You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ode.apache.org by Filip Majernik <fi...@gmail.com> on 2009/09/28 10:57:45 UTC
WS-SecurityPolicy for Partner Links
Hi,
I have following problem. When using ODE with AXIS2 as IL there's a
possibility of using the Rampart security modul. Then I can define
WS-SecurityPolicy and attach it to the web service defined by that process.
Now, as of axis2 1.4 (which comes with ODE 2.0 beta) a WS-SecurityPolicy can
be attached to the service at binding level, operation level and message
level. Let's say I have a simple process with receive, invoke and reply
activity. The web service I am invoking is defined through a PartnerLink and
that's why the policies I attached at any of that levels won't apply. Can I
somehow attach the WS-SecurityPolicy to the messages exchanged in that
PartnerLink (or define what has to be encrypted) ?
Thank you in advance,
Filip
Re: WS-SecurityPolicy for Partner Links
Posted by Milinda Pathirage <mi...@gmail.com>.
AFAIK current ODE implementation cannot handle this scenario. But it's
doable. I'm in the process of getting some help from on of my colleague who
works with Axis2 and Rampart. I am planning to try this first on WSO2 BPS.
I'll let you know once I am done with it.
Thanks
Milinda
On Tue, Sep 29, 2009 at 8:32 AM, Milinda Pathirage <
milinda.pathirage@gmail.com> wrote:
> I'll test this and let you know ASAP.
>
> Thanks,
> Milinda
>
>
> On Tue, Sep 29, 2009 at 8:03 AM, Filip Majernik <fi...@gmail.com>wrote:
>
>> Hi Milinda,
>> thank you for your answer at the first place. I managed to apply a
>> WS-SecurityPolicy for a PartnerLink, but what I need
>> is the functionality of WS-PolicyAttachment as
>> described<http://wso2.org/library/3786>here
>> http://wso2.org/library/3786.
>>
>> I would like to have a different WS-SecurityPolicy for the request message
>> of that partner link as for the response message.
>> Is that somehow possible?
>>
>> Thanks,
>> Filip
>>
>> On Tue, Sep 29, 2009 at 3:33 AM, Milinda Pathirage <
>> milinda.pathirage@gmail.com> wrote:
>>
>> > ODE supports securing of partner links. What you have to do is specify
>> the
>> > policy as described in the user guides "How to use WS-Security in ODE"
>> > section[1]. Refer "How to invoke a secured web service" sub section.
>> > What you have to do is specify the policy file to use with the service
>> > invocation in a endpoint configuration file as following. Policy file
>> > location is absolute.
>> >
>> > alias.sample03-ns=http://sample03.policy.samples.rampart.apache.org
>> > sample03-ns.sample03-policy.ode.security.policy.file=mypolicy.xml
>> >
>> >
>> > Look at the sample located at
>> > ODE_TRUNK/axis2-war/src/test/resources/TestRampartPolicy.
>> >
>> > Thanks
>> > Milinda
>> >
>> > 1.
>> >
>> http://ode.apache.org/user-guide.html#UserGuide-QuickRampartintroduction
>> >
>> >
>> >
>> > On Mon, Sep 28, 2009 at 2:27 PM, Filip Majernik <
>> filip.majernik@gmail.com
>> > >wrote:
>> >
>> > > Hi,
>> > > I have following problem. When using ODE with AXIS2 as IL there's a
>> > > possibility of using the Rampart security modul. Then I can define
>> > > WS-SecurityPolicy and attach it to the web service defined by that
>> > process.
>> > > Now, as of axis2 1.4 (which comes with ODE 2.0 beta) a
>> WS-SecurityPolicy
>> > > can
>> > > be attached to the service at binding level, operation level and
>> message
>> > > level. Let's say I have a simple process with receive, invoke and
>> reply
>> > > activity. The web service I am invoking is defined through a
>> PartnerLink
>> > > and
>> > > that's why the policies I attached at any of that levels won't apply.
>> Can
>> > I
>> > > somehow attach the WS-SecurityPolicy to the messages exchanged in that
>> > > PartnerLink (or define what has to be encrypted) ?
>> > >
>> > > Thank you in advance,
>> > > Filip
>> > >
>> >
>> >
>> >
>> > --
>> > Milinda Pathirage
>> > Senior Software Engineer & Product Manager WSO2 BPS;
>> http://wso2.org/bps
>> > WSO2 <http://wso2.org/bps%0AWSO2> Inc.; http://wso2.com
>> > E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
>> > Web: http://mpathirage.com
>> > Blog: http://blog.mpathirage.com
>> >
>>
>
>
>
> --
> Milinda Pathirage
> Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
> WSO2 Inc.; http://wso2.com
>
> E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
> Web: http://mpathirage.com
> Blog: http://blog.mpathirage.com
>
--
Milinda Pathirage
Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
WSO2 Inc.; http://wso2.com
E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
Web: http://mpathirage.com
Blog: http://blog.mpathirage.com
Re: WS-SecurityPolicy for Partner Links
Posted by Milinda Pathirage <mi...@gmail.com>.
I'll test this and let you know ASAP.
Thanks,
Milinda
On Tue, Sep 29, 2009 at 8:03 AM, Filip Majernik <fi...@gmail.com>wrote:
> Hi Milinda,
> thank you for your answer at the first place. I managed to apply a
> WS-SecurityPolicy for a PartnerLink, but what I need
> is the functionality of WS-PolicyAttachment as
> described<http://wso2.org/library/3786>here
> http://wso2.org/library/3786.
>
> I would like to have a different WS-SecurityPolicy for the request message
> of that partner link as for the response message.
> Is that somehow possible?
>
> Thanks,
> Filip
>
> On Tue, Sep 29, 2009 at 3:33 AM, Milinda Pathirage <
> milinda.pathirage@gmail.com> wrote:
>
> > ODE supports securing of partner links. What you have to do is specify
> the
> > policy as described in the user guides "How to use WS-Security in ODE"
> > section[1]. Refer "How to invoke a secured web service" sub section.
> > What you have to do is specify the policy file to use with the service
> > invocation in a endpoint configuration file as following. Policy file
> > location is absolute.
> >
> > alias.sample03-ns=http://sample03.policy.samples.rampart.apache.org
> > sample03-ns.sample03-policy.ode.security.policy.file=mypolicy.xml
> >
> >
> > Look at the sample located at
> > ODE_TRUNK/axis2-war/src/test/resources/TestRampartPolicy.
> >
> > Thanks
> > Milinda
> >
> > 1.
> > http://ode.apache.org/user-guide.html#UserGuide-QuickRampartintroduction
> >
> >
> >
> > On Mon, Sep 28, 2009 at 2:27 PM, Filip Majernik <
> filip.majernik@gmail.com
> > >wrote:
> >
> > > Hi,
> > > I have following problem. When using ODE with AXIS2 as IL there's a
> > > possibility of using the Rampart security modul. Then I can define
> > > WS-SecurityPolicy and attach it to the web service defined by that
> > process.
> > > Now, as of axis2 1.4 (which comes with ODE 2.0 beta) a
> WS-SecurityPolicy
> > > can
> > > be attached to the service at binding level, operation level and
> message
> > > level. Let's say I have a simple process with receive, invoke and reply
> > > activity. The web service I am invoking is defined through a
> PartnerLink
> > > and
> > > that's why the policies I attached at any of that levels won't apply.
> Can
> > I
> > > somehow attach the WS-SecurityPolicy to the messages exchanged in that
> > > PartnerLink (or define what has to be encrypted) ?
> > >
> > > Thank you in advance,
> > > Filip
> > >
> >
> >
> >
> > --
> > Milinda Pathirage
> > Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
> > WSO2 <http://wso2.org/bps%0AWSO2> Inc.; http://wso2.com
> > E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
> > Web: http://mpathirage.com
> > Blog: http://blog.mpathirage.com
> >
>
--
Milinda Pathirage
Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
WSO2 Inc.; http://wso2.com
E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
Web: http://mpathirage.com
Blog: http://blog.mpathirage.com
Re: WS-SecurityPolicy for Partner Links
Posted by Filip Majernik <fi...@gmail.com>.
Hi Milinda,
thank you for your answer at the first place. I managed to apply a
WS-SecurityPolicy for a PartnerLink, but what I need
is the functionality of WS-PolicyAttachment as
described<http://wso2.org/library/3786>here
http://wso2.org/library/3786.
I would like to have a different WS-SecurityPolicy for the request message
of that partner link as for the response message.
Is that somehow possible?
Thanks,
Filip
On Tue, Sep 29, 2009 at 3:33 AM, Milinda Pathirage <
milinda.pathirage@gmail.com> wrote:
> ODE supports securing of partner links. What you have to do is specify the
> policy as described in the user guides "How to use WS-Security in ODE"
> section[1]. Refer "How to invoke a secured web service" sub section.
> What you have to do is specify the policy file to use with the service
> invocation in a endpoint configuration file as following. Policy file
> location is absolute.
>
> alias.sample03-ns=http://sample03.policy.samples.rampart.apache.org
> sample03-ns.sample03-policy.ode.security.policy.file=mypolicy.xml
>
>
> Look at the sample located at
> ODE_TRUNK/axis2-war/src/test/resources/TestRampartPolicy.
>
> Thanks
> Milinda
>
> 1.
> http://ode.apache.org/user-guide.html#UserGuide-QuickRampartintroduction
>
>
>
> On Mon, Sep 28, 2009 at 2:27 PM, Filip Majernik <filip.majernik@gmail.com
> >wrote:
>
> > Hi,
> > I have following problem. When using ODE with AXIS2 as IL there's a
> > possibility of using the Rampart security modul. Then I can define
> > WS-SecurityPolicy and attach it to the web service defined by that
> process.
> > Now, as of axis2 1.4 (which comes with ODE 2.0 beta) a WS-SecurityPolicy
> > can
> > be attached to the service at binding level, operation level and message
> > level. Let's say I have a simple process with receive, invoke and reply
> > activity. The web service I am invoking is defined through a PartnerLink
> > and
> > that's why the policies I attached at any of that levels won't apply. Can
> I
> > somehow attach the WS-SecurityPolicy to the messages exchanged in that
> > PartnerLink (or define what has to be encrypted) ?
> >
> > Thank you in advance,
> > Filip
> >
>
>
>
> --
> Milinda Pathirage
> Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
> WSO2 <http://wso2.org/bps%0AWSO2> Inc.; http://wso2.com
> E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
> Web: http://mpathirage.com
> Blog: http://blog.mpathirage.com
>
Re: WS-SecurityPolicy for Partner Links
Posted by Milinda Pathirage <mi...@gmail.com>.
ODE supports securing of partner links. What you have to do is specify the
policy as described in the user guides "How to use WS-Security in ODE"
section[1]. Refer "How to invoke a secured web service" sub section.
What you have to do is specify the policy file to use with the service
invocation in a endpoint configuration file as following. Policy file
location is absolute.
alias.sample03-ns=http://sample03.policy.samples.rampart.apache.org
sample03-ns.sample03-policy.ode.security.policy.file=mypolicy.xml
Look at the sample located at
ODE_TRUNK/axis2-war/src/test/resources/TestRampartPolicy.
Thanks
Milinda
1. http://ode.apache.org/user-guide.html#UserGuide-QuickRampartintroduction
On Mon, Sep 28, 2009 at 2:27 PM, Filip Majernik <fi...@gmail.com>wrote:
> Hi,
> I have following problem. When using ODE with AXIS2 as IL there's a
> possibility of using the Rampart security modul. Then I can define
> WS-SecurityPolicy and attach it to the web service defined by that process.
> Now, as of axis2 1.4 (which comes with ODE 2.0 beta) a WS-SecurityPolicy
> can
> be attached to the service at binding level, operation level and message
> level. Let's say I have a simple process with receive, invoke and reply
> activity. The web service I am invoking is defined through a PartnerLink
> and
> that's why the policies I attached at any of that levels won't apply. Can I
> somehow attach the WS-SecurityPolicy to the messages exchanged in that
> PartnerLink (or define what has to be encrypted) ?
>
> Thank you in advance,
> Filip
>
--
Milinda Pathirage
Senior Software Engineer & Product Manager WSO2 BPS; http://wso2.org/bps
WSO2 Inc.; http://wso2.com
E-mail: milinda@wso2.com, milinda.pathirage@gmail.com
Web: http://mpathirage.com
Blog: http://blog.mpathirage.com