Hi Alex, especially that it doesn't look like anyone from Axis team has tried this > particular (JAX-WS + Rampart) configuration just yet (I hope the JAX-WS will > be addressed in more details in Rampart 1.4). >
Yes, it is not in the Road map of Rampart 1.4. Anyway we think this is something we should support. So we will look in to this and try to see if we can find a way to get this working before the Rampart 1.4 release. > Nevertheless, I will continue my investigations, bugs or not. I believe > I'm close... > That is great news. Please let us know if you need any information from Rampart side. thanks, nandana ------------------------------ > *From:* Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] > *Sent:* May 7, 2008 11:51 PM > *To:* [email protected] > *Subject:* Re: [Rampart] What is the correct way to secure a JAX-WS > service? > > Hi Alex, > Have you looked at this thread [1] ? > > thanks, > nandana > > [1] - > http://markmail.org/message/dkwjvskrh3gysvnw?q=list:org%2Eapache%2Ews%2Eaxis-user+can+I+use+use+rampart > > > On Wed, May 7, 2008 at 10:26 PM, Savitsky, Alex < > [EMAIL PROTECTED]> wrote: > >> Hi, >> >> Usually, Axis2 services are secured using Rampart, by engaging the module, >> and specifying the policy in services.xml. However, this won't do for >> services deployed via JAX-WS annotations, as there's no services.xml file >> there. The module could still be deployed, as long as it's placed in >> WEB-INF/modules - but where would one have to place the policy file, for it >> to be picked up by the Rampart? Are there any annotations one has to specify >> on the service endpoint, to specify that the service is using WS-Security? >> >> I looked at the @HandlerCHain annotation, but the Rampart handlers are not >> based on the JAX-WS handler interfaces, but on some internal Axis2 ones, and >> thus cannot be used in JAX-WS handler chains >> >> And final question - does Rampart even support JAX-WS style services? >> >> Thanks, >> >> Alex >> >> ******************** >> NOTICE OF CONFIDENTIALITY >> This communication including any information transmitted with it is >> intended only for the use of the addressees and is confidential. >> If you are not an intended recipient or responsible for delivering >> the message to an intended recipient, any review, disclosure, >> conversion to hard copy, dissemination, reproduction or other use >> of any part of this communication is strictly prohibited, as is the >> taking or omitting of any action in reliance upon this communication. >> If you receive this communication in error or without authorization >> please notify us immediately by return e-mail or otherwise and >> permanently delete the entire communication from any computer, >> disk drive, or other storage medium. >> >> If the above disclaimer is not properly readable, it can be found at >> www.td.com/legal >> >> AVERTISSEMENT DE CONFIDENTIALITE >> Ce courriel, ainsi que tout renseignement ci-inclus, destiné uniquement >> aux destinataires susmentionnés, est confidentiel. Si vous >> n'êtes pas le destinataire prévu ou un agent responsable de la >> livraison de ce courriel, tout examen, divulgation, copie, impression, >> reproduction, distribution, ou autre utilisation d'une partie de ce >> courriel est strictement interdit de même que toute intervention ou >> abstraction à cet égard. Si vous avez reçu ce message par erreur ou >> sans autorisation, veuillez en aviser immédiatement l'expéditeur par >> retour de courriel ou par un autre moyen et supprimer immédiatement >> cette communication entière de tout système électronique. >> >> Si l'avis de non-responsabilité ci-dessus n'est pas lisible, vous >> pouvez le consulter à www.td.com/francais/legale >> >>
