Fwd: wsu:Timestamp and wsu:id

[Christian Müller <ch...@gmail.com>]

Hi all!

In my project, i need the functionality to signed the timestamp. This
functionality was added at 04 Sept., after version 1.1.0 was released... :o(
When comes the next version?

Regards,
Christian

Re: Fwd: wsu:Timestamp and wsu:id

[Werner Dittmann <We...@t-online.de>]

Ruchith,

no need to make it configurable. We need this id at the timestamp
anyhow once the planned SecurityPolicy support (I'm currently working
on that) will be implemented. And, as you said, it doesn't do any
harm.

Regards,
Werner

Ruchith Fernando wrote:
> Hi Christian, Werner,
> 
> I was the one who made that svn commit.
> 
> I ran into an interop scenario (action="Timestamp UsernameToken")
> where it needed the wsu:Id s to be present on both the tokens even
> though they were not referenced. This change adds a wsu:Id ALL the
> time even when they are not referenced.
> 
> I checked this in coz this may be useful for WSS4J in terms of
> interoperability, and it didn't harm any of the existing
> functionality. But maybe ideally we should add a switch to turn on
> wsu:Id even when the token (UsernameToken or Timestamp) is not
> referenced. What do you guys think?
> 
> Thanks and regards,
> Ruchith
> 
> 
> On 1/17/06, Christian Müller <ch...@gmail.com> wrote:
> 
>>Hi Werner!
>>
>>Thanks for the hint. It works great.
>>
>>I meant the following mailing list entry:
>>http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
>>
>>Regards,
>>Christian
>>
>>P.S. Please, call me Christian... ;o)
>>
>>
>> On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
>>
>>>Christina,
>>>
>>>sure you can sign a Timestamp, in fact you can sign any element
>>>in a request message. Please have a look at the "signatureParts"
>>>parameter - described in the WSHandlerConstants java file (run
>>>Javadoc on the source or in the documents tree of the binary
>>>distribution). This parameters is available since the first
>>>versions of WSS4J.
>>>
>>>BTW, to which function do you refer that was added after 4th of
>>>September?
>>>
>>>Regards,
>>>Werner
>>>
>>>Christian Müller wrote:
>>>
>>>>Hi all!
>>>>
>>>>In my project, i need the functionality to signed the timestamp. This
>>>>functionality was added at 04 Sept., after version 1.1.0 was released...
>>
>>:o(
>>
>>>>When comes the next version?
>>>>
>>>>Regards,
>>>>Christian
>>>
>>>
>>
> 
> 
> --
> Ruchith
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Fwd: wsu:Timestamp and wsu:id

[Christian Müller <ch...@gmail.com>]

Hi Ruchith!

I had a similar problem and with help from Werner, i could resolve them. I
added the parameter "signatureParts" in my *-config.wsdd:

<parameter name="signatureParts"
value="{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body"
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp;%7B%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody%22>/>

After that, wsu:Timestamp had an wsu:id...

Have a look at org.apache.ws.security.handler.WSHandlerConstants for more
information...

Regards,
Christian

On 1/18/06, Ruchith Fernando <ruchith.fernando@gmail.com > wrote:
>
> Hi Christian, Werner,
>
> I was the one who made that svn commit.
>
> I ran into an interop scenario (action="Timestamp UsernameToken")
> where it needed the wsu:Id s to be present on both the tokens even
> though they were not referenced. This change adds a wsu:Id ALL the
> time even when they are not referenced.
>
> I checked this in coz this may be useful for WSS4J in terms of
> interoperability, and it didn't harm any of the existing
> functionality. But maybe ideally we should add a switch to turn on
> wsu:Id even when the token (UsernameToken or Timestamp) is not
> referenced. What do you guys think?
>
> Thanks and regards,
> Ruchith
>
>
> On 1/17/06, Christian Müller < christian.mueller@gmail.com> wrote:
> > Hi Werner!
> >
> > Thanks for the hint. It works great.
> >
> > I meant the following mailing list entry:
> >
> http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
> >
> > Regards,
> > Christian
> >
> > P.S. Please, call me Christian... ;o)
> >
> >
> >  On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
> > > Christina,
> > >
> > > sure you can sign a Timestamp, in fact you can sign any element
> > > in a request message. Please have a look at the "signatureParts"
> > > parameter - described in the WSHandlerConstants java file (run
> > > Javadoc on the source or in the documents tree of the binary
> > > distribution). This parameters is available since the first
> > > versions of WSS4J.
> > >
> > > BTW, to which function do you refer that was added after 4th of
> > > September?
> > >
> > > Regards,
> > > Werner
> > >
> > > Christian Müller wrote:
> > > > Hi all!
> > > >
> > > > In my project, i need the functionality to signed the timestamp.
> This
> > > > functionality was added at 04 Sept., after version 1.1.0 was
> released...
> > :o(
> > > > When comes the next version?
> > > >
> > > > Regards,
> > > > Christian
> > >
> > >
> >
> >
>
>
> --
> Ruchith
>

Re: Fwd: wsu:Timestamp and wsu:id

[Christian Müller <ch...@gmail.com>]

Hi Ruchith!

I had a similar problem and with help from Werner, i could resolve them. I
added the parameter "signatureParts" in my *-config.wsdd:

<parameter name="signatureParts"
value="{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{}{http://schemas.xmlsoap.org/soap/envelope/}Body"
<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp;%7B%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody%22>/>

After that, wsu:Timestamp had an wsu:id...

Have a look at org.apache.ws.security.handler.WSHandlerConstants for more
information...

Regards,
Christian

On 1/18/06, Ruchith Fernando <ruchith.fernando@gmail.com > wrote:
>
> Hi Christian, Werner,
>
> I was the one who made that svn commit.
>
> I ran into an interop scenario (action="Timestamp UsernameToken")
> where it needed the wsu:Id s to be present on both the tokens even
> though they were not referenced. This change adds a wsu:Id ALL the
> time even when they are not referenced.
>
> I checked this in coz this may be useful for WSS4J in terms of
> interoperability, and it didn't harm any of the existing
> functionality. But maybe ideally we should add a switch to turn on
> wsu:Id even when the token (UsernameToken or Timestamp) is not
> referenced. What do you guys think?
>
> Thanks and regards,
> Ruchith
>
>
> On 1/17/06, Christian Müller < christian.mueller@gmail.com> wrote:
> > Hi Werner!
> >
> > Thanks for the hint. It works great.
> >
> > I meant the following mailing list entry:
> >
> http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
> >
> > Regards,
> > Christian
> >
> > P.S. Please, call me Christian... ;o)
> >
> >
> >  On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
> > > Christina,
> > >
> > > sure you can sign a Timestamp, in fact you can sign any element
> > > in a request message. Please have a look at the "signatureParts"
> > > parameter - described in the WSHandlerConstants java file (run
> > > Javadoc on the source or in the documents tree of the binary
> > > distribution). This parameters is available since the first
> > > versions of WSS4J.
> > >
> > > BTW, to which function do you refer that was added after 4th of
> > > September?
> > >
> > > Regards,
> > > Werner
> > >
> > > Christian Müller wrote:
> > > > Hi all!
> > > >
> > > > In my project, i need the functionality to signed the timestamp.
> This
> > > > functionality was added at 04 Sept., after version 1.1.0 was
> released...
> > :o(
> > > > When comes the next version?
> > > >
> > > > Regards,
> > > > Christian
> > >
> > >
> >
> >
>
>
> --
> Ruchith
>

Re: Fwd: wsu:Timestamp and wsu:id

[Werner Dittmann <We...@t-online.de>]

Ruchith,

no need to make it configurable. We need this id at the timestamp
anyhow once the planned SecurityPolicy support (I'm currently working
on that) will be implemented. And, as you said, it doesn't do any
harm.

Regards,
Werner

Ruchith Fernando wrote:
> Hi Christian, Werner,
> 
> I was the one who made that svn commit.
> 
> I ran into an interop scenario (action="Timestamp UsernameToken")
> where it needed the wsu:Id s to be present on both the tokens even
> though they were not referenced. This change adds a wsu:Id ALL the
> time even when they are not referenced.
> 
> I checked this in coz this may be useful for WSS4J in terms of
> interoperability, and it didn't harm any of the existing
> functionality. But maybe ideally we should add a switch to turn on
> wsu:Id even when the token (UsernameToken or Timestamp) is not
> referenced. What do you guys think?
> 
> Thanks and regards,
> Ruchith
> 
> 
> On 1/17/06, Christian Müller <ch...@gmail.com> wrote:
> 
>>Hi Werner!
>>
>>Thanks for the hint. It works great.
>>
>>I meant the following mailing list entry:
>>http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
>>
>>Regards,
>>Christian
>>
>>P.S. Please, call me Christian... ;o)
>>
>>
>> On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
>>
>>>Christina,
>>>
>>>sure you can sign a Timestamp, in fact you can sign any element
>>>in a request message. Please have a look at the "signatureParts"
>>>parameter - described in the WSHandlerConstants java file (run
>>>Javadoc on the source or in the documents tree of the binary
>>>distribution). This parameters is available since the first
>>>versions of WSS4J.
>>>
>>>BTW, to which function do you refer that was added after 4th of
>>>September?
>>>
>>>Regards,
>>>Werner
>>>
>>>Christian Müller wrote:
>>>
>>>>Hi all!
>>>>
>>>>In my project, i need the functionality to signed the timestamp. This
>>>>functionality was added at 04 Sept., after version 1.1.0 was released...
>>
>>:o(
>>
>>>>When comes the next version?
>>>>
>>>>Regards,
>>>>Christian
>>>
>>>
>>
> 
> 
> --
> Ruchith
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Fwd: wsu:Timestamp and wsu:id

[Ruchith Fernando <ru...@gmail.com>]

Hi Christian, Werner,

I was the one who made that svn commit.

I ran into an interop scenario (action="Timestamp UsernameToken")
where it needed the wsu:Id s to be present on both the tokens even
though they were not referenced. This change adds a wsu:Id ALL the
time even when they are not referenced.

I checked this in coz this may be useful for WSS4J in terms of
interoperability, and it didn't harm any of the existing
functionality. But maybe ideally we should add a switch to turn on
wsu:Id even when the token (UsernameToken or Timestamp) is not
referenced. What do you guys think?

Thanks and regards,
Ruchith


On 1/17/06, Christian Müller <ch...@gmail.com> wrote:
> Hi Werner!
>
> Thanks for the hint. It works great.
>
> I meant the following mailing list entry:
> http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
>
> Regards,
> Christian
>
> P.S. Please, call me Christian... ;o)
>
>
>  On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
> > Christina,
> >
> > sure you can sign a Timestamp, in fact you can sign any element
> > in a request message. Please have a look at the "signatureParts"
> > parameter - described in the WSHandlerConstants java file (run
> > Javadoc on the source or in the documents tree of the binary
> > distribution). This parameters is available since the first
> > versions of WSS4J.
> >
> > BTW, to which function do you refer that was added after 4th of
> > September?
> >
> > Regards,
> > Werner
> >
> > Christian Müller wrote:
> > > Hi all!
> > >
> > > In my project, i need the functionality to signed the timestamp. This
> > > functionality was added at 04 Sept., after version 1.1.0 was released...
> :o(
> > > When comes the next version?
> > >
> > > Regards,
> > > Christian
> >
> >
>
>


--
Ruchith

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Fwd: wsu:Timestamp and wsu:id

[Ruchith Fernando <ru...@gmail.com>]

Hi Christian, Werner,

I was the one who made that svn commit.

I ran into an interop scenario (action="Timestamp UsernameToken")
where it needed the wsu:Id s to be present on both the tokens even
though they were not referenced. This change adds a wsu:Id ALL the
time even when they are not referenced.

I checked this in coz this may be useful for WSS4J in terms of
interoperability, and it didn't harm any of the existing
functionality. But maybe ideally we should add a switch to turn on
wsu:Id even when the token (UsernameToken or Timestamp) is not
referenced. What do you guys think?

Thanks and regards,
Ruchith


On 1/17/06, Christian Müller <ch...@gmail.com> wrote:
> Hi Werner!
>
> Thanks for the hint. It works great.
>
> I meant the following mailing list entry:
> http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E
>
> Regards,
> Christian
>
> P.S. Please, call me Christian... ;o)
>
>
>  On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
> > Christina,
> >
> > sure you can sign a Timestamp, in fact you can sign any element
> > in a request message. Please have a look at the "signatureParts"
> > parameter - described in the WSHandlerConstants java file (run
> > Javadoc on the source or in the documents tree of the binary
> > distribution). This parameters is available since the first
> > versions of WSS4J.
> >
> > BTW, to which function do you refer that was added after 4th of
> > September?
> >
> > Regards,
> > Werner
> >
> > Christian Müller wrote:
> > > Hi all!
> > >
> > > In my project, i need the functionality to signed the timestamp. This
> > > functionality was added at 04 Sept., after version 1.1.0 was released...
> :o(
> > > When comes the next version?
> > >
> > > Regards,
> > > Christian
> >
> >
>
>


--
Ruchith

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Fwd: wsu:Timestamp and wsu:id

[Christian Müller <ch...@gmail.com>]

Hi Werner!

Thanks for the hint. It works great.

I meant the following mailing list entry:
http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E

Regards,
Christian

P.S. Please, call me Christian... ;o)

On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
>
> Christina,
>
> sure you can sign a Timestamp, in fact you can sign any element
> in a request message. Please have a look at the "signatureParts"
> parameter - described in the WSHandlerConstants java file (run
> Javadoc on the source or in the documents tree of the binary
> distribution). This parameters is available since the first
> versions of WSS4J.
>
> BTW, to which function do you refer that was added after 4th of
> September?
>
> Regards,
> Werner
>
> Christian Müller wrote:
> > Hi all!
> >
> > In my project, i need the functionality to signed the timestamp. This
> > functionality was added at 04 Sept., after version 1.1.0 was released...
> :o(
> > When comes the next version?
> >
> > Regards,
> > Christian
>
>

Re: Fwd: wsu:Timestamp and wsu:id

[Christian Müller <ch...@gmail.com>]

Hi Werner!

Thanks for the hint. It works great.

I meant the following mailing list entry:
http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200509.mbox/%3C20050904124932.86378.qmail@minotaur.apache.org%3E

Regards,
Christian

P.S. Please, call me Christian... ;o)

On 1/16/06, Werner Dittmann <We...@t-online.de> wrote:
>
> Christina,
>
> sure you can sign a Timestamp, in fact you can sign any element
> in a request message. Please have a look at the "signatureParts"
> parameter - described in the WSHandlerConstants java file (run
> Javadoc on the source or in the documents tree of the binary
> distribution). This parameters is available since the first
> versions of WSS4J.
>
> BTW, to which function do you refer that was added after 4th of
> September?
>
> Regards,
> Werner
>
> Christian Müller wrote:
> > Hi all!
> >
> > In my project, i need the functionality to signed the timestamp. This
> > functionality was added at 04 Sept., after version 1.1.0 was released...
> :o(
> > When comes the next version?
> >
> > Regards,
> > Christian
>
>

Re: Fwd: wsu:Timestamp and wsu:id

[Werner Dittmann <We...@t-online.de>]

Christina,

sure you can sign a Timestamp, in fact you can sign any element
in a request message. Please have a look at the "signatureParts"
parameter - described in the WSHandlerConstants java file (run
Javadoc on the source or in the documents tree of the binary
distribution). This parameters is available since the first
versions of WSS4J.

BTW, to which function do you refer that was added after 4th of
September?

Regards,
Werner

Christian Müller wrote:
> Hi all!
> 
> In my project, i need the functionality to signed the timestamp. This
> functionality was added at 04 Sept., after version 1.1.0 was released... :o(
> When comes the next version?
> 
> Regards,
> Christian


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Fwd: wsu:Timestamp and wsu:id

[Werner Dittmann <We...@t-online.de>]

Christina,

sure you can sign a Timestamp, in fact you can sign any element
in a request message. Please have a look at the "signatureParts"
parameter - described in the WSHandlerConstants java file (run
Javadoc on the source or in the documents tree of the binary
distribution). This parameters is available since the first
versions of WSS4J.

BTW, to which function do you refer that was added after 4th of
September?

Regards,
Werner

Christian Müller wrote:
> Hi all!
> 
> In my project, i need the functionality to signed the timestamp. This
> functionality was added at 04 Sept., after version 1.1.0 was released... :o(
> When comes the next version?
> 
> Regards,
> Christian


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org