[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: HTTP_Set_AUTH and WS-Security
Trying to do this with HTTP_API's.
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Loek Maartens
Sent: Friday, March 04, 2011 3:42 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: HTTP_Set_AUTH and WS-Security
Hi,
I have done some WS-Security, but did this by having a java guy set up a
WS_Security api for my requirements.
Then build the message to be send, put it on a data queue, have a data queue
handler RPG program call the java api (first time slow, next time(s) very
fast) to do the grunt work and return the encapsulated string back to the
data queue handler, which in turn sends it back to the requesting rpg
program. The program then continued to send the correct SOAP message using
httpapi. Both the signing and encryption, and the signature verification and
decryption are handled by the java api.
The java api was build using the java classes from the Bouncy-castle (weird
name, but quite a good reputation.)
Kind regards,
Loek Maartens.
----- Original Message -----
From: "Magne Kofoed" <magne.kofoed@xxxxxxxxxxx>
To: "'HTTPAPI and FTPAPI Projects'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, March 04, 2011 10:21 PM
Subject: SV: HTTP_Set_AUTH and WS-Security
It would be nice if someone has any thoughts on how to implement
WS-Security?
Best regards,
Magne
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 21:35
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security
Thanks for the Info. I just thought I'd throw that one out there incase you
had any Insight.
Much Appreciated.
Steve
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 2:21 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security
This is no longer about httpapi, but try this link:
Websphere 7 Certificate Key Size Limits
http://www.ibm.com/developerworks/forums/thread.jspa?threadID=355619
Best regards,
Magne
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 20:49
Til: 'HTTPAPI and FTPAPI Projects'
Emne: RE: HTTP_Set_AUTH and WS-Security
We are not going to SSL just yet.
On SSL.: Is it true that Websphere will only accept 2k certificates?
We wanted to use 4K. Does anyone have a point of reference for
certificates?
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Magne Kofoed
Sent: Friday, March 04, 2011 1:32 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: HTTP_Set_AUTH and WS-Security
Hi Steve,
http_setauth is used for "normal" http server authentication and I have not
seen this used with WS-Security and UsernameToken.
WS-Security is used to encrypt the soap xml.
Its main focus is the use of XML Signature and XML Encryption to provide
end-to-end security.
I tried to implement Ws-Security using rpg a couple of years ago, but did
not succeed. So we skipped the soap xml encryption and used the ws-security
user and password together with SSL.
Maybe there is a solution on this now, with i/os 6.1 and new api's?
Best regards,
Magne
-----Opprinnelig melding-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne av Steve
Sendt: 4. mars 2011 15:30
Til: 'HTTPAPI and FTPAPI Projects'
Emne: HTTP_Set_AUTH and WS-Security
http_setAuth( HTTP_AUTH_BASIC
: %trim(Userid)
: %trim(Passwd) );
Am I missing something or using the wrong statement. ??
I added this into my program thinking it was what I needed to generate the
security string in my Soap message But I didn't get anything.
This is what is required using soap:
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
ty-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-1"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
y-utility-1.0.xsd"><wsse:Username>userid</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token
-profile-1.0#PasswordText">passwd</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-m
essage-security-1.0#Base64Binary">uY0FMEfI6dzTVHg6/DFazQ==</wsse:Nonce><wsu:
Created>2011-02-15T22:21:24.555Z</wsu:Created></wsse:UsernameToken></wsse:Se
curity></soapenv:Header>
With WS-Security turned off everything is fine.
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------