[wsf-c-dev] [wsf/php] is X509 token profile encryption supported?

Paul Fremantle paul at wso2.com
Tue May 29 05:18:12 PDT 2007 

Renaud

Does your server publish a security policy (WS-P + WS-SP) XML? That 
would be useful input.

Paul

Renaud Bruyeron wrote:
> Renaud Bruyeron wrote:
>> Buddhika Semasinghe wrote:
>>> Renaud Bruyeron wrote:
>>>>
>>>> I am trying to do what is described p11 on 
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf 
>>>>
>>>> (encryption usage of the X509 token profile v1.0) using wsf/php.
>>>> The client is in php, and the server I need to talk to is 
>>>> implemented with XFire/WSS4J
>>>> The server-side works well (I have java-based clients talking to 
>>>> it), but I can't find an example
>>>> of WSF/PHP usage that does this.
>>>>
>>>> Anyone has a testcase for this or example PHP script? Is this 
>>>> supported as of 1.0alpha2?
>>>>
>>>>
>>> Hi Renaud;
>>>
>>> There is a sample called "encryption_only" in *src/sample/secpolicy* 
>>> directiory in 1.0alpha2. There is a client and a server which 
>>> encrypts the message in X509 token profile.Further If you want to 
>>> know how to use security stuffs in WSF/PHP , you can follow the wiki 
>>> in http://wso2.org/wiki/display/wsfphp/WS-Security+API.For any more 
>>> concerns about this we would like to help you through the mailing list.
>>
>> The encrypt_only example does not implement the profile I am referring 
>> to.
>> If I capture the SOAP message, I see that it is different from the one 
>> in the spec (see attachements).
>> The good message is generated by XFire/WSS4J, the bad one is from the 
>> encrypt_only example using the same certificate. You can see the good 
>> message is exactly the structure described in the PDF (section 3.4 
>> "Encryption"), while the bad message has a different structure: it has 
>> a BinarySecurityToken, and does not show the X509 certificate values 
>> (CN and serial) in the keyInfo section.
> Sorry forgot to add the attachments!
> 
> Here they go.
> 
> - Renaud
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Wsf-c-dev mailing list
> Wsf-c-dev at wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/wsf-c-dev

-- 
Paul Fremantle
Co-Founder and VP of Technical Sales, WSO2
OASIS WS-RX TC Co-chair

Office: +1 646 290 8050
Cell: +44 798 447 4618

blog: http://pzf.fremantle.org
paul at wso2.com

"Oxygenating the Web Service Platform", www.wso2.com

More information about the Wsf-c-dev mailing list