wssp:Confidentiality wsp:Usage="wsp:Required">
         <wssp:Algorithm Type="wssp:AlgEncryption" 
URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />
         <wssp:KeyInfo>
           <wsse:SecurityTokenReference>
             <wsse:KeyIdentifier 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier
 ">GGcX/rHNV9O8an0FK6vkviDSpCc=</wsse:KeyIdentifier>
           </wsse:SecurityTokenReference>
         </wssp:KeyInfo>
         <wssp:MessageParts Dialect=" 
http://schemas.xmlsoap.org/2002/12/wsse#part";>wsp:Body()</wssp:MessageParts>
       </wssp:Confidentiality>
     </wsp:Policy>
     <!-- xxx -->
     <wsp:Policy wsu:Id="Risposta">
       <wssp:Integrity wsp:Usage="wsp:Required">
         <wssp:Algorithm Type="wssp:AlgSignature" 
URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1 " />
         <wssp:TokenInfo>
           <wssp:SecurityToken>
             <wssp:TokenType> 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wssp:TokenType>
             <wssp:TokenIssuer>C=IT, S=MI, L=Segrate, O=CILEA, CN=cacert.cilea.it , 
[EMAIL PROTECTED]</wssp:TokenIssuer>
             <wssp:Claims>
               <wssp:SubjectName MatchType="wssp:Exact">C=IT, S=MI, L=Segrate, 
O=CILEA, CN=ServiziFull, E= [EMAIL PROTECTED]</wssp:SubjectName>
               <wssp:X509Extension OID="2.5.29.14" 
MatchType="wssp:Exact">GGcX/rHNV9O8an0FK6vkviDSpCc=</wssp:X509Extension>
             </wssp:Claims>
           </wssp:SecurityToken>
         </wssp:TokenInfo>
         <wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part "> 
wsp:Body() wsp:Header(wsa:Action) wsp:Header(wsa:From) wsp:Header(wsa:MessageID) wsp:Header(wsa:To) 
wse:Timestamp() </wssp:MessageParts>
       </wssp:Integrity>
       <wssp:Confidentiality wsp:Usage="wsp:Required">
         <wssp:Algorithm Type="wssp:AlgEncryption" 
URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />
         <wssp:KeyInfo>
           <wsse:SecurityTokenReference>
             <wsse:KeyIdentifier 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier
 ">CpnvqsNwR07wtZZ27UKWxKRqfTU=</wsse:KeyIdentifier>
           </wsse:SecurityTokenReference>
         </wssp:KeyInfo>
         <wssp:MessageParts Dialect=" 
http://schemas.xmlsoap.org/2002/12/wsse#part";>wsp:Body()</wssp:MessageParts>
       </wssp:Confidentiality>
     </wsp:Policy>




________________________________








 The information in this email, and any attachments, may contain
 confidential information and is intended solely for the attention
 and use of the named addressee(s). It must not be disclosed to any
 person(s) without authorization. If you are not the intended
 recipient, or a person responsible for delivering it to the
 intended recipient, you are not authorized to, and must not,
 disclose, copy, distribute, or retain this message or any part of
 it. If you have received this communication in error, please notify
 the sender immediately.





--
Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers)

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to