[jboss-user] [JBossWS] - ws-security JBWS-638 - Design Notes
mageshbk
do-not-reply at jboss.com
Tue Aug 8 23:13:32 EDT 2006
SecurityStore
==========
Will no longer hold the keystore and truststore, rather will hold a reference to a JaasSecurityDomain Object. This will be used to lookup the security configuration and also to encode/decode.
Since we want to make this keystore configuration available from jboss-wsse-server.xml also, we allow the user to
Either specify the jaasSecurityDomain in wsse-server.xml
Or
Allow him to set the complete keystore properties as before. But this time the properties will be created as a JassSecurityDomain and stored as Object
This way both the approach will use the same mechanism to use jaasSecurityDomain to cater to the security needs.
What needs to be done:
==================
1. jboss-wsse-server.xml needs to be adjusted to provide a facility for a jaasSecurityDomain.
2. org.jboss.ws.wsse.SecurityStore will need to match the above logic to lookup JNDI and do the needful.
3. org.jboss.ws.wsse.WSSecurityDispatcher will create the SecurityStore differently using the jassSecurityDomain name or the keystore properties depending on the configuration.
4. org.jboss.ws.metadata.wsse.WSSecurityConfiguration needs to be changed to add the new jassSecurityDomain property.
The only problem that I have is where and who will initialize the kestore configurations from jboss-wsse-server.xml as a jassSecurityDomain MBean? Will it be in SecurityStore?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3963950#3963950
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3963950
More information about the jboss-user
mailing list