handlers - are 2 the same as 1? header actors? how to distinguish 1 part from another?

Thu, 20 Oct 2005 11:53:09 -0700 

is there any real difference between this:

      <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
        <parameter name="action"                value="UsernameToken 
Signature"/>
        <parameter name="actor"                 value="clientId"/>
        <parameter name="user"                  value="test-client"/>
        <parameter name="passwordCallbackClass"
value="com.amgen.seattle.appdev.freezer.webservice.client.callback.TestPWCallback"/>
        <parameter name="signaturePropFile"     value="crypto.properties" />
        <parameter name="signatureParts"
                   
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
      </handler>

and this?

      <!-- add the header that carries the client's id -->
      <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
        <parameter name="action"                value="UsernameToken"/>
        <parameter name="actor"                 value="clientId"/>
        <parameter name="user"                  value="test-client"/>
        <parameter name="passwordCallbackClass"
value="com.amgen.seattle.appdev.freezer.webservice.client.callback.TestPWCallback"/>
      </handler>

      <!-- add the header that carries the signature -->
      <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
        <parameter name="action"                value="Signature"/>
        <parameter name="actor"                 value="clientSig"/>
        <parameter name="signaturePropFile"     value="crypto.properties" />
        <parameter name="signatureParts"
                   
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
      </handler>

(other than the fact that the second one uses a different SOAPHeader actor for 
its sig?

which brings up another question - i know that if i have 2 UsernameToken 
headers in the same SOAP message i seperate
them using different actors - is there any reason to (or not to) do the same 
with, say, a UsernameToken and a
Signature?

oh, and one other question - the signatureParts string references a 
UsernameToken, but in my message there are 2 - one
for the user and one for the client - will the signature be for both combined?  
how would you distinguish one element
from another if they had identical (namespace + name) in a *Parts string?


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to