Hi Dietmar,
I still don't get the scenario very clearly.
On successful authentication (with whatever method - HTTP auth, usename
> token, X509, SAML, Kerberos?)
> I'd like to generate some custom credentials that are used later on to
> (re-)authenticate with the backend systems
> that the Web service invokes.
Will WS - Trust [1] or WS - Secure Conversation [2] suit your requirement ?
[1] - http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
[2] - http://specs.xmlsoap.org/ws/2005/02/sc/WS-SecureConversation.pdf
Thanks,
Nandana
>
> ----- Original Message -----
> From: "Nandana Mihindukulasooriya" <[EMAIL PROTECTED]>
> To: <rampart-dev@ws.apache.org>
> Sent: Sunday, December 30, 2007 9:41 AM
> Subject: Re: authentication with X509 certs
>
>
> > Hi Dietmar,
> >
> > Does Rampart/WSS4J offer some authentication method using X509
> >> certificates?
> >
> >
> > If we use a digital signature with X509 certificate, it provides us
> > authentication +
> > integrity, right ? or am I missing something ?
> >
> > Thanks,
> > Nandana
> >
>
