[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
WebService and UsernameToken encryption
Hi,
i'm trying to connect to a webservice that uses ssl and usernametoken
encryption (Oasis standard).
[1]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-to
ken-profile-1.0.pdf
My argument is that we do not need both ssl and usernametoken
encryption, and that ssl gives the requiered security.
Any thoughts about this?
If this usernametoken encryption is needed, how can we implement it
with httpapi?
There is a project at Apache that implements Oasis WebService Security
[2]http://ws.apache.org/wss4j/
Any thoughts about implementing wss4j with httpapi?
Best regards,
Magne
References
1. http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf
2. http://ws.apache.org/wss4j/
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------