2007/9/6, Alex Boisvert <[EMAIL PROTECTED]>: > I've just added experimental support for HTTP authentication in the > 1.1branch On 9/6/07, Tammo van Lessen < [EMAIL PROTECTED]> wrote: > > Yes, I agree. Introducing an extra message part for credentials is > IMHO quite a hack. Since BPEL itself actually deals only with the > abstract part of WSDL
It isn't a hack, it's the obvious way to create a process which actively operates on credentials or other assertions, yet allows the implementor of the wsdl binding layer to turn those assertions into some useful behavior. Most times, it is just a convenient circumstance that the same wsdl port type can be used both for a process and for the (for example) Axis service sitting in front of it. Which of these are you trying to support? - http basic auth used as authorization gate before passing a message to a process - http basic auth used to bootstrap an implicit security context (eg jaas) for receiving the message - http basic auth used to bootstrap an implicit security context for the entire process - http basic auth used to implement the binding for a username token mentioned in the wsdl message, to be used by the process elsewhere, eg sending a message later - Make an Ode-centric axis-enabled distro, where you configure axis indirectly via Ode -d
