You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Gabriel Millaire <ga...@boku.com> on 2012/04/10 20:35:34 UTC

How to choose Key Identifier Type?

Hello,

I have been looking around for a way to choose the Key Identifier Type for signature using Axis2 Rampart.

I seem to only be able to find the "old" way of doing it, through OutflowSecurity:

<parameter name="OutflowSecurity">
        <action>
            <items>Timestamp Signature</items>
              <user>jack</user>
            <signaturePropFile>security.properties</signaturePropFile>
            <passwordCallbackClass>
               org.swview.test.axis2.client.PWCallbackHandler
            </passwordCallbackClass>
            <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
            <signatureParts>
            </signatureParts>
        </action>
    </parameter>

What I am looking for is how to through the Policy in a WSDL file, or programmatically via RampartConfig or related means.

Does anyone have a clue how to do that?

Thanks,
Gabriel

Re: How to choose Key Identifier Type?

Posted by "Philippe A." <fu...@gmail.com>.

Not sure what a SKI is exactly, but I see plenty of references to this in
the ws-securitypolicy 1.2 standard. This doc has been of great help to me.
I suggest reading it.

Maybe the solution is simply to add a sp:RequireKeyIdentifierReference at
the right place in your policy? Like:

          <sp:ProtectionToken>
            <wsp:Policy>
              <sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
">
                <wsp:Policy>
                  <sp:RequireKeyIdentifierReference/>
                   ...
                </wsp:Policy>
              </sp:X509Token>
            </wsp:Policy>
          </sp:ProtectionToken>

Good luck!

2012/4/10 Gabriel Millaire <ga...@boku.com>

>  Hello,****
>
> ** **
>
> I have been looking around for a way to choose the Key Identifier Type for
> signature using Axis2 Rampart.****
>
> ** **
>
> I seem to only be able to find the "old" way of doing it, through
> OutflowSecurity:****
>
> ** **
>
> <parameter name="OutflowSecurity">****
>
>         <action>****
>
>             <items>Timestamp Signature</items>****
>
>               <user>jack</user>****
>
>             <signaturePropFile>security.properties</signaturePropFile>****
>
>             <passwordCallbackClass>****
>
>                org.swview.test.axis2.client.PWCallbackHandler****
>
>             </passwordCallbackClass>****
>
>             *
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>*
>
>             <signatureParts>****
>
>             </signatureParts>****
>
>         </action>****
>
>     </parameter>****
>
> ** **
>
> What I am looking for is how to through the Policy in a WSDL file, or
> programmatically via RampartConfig or related means.****
>
> ** **
>
> Does anyone have a clue how to do that?****
>
>
> Thanks,****
>
> Gabriel****
>



-- 
Philippe