You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Chris Nappin <C....@ABM-UK.COM> on 2005/08/10 15:09:14 UTC

A few beginner questions

Hi,

 

  We have an existing Apache Axis-based application to which we'd like
to add security. I've been able to successfully implement the UserToken
example, but have struggled to get anything further working.

 

Specifically, for various good architectural reasons we are using DII in
our clients. Do you have any good pointers to help me get started using
wss4j with Axis in DII mode rather than wsdl2java-generated stubs? We're
struggling to get the Axis engine to use the wss4j handler specified in
the client .wsdd config - there seem to be several ways to do this but
all are ignored.

 

Also, the Javadoc in the 1.0 release is missing some vital information,
like org.apache.ws.security.handler.WSHandlerConstants. This are seems
to have been altered in the latest online Javadocs, based on CVS?

 

I guess as an alternative we could use wss4j in a much lower-level way,
like the devx article suggests. I think this then forces me to use JAXM
rather than DII? 

 

cheers,


Chris Nappin

Technical Architect
 
ABM United Kingdom Limited
Telephone: +44 (0) 115 977 6999
Facsimile: +44 (0) 115 977 6850
Web: http://www.abm-uk.com
 
ABM for Intelligent Solutions

 


 
CONFIDENTIALITY & PRIVILEGE NOTICE

This e-mail is confidential to its intended recipient. It may also be privileged. Neither the confidentiality nor any privilege attaching to this e-mail is waived lost or destroyed by reason that it has been mistakenly transmitted to a person or entity other than its intended recipient. If you are not the intended recipient please notify us immediately by telephone or fax at the numbers provided above or e-mail by Reply To Author and return the printed e-mail to us by post at our expense. We believe, but do not warrant, that this e-mail and any attachments are virus-free, but you should check. We may monitor traffic data of both business and personal e-mails. We are not liable for any opinions expressed by the sender where this is a non-business e-mail. If you do not receive all the message, or if you have difficulty with the transmission, please telephone us immediately.

Re: A few beginner questions

Posted by Davanum Srinivas <da...@gmail.com>.
you can use org.apache.ws.security.handler.WSS4JHandler which is a
jaxrpc handler. look at test\interop\TestJAXRPCHandler.java for
example usage.

-- dims


On 8/10/05, Chris Nappin <C....@abm-uk.com> wrote:
>  
>  
> 
> Hi, 
> 
>   
> 
>   We have an existing Apache Axis-based application to which we'd like to
> add security. I've been able to successfully implement the UserToken
> example, but have struggled to get anything further working. 
> 
>   
> 
> Specifically, for various good architectural reasons we are using DII in our
> clients. Do you have any good pointers to help me get started using wss4j
> with Axis in DII mode rather than wsdl2java-generated stubs? We're
> struggling to get the Axis engine to use the wss4j handler specified in the
> client .wsdd config – there seem to be several ways to do this but all are
> ignored. 
> 
>   
> 
> Also, the Javadoc in the 1.0 release is missing some vital information, like
> org.apache.ws.security.handler.WSHandlerConstants. This are
> seems to have been altered in the latest online Javadocs, based on CVS? 
> 
>   
> 
> I guess as an alternative we could use wss4j in a much lower-level way, like
> the devx article suggests. I think this then forces me to use JAXM rather
> than DII? 
> 
>   
> 
> cheers, 
> 
> 
>  Chris Nappin 
> 
> Technical Architect
>   
>  ABM United Kingdom Limited
>  Telephone: +44 (0) 115 977 6999
>  Facsimile: +44 (0) 115 977 6850
>  Web: http://www.abm-uk.com
>   
>  ABM for Intelligent Solutions 
> 
>     
> 
> CONFIDENTIALITY & PRIVILEGE NOTICE 
> 
> This e-mail is confidential to its intended recipient. It may also be
> privileged. Neither the confidentiality nor any privilege attaching to this
> e-mail is waived lost or destroyed by reason that it has been mistakenly
> transmitted to a person or entity other than its intended recipient. If you
> are not the intended recipient please notify us immediately by telephone or
> fax at the numbers provided above or e-mail by Reply To Author and return
> the printed e-mail to us by post at our expense. We believe, but do not
> warrant, that this e-mail and any attachments are virus-free, but you should
> check. We may monitor traffic data of both business and personal e-mails. We
> are not liable for any opinions expressed by the sender where this is a
> non-business e-mail. If you do not receive all the message, or if you have
> difficulty with the transmission, please telephone us immediately. 


-- 
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform

Re: A few beginner questions

Posted by Davanum Srinivas <da...@gmail.com>.
you can use org.apache.ws.security.handler.WSS4JHandler which is a
jaxrpc handler. look at test\interop\TestJAXRPCHandler.java for
example usage.

-- dims


On 8/10/05, Chris Nappin <C....@abm-uk.com> wrote:
>  
>  
> 
> Hi, 
> 
>   
> 
>   We have an existing Apache Axis-based application to which we'd like to
> add security. I've been able to successfully implement the UserToken
> example, but have struggled to get anything further working. 
> 
>   
> 
> Specifically, for various good architectural reasons we are using DII in our
> clients. Do you have any good pointers to help me get started using wss4j
> with Axis in DII mode rather than wsdl2java-generated stubs? We're
> struggling to get the Axis engine to use the wss4j handler specified in the
> client .wsdd config – there seem to be several ways to do this but all are
> ignored. 
> 
>   
> 
> Also, the Javadoc in the 1.0 release is missing some vital information, like
> org.apache.ws.security.handler.WSHandlerConstants. This are
> seems to have been altered in the latest online Javadocs, based on CVS? 
> 
>   
> 
> I guess as an alternative we could use wss4j in a much lower-level way, like
> the devx article suggests. I think this then forces me to use JAXM rather
> than DII? 
> 
>   
> 
> cheers, 
> 
> 
>  Chris Nappin 
> 
> Technical Architect
>   
>  ABM United Kingdom Limited
>  Telephone: +44 (0) 115 977 6999
>  Facsimile: +44 (0) 115 977 6850
>  Web: http://www.abm-uk.com
>   
>  ABM for Intelligent Solutions 
> 
>     
> 
> CONFIDENTIALITY & PRIVILEGE NOTICE 
> 
> This e-mail is confidential to its intended recipient. It may also be
> privileged. Neither the confidentiality nor any privilege attaching to this
> e-mail is waived lost or destroyed by reason that it has been mistakenly
> transmitted to a person or entity other than its intended recipient. If you
> are not the intended recipient please notify us immediately by telephone or
> fax at the numbers provided above or e-mail by Reply To Author and return
> the printed e-mail to us by post at our expense. We believe, but do not
> warrant, that this e-mail and any attachments are virus-free, but you should
> check. We may monitor traffic data of both business and personal e-mails. We
> are not liable for any opinions expressed by the sender where this is a
> non-business e-mail. If you do not receive all the message, or if you have
> difficulty with the transmission, please telephone us immediately. 


-- 
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform