Updated: WS-Security Interop with Sun JWSDP 1.5
A few people have asked where the update is for WS-Security interop between WSE 2.0 and Sun's JWSDP 1.5, which I mentioned in this post. For those who are looking for this, I've uploaded the code to here. Updated document will be on MSDN shortly...
Comments
- Anonymous
February 11, 2005
http://simon.guest.members.winisp.net/files/Jwsdp15WSSInteropCode.zip - This URL doesn't seem to work. - Anonymous
February 11, 2005
Rajesh - sorry I've been having some troubles with the ISP. Try now. Thanks. - Anonymous
February 24, 2005
I think WS-Secure Conversation is the best tool for me to use in my service, but I can't find any resources on the internet to tell me if any toolkit besides WSE 2.0 is secure conversation enabled (it doesn't appear in JWSDP 1.5 doc either). Any thoughts ?
Thanks in advance
François Lemaire - Anonymous
February 27, 2005
I don't know of any other toolkit apart from WSE that has a shipping implementation of WS-SecureConversation. I would be pleased to be proven wrong though! - Anonymous
March 02, 2005
Thanks for your answer, I haven't found anything and for the time being, I gave up. I'll wait until the next release of JWSDP or perhaps the first release of WSS4J... I have another question related to this one : it seems like JWSDP 1.5 can sign requests only with a X509 certificate, and not with a Username Token (under the Sign tag in the security config file, you can only put Targets and an X509Token tag). Is that true ? If true, is there a workaround ? It's such a pain to manage certificates, and I don't need the added security they provide...
Thanks in advance
François Lemaire - Anonymous
March 04, 2005
Francois, interoperable signing with UsernameTokens is currently unsupported by many implementations. The WS-I BSP (Basic Security Profile) to help provide clarity in this area, which will in turn (I believe) produce momentum in this area.