[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTP_Set_AUTH and WS-Security
Hi Steve,
WS-Security is totally separate from SSL. You realy need to read-up on
WS-security in order to get an understanding of the all capabilities.
Kind regards,
Loek Maartens.
----- Original Message -----
From: "Steve" <Steve@xxxxxxxxxx>
To: "'HTTPAPI and FTPAPI Projects'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Monday, March 07, 2011 2:48 AM
Subject: RE: HTTP_Set_AUTH and WS-Security
Can anyone tell me if WS-Security works without SSL?
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Julius Kaj
Sent: Sunday, March 06, 2011 10:56 AM
To: HTTPAPI and FTPAPI Projects
Subject: SV: HTTP_Set_AUTH and WS-Security
Not sure if it's applicable, but it may be worth checking out the Apache
Rampart/C project<http://axis.apache.org/axis2/c/rampart/>.
Regards,
Kaj
-----Oprindelig meddelelse-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne af Magne Kofoed
Sendt: 4. marts 2011 23:09
Til: 'HTTPAPI and FTPAPI Projects'
Emne: SV: HTTP_Set_AUTH and WS-Security
Scott created a rpg serviceprogram for jdbc.
The same could be done with wss4j.
http://ws.apache.org/wss4j/
What is WSS4J?
Apache WSS4J is an implementation of the OASIS Web Services Security
(WS-Security) from OASIS Web Services Security TC. WSS4J is primarily a Java
library that can be used to sign and verify SOAP Messages with WS-Security
information. WSS4J will use Apache Axis and Apache XML-Security projects and
will be interoperable with JAX-RPC based server/clients and .NET
server/clients.
WSS4J implements
*Web Services Security: SOAP Message Security 1.1
*Username Token Profile 1.1
*X.509 Certificate Token Profile 1.1
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 21:35
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security
Thanks for the Info. I just thought I'd throw that one out there incase you
had any Insight.
Much Appreciated.
Steve
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 2:21 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security
This is no longer about httpapi, but try this link:
Websphere 7 Certificate Key Size Limits
http://www.ibm.com/developerworks/forums/thread.jspa?threadID=355619
Best regards,
Magne
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 20:49
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security
We are not going to SSL just yet.
On SSL.: Is it true that Websphere will only accept 2k certificates?
We wanted to use 4K. Does anyone have a point of
reference for
certificates?
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 1:32 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security
Hi Steve,
http_setauth is used for "normal" http server authentication and I have not
seen this used with WS-Security and UsernameToken.
WS-Security is used to encrypt the soap xml.
Its main focus is the use of XML Signature and XML Encryption to provide
end-to-end security.
I tried to implement Ws-Security using rpg a couple of years ago, but did
not succeed. So we skipped the soap xml encryption and used the ws-security
user and password together with SSL.
Maybe there is a solution on this now, with i/os 6.1 and new api's?
Best regards,
Magne
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 15:30
Til: 'HTTPAPI and FTPAPI Projects'
Emne: HTTP_Set_AUTH and WS-Security
http_setAuth( HTTP_AUTH_BASIC
: %trim(Userid)
: %trim(Passwd) );
Am I missing something or using the wrong statement. ??
I added this into my program thinking it was what I needed to generate the
security string in my Soap message But I didn't get anything.
This is what is required using soap:
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
ty-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-1"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
y-utility-1.0.xsd"><wsse:Username>userid</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token
-profile-1.0#PasswordText">passwd</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-m
essage-security-1.0#Base64Binary">uY0FMEfI6dzTVHg6/DFazQ==</wsse:Nonce><wsu:
Created>2011-02-15T22:21:24.555Z</wsu:Created></wsse:UsernameToken></wsse:Se
curity></soapenv:Header>
With WS-Security turned off everything is fine.
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------