Thanks for your reply.
If possible please send me the patch for this one.
Thanks
Raman
On 9/16/05, V B Kumar Jayanti <Vbkumar.Jayanti_at_sun.com> wrote:
>
> Thanks for pointing this... We will try and see if we can send you a
> patch for this. A throw was missing at the place even though the
> exception was being created....
>
>
> Raman wrote:
>
> > Hi All,
> >
> > We are using JWSDP 1.6 for our web services implementations. We are
> > using XWS-SECURITY to sign the soap header from client side and verify
> > it on servcer side. But we have a requirement to validate the
> > certificate in soap request sent by the client, is in our server
> > trust store or not. For this we are trying to use the
> > CertificateValidationCallback. When I am returning false or throwing
> > exception of type
> > CertificateValidationCallback.CertificateValidationException from the
> > validate method of implementation class for
> > CertificateValidationCallback.CertificateValidator interface, XWS -
> > SECURITY framework is not sending any SOAP Fault to the client the
> > same thing I tried in JWSDP 1.5 it is able to return SOAP Fault to
> client.
> >
> > My Server side security configuration file is :
> >
> > <xwss:JAXRPCSecurity xmlns:xwss="http://java.sun.com/xml/ns/xwss/config
> ">
> > <xwss:Service>
> > <xwss:SecurityConfiguration dumpMessages="true">
> > <xwss:RequireSignature requireTimestamp="false">
> > <xwss:Target type="qname">ns:ApplicationID</xwss:Target>
> > </xwss:RequireSignature>
> > </xwss:SecurityConfiguration>
> > </xwss:Service>
> > <xwss:SecurityEnvironmentHandler>
> > sample.SecurityEnvironmentHandler
> > </xwss:SecurityEnvironmentHandler>
> > </xwss:JAXRPCSecurity>
> >
> > and client side configuratuion file is :
> >
> > <xwss:JAXRPCSecurity xmlns:xwss="http://java.sun.com/xml/ns/xwss/config
> ">
> > <xwss:Service>
> > <xwss:SecurityConfiguration dumpMessages="true">
> > <xwss:Sign includeTimestamp="false">
> > <xwss:X509Token certificateAlias="xws-security-client"/>
> > <xwss:CanonicalizationMethod
> > algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/
> > <http://www.w3.org/2001/10/xml-exc-c14n#%22/>>
> > <xwss:SignatureMethod algorithm="
> > http://www.w3.org/2000/09/xmldsig#dsa-sha1"/
> > <http://www.w3.org/2000/09/xmldsig#dsa-sha1%22/>>
> > <xwss:SignatureTarget type="qname"
> > value="ns:ApplicationID">
> > <xwss:DigestMethod
> > algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/
> > <http://www.w3.org/2000/09/xmldsig#sha1%22/>>
> > <xwss:Transform algorithm="
> > http://www.w3.org/2001/10/xml-exc-c14n#"/
> > <http://www.w3.org/2001/10/xml-exc-c14n#%22/>>
> > </xwss:SignatureTarget>
> > </xwss:Sign>
> > </xwss:SecurityConfiguration>
> > </xwss:Service>
> > <xwss:SecurityEnvironmentHandler>
> > sample.SecurityEnvironmentHandler
> > </xwss:SecurityEnvironmentHandler>
> > </xwss:JAXRPCSecurity>
> >
> > The SecurityEnvironmentHandler class is same as bundled with JWSDP
> > 1.6 XWS-SECURITY sample.
> >
> >
> > Thanks,
> > Raman
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jax-rpc.dev.java.net
> For additional commands, e-mail: users-help_at_jax-rpc.dev.java.net
>
>