You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by John Li <jo...@mycubes.nl> on 2014/02/03 14:20:35 UTC
MTOM + WS-Security support in CXF 3.0
Hi all,
At the current moment we are working on a Dutch government wide
communication standard which is heavily using webservices and the related
WS-x standards like WS-Security, WS-addressing and since 2013 WS-RM. With
the expansion of WS-RM in the standard, the Dutch education institution has
decided to adopt this standard as well for all communication between the
institution and at least 20000+ schools.
To support this adoption, the quality and the support of the existing
frameworks like Apache CXF is very important. Besides WS-RM, an important
topic is the support of MTOM in combination with WS-Security. There are
several posts in the mailing stating that the CXF version at that time was
not supporting this and that it would be released in a later version. Is
it supported in upcoming 3.0 release?
With kind regards,
John
Re: MTOM + WS-Security support in CXF 3.0
Posted by John Li <jo...@mycubes.nl>.
Hi Colm,
Thanks for your response.
I am currently not that involved in the MTOM requirements so I don't know
the exact details. In general what currently is defined in the Dutch
standards is a specific profile that uses Signing and Encryption of the
WS-Security standards. The signing part will sign all the addressing
headers, timestamp and body of the message while the encryption should only
encrypt the body and the attachments. When the call requester is using MTOM
combined with the signing and encryption profile, the provider is required
to support this and also respond with an MTOM message.
Hope this description helps.
with kind regards,
John
Re: MTOM + WS-Security support in CXF 3.0
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi John,
I do not yet have a definitive answer for the level of support for secured
MTOM in CXF 3.0.0. I hope to get back to this pretty soon. In the meantime,
could you spell out what your requirements are for combining MTOM with
WS-Security?
Colm.
On Mon, Feb 3, 2014 at 1:20 PM, John Li <jo...@mycubes.nl> wrote:
> Hi all,
>
> At the current moment we are working on a Dutch government wide
> communication standard which is heavily using webservices and the related
> WS-x standards like WS-Security, WS-addressing and since 2013 WS-RM. With
> the expansion of WS-RM in the standard, the Dutch education institution has
> decided to adopt this standard as well for all communication between the
> institution and at least 20000+ schools.
> To support this adoption, the quality and the support of the existing
> frameworks like Apache CXF is very important. Besides WS-RM, an important
> topic is the support of MTOM in combination with WS-Security. There are
> several posts in the mailing stating that the CXF version at that time was
> not supporting this and that it would be released in a later version. Is
> it supported in upcoming 3.0 release?
>
> With kind regards,
> John
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com