Kerberos authentication without SecurityPolicy in WSDL

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Kerberos authentication without SecurityPolicy in WSDL

jvalteren
This post has NOT been accepted by the mailing list yet.
Hi all,

I'm working on an integration scenario for a customer and have run into a challenge.

The customer is using a model driven application platform that uses Metro to implement its web services stack. From the modeling environment, I can publish a process flow as a Web service, after which it generates a WSDL based on the input/output parameters and domain model of the application. I have no way to influence the WSDL other than changing the input/output parameters of the process flow. I can however perform a custom mapping of the SOAP header of incoming requests.

The customer wants to integrate the application with several .NET systems using WS-Security and the Kerberos Token Profile. IMO, setting this up requires defining the Security Policy in the WSDL and referencing it from the binding and/or operation.

My question is this: Is it possible to make this work without being able to modify the WSDL to include the Security Policy definition?

Hope to hear from you!


Kind regards,

Jonathan
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Kerberos authentication without SecurityPolicy in WSDL

TomekJavaMetro
This post has NOT been accepted by the mailing list yet.

Hello,

Maybe if there is no WS-Policy informations for (input, output, error/exepcttion) messages  You
should add it to the Your WSDL service.

Could You post the part of information's from Wsdl / WSPolicy contract of Your service /or STS ?


FOr example , in the secured services (WSP + STS + WSC) case the Metro (2.1.1 or before) stack does not directly add the WS-policy to the Fautl/error messages.

Best regards,
Tomek.
Loading...