Axis2 and WS-SecureConversation

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Axis2 and WS-SecureConversation

joe1980
I am hoping somebody here can help me. I have spent several days trying to figure out how to create a WS-Policy that does the following:

1. Mutual authentication using X.509 certificates; and symmetric session keys generated and encrypted by client and sent to server during an initial "handshake".
2. Set up WS-SecureConversation to use a symmetric encryption algorithm and message authentication code to protect future messages.
3. Time out the session keys after a while so that the handshake has to be repeated.

Essentially, I am trying to get SSL-like security at the message level without having to use asymmetric algorithms to protect each message (which will cause a huge performance hit).

Unfortunately, all the tutorials I have seen seem to either deal with asymmetric algorithms only, or are outdated and do not work with current frameworks.

Can you point me to a sample WS-Policy that does the above? Thanks in advance!
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Axis2 and WS-SecureConversation

Andrea
Hello Joe1980,

i have the same problem.

How I can add Basic Authentication using X.509 V3 in my Axis2 Web Service ?

Can you help me? :(

Loading...