I just would like to know if this thread and the Kerberos support could get at any point to be committed in to the CSV (in case that you have had any plan for this). From the mailing list it seems that the kerberos support now is badly needed by the developer :0) including me .
Cheers
Alex
On 11/18/05, Laurence Brockman <[EMAIL PROTECTED]> wrote:
Exactly! What I'm wondering though is what are the components that make
up the QName?
The QName would be calculated using two values, the first being a
Namespace and the other being a local name (Or local part according to
the XML specification).
Would the namespace for the Kerberos instance be
"http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1"
and the local name be "BinarySecurityToken"?
I read that the namespace above would map to the prefix "wsse" and would
make the Qname be "wsse: BinarySecurityToken".
In the draft on page 10 of 19, they have the following line in the
example:
<wsse:Security xmlns:wsse="...">
Would the contents of this namespace ("...") be the Kerberos namespace
(This " http://docs.oasis-open.org/...)?
Once I've done the receiver then I will move on to the sender portion,
but for now the critical part of the project I am working on is the
receiver portion. After I've completed the work, would you guys be
interested in the code I implement?
Thanks!
-----Original Message-----
From: Werner Dittmann [mailto:[EMAIL PROTECTED]]
Sent: November 17, 2005 11:28 PM
To: Laurence Brockman
Cc: [EMAIL PROTECTED]; wss4j-dev@ws.apache.org
Subject: Re: WSS4J and Kerberos signatures
Laurence,
on the receiver side the code is trigge "automatically" if a
Kerberos QName is detected and the processor gets loaded.
On the sender side please ahave a look at WSHandler.java,
doSenderAction(). For the sender you shall define an action
(similar to the processor at the receiver). Its the same
technique on both sides (something like a plugin).
Regards,
Werner
Laurence Brockman wrote:
> Ok, I feel kind of sheepish about asking this question, but looking at
> the WSDoAllReceiver code I've begun adding in the hooks for the
Kerberos
> code (Adding what I think are the appropriate checks for a new case in
> various classes) I'm not sure what to do to trigger it to actually
> execute the new class that I am making.
>
> The QName has to match in when looking at the security headers to get
it
> to execute the appropriate processor (Kerberos in this case). The
QName
> is created based on the NS and LN attribute for other cases and I'm
> unsure of what to use for the Kerberos cases below to get it to
> instantiate the appropriate QName object.
>
> If anyone could provide some guidance I would definitely appreciate
it.
> I believe the name space should be that defined in the draft
>
("http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1 ")
> but I'm not sure of this.
>
> Here's what I have done so far:
>
> In WSConstants.java (This is what I'm not sure of):
>
> /*
> * The definitions for Kerberos -- This is what I am unsure of how
> to set.
> */
> public static final String KERBEROS_NS = "";
> public static final String KERBEROS_LN = "";
>
> And
>
> /*
> * Added by Laurence Nov 16, 2005 for Kerberos authentication
> */
> public static final int KERBEROS = 0x400;
>
>
> In WSSConfig:
>
> Added a case to the getProcessor method to return
> "org.apache.ws.security.processor.KerberosProcessor " when it matches
> WSSecurityEngine.KERBEROS_TOKEN
>
>
> /**
> * <code>KERBEROS</code> as defined by KERBEROS Specification
> */
> public static final QName KERBEROS_TOKEN = new
> QName(WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN);
>
> In WSSecurityEngine:
> Added in the new QName to be created:
> public static final QName KERBEROS_TOKEN = new
> QName( WSConstants.KERBEROS_NS, WSConstants.KERBEROS_LN);
>
> To WSHandlerConstants:
> I added the below constant
>
> /**
> * Perform a Kerberos identification.
> */
> public static final String KERBEROS = "Kerberos";
>
> Within decodeAction:
> } else if (single[i].equals(WSHandlerConstants.KERBEROS))
{
> doAction |= WSConstants.KERBEROS;
> actions.add(new Integer(WSConstants.KERBEROS));
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
