• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

AXIS Security Transaction (Highest Protection)

 
Ranch Hand
Posts: 120
IntelliJ IDE Hibernate Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to implement the following security transaction using AXIS
Is it possible? If it is not Why ?
1.Clients creates a messages that is a parameter of the webservice call.
2.Client encrypts payload of message using server public key .
3.Clients add to message digital signature using X.509 managed certificate. (It is should be performed automatically to all outgoing clients messages)
4.Client establishes security SSL connection to the server.
5.Client calls appropriate webservice using HTTPS.
6.Server checks digital signature of input message. (It is should be performed automatically to all ingoing server messages)
7.Server decrypts payload of the message using server private key.
8.Server processes the message and creates replay message.
9.Server encrypts message using own private key.
10.Server attaches digital signature to the message.(It is should be performed automatically to all outgoing server messages)
11.Server returns response message back to the client.
12.Client checks server digital signature.(It is should be performed automatically to all ingoing clients messages)
13.Client decrypts payload of the message using server public key.
Scenario above represents the highest level of the security protection. It assumes that messages are protected by set of security keys.
1.Digital signature to authenticate server when establish SSL connection.
2.Digital signature to authenticate client when establish SSL connection
3.Asymmetric key's pair to encrypt SSL traffic between client and server.
4.Digital signature to be added to all outgoing messages on the client side
5.Digital signature to be added to all outgoing messages on the server side
6.Asymmetric key's pair to encrypt encrypt/decrypt payload of the messages.
Sorry. It is probably too long. If somebody has implemented something similar in practise?
 
Ranch Hand
Posts: 45
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This isn't a direct answer to your question, sorry, but have you looked at the Apache WSS4J project?
http://ws.apache.org/ws-fx/wss4j/
 
author and deputy
Posts: 3150
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm not sure but you can whether this book is covering your task or not.
 
Stan Sokolov
Ranch Hand
Posts: 120
IntelliJ IDE Hibernate Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
About http://ws.apache.org/ws-fx/wss4j/
I have impression that this project is in the begining stage now. At least I didn't find files that are available for download (http://ws.apache.org/mirrors.cgi)
Correct me if I was wrong
 
Stan Sokolov
Ranch Hand
Posts: 120
IntelliJ IDE Hibernate Spring
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Couple of words regarding the book. From the begining thank you for the advice. I followed the link and found some positive and negative feed-backs. They should help me to make a desicion. It is always difficult to state the value of the book without reading couple of articles. I will have a look at this book in the bookstore. Thank you. Most of all I am intrested in some practical scenarios. Because from the theoretical standpoint there is complex of solutions but not all of these solutions probably match to my production environment that defintilty has perfomance and security constraints.
 
If you open the box, you will find Heisenberg strangling Shrodenger's cat. And waving this tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic