You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by David Del Vecchio <dd...@virginia.edu> on 2005/10/01 00:32:41 UTC
Re: upcoming interop extravaganza
There actually are already a couple of WS-Trust implementations in the
WSS4J repository, but perhaps we could integrate and merge your efforts.
David
Matt Lewis said:
>
>
>
>
>
>
> As part of a work related project I've been responsible for a WS-Trust
> web service client implementation. This is now fully functional and
> implemented in Java making very basic use of Apache Axis 1.2.1 (for the
> SOAP envelope and call). The WS-Trust server is entirely Microsoft
> based.
>
> I'd very much like to contribute to the WSS4J project - clearly WS-T is
> going to be a major MS webservices component in the near future and it
> would be great to have an Open Source Java implementation out there.
>
> Regards,
>
> Matt Lewis
>
> Davanum Srinivas wrote:
>
> +1 from me. Have they sent the interop doc yet? or the endpoints for
> WS-T and WS-SecConv?
>
> -- dims
>
> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
Edson,
Sounds great!!!! Looking forward to the contribution from you.
-- dims
On 10/4/05, Edson Camargo <ca...@das.ufsc.br> wrote:
> Hi,
>
> I think that the suport for SAML tokens is ok now! I made some local
> tests and got great results. Until now the problem is with the
> "SAMLIssuer saml = SAMLIssuerFactory.getInstance();" with axis (I sent
> the problem in a previous email).
>
> I will try another way to make the assertion, different from those bellow:
>
> - SAMLIssuer saml = SAMLIssuerFactory.getInstance(); (the problem in
> this line, apparently with axis)
> - SAMLAssertion assertion = saml.newAssertion();
>
> and return to you. The question is that the those ways seem better
> because of the simplicity.
>
> I am working in the following sample too:
> 1) a client that access a service and has the request denied because he
> doesn't have a security token issued by the STS of the same domain;
> 2) request the security token to STS
> 3) the STS returns the token requested
> 4) the client uses the token to access the service
>
> Everything based on handlers (signature, encrytion and access control in
> the client).
>
> Edson
>
>
>
>
> David Del Vecchio wrote:
>
> > Edson Camargo and I have recently been experimenting with the
> > implementation in the trust2 directory. I think that implementation
> > does work, although it requires some wsdd configuration that might not
> > be documented anywhere (see the end of this email for specifics). I
> > think Edson is working on trying to add support for SAML tokens.
> >
> > It does work as both a client and server implementation, but I'm sure
> > it's not feature complete. If we could integrate some of your work, we
> > might be able to fill in some of the gaps. Sound any good?
> >
> > I do see value in supporting both specification versions, although the
> > older one is probably the higher priority as you mention.
> >
> > David
> >
> >
> > WSDD Configuration for trust2 Sample Service:
> > ...
> >
> > <service name="SampleSecurityTokenService" style="document"
> > use="literal">
> > <parameter name="allowedMethods" value="*"/>
> > <parameter name="className"
> >
> > value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
> >
> >
> > <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > qname="ns:RequestSecurityToken"
> >
> > type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> >
> > serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> >
> >
> > deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> >
> > encodingStyle=""/>
> > <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > qname="ns:RequestSecurityTokenResponse"
> >
> > type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> >
> >
> > serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> >
> >
> > deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> >
> > encodingStyle=""/>
> >
> > <operation name="exchange" qname="ns1:RequestSecurityToken"
> > xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > returnQName="ns1:RequestSecurityTokenResponse"
> > returnType="ns1:RequestSecurityTokenResponse">
> > <parameter qname="ns1:RequestSecurityToken"
> > type="ns1:RequestSecurityToken"
> > xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> > </operation>
> > </service>
> >
> >
> >
> > Matt Lewis wrote:
> >
> >> I had a look at the two in the sandbox packages and they weren't very
> >> functional. It would be great to get one of these fully working.
> >> Would you see value in attempting to support both WS-T specifications
> >> (2004-04/2005-02)? Due to the server implementation I'm restricted to
> >> 2004-04.
> >>
> >> Matt
> >>
> >> David Del Vecchio wrote:
> >>
> >>> There actually are already a couple of WS-Trust implementations in the
> >>> WSS4J repository, but perhaps we could integrate and merge your
> >>> efforts.
> >>>
> >>> David
> >>>
> >>> Matt Lewis said:
> >>>
> >>>
> >>>>
> >>>>
> >>>> As part of a work related project I've been responsible for a WS-Trust
> >>>> web service client implementation. This is now fully functional and
> >>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
> >>>> the
> >>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>> based.
> >>>>
> >>>> I'd very much like to contribute to the WSS4J project - clearly
> >>>> WS-T is
> >>>> going to be a major MS webservices component in the near future and it
> >>>> would be great to have an Open Source Java implementation out there.
> >>>>
> >>>> Regards,
> >>>>
> >>>> Matt Lewis
> >>>>
> >>>> Davanum Srinivas wrote:
> >>>>
> >>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>> WS-T and WS-SecConv?
> >>>>
> >>>> -- dims
> >>>>
> >>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
> >>>> <ma...@verisign.com>
> >>>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> >>> <ma...@ws.apache.org>
> >>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >>> <ma...@ws.apache.org>
> >>>
> >>>
> >>>
> >>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> >> additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
Edson,
Sounds great!!!! Looking forward to the contribution from you.
-- dims
On 10/4/05, Edson Camargo <ca...@das.ufsc.br> wrote:
> Hi,
>
> I think that the suport for SAML tokens is ok now! I made some local
> tests and got great results. Until now the problem is with the
> "SAMLIssuer saml = SAMLIssuerFactory.getInstance();" with axis (I sent
> the problem in a previous email).
>
> I will try another way to make the assertion, different from those bellow:
>
> - SAMLIssuer saml = SAMLIssuerFactory.getInstance(); (the problem in
> this line, apparently with axis)
> - SAMLAssertion assertion = saml.newAssertion();
>
> and return to you. The question is that the those ways seem better
> because of the simplicity.
>
> I am working in the following sample too:
> 1) a client that access a service and has the request denied because he
> doesn't have a security token issued by the STS of the same domain;
> 2) request the security token to STS
> 3) the STS returns the token requested
> 4) the client uses the token to access the service
>
> Everything based on handlers (signature, encrytion and access control in
> the client).
>
> Edson
>
>
>
>
> David Del Vecchio wrote:
>
> > Edson Camargo and I have recently been experimenting with the
> > implementation in the trust2 directory. I think that implementation
> > does work, although it requires some wsdd configuration that might not
> > be documented anywhere (see the end of this email for specifics). I
> > think Edson is working on trying to add support for SAML tokens.
> >
> > It does work as both a client and server implementation, but I'm sure
> > it's not feature complete. If we could integrate some of your work, we
> > might be able to fill in some of the gaps. Sound any good?
> >
> > I do see value in supporting both specification versions, although the
> > older one is probably the higher priority as you mention.
> >
> > David
> >
> >
> > WSDD Configuration for trust2 Sample Service:
> > ...
> >
> > <service name="SampleSecurityTokenService" style="document"
> > use="literal">
> > <parameter name="allowedMethods" value="*"/>
> > <parameter name="className"
> >
> > value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
> >
> >
> > <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > qname="ns:RequestSecurityToken"
> >
> > type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> >
> > serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> >
> >
> > deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> >
> > encodingStyle=""/>
> > <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > qname="ns:RequestSecurityTokenResponse"
> >
> > type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> >
> >
> > serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> >
> >
> > deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> >
> > encodingStyle=""/>
> >
> > <operation name="exchange" qname="ns1:RequestSecurityToken"
> > xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> > returnQName="ns1:RequestSecurityTokenResponse"
> > returnType="ns1:RequestSecurityTokenResponse">
> > <parameter qname="ns1:RequestSecurityToken"
> > type="ns1:RequestSecurityToken"
> > xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> > </operation>
> > </service>
> >
> >
> >
> > Matt Lewis wrote:
> >
> >> I had a look at the two in the sandbox packages and they weren't very
> >> functional. It would be great to get one of these fully working.
> >> Would you see value in attempting to support both WS-T specifications
> >> (2004-04/2005-02)? Due to the server implementation I'm restricted to
> >> 2004-04.
> >>
> >> Matt
> >>
> >> David Del Vecchio wrote:
> >>
> >>> There actually are already a couple of WS-Trust implementations in the
> >>> WSS4J repository, but perhaps we could integrate and merge your
> >>> efforts.
> >>>
> >>> David
> >>>
> >>> Matt Lewis said:
> >>>
> >>>
> >>>>
> >>>>
> >>>> As part of a work related project I've been responsible for a WS-Trust
> >>>> web service client implementation. This is now fully functional and
> >>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
> >>>> the
> >>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>> based.
> >>>>
> >>>> I'd very much like to contribute to the WSS4J project - clearly
> >>>> WS-T is
> >>>> going to be a major MS webservices component in the near future and it
> >>>> would be great to have an Open Source Java implementation out there.
> >>>>
> >>>> Regards,
> >>>>
> >>>> Matt Lewis
> >>>>
> >>>> Davanum Srinivas wrote:
> >>>>
> >>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>> WS-T and WS-SecConv?
> >>>>
> >>>> -- dims
> >>>>
> >>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
> >>>> <ma...@verisign.com>
> >>>>
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> >>> <ma...@ws.apache.org>
> >>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >>> <ma...@ws.apache.org>
> >>>
> >>>
> >>>
> >>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> >> additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Edson Camargo <ca...@das.ufsc.br>.
Hi,
I think that the suport for SAML tokens is ok now! I made some local
tests and got great results. Until now the problem is with the
"SAMLIssuer saml = SAMLIssuerFactory.getInstance();" with axis (I sent
the problem in a previous email).
I will try another way to make the assertion, different from those bellow:
- SAMLIssuer saml = SAMLIssuerFactory.getInstance(); (the problem in
this line, apparently with axis)
- SAMLAssertion assertion = saml.newAssertion();
and return to you. The question is that the those ways seem better
because of the simplicity.
I am working in the following sample too:
1) a client that access a service and has the request denied because he
doesn't have a security token issued by the STS of the same domain;
2) request the security token to STS
3) the STS returns the token requested
4) the client uses the token to access the service
Everything based on handlers (signature, encrytion and access control in
the client).
Edson
David Del Vecchio wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation
> does work, although it requires some wsdd configuration that might not
> be documented anywhere (see the end of this email for specifics). I
> think Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document"
> use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
>
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
>
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
>
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
>
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken"
> type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
>> I had a look at the two in the sandbox packages and they weren't very
>> functional. It would be great to get one of these fully working.
>> Would you see value in attempting to support both WS-T specifications
>> (2004-04/2005-02)? Due to the server implementation I'm restricted to
>> 2004-04.
>>
>> Matt
>>
>> David Del Vecchio wrote:
>>
>>> There actually are already a couple of WS-Trust implementations in the
>>> WSS4J repository, but perhaps we could integrate and merge your
>>> efforts.
>>>
>>> David
>>>
>>> Matt Lewis said:
>>>
>>>
>>>>
>>>>
>>>> As part of a work related project I've been responsible for a WS-Trust
>>>> web service client implementation. This is now fully functional and
>>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
>>>> the
>>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>> based.
>>>>
>>>> I'd very much like to contribute to the WSS4J project - clearly
>>>> WS-T is
>>>> going to be a major MS webservices component in the near future and it
>>>> would be great to have an Open Source Java implementation out there.
>>>>
>>>> Regards,
>>>>
>>>> Matt Lewis
>>>>
>>>> Davanum Srinivas wrote:
>>>>
>>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>> WS-T and WS-SecConv?
>>>>
>>>> -- dims
>>>>
>>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
>>>> <ma...@verisign.com>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> <ma...@ws.apache.org>
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>> <ma...@ws.apache.org>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
>> additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Edson Camargo <ca...@das.ufsc.br>.
Hi,
I think that the suport for SAML tokens is ok now! I made some local
tests and got great results. Until now the problem is with the
"SAMLIssuer saml = SAMLIssuerFactory.getInstance();" with axis (I sent
the problem in a previous email).
I will try another way to make the assertion, different from those bellow:
- SAMLIssuer saml = SAMLIssuerFactory.getInstance(); (the problem in
this line, apparently with axis)
- SAMLAssertion assertion = saml.newAssertion();
and return to you. The question is that the those ways seem better
because of the simplicity.
I am working in the following sample too:
1) a client that access a service and has the request denied because he
doesn't have a security token issued by the STS of the same domain;
2) request the security token to STS
3) the STS returns the token requested
4) the client uses the token to access the service
Everything based on handlers (signature, encrytion and access control in
the client).
Edson
David Del Vecchio wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation
> does work, although it requires some wsdd configuration that might not
> be documented anywhere (see the end of this email for specifics). I
> think Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document"
> use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
>
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
>
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
>
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
>
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken"
> type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
>> I had a look at the two in the sandbox packages and they weren't very
>> functional. It would be great to get one of these fully working.
>> Would you see value in attempting to support both WS-T specifications
>> (2004-04/2005-02)? Due to the server implementation I'm restricted to
>> 2004-04.
>>
>> Matt
>>
>> David Del Vecchio wrote:
>>
>>> There actually are already a couple of WS-Trust implementations in the
>>> WSS4J repository, but perhaps we could integrate and merge your
>>> efforts.
>>>
>>> David
>>>
>>> Matt Lewis said:
>>>
>>>
>>>>
>>>>
>>>> As part of a work related project I've been responsible for a WS-Trust
>>>> web service client implementation. This is now fully functional and
>>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
>>>> the
>>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>> based.
>>>>
>>>> I'd very much like to contribute to the WSS4J project - clearly
>>>> WS-T is
>>>> going to be a major MS webservices component in the near future and it
>>>> would be great to have an Open Source Java implementation out there.
>>>>
>>>> Regards,
>>>>
>>>> Matt Lewis
>>>>
>>>> Davanum Srinivas wrote:
>>>>
>>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>> WS-T and WS-SecConv?
>>>>
>>>> -- dims
>>>>
>>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
>>>> <ma...@verisign.com>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> <ma...@ws.apache.org>
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>> <ma...@ws.apache.org>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
>> additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
David,
+1 from me. Please open a JIRA issue and upload a diff against latest SVN.
thanks,
dims
On 10/1/05, David Del Vecchio <dd...@virginia.edu> wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation does
> work, although it requires some wsdd configuration that might not be
> documented anywhere (see the end of this email for specifics). I think
> Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document" use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
> > I had a look at the two in the sandbox packages and they weren't very
> > functional. It would be great to get one of these fully working. Would
> > you see value in attempting to support both WS-T specifications
> > (2004-04/2005-02)? Due to the server implementation I'm restricted to
> > 2004-04.
> >
> > Matt
> >
> > David Del Vecchio wrote:
> >
> >>There actually are already a couple of WS-Trust implementations in the
> >>WSS4J repository, but perhaps we could integrate and merge your efforts.
> >>
> >>David
> >>
> >>Matt Lewis said:
> >>
> >>
> >>>
> >>>
> >>>As part of a work related project I've been responsible for a WS-Trust
> >>>web service client implementation. This is now fully functional and
> >>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
> >>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>based.
> >>>
> >>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
> >>>going to be a major MS webservices component in the near future and it
> >>>would be great to have an Open Source Java implementation out there.
> >>>
> >>>Regards,
> >>>
> >>>Matt Lewis
> >>>
> >>>Davanum Srinivas wrote:
> >>>
> >>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>WS-T and WS-SecConv?
> >>>
> >>>-- dims
> >>>
> >>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
> >>>
> >>>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
> >>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
> >>
> >>
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> > additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Matt Lewis <ma...@btinternet.com>.
Thanks for that - sounds good. I'll have another look at the code in the
trust2 sandbox packages.
Matt
David Del Vecchio wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation
> does work, although it requires some wsdd configuration that might not
> be documented anywhere (see the end of this email for specifics). I
> think Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document"
> use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
>
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
>
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
>
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
>
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken"
> type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
>> I had a look at the two in the sandbox packages and they weren't very
>> functional. It would be great to get one of these fully working.
>> Would you see value in attempting to support both WS-T specifications
>> (2004-04/2005-02)? Due to the server implementation I'm restricted to
>> 2004-04.
>>
>> Matt
>>
>> David Del Vecchio wrote:
>>
>>> There actually are already a couple of WS-Trust implementations in the
>>> WSS4J repository, but perhaps we could integrate and merge your
>>> efforts.
>>>
>>> David
>>>
>>> Matt Lewis said:
>>>
>>>
>>>>
>>>>
>>>> As part of a work related project I've been responsible for a WS-Trust
>>>> web service client implementation. This is now fully functional and
>>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
>>>> the
>>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>> based.
>>>>
>>>> I'd very much like to contribute to the WSS4J project - clearly
>>>> WS-T is
>>>> going to be a major MS webservices component in the near future and it
>>>> would be great to have an Open Source Java implementation out there.
>>>>
>>>> Regards,
>>>>
>>>> Matt Lewis
>>>>
>>>> Davanum Srinivas wrote:
>>>>
>>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>> WS-T and WS-SecConv?
>>>>
>>>> -- dims
>>>>
>>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
>>>> <ma...@verisign.com>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> <ma...@ws.apache.org>
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>> <ma...@ws.apache.org>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
>> additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
Guys,
any updates from any of you?
thanks,
dims
On 10/1/05, David Del Vecchio <dd...@virginia.edu> wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation does
> work, although it requires some wsdd configuration that might not be
> documented anywhere (see the end of this email for specifics). I think
> Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document" use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
> > I had a look at the two in the sandbox packages and they weren't very
> > functional. It would be great to get one of these fully working. Would
> > you see value in attempting to support both WS-T specifications
> > (2004-04/2005-02)? Due to the server implementation I'm restricted to
> > 2004-04.
> >
> > Matt
> >
> > David Del Vecchio wrote:
> >
> >>There actually are already a couple of WS-Trust implementations in the
> >>WSS4J repository, but perhaps we could integrate and merge your efforts.
> >>
> >>David
> >>
> >>Matt Lewis said:
> >>
> >>
> >>>
> >>>
> >>>As part of a work related project I've been responsible for a WS-Trust
> >>>web service client implementation. This is now fully functional and
> >>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
> >>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>based.
> >>>
> >>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
> >>>going to be a major MS webservices component in the near future and it
> >>>would be great to have an Open Source Java implementation out there.
> >>>
> >>>Regards,
> >>>
> >>>Matt Lewis
> >>>
> >>>Davanum Srinivas wrote:
> >>>
> >>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>WS-T and WS-SecConv?
> >>>
> >>>-- dims
> >>>
> >>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
> >>>
> >>>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
> >>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
> >>
> >>
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> > additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/blogs/
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
Guys,
any updates from any of you?
thanks,
dims
On 10/1/05, David Del Vecchio <dd...@virginia.edu> wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation does
> work, although it requires some wsdd configuration that might not be
> documented anywhere (see the end of this email for specifics). I think
> Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document" use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
> > I had a look at the two in the sandbox packages and they weren't very
> > functional. It would be great to get one of these fully working. Would
> > you see value in attempting to support both WS-T specifications
> > (2004-04/2005-02)? Due to the server implementation I'm restricted to
> > 2004-04.
> >
> > Matt
> >
> > David Del Vecchio wrote:
> >
> >>There actually are already a couple of WS-Trust implementations in the
> >>WSS4J repository, but perhaps we could integrate and merge your efforts.
> >>
> >>David
> >>
> >>Matt Lewis said:
> >>
> >>
> >>>
> >>>
> >>>As part of a work related project I've been responsible for a WS-Trust
> >>>web service client implementation. This is now fully functional and
> >>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
> >>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>based.
> >>>
> >>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
> >>>going to be a major MS webservices component in the near future and it
> >>>would be great to have an Open Source Java implementation out there.
> >>>
> >>>Regards,
> >>>
> >>>Matt Lewis
> >>>
> >>>Davanum Srinivas wrote:
> >>>
> >>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>WS-T and WS-SecConv?
> >>>
> >>>-- dims
> >>>
> >>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
> >>>
> >>>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
> >>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
> >>
> >>
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> > additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/blogs/
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Matt Lewis <ma...@btinternet.com>.
Thanks for that - sounds good. I'll have another look at the code in the
trust2 sandbox packages.
Matt
David Del Vecchio wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation
> does work, although it requires some wsdd configuration that might not
> be documented anywhere (see the end of this email for specifics). I
> think Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document"
> use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
>
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
>
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
>
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
>
>
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
>
>
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
>
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken"
> type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
>> I had a look at the two in the sandbox packages and they weren't very
>> functional. It would be great to get one of these fully working.
>> Would you see value in attempting to support both WS-T specifications
>> (2004-04/2005-02)? Due to the server implementation I'm restricted to
>> 2004-04.
>>
>> Matt
>>
>> David Del Vecchio wrote:
>>
>>> There actually are already a couple of WS-Trust implementations in the
>>> WSS4J repository, but perhaps we could integrate and merge your
>>> efforts.
>>>
>>> David
>>>
>>> Matt Lewis said:
>>>
>>>
>>>>
>>>>
>>>> As part of a work related project I've been responsible for a WS-Trust
>>>> web service client implementation. This is now fully functional and
>>>> implemented in Java making very basic use of Apache Axis 1.2.1 (for
>>>> the
>>>> SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>> based.
>>>>
>>>> I'd very much like to contribute to the WSS4J project - clearly
>>>> WS-T is
>>>> going to be a major MS webservices component in the near future and it
>>>> would be great to have an Open Source Java implementation out there.
>>>>
>>>> Regards,
>>>>
>>>> Matt Lewis
>>>>
>>>> Davanum Srinivas wrote:
>>>>
>>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>> WS-T and WS-SecConv?
>>>>
>>>> -- dims
>>>>
>>>> On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com
>>>> <ma...@verisign.com>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> <ma...@ws.apache.org>
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>> <ma...@ws.apache.org>
>>>
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
>> additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by Davanum Srinivas <da...@gmail.com>.
David,
+1 from me. Please open a JIRA issue and upload a diff against latest SVN.
thanks,
dims
On 10/1/05, David Del Vecchio <dd...@virginia.edu> wrote:
> Edson Camargo and I have recently been experimenting with the
> implementation in the trust2 directory. I think that implementation does
> work, although it requires some wsdd configuration that might not be
> documented anywhere (see the end of this email for specifics). I think
> Edson is working on trying to add support for SAML tokens.
>
> It does work as both a client and server implementation, but I'm sure
> it's not feature complete. If we could integrate some of your work, we
> might be able to fill in some of the gaps. Sound any good?
>
> I do see value in supporting both specification versions, although the
> older one is probably the higher priority as you mention.
>
> David
>
>
> WSDD Configuration for trust2 Sample Service:
> ...
>
> <service name="SampleSecurityTokenService" style="document" use="literal">
> <parameter name="allowedMethods" value="*"/>
> <parameter name="className"
> value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityToken"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
> encodingStyle=""/>
> <typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
> qname="ns:RequestSecurityTokenResponse"
> type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
> serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
> deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
> encodingStyle=""/>
>
> <operation name="exchange" qname="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
> returnQName="ns1:RequestSecurityTokenResponse"
> returnType="ns1:RequestSecurityTokenResponse">
> <parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
> xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
> </operation>
> </service>
>
>
>
> Matt Lewis wrote:
>
> > I had a look at the two in the sandbox packages and they weren't very
> > functional. It would be great to get one of these fully working. Would
> > you see value in attempting to support both WS-T specifications
> > (2004-04/2005-02)? Due to the server implementation I'm restricted to
> > 2004-04.
> >
> > Matt
> >
> > David Del Vecchio wrote:
> >
> >>There actually are already a couple of WS-Trust implementations in the
> >>WSS4J repository, but perhaps we could integrate and merge your efforts.
> >>
> >>David
> >>
> >>Matt Lewis said:
> >>
> >>
> >>>
> >>>
> >>>As part of a work related project I've been responsible for a WS-Trust
> >>>web service client implementation. This is now fully functional and
> >>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
> >>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
> >>>based.
> >>>
> >>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
> >>>going to be a major MS webservices component in the near future and it
> >>>would be great to have an Open Source Java implementation out there.
> >>>
> >>>Regards,
> >>>
> >>>Matt Lewis
> >>>
> >>>Davanum Srinivas wrote:
> >>>
> >>> +1 from me. Have they sent the interop doc yet? or the endpoints for
> >>>WS-T and WS-SecConv?
> >>>
> >>>-- dims
> >>>
> >>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
> >>>
> >>>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
> >>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
> >>
> >>
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> > additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
Davanum Srinivas : http://wso2.com/ - Oxygenating The Web Service Platform
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by David Del Vecchio <dd...@virginia.edu>.
Edson Camargo and I have recently been experimenting with the
implementation in the trust2 directory. I think that implementation does
work, although it requires some wsdd configuration that might not be
documented anywhere (see the end of this email for specifics). I think
Edson is working on trying to add support for SAML tokens.
It does work as both a client and server implementation, but I'm sure
it's not feature complete. If we could integrate some of your work, we
might be able to fill in some of the gaps. Sound any good?
I do see value in supporting both specification versions, although the
older one is probably the higher priority as you mention.
David
WSDD Configuration for trust2 Sample Service:
...
<service name="SampleSecurityTokenService" style="document" use="literal">
<parameter name="allowedMethods" value="*"/>
<parameter name="className"
value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
qname="ns:RequestSecurityToken"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
encodingStyle=""/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
qname="ns:RequestSecurityTokenResponse"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
encodingStyle=""/>
<operation name="exchange" qname="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
returnQName="ns1:RequestSecurityTokenResponse"
returnType="ns1:RequestSecurityTokenResponse">
<parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
</operation>
</service>
Matt Lewis wrote:
> I had a look at the two in the sandbox packages and they weren't very
> functional. It would be great to get one of these fully working. Would
> you see value in attempting to support both WS-T specifications
> (2004-04/2005-02)? Due to the server implementation I'm restricted to
> 2004-04.
>
> Matt
>
> David Del Vecchio wrote:
>
>>There actually are already a couple of WS-Trust implementations in the
>>WSS4J repository, but perhaps we could integrate and merge your efforts.
>>
>>David
>>
>>Matt Lewis said:
>>
>>
>>>
>>>
>>>As part of a work related project I've been responsible for a WS-Trust
>>>web service client implementation. This is now fully functional and
>>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
>>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>based.
>>>
>>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
>>>going to be a major MS webservices component in the near future and it
>>>would be great to have an Open Source Java implementation out there.
>>>
>>>Regards,
>>>
>>>Matt Lewis
>>>
>>>Davanum Srinivas wrote:
>>>
>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>WS-T and WS-SecConv?
>>>
>>>-- dims
>>>
>>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
>>>
>>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
>>
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: upcoming interop extravaganza
Posted by David Del Vecchio <dd...@virginia.edu>.
Edson Camargo and I have recently been experimenting with the
implementation in the trust2 directory. I think that implementation does
work, although it requires some wsdd configuration that might not be
documented anywhere (see the end of this email for specifics). I think
Edson is working on trying to add support for SAML tokens.
It does work as both a client and server implementation, but I'm sure
it's not feature complete. If we could integrate some of your work, we
might be able to fill in some of the gaps. Sound any good?
I do see value in supporting both specification versions, although the
older one is probably the higher priority as you mention.
David
WSDD Configuration for trust2 Sample Service:
...
<service name="SampleSecurityTokenService" style="document" use="literal">
<parameter name="allowedMethods" value="*"/>
<parameter name="className"
value="org.apache.ws.sandbox.security.trust2.samples.SampleSecurityTokenService"/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
qname="ns:RequestSecurityToken"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityToken"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTDeserializerFactory"
encodingStyle=""/>
<typeMapping xmlns:ns="http://schemas.xmlsoap.org/ws/2004/04/trust"
qname="ns:RequestSecurityTokenResponse"
type="java:org.apache.ws.sandbox.security.trust2.RequestSecurityTokenResponse"
serializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseSerializerFactory"
deserializer="org.apache.ws.sandbox.security.trust2.serialization.RSTResponseDeserializerFactory"
encodingStyle=""/>
<operation name="exchange" qname="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"
returnQName="ns1:RequestSecurityTokenResponse"
returnType="ns1:RequestSecurityTokenResponse">
<parameter qname="ns1:RequestSecurityToken" type="ns1:RequestSecurityToken"
xmlns:ns1="http://schemas.xmlsoap.org/ws/2004/04/trust"/>
</operation>
</service>
Matt Lewis wrote:
> I had a look at the two in the sandbox packages and they weren't very
> functional. It would be great to get one of these fully working. Would
> you see value in attempting to support both WS-T specifications
> (2004-04/2005-02)? Due to the server implementation I'm restricted to
> 2004-04.
>
> Matt
>
> David Del Vecchio wrote:
>
>>There actually are already a couple of WS-Trust implementations in the
>>WSS4J repository, but perhaps we could integrate and merge your efforts.
>>
>>David
>>
>>Matt Lewis said:
>>
>>
>>>
>>>
>>>As part of a work related project I've been responsible for a WS-Trust
>>>web service client implementation. This is now fully functional and
>>>implemented in Java making very basic use of Apache Axis 1.2.1 (for the
>>>SOAP envelope and call). The WS-Trust server is entirely Microsoft
>>>based.
>>>
>>>I'd very much like to contribute to the WSS4J project - clearly WS-T is
>>>going to be a major MS webservices component in the near future and it
>>>would be great to have an Open Source Java implementation out there.
>>>
>>>Regards,
>>>
>>>Matt Lewis
>>>
>>>Davanum Srinivas wrote:
>>>
>>> +1 from me. Have they sent the interop doc yet? or the endpoints for
>>>WS-T and WS-SecConv?
>>>
>>>-- dims
>>>
>>>On 9/30/05, Granqvist, Hans >hgranqvist@verisign.com <ma...@verisign.com>
>>>
>>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org <ma...@ws.apache.org>
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org <ma...@ws.apache.org>
>>
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org For
> additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org