Tim, this is not yet possible with WSS4J. This is planned if the WS SecurityPolicy specification becomes more stable. We started to implement first steps but it may take some time until it is ready.
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: news [mailto:[EMAIL PROTECTED] Im Auftrag von Tim K. (Gmane) > Gesendet: Freitag, 5. Mai 2006 04:02 > An: sandesha-dev@ws.apache.org > Betreff: Re: enforcing that certain elements are signed and encrypted > > So it seems that I'm able to enforce the UsernameToken and Body to be > signed by the client, by using the WSSecurityEngineResult on > the server > side. > > But what about the encryption part? How can that be enforced? > > Tim > > > > Tim K. (Gmane) wrote: > > Is the only way to achieve this by getting the > WSSecurityEngineResult > > from the MessageContext and then for each WSConstants.SIGN action > > result looking at what > WSSecurityEngineResult.getSignedElementQnames() > > returns and failing if not all required elements were signed? > > > > What about the encryption part? How does one get the Qnames of the > > elements that were encrypted from the WSSecurityEngineResult? > > > > thank you > > > > Tim > > > > > > > > Tim K. (Gmane) wrote: > >> Could someone please help me with an answer to this? > >> > >> thank you > >> > >> Tim > >> > >> > >> > >> Tim K. (Gmane) wrote: > >>> Hello - > >>> > >>> Is it possible to configure the receiving (server) side of WSS4J > >>> using the standard Axis handlers to enforce that certain > elements in > >>> the request (UsernameToken and Body) be signed and encrypted? > >>> > >>> It seems that the server accepts anything as long as there's at > >>> least 1 element that's signed and 1 that's encrypted, the client > >>> seems to dictate the policy, not the server. > >>> > >>> Am I missing anything? > >>> > >>> Thank you. > >>> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
