[
https://issues.apache.org/jira/browse/ODE-388?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12640715#action_12640715
]
Alexis Midon commented on ODE-388:
----------------------------------
##
The dev consists in 1) providing the user a way to set a ws-security policy for
a given service 2) make sure this policy is loaded when invoking the service.
The policy may be set with the property 'security.policy' in an .endpoint
property file.
This file might be located in the process conf directory, or in the global conf
directory. The latter takes precedence.
If the property value is a relative path, the absolute path will be resolved
against the process conf directory.
##
The Rampart arguments "OutflowSecurity" and "InflowSecurity" also provide a way
to specify some security settings without using a ws-security. (see rampart doc
for more details).
This solution did not required additional dev and was already available thanks
to the "service.axis2" mechanism (ODE-272).
The only pitfall is to make sure Rampart is engaged.
##
Refer to org.apache.ode.axis2.RampartBasicTest and
org.apache.ode.axis2.RampartPolicyTest for working examples.
This examples were imported and adapted from Rampart samples [1].
[1]
https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-samples/
> support ws-security for external services
> -----------------------------------------
>
> Key: ODE-388
> URL: https://issues.apache.org/jira/browse/ODE-388
> Project: ODE
> Issue Type: New Feature
> Components: Axis2 Integration
> Reporter: Alexis Midon
> Assignee: Alexis Midon
> Fix For: 1.3
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
