Awesome. I'd be very happy to look at your howto and put it on the site, just attach it to the JIRA when you're ready.
Thanks for your work in this area, I think this functionality is looking really good. Jon On Fri, Apr 3, 2009 at 11:49 AM, Jean-Louis MONTEIRO < [email protected]> wrote: > > Jon, > > Yes, my company and I, filed the Apache CLA by the end of August (2008). > > Regarding write access on the wiki, It's OK (David gave me write access). > As you probably noticed in posts, my english is not as good, so I gonna > give > you a draft for validation. > > Jean-Louis > > > > Jonathan Gallimore-2 wrote: > > > > Absolutely! Do you already have write access to the wiki? It looks like > > you've already filed a CLA with Apache so I imagine you can get write > > access > > if you don't already have it. Alternatively, I'm happy to test out your > > instructions and add them to the site. > > > > Jon > > > > On Thu, Apr 2, 2009 at 12:00 PM, Jean-Louis MONTEIRO < > > [email protected]> wrote: > > > >> > >> Jon, > >> > >> One more suggestion: can I try to produce a small HowTo for the web site > >> ? > >> > >> Jean-Louis > >> > >> > >> Jonathan Gallimore-2 wrote: > >> > > >> > I've fired this up and run the tests. It looks really good to me - > many > >> > thanks for this! If you're happy to add this patch to jira > OPENEJB-1004 > >> > I'm > >> > happy to get it committed. > >> > > >> > Do you think it would be ok to include the keys I generated from your > >> > batch > >> > file, so that people can just do the usual 'mvn test' without any > extra > >> > work > >> > for the test in the example project to work (I'd keep the batch file > as > >> > well > >> > as I think its useful)? > >> > > >> > Jon > >> > > >> > On Mon, Mar 30, 2009 at 1:24 PM, Jean-Louis MONTEIRO < > >> > [email protected]> wrote: > >> > > >> >> > >> >> Hi Jonathan, > >> >> > >> >> I spent some time this week end to get WS-Security integrated. > >> >> Sorry in advance because I changed some of your co > >> >> http://www.nabble.com/file/p22782120/patch-ws-security.txt > >> >> patch-ws-security.txt de (but it allowed me to go faster). > >> >> > >> >> I enhanced the sample application to illustrate how to use > >> WS-Security. > >> >> Here is a patch file with all changes. > >> >> > >> >> Please, can you apply it on your local working copy and have a look > on > >> >> tests > >> >> ? > >> >> I think you can launch the CalculatorTest test case from the > >> >> webservice-ws-security project. > >> >> > >> >> It would be very nice to have some feedback. > >> >> @David: for the moment, no special properties management has been > >> done. > >> >> > >> >> Jean-Louis > >> >> > >> >> > >> >> > >> >> Jonathan Gallimore-2 wrote: > >> >> > > >> >> > I really like the idea of this configuration. > >> >> > > >> >> > I think David's point is a good one - I don't know how bean > specific > >> >> these > >> >> > properties are, but if you want to use a set of properties for more > >> >> than > >> >> > one > >> >> > webservice I guess we could have a node with the global webservice > >> >> > security > >> >> > config for the app, with any bean specific properties defined > >> >> overriding > >> >> > this. > >> >> > > >> >> > I guess I'm thinking of something along the lines of: > >> >> > > >> >> > <openejb-jar xmlns=" > http://openejb.apache.org/xml/ns/openejb-jar-2.2 > >> "> > >> >> > <global-ws-security> > >> >> > <configuration> > >> >> > wss4j.in.action = Encrypt Signature > >> >> > wss4j.in.signaturePropFile = path to > >> file/CalculatorSecurity.properties > >> >> > wss4j.in.encryptionPropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> > > >> >> > wss4j.out.action = Encrypt Signature > >> >> > wss4j.out.signaturePropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> > wss4j.out.encryptionPropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> > wss4j.out.user = something > >> >> > wss4j.out.encryptionUser = bod > >> >> > wss4j.out.signatureKeyIdentifier = DirectReference > >> >> > wss4j.out.encryptionSymAlgorithm = > >> >> > http://www.w3.org/2001/04/xmlenc#tripledes-cbc > >> >> > ... > >> >> > </configuration> > >> >> > </global-ws-security> > >> >> > > >> >> > <enterprise-beans> > >> >> > <session> > >> >> > <ejb-name>CalculatorImpl</ejb-name> > >> >> > <web-service-security> > >> >> > <security-realm-name/> > >> >> > <transport-guarantee>NONE</transport-guarantee> > >> >> > <auth-method>WS-SECURITY</auth-method> > >> >> > > >> >> > <configuration> > >> >> > wss4j.some_bean_specific_property = foo > >> >> > ... > >> >> > </configuration> > >> >> > > >> >> > </web-service-security> > >> >> > </session> > >> >> > </enterprise-beans> > >> >> > </openejb-jar> > >> >> > > >> >> > I'm very happy to help with some of the code and/or testing. > >> >> > > >> >> > Cheers, > >> >> > > >> >> > Jon > >> >> > > >> >> > On Fri, Mar 20, 2009 at 4:57 PM, David Blevins > >> >> > <[email protected]>wrote: > >> >> > > >> >> >> On Mar 20, 2009, at 8:13 AM, Jean-Louis MONTEIRO wrote: > >> >> >> > >> >> >> <openejb-jar > >> >> xmlns="http://openejb.apache.org/xml/ns/openejb-jar-2.2";> > >> >> >>> <enterprise-beans> > >> >> >>> <session> > >> >> >>> <ejb-name>CalculatorImpl</ejb-name> > >> >> >>> <web-service-security> > >> >> >>> <security-realm-name/> > >> >> >>> <transport-guarantee>NONE</transport-guarantee> > >> >> >>> <auth-method>WS-SECURITY</auth-method> > >> >> >>> > >> >> >>> <configuration> > >> >> >>> wss4j.in.action = Encrypt Signature > >> >> >>> wss4j.in.signaturePropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> >>> wss4j.in.encryptionPropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> >>> > >> >> >>> wss4j.out.action = Encrypt Signature > >> >> >>> wss4j.out.signaturePropFile = path to > >> >> file/CalculatorSecurity.properties > >> >> >>> wss4j.out.encryptionPropFile = path to > >> >> >>> file/CalculatorSecurity.properties > >> >> >>> wss4j.out.user = something > >> >> >>> wss4j.out.encryptionUser = bod > >> >> >>> wss4j.out.signatureKeyIdentifier = DirectReference > >> >> >>> wss4j.out.encryptionSymAlgorithm = > >> >> >>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc > >> >> >>> ... > >> >> >>> </configuration> > >> >> >>> > >> >> >>> </web-service-security> > >> >> >>> </session> > >> >> >>> </enterprise-beans> > >> >> >>> </openejb-jar> > >> >> >>> > >> >> >> > >> >> >> I'm curious on how bean specific that above configuration is. If > I > >> >> have > >> >> >> say 10 web services that need to be secured, which properties will > >> >> likely > >> >> >> be > >> >> >> the same and which would I typically want to be different? Just > >> >> >> wondering > >> >> >> if we'll want some more general way to setup the security in > >> addition > >> >> to > >> >> >> 100% bean defined. > >> >> >> > >> >> >> -David > >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> > > >> >> > > >> >> http://www.nabble.com/file/p22782120/patch-ws-security.txt > >> >> patch-ws-security.txt > >> >> -- > >> >> View this message in context: > >> >> > >> > http://www.nabble.com/Re%3A-Securing-a-webservice-tp22265166p22782120.html > >> >> Sent from the OpenEJB Dev mailing list archive at Nabble.com. > >> >> > >> >> > >> > > >> > > >> > >> > >> > >> -- > >> View this message in context: > >> > http://www.nabble.com/Re%3A-Securing-a-webservice-tp22265166p22845394.html > >> Sent from the OpenEJB Dev mailing list archive at Nabble.com. > >> > >> > > > > > > -- > View this message in context: > http://www.nabble.com/Re%3A-Securing-a-webservice-tp22265166p22866063.html > Sent from the OpenEJB Dev mailing list archive at Nabble.com. > >
