I want to implement an client axis handler that will implement the xml signature using the keystore file's keys, certifcates and by using xml signature specification implementation frameworks like Apache XML Project, IBM XSS etc.
Basically there is a third party web service provider that verifies the incoming soap messages xml signature and so I want to write a axis client that sends soap messages with xml signatures implemented on them.
Any ideas on how to proceed on this will be great help.
And regarding the implementation of the Handlers it is entirely upto you..
If you implement the Handler interface then you have u override all the methods and provide the implementation..Instead the BasicHandler implements the Handler interface and provides some default implementation of those methods..So u can override just the invoke method of it..
Kumar, WSS4J and IBM XSS4J are different.. WSS4J is a open source project from Apache..
In my case the Web Services provider is not under our control..Itz an external system with which we are interacting..
But that doesn't really matter..All it matters is digitally signing the SOAP message..Watever implementation used on the server-side shud b able to validate the signature and process the SOAP request..
1. Is apache's xss4j more matured than ibm xss, verisign tsik etc. ?
2. In what cases ones uses org.apache.axis.handlers.BasicHandler over implementing avax.xml.rpc.handler.Handler ?
3. I think you need wrap the xss4j framework under axis handlers written by you use these handlers for signing the soap request message (on the client side) and also, write axis handlers on the server side for validating the signature in the soap message. Right ? If so can you please paste your handlers code here ...