We have successfully deployed an app with apache xml-security/java and axis, using xml signatures and encryption. Thanks!
We are adding LDAP into the architecture to support more users. The goal is easier cert management, saving bandwidth and ACL. We understand somewhat how to do a truststore via ldap. We are unsure how cert storage via ldap could work with xmlsec. Could the xml security package be used when the client puts only the URL of the cert in the soap message? Does anyone have an idea of how that could work? I'm unsure how the integrity of the XML would be guaranteed with merely a URL, and also how to use the xmlsec libs to accomplish that. iksrazal __________________________________ Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online. http://taxes.yahoo.com/filing.html
