Hi Werner, I have a few questions about security policy integration into WSS4J with respect to Axis2.
Right now Axis2 security module can be configured using two mechanisms. 1.) services.xml (service) file and axis2.xml (client) file 2.) using org.apache.axis2.security.handler.config.InflowConfiguration and org.apache.axis2.security.handler.config.OutflowConfiguration classes. Axis2 security handlers right now expect a org.apache.axis2.description.Parameter object containing an OMElement (XML containing the config) with the security configuration. org.apache.axis2.security.util.HandlerParameterDecoder will be processing this OMElement to extract the properties and will set them in the message context appropriately so that org.apache.axis2.security.* handlers and org.apache.ws.security.handler.WSHandler can pickup the params from the message context. Are we planing to stick to the usual way of configuring the handlers where we expect the params to be available via the message context (or in the case of Axis1 as handler options)? Then our SecurityPolicy processer should set the config params in the message context when it processed the policy. And we should be able to directly use SecurityPolicy syntax to represent the config for those params that can be expressed via sec-policy. And the rest of the config params (e.g. passwordCallbackClass) can be set the usual way. I had a look at the examples.secParser.* stuff in ws-commons/policy. Is it correct to state that we will have to construct the params to be set in the message context in the doTokenName() methods in examples.secParser.processors.* and maybe store them in the examples.secParser.SecurityProcessorContext? Thanks, Ruchith On 1/12/06, Dittmann, Werner <[EMAIL PROTECTED]> wrote: > All, > > to whom in may concern :-) : > > In ws-commons/policy I've checked in a more elaborated example > to show how one could parse and/or process Web Services Security > Policy files. It is meant as an example and ist not (yet :-) ) a > full blown processor. I'll take this as a base to implement > a policy processor for the next verision of WSS4J / Axis2. > > See the package description (after running javadoc) to get > some more lines of documentation. > > Regards, > Werner > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Ruchith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
