[prev in list] [next in list] [prev in thread] [next in thread]
List: xml-security-dev
Subject: Re: Web Service Security and AXIS
From: Davanum Srinivas <davanum () gmail ! com>
Date: 2004-09-13 14:37:40
Message-ID: 19e0530f04091307252f8a75b5 () mail ! gmail ! com
[Download RAW message or body]
Juergen,
did you look at http://ws.apache.org/ws-fx/wss4j/ ???
-- dims
On Mon, 13 Sep 2004 16:07:57 +0200 (CEST), jkey@netsys-it.de
<jkey@netsys-it.de> wrote:
> Hi there,
>
> I would like to propose to add a branch (well, a namespace)
> to the sources containing some classes to facilitate
> adding WSS features to the axis-SOAP-engine. The classes i wrote,
> i wrote using apache xml security, so maybe i thought it would
> be nice to add them either to the official source or to the samples.
>
> I have the following use cases completed:
> - signing of requests
> - signing of responses
> (both cases configurable if a JKS keystore or a PKCS12-container holds
> the keys - it is certainly possible to implement a wider variety here!)
> - simple verification of signed requests (actually this is pretty much
> the same as the axis sample)
> - simple verification of signed responses (actually this is pretty much
> the same as the axis sample)
> - configurable verification of requests/responses
> - must the request/response be signed?
> - must the certificate be trusted?
> - must the certificate contain a CRLDP?
> - must the CRL be accessible?
> - ... this can certainly be extended with configuration options for
> a finer grained policy.
> The last variant is depending on the IAIK crypto provider (because of its
> inbuilt support for easily retrieving and checking of CRLs)
>
> The Encryption support currently is being tested. There is only one use case
> as of yet:
> - responses to signed requests are encrypted using the public key found
> in the certificate, nodes to encrypt are selected based on xpath
> expressions
> specified in the server-config.wsdd.
>
> Do you think, this could be an useful extension of project xml-security?
> I am a little hesitant, because it hinges on two dependencies: axis and
> xml-security - do you think it would be better off below axis?
>
> Juergen Key
>
--
Davanum Srinivas - http://webservices.apache.org/~dims/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic