You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Nandana Mihindukulasooriya <na...@gmail.com> on 2009/05/06 11:06:53 UTC

Re: Using IncludeToken/Once

Hi Dennis,
       Nope, we don't extract certificate and cache it. If it is referenced
indirectly (eg. SKI, Thumbprint, etc), the certificate needs to be there in
the key store. Rampart doesn't support the behavior you have mentioned.

thanks,
Nandana

On Thu, Apr 23, 2009 at 5:35 PM, Dennis Sosnoski <dm...@sosnoski.com> wrote:

> Does Rampart cache certificates to support a
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Oncetoken inclusion property? If so, does the cache ever get cleared?
>
> I'm wondering if this can be used to support sending a certificate from the
> client to a server only on the first request, with the certificate
> referenced by a mechanism such as thumbprint for the following requests.
>
> Thanks,
>
> - Dennis
>
> --
> Dennis M. Sosnoski
> SOA and Web Services in Java
> Axis2 Training and Consulting
> http://www.sosnoski.com - http://www.sosnoski.co.nz
> Seattle, WA +1-425-939-0576 - Wellington, NZ +64-4-298-6117
>
>