You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Davanum Srinivas <da...@gmail.com> on 2005/08/23 17:16:57 UTC

WSS4J and TSIK

Hans,

[CC'ing wss4j-dev mailing list]

Can we make/keep TSIK a soap engine agnostic toolkit (remove the
soap/transport stuff)? Then we can then position WSS4J as a project
for implementing ws-security in specific soap engines like JAX-RPC,
Axis 1.X and Axis 2.X.

I'd also highly recommend abstracting out portions of WSS4J behind an
interface/factory such that we can plugin in TSIK based implementation
(and keep the existing implementation for some time since folks depend
on existing behavior). This way we can have implement OASIS
WS-Security 1.1 just in TSIK and automatically get WSS4J upgraded
instead of writing it twice. Same goes for say Kerberos token profile
or other profiles that we think are important.

What do you think?

thanks,
dims

-- 
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: WSS4J and TSIK

Posted by Sanjiva Weerawarana <sa...@opensource.lk>.

+1 .. I'd like to see TSIK broken up a bit more (and maybe appropriate
parts moved to commons even?). 

Sanjiva.

On Tue, 2005-08-23 at 11:16 -0400, Davanum Srinivas wrote:
> Hans,
> 
> [CC'ing wss4j-dev mailing list]
> 
> Can we make/keep TSIK a soap engine agnostic toolkit (remove the
> soap/transport stuff)? Then we can then position WSS4J as a project
> for implementing ws-security in specific soap engines like JAX-RPC,
> Axis 1.X and Axis 2.X.
> 
> I'd also highly recommend abstracting out portions of WSS4J behind an
> interface/factory such that we can plugin in TSIK based implementation
> (and keep the existing implementation for some time since folks depend
> on existing behavior). This way we can have implement OASIS
> WS-Security 1.1 just in TSIK and automatically get WSS4J upgraded
> instead of writing it twice. Same goes for say Kerberos token profile
> or other profiles that we think are important.
> 
> What do you think?
> 
> thanks,
> dims
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tsik-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: tsik-dev-help@ws.apache.org

Re: WSS4J and TSIK

Posted by Sanjiva Weerawarana <sa...@opensource.lk>.

+1 .. I'd like to see TSIK broken up a bit more (and maybe appropriate
parts moved to commons even?). 

Sanjiva.

On Tue, 2005-08-23 at 11:16 -0400, Davanum Srinivas wrote:
> Hans,
> 
> [CC'ing wss4j-dev mailing list]
> 
> Can we make/keep TSIK a soap engine agnostic toolkit (remove the
> soap/transport stuff)? Then we can then position WSS4J as a project
> for implementing ws-security in specific soap engines like JAX-RPC,
> Axis 1.X and Axis 2.X.
> 
> I'd also highly recommend abstracting out portions of WSS4J behind an
> interface/factory such that we can plugin in TSIK based implementation
> (and keep the existing implementation for some time since folks depend
> on existing behavior). This way we can have implement OASIS
> WS-Security 1.1 just in TSIK and automatically get WSS4J upgraded
> instead of writing it twice. Same goes for say Kerberos token profile
> or other profiles that we think are important.
> 
> What do you think?
> 
> thanks,
> dims
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: WSS4J and TSIK

Posted by Sanjiva Weerawarana <sa...@opensource.lk>.

+1 .. I'd like to see TSIK broken up a bit more (and maybe appropriate
parts moved to commons even?). 

Sanjiva.

On Tue, 2005-08-23 at 11:16 -0400, Davanum Srinivas wrote:
> Hans,
> 
> [CC'ing wss4j-dev mailing list]
> 
> Can we make/keep TSIK a soap engine agnostic toolkit (remove the
> soap/transport stuff)? Then we can then position WSS4J as a project
> for implementing ws-security in specific soap engines like JAX-RPC,
> Axis 1.X and Axis 2.X.
> 
> I'd also highly recommend abstracting out portions of WSS4J behind an
> interface/factory such that we can plugin in TSIK based implementation
> (and keep the existing implementation for some time since folks depend
> on existing behavior). This way we can have implement OASIS
> WS-Security 1.1 just in TSIK and automatically get WSS4J upgraded
> instead of writing it twice. Same goes for say Kerberos token profile
> or other profiles that we think are important.
> 
> What do you think?
> 
> thanks,
> dims
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org