Hi There,
I am starting to use rampart/c for ws-security purpose together with axis2/c in a web service
client application. I have the following get-me-started questions:
(1) As a web service client, all the security configurations can be done in a policy file,
there is no need to programmatically set the security parameters in my source code, all I
need to do is to set the policy file location when I create the web service client. Is this
right?
I am asking this because when I browsed the rampart/c sample source code, I noticed
that in some samples like saml_echo, you created a saml assertion and set it into client
config, like this:
assertion = create_saml_assertion(env);
saml = rampart_saml_token_create(env, assertion, RAMPART_ST_CONFIR_TYPE_SENDER_VOUCHES);
rampart_saml_token_set_token_type(saml, env, RP_PROPERTY_SIGNED_SUPPORTING_TOKEN);
rampart_config_add_saml_token(client_config, env, saml);
Can this be done in the policy configuration file so I don't have to do this in my source
code?
(2) And vice versa, can all the ws-securiy parameters done configured programmatically without
using a policy file? I think for some applications, this will be more flexible.
(3) When I (the web service client) subscribe to several services from different service providers,
can I have multiple policy files with one for each service? and similarly I one service contains
several operations, can I have more than one policy files with one for each operation?
(4) With regard to ws-security username and password token, there is a parameter called
password type, which can be Text or Digest. My question is this: If I choose to specify
passwordType as Digest, can the actual password I set be in plainText? I mean in this case
will rampart/c convert it into Digest format for me before sending? If I need to provide the
Digest format, what algorithm should I use or what tool is available to me?
Thanks in advance for answering my newbie questions.
Vivian
|