Hi Sam, >>> What is your suggestion? >> >> 1st idea is to move it to the "Services" section. XML Security does not >> provide "Web Services", but it provides authentication, non-repudiation, >> integrity and (in the next weeks confidentiality) which are all "security >> services". And it provides these security services for web services ;-) > > If we make that last statement a true statement (i.e., with code checked > into one of the code bases) that integrates xml-security with one of the > soap stacks, then I'm cool with that.
I'm not an Apache SOAP/AXIS user, so it was hard for me to play around with these tools. I asked soap-user and soap-dev how I can directly access the soap message as a DOM tree to add a SOAP-SECURITY signature. Unfortunately no response. I want to add an example to xml-security how a SOAP message can be signed and this signature can be verified according to [1]. If there is someone out there who can show me how to create a simple SOAP msg using AXIS and how I can modify the resulting DOM tree, I'll provide this example. The only thing that stopped me was installing tomcat and all these things. Christian [1] http://www.w3.org/TR/SOAP-dsig/ --------------------------------------------------------------------- In case of troubles, e-mail: [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
