Hi, Encryption and signature based on a SecurityContextToken is being implemented as a part of the WS-Secconv impl.
WSS4J already has support for creation sig and encr using a SecurityContextToken (SCT). Have a look at the following test cases [1]. If you follow the above test cases you can see how to build a message to with an SCT and to sign/encr with keys derived from it. Right now the rampart Axis2 module only support features of the WS-Security but next rampart release will come with WS-SecureConversation support. Thanks, Ruchith [1] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewDK.java [2] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewSCT.java On 5/29/06, Shepherd McIlroy <[EMAIL PROTECTED]> wrote:
Hello, I'm trying to talk to a .NET service that requires messages to be signed and encrypted (using a symetric key created by a custom algorithm). I have .NET client code for this that I would like to duplicate under Java using Axis2 and WSS4J. The .NET client does the following to create a SecurityContextToken: UsernameToken unt = new UsernameToken(user, user); unt.Id = UTID; sct = new SecurityContextToken(unt, SCTIdentifier); sct.KeyBytes = sKey; sct.LifeTime = new Microsoft.Web.Services2.Security.LifeTime(SCTExpires.ToLocalTime()); and then signs and encrypts the message using: service.RequestSoapContext.Security.Tokens.Clear(); service.RequestSoapContext.Security.Elements.Clear(); service.RequestSoapContext.Security.Tokens.Add(sct); service.RequestSoapContext.Security.Elements.Add(new EncryptedData(sct)); service.RequestSoapContext.Security.Elements.Add(new MessageSignature(sct)); Creating the key is not a problem. A method of signing and encrypting SOAP messages in a similar manner using Axis2 and WSS4J is not obvious. How can i create a custom security context token using WSS4J? How can i apply that token to a message sent using Axis2? Thanks
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
