synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saminda Abeyruwan <samin...@gmail.com>
Subject Re: Security as a QOS
Date Thu, 22 Dec 2005 12:18:19 GMT
On 12/22/05, Paul Fremantle <pzfreo@gmail.com> wrote:
>
> Saminda
>
> One use case I imagine for Synapse is to handle multiple different
> security configurations. I don't believe we should do the security as an
> AAR.


Axis2  level if  we  want  to have security functionality we  need  need to
have a aar. I don't know whether we can have this functionality as a jar

1) I think we should differentiate between different security models. WSS4J
> is just one potential model, so we should name the tag <engage-wss>.
> Probably we need different tags:
> <engage-wss-auth-check>
> <engage-wss-auth-add>
> <engage-wss-sign-check>
> <engage-wss-sign-add>
> <engage-wss-encrypt>
> <engage-wss-decrypt>


+1

2) I think the config should be possible to be "inline". We need a way of
> separating out config files - maybe a way of using reference to point to
> another file or even a repository, but it should be possible to have two
> different security configurations and the simplest way seems to me to have
> the config info as children of the tag.
>
> 3) we should make the WSS4J support into a JAR and use the
> SynapseExtension support (same with Sandesha), so that we don't have a huge
> set of dependencies on the main download.
>
> Paul
>
>
> On 12/19/05, Saminda Abeyruwan <samindaa@gmail.com> wrote:
> >
> >
> >
> > On 12/19/05, Mukund Balasubramanian < mukund@infravio.com> wrote:
> > >
> > > Where does the remaining configuration go?
> > >
> > > Into axis config?
> >
> >
> > Part of the configuration has to be handled by the
> > SecurityProcessor.process() method. This method handles the
> > configurations, which is present in Axis2.xml.
> >
> > The resources such as "information on key store", "PWCallback" and other
> > properties has to go into synapse_security.aar.
> >
> > {The programming model is somewhat close to AddressingInProcessor}
> >
> > Saminda
> >
> > My primary question is the interaction model between synapse xml and
> > > axis xml.
> > >
> > > Mukund Balasubramanian
> > >
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: Saminda Abeyruwan <samindaa@gmail.com >
> > > To: synapse-dev@ws.apache.org <synapse-dev@ws.apache.org>
> > > Sent: Mon Dec 19 17:08:38 2005
> > > Subject: Security as a QOS
> > >
> > > Hi all,
> > >
> > > Axis2 comes with Security. As a first step towards building QOS for
> > > Synapse, we can use the Axis2's security implementation.
> > >
> > > The big picture is as follows, when synpase.xml has the following
> > > structure {minimum}
> > >
> > > <stage name="security">
> > > <engage-security/>
> > > </stage>
> > >
> > > will allow the Synapse to work with security.
> > >
> > > Rule author might come with a rule like
> > >
> > > <stage name="rule_set">
> > > <engage-security/>
> > > <engage-addressing-in/>
> > > <log/>
> > > <send/>
> > > </stage>
> > >
> > > The implementation process requires SecuirtyProcessor and
> > > SecurityProcessorConfigurator.
> > >
> > > I would like to give it a try and implement this for Synapse.
> > >
> > > Thoughts ?
> > >
> > > Saminda
> > >
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: synapse-dev-unsubscribe@ws.apache.org
> > > For additional commands, e-mail: synapse-dev-help@ws.apache.org
> > >
> > >
> >
>
>
> --
> Paul Fremantle
> VP/Technology, WSO2 and OASIS WS-RX TC Co-chair
>
> http://bloglines.com/blog/paulfremantle
> paul@wso2.com
>
> "Oxygenating the Web Service Platform", www.wso2.com
>

Mime
View raw message