[prev in list] [next in list] [prev in thread] [next in thread] 

List:       rampart-dev
Subject:    Re: Using IncludeToken/Once
From:       Nandana Mihindukulasooriya <nandana.cse () gmail ! com>
Date:       2009-05-06 9:18:53
Message-ID: 9e2fff830905060206r19b2ba78j333b6301ff59621b () mail ! gmail ! com
[Download RAW message or body]


Hi Dennis,
       Nope, we don't extract certificate and cache it. If it is referenced
indirectly (eg. SKI, Thumbprint, etc), the certificate needs to be there in
the key store. Rampart doesn't support the behavior you have mentioned.

thanks,
Nandana

On Thu, Apr 23, 2009 at 5:35 PM, Dennis Sosnoski <dms@sosnoski.com> wrote:

> Does Rampart cache certificates to support a
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Oncetoken \
> inclusion property? If so, does the cache ever get cleared? 
> I'm wondering if this can be used to support sending a certificate from the
> client to a server only on the first request, with the certificate
> referenced by a mechanism such as thumbprint for the following requests.
> 
> Thanks,
> 
> - Dennis
> 
> --
> Dennis M. Sosnoski
> SOA and Web Services in Java
> Axis2 Training and Consulting
> http://www.sosnoski.com - http://www.sosnoski.co.nz
> Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117
> 
> 



[prev in list] [next in list] [prev in thread] [next in thread]