'Re: Web Service Security and AXIS'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xml-security-dev
Subject:    Re: Web Service Security and AXIS
From:       Davanum Srinivas <davanum () gmail ! com>
Date:       2004-09-13 14:37:40
Message-ID: 19e0530f04091307252f8a75b5 () mail ! gmail ! com
[Download RAW message or body]

Juergen,

did you look at http://ws.apache.org/ws-fx/wss4j/ ???

-- dims


On Mon, 13 Sep 2004 16:07:57 +0200 (CEST), jkey@netsys-it.de
<jkey@netsys-it.de> wrote:
> Hi there,
> 
> I would like to propose to add a branch (well, a namespace)
> to the sources containing some classes to facilitate
> adding WSS features to the axis-SOAP-engine. The classes i wrote,
> i wrote using apache xml security, so maybe i thought it would
> be nice to add them either to the official source or to the samples.
> 
> I have the following use cases completed:
>  - signing of requests
>  - signing of responses
> (both cases configurable if a JKS keystore or a PKCS12-container holds
> the keys - it is certainly possible to implement a wider variety here!)
>  - simple verification of signed requests (actually this is pretty much
> the same as the axis sample)
>  - simple verification of signed responses (actually this is pretty much
> the same as the axis sample)
>  - configurable verification of requests/responses
>    - must the request/response be signed?
>    - must the certificate be trusted?
>    - must the certificate contain a CRLDP?
>    - must the CRL be accessible?
>    - ... this can certainly be extended with configuration options for
> a finer grained policy.
> The last variant is depending on the IAIK crypto provider (because of its
> inbuilt support for easily retrieving and checking of CRLs)
> 
> The Encryption support currently is being tested. There is only one use case
> as of yet:
>  - responses to signed requests are encrypted using the public key found
> in the certificate, nodes to encrypt are selected based on xpath
> expressions
> specified in the server-config.wsdd.
> 
> Do you think, this could be an useful extension of project xml-security?
> I am a little hesitant, because it hinges on two dependencies: axis and
> xml-security - do you think it would be better off below axis?
> 
> Juergen Key
> 



-- 
Davanum Srinivas - http://webservices.apache.org/~dims/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic