question on WS-SecConv inital handshake

[li...@indiana.edu]

Hi,

As of WS-SecConv, I can see now you have ConversationServerHandler and
ConversationClientHandler as handlers on both sides. I am very interested in how
you plan to implement the initial handshake for security context establishment
through the scenarios defined in WS-SecConv spec: 

1. Security context token created by a security token service.
2. Security context token created by one of the communicating parties and
propagated with a message.
3. Security context token created through negotiation/exchanges.

Implemented as handlers, how can the WS-SecConv modules interact with other
STS/WS-SecConv parties, espcially those require multiple round trips?

Thanks in advance.

Liang

Re: question on WS-SecConv inital handshake

[Ruchith Fernando <ru...@yahoo.com>]

Hi Liang, All,
 
We (myself, Dimuthu and Kaushalye) have been working on implementing WS-Secure Conversation and I have attatched the design we have come up with.
 
The description is still not complete but will complete it very soon.
 
As for a startup we concentrated on the second scenario of impl. of SecConv. (Security context token created by one of the communicating parties and propagated with a message.) where there is no involvement of the STS (Security Token Service). 
 
Please take a look at it and give us your thoughts.
 
There were quite a lot changes made to the existing classes in the conversation packages in the source and we'll send in the patches in the next few days. (For example we are not using the WSDoAllHandlers anymore within ConversationClientHandler nad ConversationServerHandler)
 
Thanks.
Ruchith


		
---------------------------------
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!