You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by José Ferreiro <jo...@gmail.com> on 2006/09/12 21:31:01 UTC
Re: WSS4J in the real word for more than 1 client
CIARO LUCA,
Following this links you will find the anwers to your question.
[1] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jParameters
[2]http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#USE_REQ_SIG_CERT
[3] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#many
[4]
http://archives.devshed.com/forums/apache-92/aw-aw-encryption-not-asking-for-the-right-private-key-815343.html
Answer is :
add this line in the Server part, response
<parameter name="encryptionUser" value="useReqSigCert" />
Hope this helps
Happy AXIS :-)
CIAO
José Ferreiro
On 9/12/06, Davanum Srinivas <da...@gmail.com> wrote:
>
> http://www.wso2.net/tutorials/rampart/java/2006/09/06/sec-msg-exchg
>
> On 9/12/06, Luca Risello <re...@yahoo.it> wrote:
> >
> > Hi everybody, I've a question. In the real word server has to trust more
> > than one client. For example If Have I to trust 20 client how can i
> > configure my scenario for WSS to provide a two way security
> transmission?
> > For the certificate trusting there isn't problem
> >
> > Client i Keystore
> > Own keys
> > Server public key
> >
> >
> > Server Keystore
> > Own Keys
> > Client 1 public key
> > Client 2 public key
> > [...]
> > Client 20 public key
> >
> >
> > For the PWCallback class I can use a Db to manage all the clients...
> >
> > The problem is the server side wsdd configuration file In fact in my
> example
> > I specified the user for the encryption and the digital signature (both
> in
> > requestFlow and in the responseFlow) but if I have one more than client?
> How
> > Can I Do!!!
> >
> > Thanks For Your Attention! Hope in your help! Bye.
> >
> >
> >
> > Luca
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da
> tanto
> > spazio gratuito per i tuoi file e i messaggi
> > http://mail.yahoo.it
>
>
> --
> Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
Re: WSS4J in the real word for more than 1 client
Posted by Luca Risello <re...@yahoo.it>.
Hi Josè, Hi everybody,
if I have understood your method I had to send the client's pubblic key in the SOAP than the server can verify the client digital sign and can encrypt the return message .
But in this way have I to trust every client by entries in server keystore?
What is the role of the PWCallback server side?? have I to write(or also by a Db):
if ("wss4j".equals(pc.getIdentifer())) {
pc.setPassword("changeit");
for every client??
Thanks!!!!!
Bye!!!
José Ferreiro <jo...@gmail.com> ha scritto:
CIARO LUCA,
Following this links you will find the anwers to your question.
[1] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jParameters
[2]http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#USE_REQ_SIG_CERT
[3] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#many
[4] http://archives.devshed.com/forums/apache-92/aw-aw-encryption-not-asking-for-the-right-private-key-815343.html
Answer is :
add this line in the Server part, response
<parameter name="encryptionUser" value="useReqSigCert" />
Hope this helps
Happy AXIS :-)
CIAO
José Ferreiro
On 9/12/06, Davanum Srinivas <da...@gmail.com> wrote: http://www.wso2.net/tutorials/rampart/java/2006/09/06/sec-msg-exchg
On 9/12/06, Luca Risello <re...@yahoo.it> wrote:
>
> Hi everybody, I've a question. In the real word server has to trust more
> than one client. For example If Have I to trust 20 client how can i
> configure my scenario for WSS to provide a two way security transmission?
> For the certificate trusting there isn't problem
>
> Client i Keystore
> Own keys
> Server public key
>
>
> Server Keystore
> Own Keys
> Client 1 public key
> Client 2 public key
> [...]
> Client 20 public key
>
>
> For the PWCallback class I can use a Db to manage all the clients...
>
> The problem is the server side wsdd configuration file In fact in my example
> I specified the user for the encryption and the digital signature (both in
> requestFlow and in the responseFlow) but if I have one more than client? How
> Can I Do!!!
>
> Thanks For Your Attention! Hope in your help! Bye.
>
>
>
> Luca
>
>
> __________________________________________________
> Do You Yahoo!?
> Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto
> spazio gratuito per i tuoi file e i messaggi
> http://mail.yahoo.it
--
Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers)
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
__________________________________________________
Do You Yahoo!?
Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi
http://mail.yahoo.it
Re: WSS4J in the real word for more than 1 client
Posted by Luca Risello <re...@yahoo.it>.
Hi Josè, Hi everybody,
if I have understood your method I had to send the client's pubblic key in the SOAP than the server can verify the client digital sign and can encrypt the return message .
But in this way have I to trust every client by entries in server keystore?
What is the role of the PWCallback server side?? have I to write(or also by a Db):
if ("wss4j".equals(pc.getIdentifer())) {
pc.setPassword("changeit");
for every client??
Thanks!!!!!
Bye!!!
José Ferreiro <jo...@gmail.com> ha scritto:
CIARO LUCA,
Following this links you will find the anwers to your question.
[1] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jParameters
[2]http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/handler/WSHandlerConstants.html#USE_REQ_SIG_CERT
[3] http://wiki.apache.org/ws/FrontPage/WsFx/wss4jFAQ#many
[4] http://archives.devshed.com/forums/apache-92/aw-aw-encryption-not-asking-for-the-right-private-key-815343.html
Answer is :
add this line in the Server part, response
<parameter name="encryptionUser" value="useReqSigCert" />
Hope this helps
Happy AXIS :-)
CIAO
José Ferreiro
On 9/12/06, Davanum Srinivas <da...@gmail.com> wrote: http://www.wso2.net/tutorials/rampart/java/2006/09/06/sec-msg-exchg
On 9/12/06, Luca Risello <re...@yahoo.it> wrote:
>
> Hi everybody, I've a question. In the real word server has to trust more
> than one client. For example If Have I to trust 20 client how can i
> configure my scenario for WSS to provide a two way security transmission?
> For the certificate trusting there isn't problem
>
> Client i Keystore
> Own keys
> Server public key
>
>
> Server Keystore
> Own Keys
> Client 1 public key
> Client 2 public key
> [...]
> Client 20 public key
>
>
> For the PWCallback class I can use a Db to manage all the clients...
>
> The problem is the server side wsdd configuration file In fact in my example
> I specified the user for the encryption and the digital signature (both in
> requestFlow and in the responseFlow) but if I have one more than client? How
> Can I Do!!!
>
> Thanks For Your Attention! Hope in your help! Bye.
>
>
>
> Luca
>
>
> __________________________________________________
> Do You Yahoo!?
> Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto
> spazio gratuito per i tuoi file e i messaggi
> http://mail.yahoo.it
--
Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers)
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
__________________________________________________
Do You Yahoo!?
Poco spazio e tanto spam? Yahoo! Mail ti protegge dallo spam e ti da tanto spazio gratuito per i tuoi file e i messaggi
http://mail.yahoo.it