Thanks, Ruchith.
There's one issue though: The .NET code is creating a SecurityContextToken with a UsernameToken as its base. Is there any way to do this with WSS4J? (Or is it maybe unnecessary?) The MSDN documentation for this constructor says "Initializes a new instance of the SecurityContextToken class using the security token used to sign the Request Security Token (RST), the security token shared by the security token service and the target Web service, and the specified identifier." I'm not quite sure that means.
Also, how hard would it be to use this code with Axis2?
Thanks again
-----Original Message-----
From: Ruchith Fernando [mailto:[EMAIL PROTECTED]]
Sent: Mon 5/29/2006 2:19 AM
To: axis-user@ws.apache.org
Subject: Re: [axis2] Custom security context token
Hi,
Encryption and signature based on a SecurityContextToken is being
implemented as a part of the WS-Secconv impl.
WSS4J already has support for creation sig and encr using a
SecurityContextToken (SCT).
Have a look at the following test cases [1].
If you follow the above test cases you can see how to build a message
to with an SCT and to sign/encr with keys derived from it.
Right now the rampart Axis2 module only support features of the
WS-Security but next rampart release will come with
WS-SecureConversation support.
Thanks,
Ruchith
[1] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewDK.java
[2] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewSCT.java
On 5/29/06, Shepherd McIlroy <[EMAIL PROTECTED]> wrote:
>
>
>
>
> Hello,
>
> I'm trying to talk to a .NET service that requires messages to be signed
> and encrypted (using a symetric key created by a custom algorithm). I have
> .NET client code for this that I would like to duplicate under Java using
> Axis2 and WSS4J. The .NET client does the following to create a
> SecurityContextToken:
>
> UsernameToken unt = new UsernameToken(user, user);
>
> unt.Id = UTID;
>
> sct = new SecurityContextToken(unt, SCTIdentifier);
>
> sct.KeyBytes = sKey;
>
> sct.LifeTime = new
> Microsoft.Web.Services2.Security.LifeTime(SCTExpires.ToLocalTime());
>
> and then signs and encrypts the message using:
>
> service.RequestSoapContext.Security.Tokens.Clear();
>
> service.RequestSoapContext.Security.Elements.Clear();
>
> service.RequestSoapContext.Security.Tokens.Add(sct);
>
> service.RequestSoapContext.Security.Elements.Add(new
> EncryptedData(sct));
>
> service.RequestSoapContext.Security.Elements.Add(new
> MessageSignature(sct));
>
>
> Creating the key is not a problem. A method of signing and encrypting SOAP
> messages in a similar manner using Axis2 and WSS4J is not obvious. How can
> i create a custom security context token using WSS4J? How can i apply that
> token to a message sent using Axis2?
>
> Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Title: RE: [axis2] Custom security context token
- RE: [axis2] Custom security context token Shepherd McIlroy
- Re: [axis2] Custom security context token Ruchith Fernando
- Re: [axis2] Custom security context token Shepherd McIlroy
- Re: [axis2] Custom security context token Ruchith Fernando
