MHonArc v2.5.0b2 -->

















ebxml-msg message






[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]








Subject: WSS questions




From: "iwasa" <kiwasa@jp.fujitsu.com>
To: <ebxml-msg@lists.oasis-open.org>
Date: Thu, 2 Mar 2006 19:08:44 +0900






Here are some questions I got from
users implementing ebMS3.0 CD.
I appreciate if someone can answer
the followings:

1) 6.2.1.1 Username / Password Option
   The example is including both <wsse:UsernameToken>
   and <SecurityTokenReference>.
--
<wsse:Security xmlns:wsse="$B!D(B" xmlns:wsu="$B!D(B"> 
  <wsse:UsernameToken wsu:Id="#TokenID"> 
     <wsse:Username>hamid</wsse:Username> 
     <wsse:Password>SomePassword</wsse:Password> 
  </wsse:UsernameToken> 
</wsse:Security> 
<eb:Messaging eb:version="3.0" SOAP:mustUnderstand="1" > 
  <eb:SignalMessage> 
     <wsse:SecurityTokenReference> 
        <wsse:Reference URI="#TokenID" /> 
     </wsse:SecurityTokenReference> 
     <eb:MessageInfo> $B!D(B. </eb:MessageInfo> 
     <eb:PullRequest eb:forMbox="$B!D(B" /> 
  </eb: SignalMessage>
</eb:Messaging>
--

   Can we omit <SecurityTokenReference> with
   this example, even if we use ID and Password? 
   Or is it mandatory to include the element?
   It seems redundancy.
   *If both of them should be included, the spec
   should mention it. If not, it should be mentioned 
   also.

2) The above example is for SignalMessage.
   How about for UserMessage? I assume the
   answer is the same with the above.

Thanks,

Iwasa   





Follow-Ups:

Re: [ebxml-msg] WSS questions
From: Ric Emery <remery@cyclonecommerce.com>



References:

RE: [ebxml-msg] Groups - Security Concern
From: Hamid Ben Malek <HMalek@us.fujitsu.com>






[Date Prev]
 | [Thread Prev]
 | [Thread Next]
 | [Date Next]

--

[Date Index]
 | [Thread Index]
 | [List Home]