using axis2 ramaprt module with own security framework
Asked Answered
U

1

5

I have webservice (server-side) implemented using axis2 in my project. We want to enable WS-security in the existing web services. We are evaluating if apache ramapart module fits our need. Here is our requirement: Basically we have in-house security framework which provides encryption,signature and token generation capabilites. Our in-house security framework basically requires a set of configurations in form of XML and it expose various APIs to do various security operations.

Now with above environment, I can think of three possbile solutions:-

  1. I can develop an axis2 module around in-house security framework and install it as .mar file in security phase. So I will not use apache rampart. But issue with this approach is I can't use ws-security policy to specify security assertions and making sure incoming security tokens conforms to effective policy. It is like reinventing wheel what rampart already doing.

  2. I believe apache rampart underlines call to apache wss4j module for security operations. I believe apache wss4j module provides a way to register 3rd party security provider (by implemeting CryptoProvider interface). I am not sure if this is feasible and viable solution. Please suggest.

  3. Ws-security policy allows to use a custom token. This custom token can be built up using our in-house security framework. So basically it enables us to create ws-security policy using apache rampart module and have custom token developed using our security framework. But I could not find help regarding this on internet. Could anyone please help with example.

any other suggestions are also most welcome.

Unanimity answered 6/10, 2011 at 7:7 Comment(0)
C
1

I've posted an answer here: How to encrypt SOAP messages manually?

There is a very detailed example there that you might find useful.

you can set the provider by using :

cryptoConfig.setProvider(PROVIDER); 

Regarding the custom security headers, I'm sorry but I didn't try it so I can't help you there.

Counterplot answered 24/1, 2012 at 10:19 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.