How to tell WS Consumer about WSS?

[Mailindra <ma...@gmx.net>]

Hai all,
Could somebody tell me, how to tell ws consumer/client that the 
webservices implement webservices security.
I mean, if my webservices implement wss encription and signature, how to 
discribe it in WSDL ? If it is not possible,  how can I tell the WS client?
Many thanks for your help.

regards,

Mailindra

Re: How to tell WS Consumer about WSS?

[Werner Dittmann <We...@t-online.de>]

David,

well....Dims sometime (a long time) ago also asked
if there could be a project to do someting for it.
Any contribution is appreciated :-)

Some ideas I had: take the wsdl4j library that is
used in Axis and try to extract the WS-Policy info
from the WSDL file and "inject" the necessary information
into the client and/or server deployment file. Thus
running the standard Axis wsdl4java first, then a
wspolicy2wsdd as a second step.

Regards,
Werner

David Keppler wrote:
> See:
> 
> WS-Policy - for these problems in general
> WS-SecurityPolicy - for WS-Sec specifically
> WS-PolicyAttachment - for attaching to WSDL and UDDI
> 
> And speaking of which, is there anyone thinking about starting 
> implementation of these specs? It'd be cool if you could just write up a 
> WS-Policy doc to go along with your WSDL for a service and have WSS4J be 
> able to read it and automatically set up the client's security options. 
> Likewise on the server side.
> 
> - Dave
> 
> Mailindra wrote:
> 
>> Hai all,
>> Could somebody tell me, how to tell ws consumer/client that the 
>> webservices implement webservices security.
>> I mean, if my webservices implement wss encription and signature, how 
>> to discribe it in WSDL ? If it is not possible,  how can I tell the WS 
>> client?
>> Many thanks for your help.
>>
>> regards,
>>
>> Mailindra
> 
> 
> 

Re: How to tell WS Consumer about WSS?

[Mailindra <ma...@gmx.net>]

Hai David,
Thank you for your info.
My goodness, there are so many WS-Extension spec :)
It seems WSE has implemented ws-policy. anyone know opensource 
implementation for ws-policy?

TIA

regards,

Mailindra


David Keppler wrote:

> See:
>
> WS-Policy - for these problems in general
> WS-SecurityPolicy - for WS-Sec specifically
> WS-PolicyAttachment - for attaching to WSDL and UDDI
>
> And speaking of which, is there anyone thinking about starting 
> implementation of these specs? It'd be cool if you could just write up 
> a WS-Policy doc to go along with your WSDL for a service and have 
> WSS4J be able to read it and automatically set up the client's 
> security options. Likewise on the server side.
>
> - Dave
>
> Mailindra wrote:
>
>> Hai all,
>> Could somebody tell me, how to tell ws consumer/client that the 
>> webservices implement webservices security.
>> I mean, if my webservices implement wss encription and signature, how 
>> to discribe it in WSDL ? If it is not possible,  how can I tell the 
>> WS client?
>> Many thanks for your help.
>>
>> regards,
>>
>> Mailindra
>
>
>

Re: How to tell WS Consumer about WSS?

[David Keppler <dk...@mitre.org>]

See:

WS-Policy - for these problems in general
WS-SecurityPolicy - for WS-Sec specifically
WS-PolicyAttachment - for attaching to WSDL and UDDI

And speaking of which, is there anyone thinking about starting 
implementation of these specs? It'd be cool if you could just write up a 
WS-Policy doc to go along with your WSDL for a service and have WSS4J be 
able to read it and automatically set up the client's security options. 
Likewise on the server side.

- Dave

Mailindra wrote:
> Hai all,
> Could somebody tell me, how to tell ws consumer/client that the 
> webservices implement webservices security.
> I mean, if my webservices implement wss encription and signature, how to 
> discribe it in WSDL ? If it is not possible,  how can I tell the WS client?
> Many thanks for your help.
> 
> regards,
> 
> Mailindra