You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-user@axis.apache.org by George Stanchev <Gs...@serena.com> on 2007/03/08 01:19:05 UTC
[Axis2] rampart/security question
Hi,
I am new to axis2/c and I had a use cases that wanted to see if
it is supported.
Clients of my services are expected to pass a SAML assertion in
wsse header. The header is or it is not tagged with specific actor.
The SAML asserttion needs to be checked for:
* integrity (using its signature)
* trust (using the PK/cert used to sign the assertion - checked against
a local keystore)
* expiration
Finally, the assertion needs to be passed to the services (or the
services
need to be able to get a hold of it) so they can use it further.
Can someone tell me what in the use case above its possible and what now
currently and may be suggest implementation direction? Should I write
a custom handler if rampart doesn't support this? Does axis2/c allows
access to processed and unprocessed SOAP headers from within the
services?
Thanks in advance!!
George Stanchev
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
Re: [Axis2] rampart/security question
Posted by Kaushalye Kapuruge <ka...@wso2.com>.
Hi George,
See my comments below.
Cheers,
Kau
George Stanchev wrote:
> Hi,
>
> I am new to axis2/c and I had a use cases that wanted to see if
> it is supported.
>
> Clients of my services are expected to pass a SAML assertion in
> wsse header. The header is or it is not tagged with specific actor.
> The SAML asserttion needs to be checked for:
> * integrity (using its signature)
> * trust (using the PK/cert used to sign the assertion - checked against
> a local keystore)
> * expiration
>
> Finally, the assertion needs to be passed to the services (or the
> services
> need to be able to get a hold of it) so they can use it further.
>
> Can someone tell me what in the use case above its possible and what now
> currently and may be suggest implementation direction?
Unfortunately Rampart/C does not support SAML yet. But indeed it is in
our TODO list.
> Should I write
> a custom handler if rampart doesn't support this? Does axis2/c allows
> access to processed and unprocessed SOAP headers from within the
> services?
>
Yes, you may. Axis2 architecture allows you to have your own handlers
and do the SOAP header processing. Alternatively you can use rampart
handlers and customize it to do the SAML processing.
If you are developing in C++ you can use OpenSAML.
http://www.opensaml.org/ rather than writing your own SAML library.
And FYI: We are expecting to enrich Rampart/C with SAML by July 2006.
> Thanks in advance!!
>
You are welcome.
> George Stanchev
>
>
> **********************************************************************
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org
[Axis2] soap serialization
Posted by George Stanchev <Gs...@serena.com>.
Hi,
Another, probably basic, question: I need to serialize a SOAP call to a
string buffer
without sending it anywhere. How do I this with axis2/c? Can you give me
some leads?
On the java side, I had to go through some hoops to get this - I had to
create a
dummy transport that I used to reflect back the outbound message when I
was doing
a call-out serialization. How can I do the same thing in axis2/c?
Thanks!
George Stanchev
**********************************************************************
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org