You are right, this is an Axis problem. One can solve that
problem using a
"Meta-handler" that is the first one in a chain that looks
into the request,
analyses the request, for example which SOAP headers are
available, and
calls "sub-handlers" to process the request. Such a
"Meta-Handler" could
have its own parameters that control its
behaviour.
AFAIK there is no such "Meta-Handler" available or under
construction
(hint, hint).
Regards,
Werner
Hi,
Von: Robert Maier [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 22. Juni 2006 09:08
An: [email protected]
Betreff: dynamic security levels with WSS4J
My name is Robert Maier, I just subscribed to this list so this is my first post. I have been following the list offline for a couple of weeks now, many of your answers have been very helpful to me, thanks.
Let me get to the point. I recently started working with WSS4J and using the mailing list and other docs I managed to have a service and a client (both using Apache Axis 1.4 as SOAP engine and WSS4J for WS-Security) communicate securely, i.e. signed and/or encrypted messages.
My current problem: I am trying to make the service more flexible, i.e. I'd like it to understand whatever SOAP Requests it receives no matter if they are signed, encrypted, both signed and encrypted or neither. At this point the service only understands one type of SOAP Request (defined in its wsdd file using the WSDoAllReceiver handler). Is there a simple way of doing this?
[ This is Axis architecture specific: Theoretically, a simple solution to this problem would be to have Axis allow a handler mechanism where not all the handlers in a chain must process the message, but so far I have been unable to find this possiility ]
Thanks.
Cheers,
Robert.
