Ruchith, a specific handling for handler chaining is not necessary anymore. Ut's handled transparently in the SignatureConfirmation code inside WSS4JHandler. Thus you may go on testing it with Axis 2
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Werner Dittmann [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 4. November 2005 14:58 > An: Ruchith Fernando > Cc: [email protected] > Betreff: Re: SignatureConfirmation with handler chaining > > Ruchith, > > need to look at what was wrong when doing chaining. I'll check > my internal testcases and give you some info tomorrow. > > Regards, > Werner > > Ruchith Fernando wrote: > > Hi Werner, > > > > If possible, can you please give me some points as to what > we need to > > do to get sig-confirmation working with handler chaining in > Axis 1.x. > > > > I'm trying to do the same with Axis2 security module. > > > > > >>Sep 6, 2005: Extending WSS4J to the new OASIS specs - first > impl of SignatureConfirmation : > >> > >>If anybody is going to test this _and_ uses the handler chaining > >>feature of WSS4J pls ask for additional info. In this case one > >>specific modification in the WSDD files may be required. > > > > > > > > Thanks, > > Ruchith > > > > On 9/6/05, Werner Dittmann <[EMAIL PROTECTED]> wrote: > > > >>All, > >> > >>with the next checkin a first step of the SIgnatureConfirmation > >>feature of WSS 1.1 is done. > >> > >>Because of some open issues with the spec this first implementation > >>assumes: > >> > >>- generate SignatureConfirmation for every Signature of every > >> wsse:Security header of the request - there my be several > >> wsse:Security headers in one request (with different actor/role) > >> > >>- place all SignatureConfirmation elements together in one > >> wsse:Security header of the response. This because it is not > >> necessary that the wsse:Security headers have a one-to-one > >> relationship with the request headers. > >> > >>- do not sign SignatureConfirmation yet - here are IMHO > some open issues > >> in the spec > >> > >>- do not encrypt even if the Signature block of the request was > >> encrypted. I doubt if such an encryption makes sense. > >> > >>To enable and test this feature you need to download the source > >>from SVN (trunk head), set the variable > "enableSignatureConfirmation" > >>to "true" (for the time being it set to "false" by default). > >> > >>If anybody is going to test this _and_ uses the handler chaining > >>feature of WSS4J pls ask for additional info. In this case one > >>specific modification in the WSDD files may be required. > >> > >>Regards, > >>Werner > >> > >> > >> > >> > >>------------------------------------------------------------ > --------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > > > -- > > Ruchith > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
