Hi guys; I agree with ruchith somewhat, since the URL, the "RequestURIBasedDispatcher" would operates on, is not usually encrypted (not in the domein of WS security .. right?) so it can (at least in theory) could work before the security Handler!
1) But do we need a DispatchPhaseOne .. why d'not we use the phase first ect to order them (rules phaseFirst functional?) 2) we need to find some way to make the Dispatchers configurable via the axis2.xml .. how about adding a <dispatcher ...> tag and put all our defult dispatchers in to axis2.xml Srinath On 8/25/05, Ajith Ranabahu <[EMAIL PROTECTED]> wrote: > IMHO I don't think anything can be there before the security handler (Say > the WHOLE message is encrypted). So in most cases we have to run the > security handler as early as possible, but in some other cases we should > wait a bit. > My guess is since it's possible to deploy the same handler in several > places, we can place the security handler in the possible places where > security can be implemented, say at the begining of the predispatch and > inside the dispatch phases. The security handle should have fall through > code to handle it though. we might also need a flag (probably in the MC > properties) to say that the security is done! > > > On 8/25/05, Eran Chinthaka <[EMAIL PROTECTED] > wrote: > > No this will not help. > > There can be some handlers in the pre-dispatch phase, which can not > operate before Security, if present, but need to operate before dispatching. > > > > -- EC > > > > > > Ruchith Fernando wrote: > > So are we going to include the "RequestURIBasedDispatcher" in > > "DispatchPhaseOne". > > > > If that is the case we simply change the order of the dispatchers in > > the "Dispatch" phase, by slightly modifying > > org.apache.axis2.engine.AxisConfigurationImpl and deploy > the security > > IN handler in the "Dispatch" phase 'after' the > > "RequestURIBasedDispatcher". > > > > I don't think we really need two dispatch phases like that, since this > > seems to be a requirement unique to the security module. what do u > > think? > > > > --Ruchith > > > > On 8/25/05, Eran Chinthaka <[EMAIL PROTECTED]> wrote: > > > > > > Agreed, but for HTTPand SMTP only. What about for the TCP case ? Service > > identification based on the socket information ? If so, fine. > > > > So lets have a phase called "DispatchPhaseOne". And the rest in > > "DispatchPhaseTwo". > > > > Ruchith Fernando wrote: > > > > > > > > Hi All, > > > > When security is enabled for a certain service, the inflow security > > handler (WSDoAllReceiver) will have to be invoked on requests to that > > perticular service. > > > > Therefore we will have to deploy the WSDoAllReceiver within the > > "Dispatch" phase after the "RequestURIBasedDispatcher". > > > > But the Axis2 right now enforces the "AddressingBasedDispatcher" to be > > run ahead of all the others and this order is not configurable. But > > IMHO we should not access the other SOAP headers before the security > > processing is complete. > > > > Since RequestURIBasedDispatcher is the only possible mechanism to > > figureout the service without accessing the other SOAP headers ( e.g. > > wsa headers) and the SOAP bosy, can we change the order of the > > dispatchers, or can we make it configurable such that its possible to > > change the dispatch order (to have the RequestURIBasedDispatcher > > first), when the security module is engaged? > > > > Thanks, > > -- > > Ruchith > > > > > > > > > > > > > > > > > > -- > Ajith Ranabahu
