Friday Apr 27, 2007

Federated security in webservices across trusted domains

Want to know how to build federated security in Web Services across trusted domains with WSIT?

See this screencast to learn how.

References:

WSIT, is a short name for Web Services Interoperability Technology, an integrated part of GlassFish v2 M4.

It's an open source implementation of key WS-\* technologies and provide first class interoperability between Sun's Web services stack and Microsoft Windows Communication Foundation, an integrated part of .NET 3.0 framework.

WS-Trust specifies a framework for broker trust across different security domains.

For introduction about using Netbeans, and introductory samples on creating and testing webservices using Netbeans and the WSIT, I encourage you to see Arun's screencasts.

Wednesday Apr 11, 2007

XWSS adoption in the industry

It's always exciting to see XML and Web services security (also shipped in glassfish now) more widely used in the industry. Here's another success story of XWSS adoption.

Another highlight?

Glassfish goes to Harvard!

Friday Apr 06, 2007

A picture is worth a thousand words

For those of us who are tutorial-challenged and find it boring to go through lengthy manuals or tutorials to learn something new, a screencast or a writeup with pictures is a life-saver.

Shyam's written a nice blog about Developing Trust applications using Netbeans. It has nice snapshots of screen captures and explains the topic well.

A picture is worth a thousand words....

Monday Apr 02, 2007

Monitoring secure SOAP Messages

If you're working on a security scenario on glassfish, have been looking at signature validation failing the Nth time... and are ready to pull your hair out (whatever's left), it's time to sit back, take a deep breath and do some deeper thinking.

Security is not your enemy, its your friend, its just that you need to learn to communicate! The language you can start babbling is that of (FINE grained) logging and HTTP dumping.

One way to do this is to open the file /domains/domain1/config/domain.xml and add the following lines to the jvm-options section:


<jvm-options>
-Dcom.sun.xml.ws.transport.http.HttpAdapter.dump=true
</jvm-options>

<jvm-options>
-Dcom.sun.xml.ws.transport.http.client.HttpTransportPipe.dump=true
</jvm-options>

And then start the server. Well, a better and smarter alternative to the above (in my opinion) is to use the Glassfish admin tool to do the same thing and then ofcourse restart the server for the settings to take effect.

Trivia: Did you know you could use the admin tool to change glassfish's jvm-option settings?

The other thing you want to do is to configure fine grained logging for the security packages. Here's what I am talking about.

In his blog, Fabian talks about configuring logging in GlassFish 9.1 for the WS-Policy implementation.
Only, instead you now enter com.sun.xml.ws.security.trust for trust, com.sun.xml.ws.security.secconv for secure conversation, com.sun.xml.wss.impl for xwss, and set the value FINE (or any other logging level that suits you) to any or all of these.

Thanks for reading. I hope this helped...

About

manveen

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today