Hi all, Thanks for sharing those info Chuck. I've updated the related RFE: http://restlet.tigris.org/issues/show_bug.cgi?id=231
Best regards, Jerome > -----Message d'origine----- > De : news [mailto:[EMAIL PROTECTED] De la part de Sebastien PLISSON > Envoyé : jeudi 6 septembre 2007 10:46 > À : [email protected] > Objet : Re: WSSE lib, Guard and restlet > > > Chuck Hinson <chinson <at> gestalt-llc.com> writes: > > > > > FWIW, we needed some WSSE processing for something we were > doing a few > > months ago. We started out with Wss4j, but it didn't handle > > certificate-based signing, so we switched to XWss (part of > glassfish). > > > > Both of these require valid SOAP envelopes (don't know how > that fits in > > with your Restlet plans) and XWss definitely had some > (painful) quirks > > (as of 6 months ago). Neither required a SOAP stack (which > is why we > > selected them), and we did use them as part of a > Restlet-base app, but > > not as guards. > > > > --Chuck > > > > -----Original Message----- > > From: news [mailto:news <at> sea.gmane.org] On Behalf Of > Sebastien PLISSON > > Sent: Friday, August 31, 2007 3:30 PM > > To: discuss <at> restlet.tigris.org > > Subject: WSSE lib, Guard and restlet > > > > Hi, > > > > I m looking for a good WSSE java library that I could use > to implement a > > Guard that woul manage WSSE security in the Restlet API. > > > > Any idea ? comment ? > > > > Thanks > > > > Sebastien > > > > > > > Hello, > > For now, Im using wss4j but I ll try XWss. > > I ve made a customized Guard where i override the authenticate method > > to check that X-WSSE header received is correct and > to allow/deny access to resource. > > See you > -seb > > > > >
