You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Dittmann, Werner" <we...@nsn.com> on 2007/08/17 14:07:11 UTC
AW: WSS4J 1.5.3 - added some features to UsernameTokenSignature action
All,
some new stuff and some more flexibility was added to the action
UsernameTokenSignature:
- Alberto Coletti provided some code to use the password type digest
for UsernameTokenSignature. Previously only clear-text passwords
were possible and requires the encryption on UsernameToken
to protect the password. If you use the digested password encryption
is not longer necessary. AFAIK Alberto tested this feature
also with .Net.
Alberto: can you provide some information how to use this feature together
with .Net? Configuration, version, etc. ? This would be much appreciated.
- second new feature: I removed the chicken/egg problem for
UsernameTokenSignature. Now you can include the UsernameToken into
the signatureParts parameter and have the UsernameToken signed. This
idea came from some discussions I had with Shawn McKinney and Rohit
Chauhan. To accomplish this you may use the following deployment
parameters:
Client:
<service name="Ping2b">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameTokenSignature Timestamp"/>
<parameter name="user" value="Chris"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="passwordType" value="PasswordDigest" />
<parameter name="signatureParts"
value="Body;{}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken" />
</handler>
</requestFlow>
</service>
Server:
...
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="action" value="UsernameTokenSignature UsernameToken Timestamp"/>
</handler>
</requestFlow>
...
This setup (for Axis 1 handlers) signs the SOAP Body and the UsernameToken and
uses password type digest.
Ruchith, IMHO we are ready to go for 1.5.3 .
Regards,
Werner
> -----Ursprüngliche Nachricht-----
> Von: ext Davanum Srinivas [mailto:davanum@gmail.com]
> Gesendet: Freitag, 17. August 2007 13:24
> An: Ruchith Fernando
> Cc: Dittmann, Werner; wss4j-dev
> Betreff: Re: WSS4J 1.5.3
>
> sounds good for waiting till werner is ready.
>
> On 8/16/07, Ruchith Fernando <ru...@gmail.com> wrote:
> > sure... please give me the green light to prepare the
> release when you
> > are ready.
> >
> > Thanks,
> > Ruchith
> >
> > On 8/16/07, Dittmann, Werner <we...@nsn.com> wrote:
> > > Ruchith,
> > >
> > > can we just have a day or two - I would like to do
> > > some enhacmnments in UsernamToke handling (and the
> > > signature) after having a discussion off-list. Also
> > > Alberto's enhacments currently work with .Net as a
> > > Server, but not with WSS4J as a server. The enhancement
> > > seems to miss the call to the password callback at
> > > the server (receiver) side. I'm just working to
> > > fix that.
> > >
> > > Regards,
> > > Werner
> > >
> > >
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: ext Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
> > > > Gesendet: Donnerstag, 16. August 2007 13:48
> > > > An: wss4j-dev
> > > > Betreff: WSS4J 1.5.3
> > > >
> > > > Hi All,
> > > >
> > > > Apache Axis2 1.3 was released a few days ago and we are
> planning to
> > > > release Rampart-1.3 soon. We need a new release of
> WSS4J for this
> > > > release since Rampart depends on the latest changes to
> WSS4J. Can we
> > > > please release WSS4J 1.5.3 to support Rampart-1.3. I will host a
> > > > release candidate and send the vote out today.
> > > >
> > > > I have already created the WSS4J 1.5.3 branch here [1].
> > > >
> > > > Thanks,
> > > > Ruchith
> > > >
> > > > [1]
> https://svn.apache.org/repos/asf/webservices/wss4j/branches/1_5_3
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > > > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> > > >
> > > >
> > >
> >
> >
> > --
> > www.ruchith.org
> > www.wso2.org
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
>
>
> --
> Davanum Srinivas :: http://davanum.wordpress.com
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: WSS4J 1.5.3 - added some features to UsernameTokenSignature action
Posted by Ruchith Fernando <ru...@gmail.com>.
>
> Ruchith, IMHO we are ready to go for 1.5.3 .
Great !!!
Thanks,
Ruchith
>
> Regards,
> Werner
>
> > -----Ursprüngliche Nachricht-----
> > Von: ext Davanum Srinivas [mailto:davanum@gmail.com]
> > Gesendet: Freitag, 17. August 2007 13:24
> > An: Ruchith Fernando
> > Cc: Dittmann, Werner; wss4j-dev
> > Betreff: Re: WSS4J 1.5.3
> >
> > sounds good for waiting till werner is ready.
> >
> > On 8/16/07, Ruchith Fernando <ru...@gmail.com> wrote:
> > > sure... please give me the green light to prepare the
> > release when you
> > > are ready.
> > >
> > > Thanks,
> > > Ruchith
> > >
> > > On 8/16/07, Dittmann, Werner <we...@nsn.com> wrote:
> > > > Ruchith,
> > > >
> > > > can we just have a day or two - I would like to do
> > > > some enhacmnments in UsernamToke handling (and the
> > > > signature) after having a discussion off-list. Also
> > > > Alberto's enhacments currently work with .Net as a
> > > > Server, but not with WSS4J as a server. The enhancement
> > > > seems to miss the call to the password callback at
> > > > the server (receiver) side. I'm just working to
> > > > fix that.
> > > >
> > > > Regards,
> > > > Werner
> > > >
> > > >
> > > > > -----Ursprüngliche Nachricht-----
> > > > > Von: ext Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
> > > > > Gesendet: Donnerstag, 16. August 2007 13:48
> > > > > An: wss4j-dev
> > > > > Betreff: WSS4J 1.5.3
> > > > >
> > > > > Hi All,
> > > > >
> > > > > Apache Axis2 1.3 was released a few days ago and we are
> > planning to
> > > > > release Rampart-1.3 soon. We need a new release of
> > WSS4J for this
> > > > > release since Rampart depends on the latest changes to
> > WSS4J. Can we
> > > > > please release WSS4J 1.5.3 to support Rampart-1.3. I will host a
> > > > > release candidate and send the vote out today.
> > > > >
> > > > > I have already created the WSS4J 1.5.3 branch here [1].
> > > > >
> > > > > Thanks,
> > > > > Ruchith
> > > > >
> > > > > [1]
> > https://svn.apache.org/repos/asf/webservices/wss4j/branches/1_5_3
> > > > >
> > > > >
> > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > > > > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> > > > >
> > > > >
> > > >
> > >
> > >
> > > --
> > > www.ruchith.org
> > > www.wso2.org
> > >
> > >
> > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> > >
> > >
> >
> >
> > --
> > Davanum Srinivas :: http://davanum.wordpress.com
> >
>
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org