You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Mi...@servicecanada.gc.ca on 2007/07/09 16:59:20 UTC
Is wss4j still an active project? (was: Rampart configuration
question)
Hi,
I didn't see any replies to the question below, so I started digging through the rampart/wss4j code. I found a workaround that will allow me to hard-code the private key into my client and server, and not have to have absolute paths to key files. This involves making a small change to one of the wss4j classes.
I got the wss4j source code and tried to build it. Unfortunately it was build with axis version 1, and I'm using axis2. It's trying to import org.apache.axis packages whereas the new version's package names begin with org.apache.axis2. Moreover, some classes from the old version have moved since the new one. For example, wss4j tries to import org.apache.axix.Message, but there is no such class org.apache.axis2.Message, so I can't just change the package names.
Anyway, is wss4j still in active development? It doesn't look like it. Has anyone moved the source to be compatible with axis2?
cheers,
md
> -----Original Message-----
> From: Davis, Michael
> Sent: Friday, July 06, 2007 2:28 PM
> To: 'axis-user@ws.apache.org'
> Subject: Rampart configuration question
>
>
> Hi,
>
> I'm trying to use Rampart to encrypt my message body using a
> symetric secret key.
>
> Sample 9, included with the Rampart distibution, does just
> this. The actual key is hard-coded in a callback function
> both on the client and the server. My understanding is that
> the key is the only piece of data needed to encode the message.
>
> I was wondering why this part of the client config file:
>
> <action>
> <items>Encrypt</items>
> <user>client</user>
>
> <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
>
> <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.
> PWCBHandler</EmbeddedKeyCallbackClass>
> <encryptionPropFile>client.properties</encryptionPropFile>
> <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
> </action>
>
> contains the encryptionPropFile property. The said property
> file contains this:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.
> components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=apache
> org.apache.ws.security.crypto.merlin.file=client.jks
>
> Now, I can see why we need to configure the provider class.
> But why does Rampart need the keystore? I'm not using
> public/private keys or certificates, just one secret key.
>
> The code works, but I'd like to simplify it as much as
> possible. The properties and keystore files shouldn't be
> necessary, unless I'm misunderstanding something.
>
> Many thanks
> Michael Davis
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Is wss4j still an active project? (was: Rampart configuration question)
Posted by Chad DeBauch <cd...@gmail.com>.
Yes wss4j is still active, you may want to subscribe to the wss4j mailing
list and ask the question there.
Chad
On 7/9/07, Michael.Davis@servicecanada.gc.ca <
Michael.Davis@servicecanada.gc.ca> wrote:
>
> Hi,
>
> I didn't see any replies to the question below, so I started digging
> through the rampart/wss4j code. I found a workaround that will allow me to
> hard-code the private key into my client and server, and not have to have
> absolute paths to key files. This involves making a small change to one of
> the wss4j classes.
>
> I got the wss4j source code and tried to build it. Unfortunately it was
> build with axis version 1, and I'm using axis2. It's trying to import
> org.apache.axis packages whereas the new version's package names begin
> with org.apache.axis2. Moreover, some classes from the old version have
> moved since the new one. For example, wss4j tries to import
> org.apache.axix.Message, but there is no such class
> org.apache.axis2.Message, so I can't just change the package names.
>
> Anyway, is wss4j still in active development? It doesn't look like it. Has
> anyone moved the source to be compatible with axis2?
>
> cheers,
> md
>
>
> > -----Original Message-----
> > From: Davis, Michael
> > Sent: Friday, July 06, 2007 2:28 PM
> > To: 'axis-user@ws.apache.org'
> > Subject: Rampart configuration question
> >
> >
> > Hi,
> >
> > I'm trying to use Rampart to encrypt my message body using a
> > symetric secret key.
> >
> > Sample 9, included with the Rampart distibution, does just
> > this. The actual key is hard-coded in a callback function
> > both on the client and the server. My understanding is that
> > the key is the only piece of data needed to encode the message.
> >
> > I was wondering why this part of the client config file:
> >
> > <action>
> > <items>Encrypt</items>
> > <user>client</user>
> >
> > <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
> >
> > <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.
> > PWCBHandler</EmbeddedKeyCallbackClass>
> > <encryptionPropFile>client.properties</encryptionPropFile>
> > <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
> > </action>
> >
> > contains the encryptionPropFile property. The said property
> > file contains this:
> >
> > org.apache.ws.security.crypto.provider=org.apache.ws.security.
> > components.crypto.Merlin
> > org.apache.ws.security.crypto.merlin.keystore.type=jks
> > org.apache.ws.security.crypto.merlin.keystore.password=apache
> > org.apache.ws.security.crypto.merlin.file=client.jks
> >
> > Now, I can see why we need to configure the provider class.
> > But why does Rampart need the keystore? I'm not using
> > public/private keys or certificates, just one secret key.
> >
> > The code works, but I'd like to simplify it as much as
> > possible. The properties and keystore files shouldn't be
> > necessary, unless I'm misunderstanding something.
> >
> > Many thanks
> > Michael Davis
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
RE: Is wss4j still an active project? (was: Rampart configuration
question)
Posted by Mi...@servicecanada.gc.ca.
Thanks!
cheers,
md
> -----Original Message-----
> From: Ruchith Fernando [mailto:ruchith.fernando@gmail.com]
> Sent: Tuesday, July 10, 2007 5:25 AM
> To: axis-user@ws.apache.org
> Subject: Re: Is wss4j still an active project? (was: Rampart
> configuration question)
>
>
> Hi,
>
> On 7/9/07, Michael.Davis@servicecanada.gc.ca
> <Mi...@servicecanada.gc.ca> wrote:
> > Hi,
> >
> > I didn't see any replies to the question below, so I
> started digging through the rampart/wss4j code. I found a
> workaround that will allow me to hard-code the private key
> into my client and server, and not have to have absolute
> paths to key files. This involves making a small change to
> one of the wss4j classes.
> >
> > I got the wss4j source code and tried to build it.
> Unfortunately it was build with axis version 1, and I'm using
> axis2. It's trying to import org.apache.axis packages whereas
> the new version's package names begin with org.apache.axis2.
> Moreover, some classes from the old version have moved since
> the new one. For example, wss4j tries to import
> org.apache.axix.Message, but there is no such class
> org.apache.axis2.Message, so I can't just change the package names.
> >
>
> WSS4J project contains Axis 1.x handlers and we have the Axis jars in
> the lib dir [1]. You can include these in the classpath to fix
> compilation issues.
>
> WS-Sec* support for Axis2 is available in Apache Rampart[2] and
> Rampart depends on WSS4J.
>
> And yes WSS4J is still active!
>
> Thanks,
> Ruchith
>
> [1] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/lib
> [2] https://svn.apache.org/repos/asf/webservices/rampart/trunk/java
> > Anyway, is wss4j still in active development? It doesn't
> look like it. Has anyone moved the source to be compatible with axis2?
> >
> > cheers,
> > md
> >
> >
> > > -----Original Message-----
> > > From: Davis, Michael
> > > Sent: Friday, July 06, 2007 2:28 PM
> > > To: 'axis-user@ws.apache.org'
> > > Subject: Rampart configuration question
> > >
> > >
> > > Hi,
> > >
> > > I'm trying to use Rampart to encrypt my message body using a
> > > symetric secret key.
> > >
> > > Sample 9, included with the Rampart distibution, does just
> > > this. The actual key is hard-coded in a callback function
> > > both on the client and the server. My understanding is that
> > > the key is the only piece of data needed to encode the message.
> > >
> > > I was wondering why this part of the client config file:
> > >
> > > <action>
> > > <items>Encrypt</items>
> > > <user>client</user>
> > >
> > > <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
> > >
> > > <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.
> > > PWCBHandler</EmbeddedKeyCallbackClass>
> > >
> <encryptionPropFile>client.properties</encryptionPropFile>
> > > <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
> > > </action>
> > >
> > > contains the encryptionPropFile property. The said property
> > > file contains this:
> > >
> > > org.apache.ws.security.crypto.provider=org.apache.ws.security.
> > > components.crypto.Merlin
> > > org.apache.ws.security.crypto.merlin.keystore.type=jks
> > > org.apache.ws.security.crypto.merlin.keystore.password=apache
> > > org.apache.ws.security.crypto.merlin.file=client.jks
> > >
> > > Now, I can see why we need to configure the provider class.
> > > But why does Rampart need the keystore? I'm not using
> > > public/private keys or certificates, just one secret key.
> > >
> > > The code works, but I'd like to simplify it as much as
> > > possible. The properties and keystore files shouldn't be
> > > necessary, unless I'm misunderstanding something.
> > >
> > > Many thanks
> > > Michael Davis
> > >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
>
>
> --
> www.ruchith.org
> www.wso2.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Is wss4j still an active project? (was: Rampart configuration question)
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi,
On 7/9/07, Michael.Davis@servicecanada.gc.ca
<Mi...@servicecanada.gc.ca> wrote:
> Hi,
>
> I didn't see any replies to the question below, so I started digging through the rampart/wss4j code. I found a workaround that will allow me to hard-code the private key into my client and server, and not have to have absolute paths to key files. This involves making a small change to one of the wss4j classes.
>
> I got the wss4j source code and tried to build it. Unfortunately it was build with axis version 1, and I'm using axis2. It's trying to import org.apache.axis packages whereas the new version's package names begin with org.apache.axis2. Moreover, some classes from the old version have moved since the new one. For example, wss4j tries to import org.apache.axix.Message, but there is no such class org.apache.axis2.Message, so I can't just change the package names.
>
WSS4J project contains Axis 1.x handlers and we have the Axis jars in
the lib dir [1]. You can include these in the classpath to fix
compilation issues.
WS-Sec* support for Axis2 is available in Apache Rampart[2] and
Rampart depends on WSS4J.
And yes WSS4J is still active!
Thanks,
Ruchith
[1] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/lib
[2] https://svn.apache.org/repos/asf/webservices/rampart/trunk/java
> Anyway, is wss4j still in active development? It doesn't look like it. Has anyone moved the source to be compatible with axis2?
>
> cheers,
> md
>
>
> > -----Original Message-----
> > From: Davis, Michael
> > Sent: Friday, July 06, 2007 2:28 PM
> > To: 'axis-user@ws.apache.org'
> > Subject: Rampart configuration question
> >
> >
> > Hi,
> >
> > I'm trying to use Rampart to encrypt my message body using a
> > symetric secret key.
> >
> > Sample 9, included with the Rampart distibution, does just
> > this. The actual key is hard-coded in a callback function
> > both on the client and the server. My understanding is that
> > the key is the only piece of data needed to encode the message.
> >
> > I was wondering why this part of the client config file:
> >
> > <action>
> > <items>Encrypt</items>
> > <user>client</user>
> >
> > <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
> >
> > <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.
> > PWCBHandler</EmbeddedKeyCallbackClass>
> > <encryptionPropFile>client.properties</encryptionPropFile>
> > <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
> > </action>
> >
> > contains the encryptionPropFile property. The said property
> > file contains this:
> >
> > org.apache.ws.security.crypto.provider=org.apache.ws.security.
> > components.crypto.Merlin
> > org.apache.ws.security.crypto.merlin.keystore.type=jks
> > org.apache.ws.security.crypto.merlin.keystore.password=apache
> > org.apache.ws.security.crypto.merlin.file=client.jks
> >
> > Now, I can see why we need to configure the provider class.
> > But why does Rampart need the keystore? I'm not using
> > public/private keys or certificates, just one secret key.
> >
> > The code works, but I'd like to simplify it as much as
> > possible. The properties and keystore files shouldn't be
> > necessary, unless I'm misunderstanding something.
> >
> > Many thanks
> > Michael Davis
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org