Hi Drew, On Fri, Apr 17, 2009 at 10:19 AM, Drew Baird (Volt) <[email protected]>wrote:
> Hi Shankar, > I am just flagging an possible issue. I do not think anything needs to be > fixed in M1 or M2 with regards to WS* security > Right now in Test: we have dotnet-Trade->dotnet-BSL->Php-OPS using msec > with the existing tokens. I was trying following scenarios. dotnet-Trade -> PHP BSL -> WSAS-OPS PHP-Trade -> dotnet-BSL -> dotnet-OPS These are failing because of the above issue. Not sure whether there are any configuration which I can use to disable security in Trade->BSL interface?? Regards, Shankar > > > I have flagged the following links to study regarding interoperability > problems : Interoperability Gotcha: SslContextToken Negotiation & WS-Policy > > http://webservices20.blogspot.com/2008/10/interoperability-gotcha-sslcontexttoken.html > > http://webservices20.blogspot.com/2008/10/java-wcf-web-services-interoperability_11.html > > Best Regards, > Drew > > ________________________________________ > From: Selvaratnam Uthaiyashankar [[email protected]] > Sent: Thursday, April 16, 2009 9:37 PM > To: [email protected] > Subject: Re: WS-Trust usage in Stocktrader > > On Fri, Apr 17, 2009 at 10:02 AM, Drew Baird (Volt) > <[email protected]>wrote: > > > This could be an issue. Quick research says it is an interoperability > > problem. > > > > We will need to address but is it a M2? > > > I am not clear here. Are you suggesting to fix it in M2? In that case, can > we configure .net so that .NET -> WSAS/PHP will be without security? If > so, > then we can leave it now and modify it for M2. > > Regards, > Shankar > > > > > > > > Thanks! > > Drew > > > > ________________________________________ > > From: Selvaratnam Uthaiyashankar [[email protected]] > > Sent: Thursday, April 16, 2009 9:03 PM > > To: [email protected] > > Subject: Re: WS-Trust usage in Stocktrader > > > > > > > > Yes That is correct. > > >> I was confused that there is not a Msec endpoint to go from Client-> > BS > > >> on the php side. Shouldn't there be? > > > > > > > > > We can include it, but the current policy is not supported by WSF/PHP > or > > > Axis2/Java. Can we modify SslContextToken of bootstrap policy to > > X509Token? > > > > > > > > > Hi Drew, > > > > Any thought on this? Will it be possible to change from SslContextToken > to > > X509Token? > > > > Regards, > > Shankar > > > > > > -- > > S.Uthaiyashankar > > Software Architect > > WSO2 Inc. > > http://wso2.com/ - "The Open Source SOA Company" > > > > > > -- > S.Uthaiyashankar > Software Architect > WSO2 Inc. > http://wso2.com/ - "The Open Source SOA Company" > -- S.Uthaiyashankar Software Architect WSO2 Inc. http://wso2.com/ - "The Open Source SOA Company"
