You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Gabriel Millaire <ga...@boku.com> on 2012/04/10 20:35:34 UTC
How to choose Key Identifier Type?
Hello,
I have been looking around for a way to choose the Key Identifier Type for signature using Axis2 Rampart.
I seem to only be able to find the "old" way of doing it, through OutflowSecurity:
<parameter name="OutflowSecurity">
<action>
<items>Timestamp Signature</items>
<user>jack</user>
<signaturePropFile>security.properties</signaturePropFile>
<passwordCallbackClass>
org.swview.test.axis2.client.PWCallbackHandler
</passwordCallbackClass>
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
<signatureParts>
</signatureParts>
</action>
</parameter>
What I am looking for is how to through the Policy in a WSDL file, or programmatically via RampartConfig or related means.
Does anyone have a clue how to do that?
Thanks,
Gabriel
Re: How to choose Key Identifier Type?
Posted by "Philippe A." <fu...@gmail.com>.
Not sure what a SKI is exactly, but I see plenty of references to this in
the ws-securitypolicy 1.2 standard. This doc has been of great help to me.
I suggest reading it.
Maybe the solution is simply to add a sp:RequireKeyIdentifierReference at
the right place in your policy? Like:
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
">
<wsp:Policy>
<sp:RequireKeyIdentifierReference/>
...
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
Good luck!
2012/4/10 Gabriel Millaire <ga...@boku.com>
> Hello,****
>
> ** **
>
> I have been looking around for a way to choose the Key Identifier Type for
> signature using Axis2 Rampart.****
>
> ** **
>
> I seem to only be able to find the "old" way of doing it, through
> OutflowSecurity:****
>
> ** **
>
> <parameter name="OutflowSecurity">****
>
> <action>****
>
> <items>Timestamp Signature</items>****
>
> <user>jack</user>****
>
> <signaturePropFile>security.properties</signaturePropFile>****
>
> <passwordCallbackClass>****
>
> org.swview.test.axis2.client.PWCallbackHandler****
>
> </passwordCallbackClass>****
>
> *
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>*
>
> <signatureParts>****
>
> </signatureParts>****
>
> </action>****
>
> </parameter>****
>
> ** **
>
> What I am looking for is how to through the Policy in a WSDL file, or
> programmatically via RampartConfig or related means.****
>
> ** **
>
> Does anyone have a clue how to do that?****
>
>
> Thanks,****
>
> Gabriel****
>
--
Philippe