You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-user@axis.apache.org by Kent Tong <ke...@cpttm.org.mo> on 2007/12/10 06:31:54 UTC

[axis2] rampart: how to NOT use direct token references

Hi,

I've kind of got rampart working with a policy file in a client. However, no
matter what I do, the 
client always uses direct reference for the x509 certificate. Is it possible
to change it to say
issuer serial references? Here is the relevant part of my policy file:


	<sp:Wss10>
		<wsp:Policy>
			<!-- <sp:MustSupportRefEmbeddedToken /> -->
			<sp:MustSupportRefIssuerSerial />
		</wsp:Policy>
	</sp:Wss10>




-----
--
Kent Tong
Wicket tutorials freely available at http://www.agileskills2.org/EWDW
-- 
View this message in context: http://www.nabble.com/-axis2--rampart%3A-how-to-NOT-use-direct-token-references-tp14247590p14247590.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org

Re: [axis2] rampart: how to NOT use direct token references

Posted by Nandana Mihindukulasooriya <na...@gmail.com>.

Hi Kent,
    Did you try using

      <wsp:Policy>
                <sp:X509Token sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
                        <wsp:Policy>
                                <sp:RequireIssuerSerialReference/>
                                <sp:WssX509V3Token10/>
                        </wsp:Policy>
                </sp:X509Token>
     </wsp:Policy>

    as the token assertion. There was an issue with issuer serial  [1], but
it is fixed in the revision 597005.

Thanks,
Nandana


[1] - http://issues.apache.org/jira/browse/RAMPART-111

On Dec 10, 2007 11:01 AM, Kent Tong <ke...@cpttm.org.mo> wrote:

>
> Hi,
>
> I've kind of got rampart working with a policy file in a client. However,
> no
> matter what I do, the
> client always uses direct reference for the x509 certificate. Is it
> possible
> to change it to say
> issuer serial references? Here is the relevant part of my policy file:
>
>
>        <sp:Wss10>
>                <wsp:Policy>
>                        <!-- <sp:MustSupportRefEmbeddedToken /> -->
>                        <sp:MustSupportRefIssuerSerial />
>                </wsp:Policy>
>        </sp:Wss10>
>
>
>
>
> -----
> --
> Kent Tong
> Wicket tutorials freely available at http://www.agileskills2.org/EWDW
> --
> View this message in context:
> http://www.nabble.com/-axis2--rampart%3A-how-to-NOT-use-direct-token-references-tp14247590p14247590.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>