Thanks for the answer, it's clear :-)
Did you have time to look at the two patches I sent some times ago ?
It was about "How to avoid the node passed to xmlSecEncCtxXmlEncrypt to
be released" and "Detached signature validation problem"
And Alexandre, of course I'm interested in a WS-Security library over
xmlsec, especially to handle the different kind of WS-token and the
additionnal so-called STR Dereference Transform. But I'm not sure that
an additional library is necessary. I think that if there is a mechanism
i n xmlsec to handle (as for instance with callback functions) child
elements of ds:KeyInfo that don't belong to the XML signature namespace,
it should be enough to retrieve the key information associated to a
WS-token. Then any SOAP toolkit could be used to handle secured SOAP
requests. But I must agree I didn't investigate that much, I still need
to understand the XML-Security spec before to look into the WS-Security
spec.
Thanks a lot,
Frank
Aleksey Sanin a écrit :
I accept patches :)
Aleksey
Frank Gross wrote:
Hi,
I've read the WS-Security spec from OASIS, and saw that some
WS-Security tokens can be child of a ds:KeyInfo node. Are there any
plans to support WS-Security or at least a mechanism to extend xmlsec
in order to handle such WS-Security token when signing or validating
a document ?
Regards,
Frank
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
xmlsec@aleksey.com
http://www.aleksey.com/mailman/listinfo/xmlsec