This is the implementation of the WS-Policy spec. See: http://marc.theaimsgroup.com/?l=axis-dev&m=113255298531637&w=2
IMHO we will have to implment WS-SecurityPolicy http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf Thanks, Ruchith On 11/23/05, Jongjin Choi <[EMAIL PROTECTED]> wrote: > There seems to be some work about WS-Policy in webservices commons. > http://svn.apache.org/viewcvs.cgi/webservices/commons/trunk/policy/?rev=348394 > > Is this relevant to what you have in mind? > > /Jongjin Choi > > > On 11/23/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote: > > All, > > > > during the discussion with Allen IMHO we should have a closer > > look into the WS-Policy* stuff (again). WSS4J as it stands now > > (not looking at the sandbox code) provides methods to create > > Sceurity headers in a request and to parse/validate them. > > > > The check at the receiver if the request contains all required > > security actions is rudimentary only. > > > > To enhance the action checking and also the way how the sender > > controls the setup the request we shall consider to use WS-Policy* > > specs. > > > > Some ideas: > > - At the sender side we could have a parser that sets up internal > > structures that drive/control how the WSS4J handlers create the > > security functions (some time ago this topic was shortly discussed > > on this list, I'll have a look in the archives). To avoid to much > > parsing we need to have some sort of "global, per service" location > > to store this internal structure (somewhere in the Axis data > > structures?) > > > > - At the receiver side a similar parser (the same?) can setup an > > internal structure which a "Policy checker" can use to verify the > > results generated during parsing/verification of the security > > headers. > > > > Both new modules could be "plugged-in" similar to the > > "action/processor" structure now in use in WSS4J. > > > > Is there some code that could be used to start e.g. a parser for > > the relevant WS-Policy* specs? > > > > Any more ideas? Volunteers :-) ? > > > > Regards, > > Werner > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > -- Ruchith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
