I agree with George's take on the situation. I believe that having the server support multiple authorization mechanisms for a single endpoint is extremely valuable. Maybe make a patch to 1.3?
-Simon -----Original Message----- From: George Stanchev [mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2008 8:39 AM To: [email protected] Subject: RE: Example policy file needed Hi Ruchith, While I agree that the client needs to have a way of picking the alternative, server side enablement is more pressing. In most cases I've encountered, the authn alternatives are expressed via out-of-band means - docs, mutual agreement, etc. I'd love to see WS-MEX or some kind of policy exchange in rampart but right now the pressing issue (for us and apparently to others) is to enable the service to receive alternative authn materials. Best Regards, George -----Original Message----- From: Ruchith Fernando [mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 10:05 PM To: [email protected] Subject: Re: Example policy file needed IMHO we have to improve both Axis2 and Rampart if we are to support policy alternatives. A service can express a set of alternatives that it can handle and right now we should be able to fix Rampart to support this. However at the client side we should have some way of picking the alternative. At this point we have to decide how Axis2 client API has to behave. Thoughts? Thanks, Ruchith On Wed, Mar 5, 2008 at 8:31 PM, George Stanchev <[EMAIL PROTECTED]> wrote: > Hi Nandana, > > Is that Neethi or Rampart shortcoming? I also am in need of > alternative policy support for the same two token types as in Simon's message. > > Do you need a JIRA? > > Best Regards, > George > > > -----Original Message----- > From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, March 05, 2008 1:31 AM > To: [email protected] > Subject: Re: Example policy file needed > > Hi Simon, > Currently Apache Rampart doesn't support alternative security > policies for an endpoint. Current workaround is having two separate > EPRs with the alternative policies. Would that suit your scenario ? > If not you can try to convince the Rampart community to support > alternative security policies starting a thread in the Rampart dev list. > > thanks, > /nandana > > On Tue, Mar 4, 2008 at 10:58 PM, Glenn Dougherty > <[EMAIL PROTECTED]> wrote: > > Nandana, et al, > > > > We are looking for a combined ws-policy example that supports both > > Username Token and SAML assertions. Meaning, we need to provide a > > service that supports the caller passing either a username token or > a SAML assertion. > > Does anyone have an example that shows these two options within in > > one ws-policy file? We have not been successful in configuring the > > Axis2 1.3 stack for this effort. > > > > Regards, > > Glenn > > > > > > -----Original Message----- > > From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] > > Sent: Thursday, February 21, 2008 3:27 AM > To: > [email protected] > Subject: Re: Example policy file needed > > > Hi Simon, > > Please take a look at samples come with the Apache Rampart > > distribution. They contain policies that defines Sample 01 - > Username > > > Token authentication Sample 05 - SAML token > > thanks, > > nandana > > [1] - > > > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/module > > s/ramp > > art-samples/policy/sample01/ > > [2] - > > > > > https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/module > > s/ramp > > art-samples/policy/sample02/ > > > > > > On Thu, Feb 21, 2008 at 12:36 AM, Simon Nunn > <[EMAIL PROTECTED]> > wrote: > > > > > > > > > > > > > > > I am trying to use ws-policy for my webservice. I would like for > the > > > service to receive either a saml assertion or a username token > for > > > > authetication. I have been unsuccessful in getting a ws-policy > > configured > for this. Does anyone have an example of a policy > file that does this? > > > > > > > > > > > > Thanks, > > > > > > Simon > > > > > > > > > > > > > > -- > > Nandana Mihindukulasooriya > > Software Engineer > > WSO2 inc. > > > > http://nandana83.blogspot.com/ > > http://nandanasm.wordpress.com/ > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > http://nandana83.blogspot.com/ > http://nandanasm.wordpress.com/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > ********************************************************************** > This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. > > ********************************************************************** > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- http://blog.ruchith.org http://wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
