You are viewing a plain text version of this content. The canonical link for it is here.
Posted to sandesha-dev@ws.apache.org by Nencho Lupanov <ne...@googlemail.com> on 2007/04/25 18:22:20 UTC
[sandesha2]WS Secure Conversation with sandesha2
Hi All,
I am using UsernameToken to authenticate a user in the Password Callback
class.
I nees to send this UsernameToken only once in order to implement single
sign on,
or in other words some session context.
I now that WS Secure Conversation has a security context token for that
needs and
I may specify Rampart security context manager in sandesha2 but is there any
samples on doing that
and how far is this implemented?
thanks,
Nencho
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Nencho Lupanov <ne...@googlemail.com>.
Hi Chamikara,
Yes rampart should be enough.
thanks,
nencho
2007/4/26, Chamikara Jayalath <ch...@gmail.com>:
>
> Hi Nencho,
>
> All you need you is Rampart. Sandesha2 is a WSRM implementation and
> RampartBasedSecurityManager is for the integration of two components. So
> no
> need to worry about them till you need both RM and SecCon.
>
> I guess rampart devs will answer your other questions.
>
> Chamikara
>
>
> On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> >
> > Hi Chamikara,
> >
> > I need only WSSecCon. I may also need WSRM but they should not be tight.
> > I want to use the username token policy assertion but ony the first time
> > when the client connects the server.
> > any furthure call shuld not send the user/pass info.Could i do that with
> > rampart/sec. policies?
> >
> > Thanks,
> > Nencho
> >
> >
> > 2007/4/26, Chamikara Jayalath <ch...@gmail.com>:
> > >
> > > Hi Nencho,
> > >
> > > What is your requirement. Do you want to use both WSRM+WSSecCon or you
> > > wan't
> > > only WSSecCon ?
> > >
> > > Chamikara
> > >
> > >
> > > On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > > >
> > > > Hi Chamikara,
> > > >
> > > > I also noticed in the rampart sample04 that i can configure
> > > > WS Secure conversation using rampart policies without the need of
> > using
> > > > sandesha,
> > > > whats the differences between the two ways?
> > > >
> > > > thanks,
> > > > Nencho
> > > >
> > > >
> > > > 2007/4/25, Chamikara Jayalath <ch...@gmail.com>:
> > > > >
> > > > > Hi Nencho,
> > > > >
> > > > > We tested the RampartBasedSecurityManager for quite a number of
> > > > scenarios.
> > > > > So ideally it should work. You can get an idea of the design and
> the
> > > > > client
> > > > > API from the following.
> > > > >
> > > > > http://wso2.org/library/1027
> > > > >
> > > > > Chamikara
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > > > > >
> > > > > > Hi All,
> > > > > >
> > > > > > I am using UsernameToken to authenticate a user in the Password
> > > > Callback
> > > > > > class.
> > > > > > I nees to send this UsernameToken only once in order to
> implement
> > > > single
> > > > > > sign on,
> > > > > > or in other words some session context.
> > > > > > I now that WS Secure Conversation has a security context token
> for
> > > > that
> > > > > > needs and
> > > > > > I may specify Rampart security context manager in sandesha2 but
> is
> > > > there
> > > > > > any samples on doing that
> > > > > > and how far is this implemented?
> > > > > >
> > > > > > thanks,
> > > > > > Nencho
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Chamikara Jayalath
> > > > > WSO2 Inc.
> > > > > http://wso2.com/
> > > > > http://wso2.org/ - For your Oxygen needs
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Chamikara Jayalath
> > > WSO2 Inc.
> > > http://wso2.com/
> > > http://wso2.org/ - For your Oxygen needs
> > >
> >
>
>
>
> --
> Chamikara Jayalath
> WSO2 Inc.
> http://wso2.com/
> http://wso2.org/ - For your Oxygen needs
>
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
All you need you is Rampart. Sandesha2 is a WSRM implementation and
RampartBasedSecurityManager is for the integration of two components. So no
need to worry about them till you need both RM and SecCon.
I guess rampart devs will answer your other questions.
Chamikara
On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi Chamikara,
>
> I need only WSSecCon. I may also need WSRM but they should not be tight.
> I want to use the username token policy assertion but ony the first time
> when the client connects the server.
> any furthure call shuld not send the user/pass info.Could i do that with
> rampart/sec. policies?
>
> Thanks,
> Nencho
>
>
> 2007/4/26, Chamikara Jayalath <ch...@gmail.com>:
> >
> > Hi Nencho,
> >
> > What is your requirement. Do you want to use both WSRM+WSSecCon or you
> > wan't
> > only WSSecCon ?
> >
> > Chamikara
> >
> >
> > On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > >
> > > Hi Chamikara,
> > >
> > > I also noticed in the rampart sample04 that i can configure
> > > WS Secure conversation using rampart policies without the need of
> using
> > > sandesha,
> > > whats the differences between the two ways?
> > >
> > > thanks,
> > > Nencho
> > >
> > >
> > > 2007/4/25, Chamikara Jayalath <ch...@gmail.com>:
> > > >
> > > > Hi Nencho,
> > > >
> > > > We tested the RampartBasedSecurityManager for quite a number of
> > > scenarios.
> > > > So ideally it should work. You can get an idea of the design and the
> > > > client
> > > > API from the following.
> > > >
> > > > http://wso2.org/library/1027
> > > >
> > > > Chamikara
> > > >
> > > >
> > > >
> > > >
> > > > On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > > > >
> > > > > Hi All,
> > > > >
> > > > > I am using UsernameToken to authenticate a user in the Password
> > > Callback
> > > > > class.
> > > > > I nees to send this UsernameToken only once in order to implement
> > > single
> > > > > sign on,
> > > > > or in other words some session context.
> > > > > I now that WS Secure Conversation has a security context token for
> > > that
> > > > > needs and
> > > > > I may specify Rampart security context manager in sandesha2 but is
> > > there
> > > > > any samples on doing that
> > > > > and how far is this implemented?
> > > > >
> > > > > thanks,
> > > > > Nencho
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Chamikara Jayalath
> > > > WSO2 Inc.
> > > > http://wso2.com/
> > > > http://wso2.org/ - For your Oxygen needs
> > > >
> > >
> >
> >
> >
> > --
> > Chamikara Jayalath
> > WSO2 Inc.
> > http://wso2.com/
> > http://wso2.org/ - For your Oxygen needs
> >
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Nencho Lupanov <ne...@googlemail.com>.
Hi Chamikara,
I need only WSSecCon. I may also need WSRM but they should not be tight.
I want to use the username token policy assertion but ony the first time
when the client connects the server.
any furthure call shuld not send the user/pass info.Could i do that with
rampart/sec. policies?
Thanks,
Nencho
2007/4/26, Chamikara Jayalath <ch...@gmail.com>:
>
> Hi Nencho,
>
> What is your requirement. Do you want to use both WSRM+WSSecCon or you
> wan't
> only WSSecCon ?
>
> Chamikara
>
>
> On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> >
> > Hi Chamikara,
> >
> > I also noticed in the rampart sample04 that i can configure
> > WS Secure conversation using rampart policies without the need of using
> > sandesha,
> > whats the differences between the two ways?
> >
> > thanks,
> > Nencho
> >
> >
> > 2007/4/25, Chamikara Jayalath <ch...@gmail.com>:
> > >
> > > Hi Nencho,
> > >
> > > We tested the RampartBasedSecurityManager for quite a number of
> > scenarios.
> > > So ideally it should work. You can get an idea of the design and the
> > > client
> > > API from the following.
> > >
> > > http://wso2.org/library/1027
> > >
> > > Chamikara
> > >
> > >
> > >
> > >
> > > On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > > >
> > > > Hi All,
> > > >
> > > > I am using UsernameToken to authenticate a user in the Password
> > Callback
> > > > class.
> > > > I nees to send this UsernameToken only once in order to implement
> > single
> > > > sign on,
> > > > or in other words some session context.
> > > > I now that WS Secure Conversation has a security context token for
> > that
> > > > needs and
> > > > I may specify Rampart security context manager in sandesha2 but is
> > there
> > > > any samples on doing that
> > > > and how far is this implemented?
> > > >
> > > > thanks,
> > > > Nencho
> > > >
> > >
> > >
> > >
> > > --
> > > Chamikara Jayalath
> > > WSO2 Inc.
> > > http://wso2.com/
> > > http://wso2.org/ - For your Oxygen needs
> > >
> >
>
>
>
> --
> Chamikara Jayalath
> WSO2 Inc.
> http://wso2.com/
> http://wso2.org/ - For your Oxygen needs
>
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
What is your requirement. Do you want to use both WSRM+WSSecCon or you wan't
only WSSecCon ?
Chamikara
On 4/26/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi Chamikara,
>
> I also noticed in the rampart sample04 that i can configure
> WS Secure conversation using rampart policies without the need of using
> sandesha,
> whats the differences between the two ways?
>
> thanks,
> Nencho
>
>
> 2007/4/25, Chamikara Jayalath <ch...@gmail.com>:
> >
> > Hi Nencho,
> >
> > We tested the RampartBasedSecurityManager for quite a number of
> scenarios.
> > So ideally it should work. You can get an idea of the design and the
> > client
> > API from the following.
> >
> > http://wso2.org/library/1027
> >
> > Chamikara
> >
> >
> >
> >
> > On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> > >
> > > Hi All,
> > >
> > > I am using UsernameToken to authenticate a user in the Password
> Callback
> > > class.
> > > I nees to send this UsernameToken only once in order to implement
> single
> > > sign on,
> > > or in other words some session context.
> > > I now that WS Secure Conversation has a security context token for
> that
> > > needs and
> > > I may specify Rampart security context manager in sandesha2 but is
> there
> > > any samples on doing that
> > > and how far is this implemented?
> > >
> > > thanks,
> > > Nencho
> > >
> >
> >
> >
> > --
> > Chamikara Jayalath
> > WSO2 Inc.
> > http://wso2.com/
> > http://wso2.org/ - For your Oxygen needs
> >
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Nencho Lupanov <ne...@googlemail.com>.
Hi Chamikara,
I also noticed in the rampart sample04 that i can configure
WS Secure conversation using rampart policies without the need of using
sandesha,
whats the differences between the two ways?
thanks,
Nencho
2007/4/25, Chamikara Jayalath <ch...@gmail.com>:
>
> Hi Nencho,
>
> We tested the RampartBasedSecurityManager for quite a number of scenarios.
> So ideally it should work. You can get an idea of the design and the
> client
> API from the following.
>
> http://wso2.org/library/1027
>
> Chamikara
>
>
>
>
> On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
> >
> > Hi All,
> >
> > I am using UsernameToken to authenticate a user in the Password Callback
> > class.
> > I nees to send this UsernameToken only once in order to implement single
> > sign on,
> > or in other words some session context.
> > I now that WS Secure Conversation has a security context token for that
> > needs and
> > I may specify Rampart security context manager in sandesha2 but is there
> > any samples on doing that
> > and how far is this implemented?
> >
> > thanks,
> > Nencho
> >
>
>
>
> --
> Chamikara Jayalath
> WSO2 Inc.
> http://wso2.com/
> http://wso2.org/ - For your Oxygen needs
>
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
We tested the RampartBasedSecurityManager for quite a number of scenarios.
So ideally it should work. You can get an idea of the design and the client
API from the following.
http://wso2.org/library/1027
Chamikara
On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi All,
>
> I am using UsernameToken to authenticate a user in the Password Callback
> class.
> I nees to send this UsernameToken only once in order to implement single
> sign on,
> or in other words some session context.
> I now that WS Secure Conversation has a security context token for that
> needs and
> I may specify Rampart security context manager in sandesha2 but is there
> any samples on doing that
> and how far is this implemented?
>
> thanks,
> Nencho
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
We tested the RampartBasedSecurityManager for quite a number of scenarios.
So ideally it should work. You can get an idea of the design and the client
API from the following.
http://wso2.org/library/1027
Chamikara
On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi All,
>
> I am using UsernameToken to authenticate a user in the Password Callback
> class.
> I nees to send this UsernameToken only once in order to implement single
> sign on,
> or in other words some session context.
> I now that WS Secure Conversation has a security context token for that
> needs and
> I may specify Rampart security context manager in sandesha2 but is there
> any samples on doing that
> and how far is this implemented?
>
> thanks,
> Nencho
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
We tested the RampartBasedSecurityManager for quite a number of scenarios.
So ideally it should work. You can get an idea of the design and the client
API from the following.
http://wso2.org/library/1027
Chamikara
On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi All,
>
> I am using UsernameToken to authenticate a user in the Password Callback
> class.
> I nees to send this UsernameToken only once in order to implement single
> sign on,
> or in other words some session context.
> I now that WS Secure Conversation has a security context token for that
> needs and
> I may specify Rampart security context manager in sandesha2 but is there
> any samples on doing that
> and how far is this implemented?
>
> thanks,
> Nencho
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs
Re: [sandesha2]WS Secure Conversation with sandesha2
Posted by Chamikara Jayalath <ch...@gmail.com>.
Hi Nencho,
We tested the RampartBasedSecurityManager for quite a number of scenarios.
So ideally it should work. You can get an idea of the design and the client
API from the following.
http://wso2.org/library/1027
Chamikara
On 4/25/07, Nencho Lupanov <ne...@googlemail.com> wrote:
>
> Hi All,
>
> I am using UsernameToken to authenticate a user in the Password Callback
> class.
> I nees to send this UsernameToken only once in order to implement single
> sign on,
> or in other words some session context.
> I now that WS Secure Conversation has a security context token for that
> needs and
> I may specify Rampart security context manager in sandesha2 but is there
> any samples on doing that
> and how far is this implemented?
>
> thanks,
> Nencho
>
--
Chamikara Jayalath
WSO2 Inc.
http://wso2.com/
http://wso2.org/ - For your Oxygen needs