http://www.bouncycastle.org/documentation.html http://www.bouncycastle.org/specifications.html#install
scroll down a bit on the second link and look for java.security -- dims PS: Please post directly to the list. So that others may answer as well :) On 11/15/05, Laurence Brockman <[EMAIL PROTECTED]> wrote: > Thanks for such a quick reply! I think the problem is that I am using > jdk1.5... Does the bouncycastle.org site have information about > installing the bouncycastle provider or is there any other sites I can > get documentation about this? > > Thanks again! > Laurence > > -----Original Message----- > From: Davanum Srinivas [mailto:[EMAIL PROTECTED] > Sent: November 15, 2005 1:40 PM > To: Laurence Brockman; wss4j-dev@ws.apache.org > Subject: Re: WSS4J and Kerberos signatures > > All the code needed is in the svn itself. you should not need any > additional jars. just get the stuff from SVN. make sure you have the > strong crypto stuff installed in your JDK (check the download site for > the jdk and it is available as a separate download) and then run "ant > test". Are u using JDK1.4? (better to use that version, there is > additional steps for jdk1.5 - namely installing the boucnycastle > provider) > > NOTE: don't use the maven build :) > > thanks, > dims > > On 11/15/05, Laurence Brockman <[EMAIL PROTECTED]> wrote: > > Sounds good. > > > > Quick question... I've checked out the latest source from SVN and I'm > > trying to run the Ant JUnit tests and they keep failing. When I run > the > > JUnit tests through eclipse directly they are throwing a connection > > denied exception. I have installed Axis 1.2.1 here but I have not > > deployed any test web services so even if I start that up they still > > fail with service not found exceptions. Is there a way to easily > either > > test this stuff without deploying the test web services or to bypass > > these tests? I've also installed maven and tried to compile that way, > > but it is failing as well. > > > > I also noticed in the project.xml file that you have excluded the > > wssec/PackageTests.java and the interop/PackageTests.java. Is that > > because of the above mentioned errors? > > > > After looking through the source code, I believe what I would want to > do > > would be to create Kerberos token processor and action classes and add > a > > case into both getAction and getProcessor to point to these new > classes. > > > > Sorry for the barrage of questions. > > > > Thanks, > > Laurence > > > > -----Original Message----- > > From: Davanum Srinivas [mailto:[EMAIL PROTECTED] > > Sent: November 14, 2005 3:02 PM > > To: Laurence Brockman > > Cc: wss4j-dev@ws.apache.org > > Subject: Re: WSS4J and Kerberos signatures > > > > Please see what is being done for SAML and use that as a template for > > Kerberos. > > > > thanks, > > dims > > > > On 11/14/05, Laurence Brockman <[EMAIL PROTECTED]> wrote: > > > Correct me if I'm wrong here, but this is what I'm thinking: > > > > > > After grabbing the source from SVN and looking at the documentation, > I > > > believe the right place for me to start would be to extend the > > > org.apache.ws.axis.security class to handle the Kerberos > requirements > > > specified in the OASIS document. > > > > > > Forgive me for so many questions, but I'm new to Axis/WSS4J and I > want > > > to make sure that I'm heading down the right path. > > > > > > Specifically, what we are looking to implement is just the > > > authentication portion of Kerberos and not the encryption portion > (We > > > want to authenticate incoming SOAP requests against a KDC). Down the > > > road we will likely look at the encryption portion, but that won't > > > likely be for a few months at least. > > > > > > Thanks again!! > > > Laurence > > > > > > -----Original Message----- > > > From: Davanum Srinivas [mailto:[EMAIL PROTECTED] > > > Sent: November 11, 2005 8:18 PM > > > To: Laurence Brockman > > > Cc: wss4j-dev@ws.apache.org > > > Subject: Re: WSS4J and Kerberos signatures > > > > > > Laurence, > > > > > > I believe you start with taking a look at the Kerberos Token Profile > > > at the OASIS WSS TC web site: > > > > > > http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss > > > > > > There's lots of refactoring in the latest SVN, which makes it easy > to > > > plugin a new token profile. So please get the latest SVN code and > > > start asking more questions :) > > > > > > thanks, > > > dims > > > > > > On 11/10/05, Laurence Brockman <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > Hello, > > > > > > > > > > > > > > > > Sorry if this is a FAQ but I have been looking for answers to this > > > high and > > > > low and have not seen this on the list. > > > > > > > > > > > > > > > > We are going to try and use Kerberos to authenticate users on our > > SOAP > > > > server. What we envision is having the client send down the SOAP > > > request > > > > with a service ticket from a KDC. The server (Axis using WSS4J on > > > Tomcat) > > > > would then authenticate this user against said KDC. After briefly > > > looking at > > > > the documentation within the WSS4J code I think what we would want > > to > > > do is > > > > extend the WSDoAllHandler class (From the > > > > org.apache.axis.security.handler package). Is this the > > > > right direction to be going in? Has anybody looked at this? I'm > > > relatively > > > > new to Axis/WSS4J and some guidance would be awesome! > > > > > > > > > > > > > > > > Thanks, > > > > > > > > Laurence > > > > > > > > > > > > > > > > Laurence Brockman > > > > Server Specialist, Shaw Operations Centre > > > > Shaw Communications Inc. > > > > Phone : (403) 303-4805 > > > > E-mail : [EMAIL PROTECTED] > > > > > > > > > > > > > > > > ACCOUNTABLE BALANCE CUSTOMER FOCUSED INTEGRITY LOYALTY > > > > POSITIVE, CAN DO ATTITUDE TEAM PLAYER > > > > > > > > > > > > > > > > > -- > > > Davanum Srinivas : http://wso2.com/blogs/ > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > -- > > Davanum Srinivas : http://wso2.com/blogs/ > > > > > -- > Davanum Srinivas : http://wso2.com/blogs/ > -- Davanum Srinivas : http://wso2.com/blogs/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
