Apache releases two Web Services Packages

Discussions

News: Apache releases two Web Services Packages

Bookmark and Share Get thread feed

  1. Apache releases two Web Services Packages (8 messages)

    Apache has released 1.0 of WSS4J (WS-Security) and 1.0 of Sandesha (WS-Reliability), both running on top of Axis.

    WSS4J can be used to sign and verify SOAP Messages with WS-Security information, implementing the OASIS Web Service Security standard, the Username Token profile V1.0, and the X.509 Token Profile V1.0. It is also able to emulate older WSS specifications.

    Sandesha provides a complete support for WS-ReliableMessaging specification allowing a reliable communication between web services as well as web services and clients.

    What are your thoughts of these products? Are they useful to you?
    Reply to this

    Threaded Messages (8)

  2. Security[ Go to top ]

    Why is that "two Web Services security packages"? What does WS-ReliableMessaging have to do with security?
    Reply to this Reply to original

  3. Security[ Go to top ]

    I.. uh.. have no answer for that. The title has been changed. Thank you.
    Reply to this Reply to original

  4. Relationship between Security and reliability[ Go to top ]

    Relationship between WS Security and Reliable messaging

      A secure web service should be always available to the Authorize user . Without reliable messaging the WS availability is at risk . We can call a WS as secure if it available to authorize user is atself at risk. Hence WS security and WS reliable messagining go together .

     Syed
    Reply to this Reply to original

  5. Relationship between Security and reliability[ Go to top ]

    Relationship between WS Security and Reliable messaging

      A secure web service should be always available to the Authorize user . Without reliable messaging the WS availability is at risk . We can call a WS as secure only if it is available to authorize user , all the time . Hence WS security and WS reliable messagining go together .

     Syed
    Reply to this Reply to original

  6. Security - Two packages[ Go to top ]

    I thought security is not only encryption but validation of sending parties, and validation of sent data - hence the "reliable" seems apprpriate
    Reply to this Reply to original

  7. Any download link?[ Go to top ]

    From where it is possible to download the WSS4J distribution? Looks like it is still necessary to go through CVS...
    Reply to this Reply to original

  8. This is good news[ Go to top ]

    I had been shying away from WS-Security because it didn't have a 1.0 release yet. Am definitely going to try it out now. One question though - is it really interoperable with a .NET client? My service is on Axis, but the clients will be Visual Basic .NET. I'd hate to use WSS4J only to find that ".NET Web Services Enhancements (WSE) 2.0 SP2" doesn't work like it should. :)

    Regards,
    Sunil
    Reply to this Reply to original

  9. It works (at least for me...)[ Go to top ]

    Hello,

    I've been using a version of WSS4J retrieved from CVS three months ago as client to a WSE 2.0 SP3 service, and it worked. The main problem I had is to synchronize the clients clock with the servers clock (since messages are timestamped), but this has nothing to do with the implementation :)

    Regards,

    François
    Reply to this Reply to original