On Tue, Oct 25, 2011 at 5:24 PM, Stadelmann Josef <josef.stadelm...@axa-winterthur.ch> wrote: > Can anyone answer this. > > Our soap xml payload has represent collections and have lot of elements > sensible data we now need to protect better. > > Is it possible to define a WS-Security-Policy that defines that Rapart é all > shall only encrypt >mysecretpassword< and >5000< ?
Hi Josef, You can use XPath expressions in policy to encrypt only "password" and "5000". E.g :- <sp:EncryptedElements xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:ns="http://sample07.policy.samples.rampart.apache.org"; xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <sp:XPath>/soapenv:Envelope/soapenv:Body/ns:echo/ns:param1</sp:XPath> </sp:EncryptedElements> Please refer sample07 [1] for more detail explanation. Thanks AmilaJ [1] http://svn.apache.org/repos/asf/axis/axis2/java/rampart/trunk/modules/rampart-samples/policy/sample07/policy.xml > > <workspace > > <name>WSIN</name> > > <count>4</count> > > <elements> > > <elem> > > <fldnam>Username</fldnam> > > <fldval>Stadelma</fldval> > > </elem> > > <elem> > > <fldnam>Password</fldnam> > > <fldval>mysecretpassword</fldval> > > </elem> > > <elem> > > <fldnam>Salary</fldnam> > > <fldval>5000</fldval> > > </elem> > > <elem> > > <fldnam>Address</fldnam> > > <fldval>Steinhausen</fldval> > > </elem> > > </elements> > > </workspace> > > Josef --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional commands, e-mail: java-user-h...@axis.apache.org
