Changes between Version 11 and Version 12 of T12_Security/WS-Security


Ignore:
Timestamp:
25/08/06 16:58:45 (13 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • T12_Security/WS-Security

    v11 v12  
    4343 
    4444=== Integration into ZSI === 
    45 How best to integrate singature code into ZSI? 
     45How best to integrate signature code into ZSI? 
    4646 
    4747For WS client side, `ZSI.Binding.Send` has `sig_handler` keyword which can be assigned to a signature handler class.  This must implement `sign` and verify methods.  These both take the same single argument of a `ZSI.writer.SoapWriter` instance.  `verify` indicates an invalid signature by raising an exception.  `GssSignatureHandler` the pyGridWare handler class raises a `VerifyError` type. 
     48 
     49For the server side there doesn't seem to be an explicit place holder for a signature handler so it would seem to be a more complicated as how to best sign a message.  Server side methods have access to the `ZSI.parse.ParsedSoap` instance which contains a `dom` member variable which would enable checking of content for verify. 
     50 
     51For signing responses it may need a sub class to `ZSI.ServiceContainer.SOAPRequestHandler` with an overloaded version of do_POST to include code to sign an outbound message.  More investigation is needed. 
     52 
     53The current status is that a working `SignatureHandler` class signs outbound messages from the WS client. 
    4854 
    4955== XML Encryption ==