Hi, Please see my comments inline.
On Tue, 2008-04-15 at 05:31 +0000, shams jawaid wrote: > Hi there, > > I had a question on what phase Rampart operates on, in Axis2. > > In this axis2 configuration file, in the InFlow settings, i see > "Security" right before pre-Dispatch. In the OutFlow settings, i see > "security" after Message Out. > > Am i right in assuming, that in the InFlow settings, the request > message is being formed, and so the message is encrypted before the > pre-Dispatch phase. The term "InFlow" is generally used to label the set of phases while receiving the message, at client or server. So at the InFlow security is validated. For example clients and servers do signature validation and decryption at the inflow. No encryption or signature happen here. > When the OutFlow settings are executed, the encryption is validated > and an encrypted response is formed after the "Message Out" phase. The term "OutFlow" is generally used to label the set of phases while sending the message, at client or server. So at the OutFlow security is applied. For example message encryption, signing happens here. Phases are interchangeable to some extent. For example if you need to encrypt Addressing headers security phase must come after Addressing. Thank you, Dimuthu http://wso2.org > is this correct? > > Thanks > > > ______________________________________________________________________ > News, Sports, Entertainment and Weather on your mobile. Text MSN to > 63463 Now. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
