[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: HTTP_Set_AUTH and WS-Security

From: "Loek Maartens" <l.maartens@xxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: HTTP_Set_AUTH and WS-Security
Date: Sat, 5 Mar 2011 00:41:41 +0100

LOL.

Actually, Mange did point to the right direction. It can be done, but it 
takes someone who is both smart with java and understands the WSS4J suite, 
and how to implement this with the xml soap messages.

There are multiple function provided within WS-Security, such as signing, 
encrypting etc, together with a multitude of types of keys, hashing 
algoritms etc.

Kind regards,


Loek Maartens.



----- Original Message ----- 
From: "Steve" <Steve@xxxxxxxxxx>
To: "'HTTPAPI and FTPAPI Projects'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Saturday, March 05, 2011 12:07 AM
Subject: RE: HTTP_Set_AUTH and WS-Security


I'm buying Lottery tickets tonight and maybe avoid finishing the Project.

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Loek Maartens
Sent: Friday, March 04, 2011 4:36 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTP_Set_AUTH and WS-Security

No problem, since the HTTP_API's are open source, so you can just roll your
own.


----- Original Message ----- 
From: "Steve" <Steve@xxxxxxxxxx>
To: "'HTTPAPI and FTPAPI Projects'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, March 04, 2011 11:06 PM
Subject: RE: HTTP_Set_AUTH and WS-Security


Trying to do this with HTTP_API's.



-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Loek Maartens
Sent: Friday, March 04, 2011 3:42 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTP_Set_AUTH and WS-Security

Hi,

I have done some WS-Security, but did this by having a java guy set up a
WS_Security api for my requirements.

Then build the message to be send, put it on a data queue, have a data queue

handler RPG program call the java api (first time slow, next time(s) very
fast) to do the grunt work and return the encapsulated string back to the
data queue handler, which in turn sends it back to the requesting rpg
program. The program then continued to send the correct SOAP message using
httpapi. Both the signing and encryption, and the signature verification and

decryption are handled by the java api.

The java api was build using the java classes from the Bouncy-castle (weird
name, but quite a good reputation.)

Kind regards,

Loek Maartens.


----- Original Message ----- 
From: "Magne Kofoed" <magne.kofoed@xxxxxxxxxxx>
To: "'HTTPAPI and FTPAPI Projects'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, March 04, 2011 10:21 PM
Subject: SV: HTTP_Set_AUTH and WS-Security


It would be nice if someone has any thoughts on how to implement
WS-Security?

Best regards,
Magne


-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 21:35
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security

Thanks for the Info.  I just thought I'd throw that one out there incase you
had any Insight.

Much Appreciated.
Steve

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 2:21 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security

This is no longer about httpapi, but try this link:

Websphere 7 Certificate Key Size Limits
http://www.ibm.com/developerworks/forums/thread.jspa?threadID=355619

Best regards,
Magne


-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 20:49
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security

We are not going to SSL just yet.

On SSL.: Is it true that Websphere will only accept 2k certificates?

   We wanted to use 4K.  Does anyone have a point of reference for
certificates?

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 1:32 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security

Hi Steve,

http_setauth is used for "normal" http server authentication and I have not
seen this used with WS-Security and UsernameToken.

WS-Security is used to encrypt the soap xml.
Its main focus is the use of XML Signature and XML Encryption to provide
end-to-end security.

I tried to implement Ws-Security using rpg a couple of years ago, but did
not succeed. So we skipped the soap xml encryption and used the ws-security
user and password together with SSL.

Maybe there is a solution on this now, with i/os 6.1 and new api's?

Best regards,
Magne



-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 15:30
Til: 'HTTPAPI and FTPAPI Projects'
Emne: HTTP_Set_AUTH and WS-Security


   http_setAuth( HTTP_AUTH_BASIC
            : %trim(Userid)
            : %trim(Passwd) );

Am I missing something or using the wrong statement. ??

I added this into my program thinking it was what I needed to  generate the
security string in my Soap message But I didn't get anything.

This is what is required using soap:

<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
ty-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-1"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
y-utility-1.0.xsd"><wsse:Username>userid</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token
-profile-1.0#PasswordText">passwd</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-m
essage-security-1.0#Base64Binary">uY0FMEfI6dzTVHg6/DFazQ==</wsse:Nonce><wsu:
Created>2011-02-15T22:21:24.555Z</wsu:Created></wsse:UsernameToken></wsse:Se
curity></soapenv:Header>

With WS-Security turned off everything is fine.


-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
----------------------------------------------------------------------- 

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
----------------------------------------------------------------------- 

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
----------------------------------------------------------------------- 

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- RE: HTTP_Set_AUTH and WS-Security
  - From: Steve

References:
- HTTP_Set_AUTH and WS-Security
  - From: Steve
- SV: HTTP_Set_AUTH and WS-Security
  - From: Magne Kofoed
- RE: HTTP_Set_AUTH and WS-Security
  - From: Steve
- SV: HTTP_Set_AUTH and WS-Security
  - From: Magne Kofoed
- RE: HTTP_Set_AUTH and WS-Security
  - From: Steve
- SV: HTTP_Set_AUTH and WS-Security
  - From: Magne Kofoed
- Re: HTTP_Set_AUTH and WS-Security
  - From: Loek Maartens
- RE: HTTP_Set_AUTH and WS-Security
  - From: Steve
- Re: HTTP_Set_AUTH and WS-Security
  - From: Loek Maartens
- RE: HTTP_Set_AUTH and WS-Security
  - From: Steve

Prev by Date: SV: HTTP_Set_AUTH and WS-Security
Next by Date: RE: HTTP_Set_AUTH and WS-Security
Previous by thread: RE: HTTP_Set_AUTH and WS-Security
Next by thread: RE: HTTP_Set_AUTH and WS-Security
Index(es):
- Date
- Thread