WCF Interop with Axis2 using WS-Trust

前端 未结 5 1867
难免孤独
难免孤独 2021-02-09 07:08

We are trying to get WCF and Java talking to each other using SAML tokens issued from an STS. Despite the fact that both sides are compliant with the standards, WS-Security, WS-

5条回答
  •  独厮守ぢ
    2021-02-09 07:19

    I'm assuming that the server side is axis, it's not clear but that is more common.

    If you are programming interoperable webservices you in Java you should consider switching to JAX-WS, not only because the axis2 programing model is a little bizarre, but often the code is incomplete. I've certainly come across features partially implemented before, also it's I found it difficult to determine what testing for interoperability had been performed with the Microsoft stack.

    I would say you have much better chances in the future using a JAX-WS stack. One major reason is Sun Engineers spend quite some time sitting with Microsoft engineers to make sure their stacks were interoperable and they'd interpreted the specs in the same way. Besides this the programming model is easier and can be driven with annotations. It also somewhat simplifies deployment and maintenance. The additional container for servicing .AAR files and the fiddling to remove axis2 from the service endpoint can just be ignored: the endpoint can just be treated as a Servlet.

    There is documentation of people getting SAML to work with JAX-WS: http://www.jroller.com/gmazza/entry/using_the_opensaml_library_in

    If you cannot move away from axis2 I think a similar strategy needs to be employed. Where you would intercept the token and do the authentication before it gets to call the service endpoint.

    See: http://www.omg.org/news/meetings/workshops/Web_Services_USA_Manual/02-3_K_Smith.pdf

    http://www.mail-archive.com/axis-user@xml.apache.org/msg10292.html

    http://www2.sys-con.com/ITSG/virtualcd/WebServices/archives/0303/secrist/index.html

提交回复
热议问题