Detelin Yordanov created AXIS2-5659:
---------------------------------------
Summary: Improve WS-AddressingAndIdentity support in Axis2 to
allow configuring any identity claims
Key: AXIS2-5659
URL: https://issues.apache.org/jira/browse/AXIS2-5659
Project: Axis2
Issue Type: Improvement
Components: Addressing, kernel, wsdl
Affects Versions: 1.6.2, 1.7.0
Reporter: Detelin Yordanov
Axis2 supports specifying the public key information of a service and
expressing it in the WSDL using WS-AddressingAndIdentity's {{ds:KeyInfo}}
element.
This support has been added as part of AXIS2-4066 but it is far from complete,
since it only allows one to configure the x509 certificate information and none
of the rest of the claims defined in the specification (dns name, service or
user principal, security tokens, etc.). Additionally, the current support uses
a too generic service parameter name - {{ServiceIdentityData}} - which, despite
of the name, should be used only to configure the X509 certificate data of
Identity's {{ds:KeyInfo}} claim.
I'm providing a patch that allows configuring the full content of the Identity
element using a new {{WSAddressingAndIdentity}} service parameter, for example,
expressing Service principal name claim can be done using the following service
parameter:
{code:xml}
<parameter name="addressingIdentity">
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";>
<Spn>http/[email protected]</Spn>
</Identity>
</parameter>
{code}
The previous support has been preserved for backward compatibility, though I'm
not sure whether it is used at all since I could find neither a sample nor a
test case for it.
In general, the current architecture of Axis2 does not allow extending the wsdl
generation in a pluggable fashion, for example using an Axis2 module. I would
have preferred not to modify Axis2 wsdl generation code, but to be able to
configure wsdl extensibility elements using Axis2 modules, but this is not
possible since modules do not participate in wsdl generation at the moment. I
have discussed this issue in Axis2 mailing list:
http://mail-archives.apache.org/mod_mbox/axis-java-dev/201404.mbox/%3CCAEu2FRN9b_iLgqp8mg7QEwx52XK0oXQx3eiGVytT%2BY61bmrdbg%40mail.gmail.com%3E
I thought I could propose an improvement but at some point I gave up and
decided to go with the current solution.
This patch should work for 1.6 branch and for trunk, as it takes care to
"unwrap" parameter values if needed (OMElement parameters are no longer
"wrapped" in a parameter element since revision
[371373|http://svn.apache.org/viewvc/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/deployment/DescriptionBuilder.java?r1=1341090&r2=1371373].
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
