Hi All, Actually rahas.mar can be used to enable WS-SecureConversation or you can use it with a doner service to convert that to an STS. *AND* you can use org.apache.rahas.STSMessageReceiver message receiver in a services.xml file and create an STS.
We did not include this by default as a release artifact since one will have to configure the security policies and the issues he/she wants in the services.xml for the STS. I will make sure we have a sample and some documentation on this in the upcoming release :-) Thanks, Ruchith On 4/25/07, George Stanchev <[EMAIL PROTECTED]> wrote:
To my understanding the main purpose of the Rahas STS is to implement WS-SecureConversation only and thus the service-centric architecture. If you want a full blown STS I suggest you look at a fuller implementation, such as Higgins STS from Eclipse or Ping Identity's STS... Best Regards, George -----Original Message----- From: Moore, James [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 24, 2007 4:19 AM To: [email protected] Subject: Rahas as a module Sorry - new to rampart/rahas so possibly a daft question. I understand that rampart is applied to a service in order to utilise WS-Security but why is Rahas developed as a module? If I want to provide an STS then I don't necessarily need a 'donor' service to add STS functionality to, it probably exists in its own right. Cheers. ----------------------------------------- Egg is a trading name of the Egg group of companies which includes: Egg plc (reg no 2448340), Egg Financial Intermediation Ltd (reg no 3828289), and Egg Banking plc (reg no 2999842). Egg Banking plc and Egg Financial Intermediation Ltd are authorised and regulated by the Financial Services Authority (FSA) and are entered in the FSA register under numbers 205621 and 309551 respectively. These members of the Egg group are registered in England and Wales. Registered office: Laurence Pountney Hill, London EC4R 0HH. This e-mail is confidential and for use by the addressee only. If you are not the intended recipient of this e-mail and have received it in error, please return the message to the sender by replying to it and then delete it from your mailbox. Internet e-mails are not necessarily secure. The Egg group of companies do not accept responsibility for changes made to this message after it was sent. Whilst all reasonable care has been taken to avoid the transmission of viruses, it is the responsibility of the recipient to ensure that the onward transmission, opening or use of this message and any attachments will not adversely affect its systems or data. No responsibility is accepted by the Egg group of companies in this regard and the recipient should carry out such virus and other checks as it considers appropriate. This communication does not create or modify any contract. ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
-- www.ruchith.org www.wso2.org
