You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Narayan S Dhillon (JIRA)" <ji...@apache.org> on 2008/01/28 20:21:34 UTC

[jira] Commented: (RAMPART-135) Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism

    [ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12563253#action_12563253 ] 

Narayan S Dhillon commented on RAMPART-135:
-------------------------------------------

I have attached the patch, could some one from dev please apply it. Thanks.

> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-135
>                 URL: https://issues.apache.org/jira/browse/RAMPART-135
>             Project: Rampart
>          Issue Type: Improvement
>          Components: rampart-core
>    Affects Versions: 1.3
>            Reporter: Narayan S Dhillon
>         Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
>   <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
>      ...
> </ramp:RampartConfig>

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.