axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Veithen (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (AXIS2-5659) Improve WS-AddressingAndIdentity support in Axis2 to allow configuring any identity claims
Date Thu, 31 Jul 2014 20:32:39 GMT

     [ https://issues.apache.org/jira/browse/AXIS2-5659?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andreas Veithen reassigned AXIS2-5659:
--------------------------------------

    Assignee: Andreas Veithen

> Improve WS-AddressingAndIdentity support in Axis2 to allow configuring any identity claims
> ------------------------------------------------------------------------------------------
>
>                 Key: AXIS2-5659
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5659
>             Project: Axis2
>          Issue Type: Improvement
>          Components: Addressing, kernel, wsdl
>    Affects Versions: 1.6.2, 1.7.0
>            Reporter: Detelin Yordanov
>            Assignee: Andreas Veithen
>         Attachments: axis2_addressingidentity.patch
>
>
> Axis2 supports specifying the public key information of a service and expressing it in
the WSDL using WS-AddressingAndIdentity's {{ds:KeyInfo}} element.
> This support has been added as part of AXIS2-4066 but it is far from complete, since
it only allows one to configure the x509 certificate information and none of the rest of the
claims defined in the specification (dns name, service or user principal, security tokens,
etc.). Additionally, the current support uses a too generic service parameter name - {{ServiceIdentityData}}
- which, despite of the name, should be used only to configure the X509 certificate data of
Identity's {{ds:KeyInfo}} claim.
> I'm providing a patch that allows configuring the full content of the Identity element
using a new {{WSAddressingAndIdentity}} service parameter, for example, expressing Service
principal name claim can be done using the following service parameter:
> {code:xml}
> <parameter name="addressingIdentity">
>     <Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
>         <Spn>http/service.ws.apache.org@service.ws.apache.org</Spn>
>     </Identity>
> </parameter>
> {code}
> The previous support has been preserved for backward compatibility, though I'm not sure
whether it is used at all since I could find neither a sample nor a test case for it.
> In general, the current architecture of Axis2 does not allow extending the wsdl generation
in a pluggable fashion, for example using an Axis2 module. I would have preferred not to modify
Axis2 wsdl generation code, but to be able to configure wsdl extensibility elements using
Axis2 modules, but this is not possible since modules do not participate in wsdl generation
at the moment. I have discussed this issue in Axis2 mailing list:
> http://mail-archives.apache.org/mod_mbox/axis-java-dev/201404.mbox/%3CCAEu2FRN9b_iLgqp8mg7QEwx52XK0oXQx3eiGVytT%2BY61bmrdbg%40mail.gmail.com%3E
> I thought I could propose an improvement but at some point I gave up and decided to go
with the current solution.
> This patch should work for 1.6 branch and for trunk, as it takes care to "unwrap" parameter
values if needed (OMElement parameters are no longer "wrapped" in a parameter element since
revision [371373|http://svn.apache.org/viewvc/axis/axis2/java/core/trunk/modules/kernel/src/org/apache/axis2/deployment/DescriptionBuilder.java?r1=1341090&r2=1371373].



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message