You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Nandana Mihindukulasooriya <na...@gmail.com> on 2008/01/04 07:11:37 UTC

Re: authentication with X509 certs

Hi Dietmar,
        I  still  don't get the scenario very clearly.

On successful authentication  (with whatever method - HTTP auth, usename
> token, X509, SAML, Kerberos?)
> I'd like to generate some custom credentials that are used later on to
> (re-)authenticate with the backend systems
> that the Web service invokes.


Will WS - Trust [1] or WS - Secure Conversation [2] suit your requirement ?

[1] - http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
[2] - http://specs.xmlsoap.org/ws/2005/02/sc/WS-SecureConversation.pdf

Thanks,
Nandana




>
> ----- Original Message -----
> From: "Nandana Mihindukulasooriya" <na...@gmail.com>
> To: <ra...@ws.apache.org>
> Sent: Sunday, December 30, 2007 9:41 AM
> Subject: Re: authentication with X509 certs
>
>
> > Hi Dietmar,
> >
> > Does Rampart/WSS4J offer some authentication method using X509
> >> certificates?
> >
> >
> > If we use a digital signature with X509 certificate, it provides us
> > authentication +
> > integrity, right ? or am I missing something ?
> >
> > Thanks,
> > Nandana
> >
>