Help constructing correct ws-policy

Mon, 02 Feb 2009 04:01:25 -0800 

Hi

Not sure if someone could help me, but I need some help in constructing a
ws-policy where I want to say something like "you need a token from this
issuer, for using this service", this is what I've got now in the WSDL

<sp:SupportingTokens xmlns:sp="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>

                               <sp:IssuedToken
                                sp:IncludeToken="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
"
                                xmlns:wst="
http://schemas.xmlsoap.org/ws/2005/02/trust";
                                xmlns:wsa="
http://schemas.xmlsoap.org/ws/2004/08/addressing";>
                                          <sp:Issuer>
                                              <wsa:EndpointReference>
http://localhost:8080/axis2/services/STSService</wsa:EndpointReference>
                                          </sp:Issuer>


<sp:RequestSecurityTokenTemplate>
                                            <wst:RequestType>
http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
                                          </sp:RequestSecurityTokenTemplate>
                                    </sp:IssuedToken>
                    </sp:SupportingTokens>

but don't know If I capture it correct, I'm a little confused. Our sts
issues a simple token for our system, like this

 <ests:StsTokens xmlns:ests="http://bccs.uib.no/esysbio/sts";>
         <ns1:LocalTokens xmlns:ns1="http://bccs.uib.no/esysbio/sts/";>

<LocalToken>830f4c48742b8c71ab5e1c35ec062185c45d9b7f</LocalToken>
         </ns1:LocalTokens>
      </ests:StsTokens>

Then the client should include this in the header when connecting to the end
service, a sample soap message is shown below

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
   <soapenv:Header>
     <ests:StsTokens xmlns:ests="http://bccs.uib.no/esysbio/sts";>
         <ns1:LocalTokens xmlns:ns1="http://bccs.uib.no/esysbio/sts/";>

<LocalToken>830f4c48742b8c71ab5e1c35ec062185c45d9b7f</LocalToken>
         </ns1:LocalTokens>
      </ests:StsTokens>
   </soapenv:Header>
   <soapenv:Body>
      <SayHiResponse xmlns="http://bccs.uib.no/STSSecureService";>
         <HiResponse>hi</HiResponse>
      </SayHiResponse>
   </soapenv:Body>
</soapenv:Envelope>

The end service checks the costume token inside the soap header. This
example is just for prototyping purpose in our system

Can anyone help me in how to design the policy for my service?

cheers, håkon
-- 
Håkon Sagehaug, Software Developer
Parallab, Bergen Center for Computational Science (BCCS)
UNIFOB AS (University of Bergen Research Company)

Reply via email to