Hi *Venkata Krishnan,* Your work is appreciable. I tried the helloworld-ws-service-secure sample and was facing some problems which I could resolve with the help of this mail, Thank you. Now I want to try out other policy features like wsConfidentialityPolicy & integrity, as you are a head of us in this area, i would be very grateful if you could share the link for the samples you have developed.
Thanks & Regards, Ashwini Kumar On 10/23/07, Venkata Krishnan <[EMAIL PROTECTED]> wrote: > > Hi, > > I have added some minor updates to the the helloworld-ws-service-secure > and > helloworld-ws-reference-secure samples to given an idea of how simple > authentication around userid and passwords could be performed. > > I have also added one more component that uses a policyset with > ws-security-policy assertions for implementing message integrity - again > courtesy - Rampart samples :) > > Hope all this helps a bit. > > Thanks > > - Venkat > > On 10/16/07, Dietrich, Björn <[EMAIL PROTECTED]> wrote: > > > > Hi Vankat, > > > > First thank you very much. > > > > I will check the rampart documentation. > > > > Thanks > > Björn > > > > > > -----Ursprüngliche Nachricht----- > > Von: Venkata Krishnan [mailto:[EMAIL PROTECTED] > > Gesendet: Dienstag, 16. Oktober 2007 09:44 > > An: [email protected] > > Betreff: Re: Helloworld Webservice and Security Policies > > > > Hi, > > > > I am not a security specialist and I picked up this ws security handling > > from the rampart tutorials and samples I went through. So from what I > > understand... > > > > - In the client side handler you could set the passwords for various > > client identities. > > - On the server side this is the handler that you use to retrieve the > > passwords from the handler on one side and then prob. from some user > > registry and do a comparison. If the passwords match you return > otherwise > > you throw an exception from the handler. > > > > Here is a snippet that I picked up for this from the rampart samples for > a > > typical server side handler. Not that this method has to be precisely > this > > way, it is more to give you an idea of what typcially goes on in the > server > > side handler. > > > > public class PWCBHandler implements CallbackHandler { > > > > public void handle(Callback[] callbacks) throws IOException, > > UnsupportedCallbackException { > > for (int i = 0; i < callbacks.length; i++) { > > > > //When the server side need to authenticate the user > > WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i]; > > if (pwcb.getUsage() == > > WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) > > { > > if(pwcb.getIdentifer().equals("alice") && > > pwcb.getPassword().equals("bobPW")) > > { > > return; > > } else { > > throw new UnsupportedCallbackException(callbacks[i], > > "check failed"); > > } > > } > > > > //When the client requests for the password to be added in > to > > the > > //UT element > > pwcb.setPassword("bobPW"); > > } > > } > > } > > > > Hope this helps. Let me know if you still have trouble getting things > in > > place and I'd be happy to help you further. > > > > Thanks > > > > - Venkat > > > > > > > > > > > > > > > > > > > > On 10/15/07, Dietrich, Björn <[EMAIL PROTECTED]> wrote: > > > > > > Hi, > > > > > > > > > I tried to understand the helloworld-ws-reference-secure and > > > helloworld-ws-service-secure example, provided with the SCA Version > 1.0. > > > > > > In the defintions.xml there are Policies defined for security. I think > > > the Username is provided directly in this Policy-file. > > > For both client and service a callback-classes to determe the password > > > are defined. > > > > > > <passwordCallbackClass>helloworld.ClientPWCBHandler > > </passwordCallbackClass>" > > > + > > > > > > <passwordCallbackClass>helloworld.ServerPWCBHandler > > > </passwordCallbackClass> > > > > > > The implementations of server callback and client callback are > > > identical.So I suppose that the tuscany runtime calls this callbacks > > > to > > > > > > get the password form client and server-side and compares them. > > > > > > public void handle(Callback[] callbacks) throws IOException, > > > > > > UnsupportedCallbackException { > > > > > > for (int i = 0; i < callbacks.length; i++) { > > > > > > System.out.println("*** Calling Client UserId/Password Handler .... > > > "); > > > > > > WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i]; > > > > > > //System.out.println( pwcb.getPassword()); > > > > > > pwcb.setPassword("TuscanyWsUserPasswd"); > > > > > > //System.out.println( pwcb.getPassword()); > > > > > > } > > > > > > } > > > > > > Now I changed the password one client-side to > > > > > > pwcb.setPassword("123"); > > > > > > > > > > > > I expected that the call of the WS would fail, but to my supprise I > > > could still call the Service. > > > > > > I want to implement a gui on client side where the user has to enter > > > user and password. On server side I want to check these user/password > > > against some configuration-file. > > > > > > I suppose that one can implement the username also as callback, but I > > > did not find any documentation on that. > > > > > > I want to services in tunscany-java which use security and are > > > conversation-based. Is there a documentation how to implement these > > > policies with tuscany. > > > > > > From my understanding the <tuscany:wsConfigParam> section is specific > > > to Tuscany. What subnotes are allowed inside this section ? > > > > > > > > > > > > thanks for your help > > > > > > > > > > > > Björn Dietrich > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > CENIT AG Systemhaus, Industriestrasse 52-54, 70565 Stuttgart, Tel.: > > > +49 > > > 711 7825-30, Fax: +49 711 7825-4000, Internet: www.cenit.de > > > Geschaeftsstellen: Berlin, Duesseldorf, Frankfurt, Hamburg, Hannover, > > > Muenchen, Saarbruecken > > > Vorstandsmitglieder: Kurt Bengel, Christian Pusch > > > Aufsichtsratsmitglieder: Falk Engelmann (Vorsitzender des > > > Aufsichtsrats), Hubert Leypoldt, Dr. Dirk Lippold > > > Bankverbindungen: Deutsche Bank (BLZ 600 700 70) Kto. 1661 040, > > > Commerzbank (BLZ 600 400 71) Kto. 532 015 500, BW-Bank (BLZ 600 501 > 01) > > Kto. > > > 2 403 313 > > > Registergericht: Amtsgericht Stuttgart > > > Handelsregister: HRB Nr. 19117 > > > Umsatzsteuer: ID-Nr. DE 147 862 777 > > > > > > > > > CENIT AG Systemhaus, Industriestrasse 52-54, 70565 Stuttgart, Tel.: +49 > > 711 7825-30, Fax: +49 711 7825-4000, Internet: www.cenit.de > > Geschaeftsstellen: Berlin, Duesseldorf, Frankfurt, Hamburg, Hannover, > > Muenchen, Saarbruecken > > Vorstandsmitglieder: Kurt Bengel, Christian Pusch > > Aufsichtsratsmitglieder: Falk Engelmann (Vorsitzender des > Aufsichtsrats), > > Hubert Leypoldt, Dr. Dirk Lippold > > Bankverbindungen: Deutsche Bank (BLZ 600 700 70) Kto. 1661 040, > > Commerzbank (BLZ 600 400 71) Kto. 532 015 500, BW-Bank (BLZ 600 501 01) > Kto. > > 2 403 313 > > Registergericht: Amtsgericht Stuttgart > > Handelsregister: HRB Nr. 19117 > > Umsatzsteuer: ID-Nr. DE 147 862 777 > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > >
