RE: Status update on WSS4J 2.0 port

[Andrei Shakirin <as...@talend.com>]

Hi Colm,

Sounds very promising!
Is there any option to activate new Stax WSS4J interceptors using WS-Policy assertions as well? 
Does it make sense to use old DOM Interceptors by default and introduce special property for Stax once?

Regards,
Andrei.

> -----Original Message-----
> From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
> Sent: Dienstag, 30. April 2013 18:06
> To: dev@cxf.apache.org
> Subject: Status update on WSS4J 2.0 port
> 
> Hi all,
> 
> A quick status update on the WSS4J 2.0 port that I branched from trunk. Two
> of the major tasks are now more or less complete:
> 
>  - CXF now uses the (new) WSS4J Policy Model. The advantage of this is that
> both the DOM + StAX WS-SecurityPolicy implementations will share the same
> policy model.
>  - The WS-Security StAX "Action" based approach is now fully working in CXF.
> 
> I've created a kind of facade that wraps the streaming configuration in
> WSS4J. This means that uses will be able to use almost identical configuration
> as they do for the DOM case, they should just need to change the
> interceptor name to switch over. For example, see the following
> configuration:
> 
> http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/systests/ws-
> security/src/test/resources/org/apache/cxf/systest/ws/action/server/stax-
> server.xml?view=markup
> 
> Any feedback is welcome. The next (rather large) task is to start
> implementing + testing the streaming WS-SecurityPolicy approach in CXF.
> 
> Colm.
> 
> 
> --
> Colm O hEigeartaigh
> 
> Talend Community Coder
> http://coders.talend.com

Re: Status update on WSS4J 2.0 port

[Colm O hEigeartaigh <co...@apache.org>]

Hi Andrei,

> Is there any option to activate new Stax WSS4J interceptors using
WS-Policy assertions as well?

Yes, that's something that I am going to look into next.

> Does it make sense to use old DOM Interceptors by default and introduce
special property for Stax once?

I'm not sure at this point. I first need to see what level of coverage
there is for all of the various WS-SecurityPolicy scenarios.

Colm.


On Thu, May 2, 2013 at 3:33 PM, Andrei Shakirin <as...@talend.com>wrote:

> Hi Colm,
>
> Sounds very promising!
> Is there any option to activate new Stax WSS4J interceptors using
> WS-Policy assertions as well?
> Does it make sense to use old DOM Interceptors by default and introduce
> special property for Stax once?
>
> Regards,
> Andrei.
>
> > -----Original Message-----
> > From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
> > Sent: Dienstag, 30. April 2013 18:06
> > To: dev@cxf.apache.org
> > Subject: Status update on WSS4J 2.0 port
> >
> > Hi all,
> >
> > A quick status update on the WSS4J 2.0 port that I branched from trunk.
> Two
> > of the major tasks are now more or less complete:
> >
> >  - CXF now uses the (new) WSS4J Policy Model. The advantage of this is
> that
> > both the DOM + StAX WS-SecurityPolicy implementations will share the same
> > policy model.
> >  - The WS-Security StAX "Action" based approach is now fully working in
> CXF.
> >
> > I've created a kind of facade that wraps the streaming configuration in
> > WSS4J. This means that uses will be able to use almost identical
> configuration
> > as they do for the DOM case, they should just need to change the
> > interceptor name to switch over. For example, see the following
> > configuration:
> >
> > http://svn.apache.org/viewvc/cxf/branches/wss4j2.0-port/systests/ws-
> > security/src/test/resources/org/apache/cxf/systest/ws/action/server/stax-
> > server.xml?view=markup
> >
> > Any feedback is welcome. The next (rather large) task is to start
> > implementing + testing the streaming WS-SecurityPolicy approach in CXF.
> >
> > Colm.
> >
> >
> > --
> > Colm O hEigeartaigh
> >
> > Talend Community Coder
> > http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com