Hi,
On 7/9/07, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
Hi,
I didn't see any replies to the question below, so I started digging through
the rampart/wss4j code. I found a workaround that will allow me to hard-code
the private key into my client and server, and not have to have absolute paths
to key files. This involves making a small change to one of the wss4j classes.
I got the wss4j source code and tried to build it. Unfortunately it was build
with axis version 1, and I'm using axis2. It's trying to import org.apache.axis
packages whereas the new version's package names begin with org.apache.axis2.
Moreover, some classes from the old version have moved since the new one. For
example, wss4j tries to import org.apache.axix.Message, but there is no such
class org.apache.axis2.Message, so I can't just change the package names.
WSS4J project contains Axis 1.x handlers and we have the Axis jars in
the lib dir [1]. You can include these in the classpath to fix
compilation issues.
WS-Sec* support for Axis2 is available in Apache Rampart[2] and
Rampart depends on WSS4J.
And yes WSS4J is still active!
Thanks,
Ruchith
[1] https://svn.apache.org/repos/asf/webservices/wss4j/trunk/lib
[2] https://svn.apache.org/repos/asf/webservices/rampart/trunk/java
Anyway, is wss4j still in active development? It doesn't look like it. Has
anyone moved the source to be compatible with axis2?
cheers,
md
> -----Original Message-----
> From: Davis, Michael
> Sent: Friday, July 06, 2007 2:28 PM
> To: '[email protected]'
> Subject: Rampart configuration question
>
>
> Hi,
>
> I'm trying to use Rampart to encrypt my message body using a
> symetric secret key.
>
> Sample 9, included with the Rampart distibution, does just
> this. The actual key is hard-coded in a callback function
> both on the client and the server. My understanding is that
> the key is the only piece of data needed to encode the message.
>
> I was wondering why this part of the client config file:
>
> <action>
> <items>Encrypt</items>
> <user>client</user>
>
> <encryptionKeyIdentifier>EmbeddedKeyName</encryptionKeyIdentifier>
>
> <EmbeddedKeyCallbackClass>org.apache.rampart.samples.sample09.
> PWCBHandler</EmbeddedKeyCallbackClass>
> <encryptionPropFile>client.properties</encryptionPropFile>
> <EmbeddedKeyName>SessionKey</EmbeddedKeyName>
> </action>
>
> contains the encryptionPropFile property. The said property
> file contains this:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.
> components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.password=apache
> org.apache.ws.security.crypto.merlin.file=client.jks
>
> Now, I can see why we need to configure the provider class.
> But why does Rampart need the keystore? I'm not using
> public/private keys or certificates, just one secret key.
>
> The code works, but I'd like to simplify it as much as
> possible. The properties and keystore files shouldn't be
> necessary, unless I'm misunderstanding something.
>
> Many thanks
> Michael Davis
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
