| Anonymous | Login | Signup for a new account | 12-17-2024 12:01 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0001793 | [Resin] | minor | always | 06-11-07 09:48 | 06-17-07 17:37 | ||||
| Reporter | ferg | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | normal | Resolution | fixed | ||||||
| Status | closed | Product Version | |||||||
| Summary | 0001793: Hessian security | ||||||||
| Description |
(rep by Serge Merzliakov) As a newcomer, I don't know much about Hessian (my day job requires WS-Security, SOAP and the orthodox SOA stack...) but I have got the samples working and like the simplicity very much. Are there any plans to encrypt messages or some other message level security (this excludes SSL) ? I know this strays into the WS-Security space (and we don't wan't to reinvent the WS-* wheel) but it would be a compelling argument for serious evaluation in most firms considering SOA. |
||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0002055) ferg 06-17-07 17:37 |
hessian/3c{20,21,30,31,32} A) Encryption: X509Encryption envelope = new com.caucho.hessian.security.X509Encryption(); X509Certificate cert = ...; envelope.setCertificate(cert); OutputStream out = ...; Hessian2Output out = new Hessian2Output(out); out = envelope.wrap(out); // use normal Hessian2Output methods to write data out.close(); B) Decryption: X509Encryption envelope = new com.caucho.hessian.security.X509Encryption(); X509Certificate cert = ...; envelope.setCertificate(cert); PrivateKey key = ...; envelope.setPrivateKey(key); InputStream is = ...; Hessian2Input in = new Hessian2Input(in); in = envelope.unwrap(in); // use normal Hessian2Input methods to read data in.close(); C) Signature: X509Signature envelope = new com.caucho.hessian.security.X509Signature(); X509Certificate cert = ...; envelope.setCertificate(cert); PrivateKey key = ...; envelope.setPrivateKey(key); OutputStream out = ...; Hessian2Output out = new Hessian2Output(out); out = envelope.wrap(out); // use normal Hessian2Output methods to write data out.close(); D) Signature Validation: X509Signature envelope = new com.caucho.hessian.security.X509Signature(); X509Certificate cert = ...; envelope.setCertificate(cert); InputStream is = ...; Hessian2Input in = new Hessian2Input(in); in = envelope.unwrap(in); // use normal Hessian2Input methods to read data in.close(); // validation occurs during the close() |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 06-11-07 09:48 | ferg | New Issue | |
| 06-17-07 17:37 | ferg | Note Added: 0002055 | |
| 06-17-07 17:37 | ferg | Assigned To | => ferg |
| 06-17-07 17:37 | ferg | Status | new => closed |
| 06-17-07 17:37 | ferg | Resolution | open => fixed |
| 06-17-07 17:37 | ferg | Fixed in Version | => 3.1.2 |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
28 total queries executed. 25 unique queries executed. |  |
