Hi Robert,
Well, thanks but this is not enough information to do the work.
>
> Crypto crypto = CryptoFactory.getInstance("crypto.properties");
> WSEncryptionPart part = new
> WSEncryptionPart(soapConstants.getBodyQName().getLocalPart(),
>
> soapConstants.getEnvelopeURI(),
> "Content");
>
> What content must be in the crypto.properties file? How can I specify the
> certificate, transformation algorithms, cryptographic algorithm to use.....?
>
I think this test case 15 [1] will give you a better understanding how
encrypt a SOAP message. If you go through all the test cases you will see
how SOAP messages are signed/encrypted using WSS4J. Crypto properties file
used for above test case is this [2]. I know having test cases which shows
how to do things is not at all an excuse for not having proper documentation
and we will surely try to improve the documentation in the site. But for the
moment, I think these information will help you to get things done.
What does "Content" mean?
>
In XML encryption, there are two methods to encrypt an XML element. You can
either encrypt the entire XML element or only encrypt the content of the XML
element. Read this [3] for more information. When encrypting the SOAP Body
we only encrypt the content of the Body element so that SOAP envelope
structure is always preserved.
thanks,
nandana
[1] -
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNew15.java?view=markup
[2] -
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/cryptoSKI.properties?view=markup
[3] - http://www.w3.org/TR/xmlenc-core/#sec-eg-Granularity
>
>
>
> 2008/6/13 Fred Dushin <[EMAIL PROTECTED]>:
>
>> You're right -- the high-level API links are broken. I'll look into what
>> happened.
>> For now, try using
>>
>> http://people.apache.org/~fadushin/stage/wss4j/1.5.4/site/api.html<http://people.apache.org/%7Efadushin/stage/wss4j/1.5.4/site/api.html>
>>
>> That's the version we "voted" on, and it seems to have all the right
>> information.
>>
>> -Fred
>>
>> On Jun 13, 2008, at 6:45 AM, Robert Wierschke wrote:
>>
>> Hi,
>>
>> how can I sign/verify signature/enrypt/decrypt a SOAP message with WSS4J?
>>
>> I tried to find some documentation for this but there seems do me nothing
>> useful. The few I found don't work at all. The "best" documentation I found
>> is the javadoc http://ws.apache.org/wss4j/apidocs/index.html but it
>> contains seldom more than the message signatures. I can't find any "how to"
>> or useful info on the web sites. The links on
>> http://ws.apache.org/wss4j/ does either not work or not lead do anything
>> useful.
>>
>> So how to I use WSS4J for securing my SOAP? Where can I find
>> documentation?
>>
>> regards
>> robert
>>
>>
>> P.S: The documentation for Axis2, Rampart, XML-Security is also non
>> existent.
>>
>>
>>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
