Re: In Rampart version 1.4 is it possible to create a policy where the client is required to send a WS_Security Header with an X509 cert and the service is not required to reply with WS_Security header.

Nandana Mihindukulasooriya Fri, 26 Feb 2010 23:31:14 -0800

Hi Mark,
       If I understood the scenario correctly, applying the policy at
message level should solve your problem i.e. you apply the policy only to
the incoming message ( w.r.t server side). This is possible with Rampart and
policy based configuration. This tutorial [1] explains how to do it.


regards,
Nandana

[1] - http://wso2.org/library/3786

On Fri, Feb 26, 2010 at 9:53 PM, <mark.ber...@usbank.com> wrote:

> We are using Rampart 1.4.  We require our clients to send soap requests
> that contain a WS_Security header with an client side X509 digital
> certificate.   (The service authenticates and authorizes the client based
> on the transmitted x509 certificate.)    We do not not require the service
> to return a reply with an WS_Security header.  (That is our preference.)
>
>
> In Rampart version 1.4 is it possible to create a policy where the client
> is required to send  a WS_Security Header with an X509 certificate and the
> service is not required to reply with  WS_Security header.   We would like
> the service to return a soap envelope with no WS_Security stuff.
>
> If the answer is yes, can you tell me where I can find a sample policy
> that supports these requirements.
>
> Mark Cerf Berman
> AVP - Application Architect
> U.S. Bank
> EP-MN-BGFD
> Riverbank Business Center Office
> 2751 Shepard Road
> St. Paul, MN 55116
> mark.ber...@usbank.com
> 651-205-2970 direct
> 651-205-0597 fax
> U.S. BANCORP made the following annotations
> ---------------------------------------------------------------------
> Electronic Privacy Notice. This e-mail, and any attachments, contains
> information that is, or may be, covered by electronic communications privacy
> laws, and is also confidential and proprietary in nature. If you are not the
> intended recipient, please be advised that you are legally prohibited from
> retaining, using, copying, distributing, or otherwise disclosing this
> information in any manner. Instead, please reply to the sender that you have
> received this communication in error, and then immediately delete it. Thank
> you in advance for your cooperation.
>
>
>
> ---------------------------------------------------------------------
>
>

Re: In Rampart version 1.4 is it possible to create a policy where the client is required to send a WS_Security Header with an X509 cert and the service is not required to reply with WS_Security header.

Reply via email to