challenge/respons in WSE 2.0 (WS-Trust)

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

peter - 18 Aug 2004 08:36 GMT

WS-Trust defines a syntax for performing challenges.
An example:
Client sends <RequestSecurityToken>
Server sends <SignChallenge>
Client sends <SignChallengeRespons>
Server sends <RequestSecurityTokenRespons>

My question is if WSE 2.0 has an implementation for the
challenge/respons mechanism. And in that case what class and functions
are to be used?

: )

Peter Molyneux

Reply to this Message

Lucien - 20 Aug 2004 21:08 GMT

There's no implementation. There are support methods that you have to define
how you want the mechanism to look like (it's restricted/defined in
WS-Trust).

> WS-Trust defines a syntax for performing challenges.
> An example:
[quoted text clipped - 9 lines]
> : )
> Peter Molyneux

Reply to this Message

Daniel Hegner - 06 Sep 2004 20:33 GMT

Hi Lucien,

I've been working on this too, and I've tried to figure out the best
approach.

I haven't been that deep into WSE 2.0 yet so I don't know what you had
in mind when you mentioned those support methods. Do you have any more
specific pointers?

One of my ideas for implementing the protocol is to subclass the
SecurityContextTokenService but I have failed to find a detailed
description of how that class actually works. Would it be better to
subclass it's superclass SecurityTokenService instead and try to
implement the mentioned challenge-response protocol that way?

--
Daniel Hegner

> There's no implementation. There are support methods that you have to define
> how you want the mechanism to look like (it's restricted/defined in
[quoted text clipped - 13 lines]
> > : )
> > Peter Molyneux

Reply to this Message

challenge/respons in WSE 2.0 (WS-Trust)

Free Magazines