On Fri, Jul 22, 2011 at 11:41 AM, Martin Gainty <mgai...@hotmail.com> wrote:
> Hi Jay- > The Axis solution is to configure public and private keystores..create a > cert with public key and engage Rampart (Security) Module to Axis > http://wso2.org/library/3190 > > Thanks, that looks like what I want to do. There's three steps on this page, "Deploying the Rampart Module", "Securing the Service", and "Securing the Client". Do I need to follow the steps in "Deploying the Rampart Module" if I'm just trying to make a client? It seems to insist on installing to Tomcat, but I don't have Tomcat. Anyway, I'm trying to follow "Securing the Client". I had no trouble with steps 1 & 2. I now have a directory with the following structure (my service is called MagicEightBallService): - build.xml - src/org/petio/magiceightballclient/ - MagicEightBallServiceCallbackHandler.java - MagicEightBallServiceStub.java - MagicEightBallServiceCGClient.java but I'm confused by step 3: To secure SOAP request made by the client, we need to engage the Rampart > module to the client. So we have to create a client repository and the > rampart-1.3.mar should be deployed in the modules directory... What do they mean by "client repository" here? And where is "the modules directory"? (next to src? under src? does it matter? do I create it manually?) > ...We should make sure that all dependency .jar files of the Apache Rampart > module are in the classpath of the client. Then we can use the following > code to engage Rampart in the client. Note that username and password to be > used in the Username token, is provided using the Options class. > What are the username and password? Are these to gain access to the private key? How do I set this up? -- Jay Sullivan
