Hi Fliippo, I am not sure whether i understood your question properly. As far as I understood signature material is within <wst:RequestSecurityTokenResponse> element. As you mentioned below, Rampart is capable of processing security information when there is a security header. So I believe it is not possible to use Rampart to process signature results within <wst:RequestSecurityTokenResponse>.
Thanks AmilaJ On Sun, Feb 12, 2012 at 10:58 PM, FILIPPO AGAZZI <filippo.aga...@studenti.unipr.it> wrote: > > > 2012/2/10 Ruchith Fernando <ruchith.ferna...@gmail.com> >> >> Hi Filippo, >> >> >> Yes, this is like yet another web service now. What rampart provides >> at this point is an API to construct required elements and if you >> apply security policy to an operation then the results of processing >> the security header will be available at the issuer implementation >> through the RahasData instance. >> However I don't think this will interop with other implementation of >> WS-Trust but it should work for your scenario. > > > In my scenario, i don't want any security header now, because i want a > negotiation between two entity that are completely unknown and don't trust, > for example, in public certificate from any CA; i'm trying to work in a > completely open scenario, where two entities make an agreement, if it's > possible depending on their own policies, trough a negotiation. These > policies are exchanged in the initial messages of the negotiation and are > expressed with WS-Policy; so i need to include, in my > RequestSecurityTokenResponse (that is in the soap body of messages) > <wsp:Policy> elements , included in their turn into custom elements defined > by a xml-schema. So i imagine that i don't need any security header; instead > i need, maybe, some signature material inside my custom xml structure, > within <wst:RequestSecurityTokenResponse>. If i need to extract information > from signature material element, do u think i need rampart api? Do u think > in my client and MyIssuer, can i use API to use some security element, > everywhere this element is put in the soap message? I mean, Rampart and > Rahas (as u said for ex a RahasData instanze) give us API to process only > ordinary message, with security header, or i can use them to process > element, containing security element (such as siganture material), wherever > these element is put in the message? What do u think about? > I know that i'm perhaps too general with this questions, but my scenario > has to be as open as possible, and in this point i even know exactly the > details. In my messages i have to transport policies, expressed with > WS-Policy, and security token representing credential, that can be > x509token, or other custom credential. I'm thinkin also about using SAML > token to represent credential (for example a document that assures that i'm > a student of "XXXX" university, since 2004...these are the type of > credentials i need), maybe u know if it's possible? > > p.s: in my prevous messages i omitted a detail: both client and service has > to communicate with a framework, that can guide the negotiation, processing > the input message and creating the output message. The problem is that this > framework uses properly message format, so i need to do a 1:1 translation > between Trust messages and message used by framework. This is the reason why > i need in every message to extract the information, on order to do this > translation. > > Thanks a lot! > Regards, > Filippo A. -- Mobile : +94773330538 --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional commands, e-mail: java-user-h...@axis.apache.org
