[wsf-c-dev] [wsf/php] is X509 token profile encryption supported?
Buddhika Semasinghe
buddhika at wso2.com
Tue May 29 05:24:11 PDT 2007
Renaud Bruyeron wrote:
> Renaud Bruyeron wrote:
>> Buddhika Semasinghe wrote:
>>> Renaud Bruyeron wrote:
>>>>
>>>> I am trying to do what is described p11 on
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf
>>>>
>>>> (encryption usage of the X509 token profile v1.0) using wsf/php.
>>>> The client is in php, and the server I need to talk to is
>>>> implemented with XFire/WSS4J
>>>> The server-side works well (I have java-based clients talking to
>>>> it), but I can't find an example
>>>> of WSF/PHP usage that does this.
>>>>
>>>> Anyone has a testcase for this or example PHP script? Is this
>>>> supported as of 1.0alpha2?
>>>>
>>>>
>>> Hi Renaud;
>>>
>>> There is a sample called "encryption_only" in *src/sample/secpolicy*
>>> directiory in 1.0alpha2. There is a client and a server which
>>> encrypts the message in X509 token profile.Further If you want to
>>> know how to use security stuffs in WSF/PHP , you can follow the wiki
>>> in http://wso2.org/wiki/display/wsfphp/WS-Security+API.For any more
>>> concerns about this we would like to help you through the mailing list.
>>
>> The encrypt_only example does not implement the profile I am
>> referring to.
>> If I capture the SOAP message, I see that it is different from the
>> one in the spec (see attachements).
>> The good message is generated by XFire/WSS4J, the bad one is from the
>> encrypt_only example using the same certificate. You can see the good
>> message is exactly the structure described in the PDF (section 3.4
>> "Encryption"), while the bad message has a different structure: it
>> has a BinarySecurityToken, and does not show the X509 certificate
>> values (CN and serial) in the keyInfo section.
> Sorry forgot to add the attachments!
>
> Here they go.
>
> - Renaud
> ------------------------------------------------------------------------
>
> <
>
Hi Renaud;
There is some bugs in our sample. Actually that scenario was
implemented in scenario3. If you have used array of options case to
build policy xml than we have to fix some bugs on it. Yet you can test
the same scenario by giving the policy xml directly. So I have attached
the both client side and server side scripts of the sample for that
scenario.Thanks for pointing out the bug there and please try this and
we would like to know if you have any concerns.
cheers
Buddhika
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sample.tar.gz
Type: application/x-gzip
Size: 4213 bytes
Desc: not available
Url : http://wso2.org/pipermail/wsf-c-dev/attachments/20070529/1540d0b4/sample.tar.bin
More information about the Wsf-c-dev
mailing list