[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: HTTP_Set_AUTH and WS-Security



   Not sure if it's applicable, but it may be worth checking out the
   [1]Apache Rampart/C project.


   Regards,

   Kaj



   -----Oprindelig meddelelse-----
   Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne af Magne
   Kofoed
   Sendt: 4. marts 2011 23:09
   Til: 'HTTPAPI and FTPAPI Projects'
   Emne: SV: HTTP_Set_AUTH and WS-Security


   Scott created a rpg serviceprogram for jdbc.

   The same could be done with wss4j.


   http://ws.apache.org/wss4j/


   What is WSS4J?

   Apache WSS4J is an implementation of the OASIS Web Services Security

   (WS-Security) from OASIS Web Services Security TC. WSS4J is primarily
   a Java

   library that can be used to sign and verify SOAP Messages with
   WS-Security

   information. WSS4J will use Apache Axis and Apache XML-Security
   projects and

   will be interoperable with JAX-RPC based server/clients and .NET

   server/clients.


   WSS4J implements

   o Web Services Security: SOAP Message Security 1.1

   o Username Token Profile 1.1

   o X.509 Certificate Token Profile 1.1





   -----Opprinnelig melding-----

   Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve

   Sendt: 4. mars 2011 21:35

   Til: 'HTTPAPI and FTPAPI Projects'

   Emne: RE: HTTP_Set_AUTH and WS-Security


   Thanks for the Info.  I just thought I'd throw that one out there
   incase you

   had any Insight.


   Much Appreciated.

   Steve


   -----Original Message-----

   From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne
   Kofoed

   Sent: Friday, March 04, 2011 2:21 PM

   To: 'HTTPAPI and FTPAPI Projects'

   Subject: SV: HTTP_Set_AUTH and WS-Security


   This is no longer about httpapi, but try this link:


   Websphere 7 Certificate Key Size Limits

   http://www.ibm.com/developerworks/forums/thread.jspa?threadID=355619


   Best regards,

   Magne



   -----Opprinnelig melding-----

   Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve

   Sendt: 4. mars 2011 20:49

   Til: 'HTTPAPI and FTPAPI Projects'

   Emne: RE: HTTP_Set_AUTH and WS-Security


   We are not going to SSL just yet.


   On SSL.: Is it true that Websphere will only accept 2k certificates?


                       We wanted to use 4K.  Does anyone have a point of
   reference for

   certificates?


   -----Original Message-----

   From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne
   Kofoed

   Sent: Friday, March 04, 2011 1:32 PM

   To: 'HTTPAPI and FTPAPI Projects'

   Subject: SV: HTTP_Set_AUTH and WS-Security


   Hi Steve,


   http_setauth is used for "normal" http server authentication and I
   have not

   seen this used with WS-Security and UsernameToken.


   WS-Security is used to encrypt the soap xml.

   Its main focus is the use of XML Signature and XML Encryption to
   provide

   end-to-end security.


   I tried to implement Ws-Security using rpg a couple of years ago, but
   did

   not succeed. So we skipped the soap xml encryption and used the
   ws-security

   user and password together with SSL.


   Maybe there is a solution on this now, with i/os 6.1 and new api's?


   Best regards,

   Magne




   -----Opprinnelig melding-----

   Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx

   [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve

   Sendt: 4. mars 2011 15:30

   Til: 'HTTPAPI and FTPAPI Projects'

   Emne: HTTP_Set_AUTH and WS-Security



      http_setAuth( HTTP_AUTH_BASIC

               : %trim(Userid)

               : %trim(Passwd) );


   Am I missing something or using the wrong statement. ??


   I added this into my program thinking it was what I needed to
   generate the

   security string in my Soap message But I didn't get anything.


   This is what is required using soap:


   <soapenv:Header><wsse:Security soapenv:mustUnderstand="1"

   xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws
   securi

   ty-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-1"

   xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
   ecurit

   y-utility-1.0.xsd"><wsse:Username>userid</wsse:Username><wsse:Password

   Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username
   -token

   -profile-1.0#PasswordText">passwd</wsse:Password><wsse:Nonce

   EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
   soap-m

   essage-security-1.0#Base64Binary">uY0FMEfI6dzTVHg6/DFazQ==</wsse:Nonce
   ><wsu:

   Created>2011-02-15T22:21:24.555Z</wsu:Created></wsse:UsernameToken></w
   sse:Se

   curity></soapenv:Header>


   With WS-Security turned off everything is fine.



   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -


   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -


   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -


   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -


   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -


   ----------------------------------------------------------------------
   -

   This is the FTPAPI mailing list.  To unsubscribe, please go to:

   http://www.scottklement.com/mailman/listinfo/ftpapi

   ----------------------------------------------------------------------
   -

References

   1. http://axis.apache.org/axis2/c/rampart/
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------