Re: [cmis] Looking for additional information around CMIS conformantauthentication

[Al Brown <albertcbrown@us.ibm.com>]

I think this is relevant to the specification especially the WS binding. I would like to here implementation details discussed.

-Al

Al Brown
Emerging Standards and Industry Frameworks
Office 714 327 3453
Mobile 714 263 6441
Email albertcbrown@us.ibm.com
CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation.

Jens Hübel ---02/10/2009 12:47:15 AM---Hi all,

From:	Jens Hübel <jhuebel@opentext.com>
To:	<cmis@lists.oasis-open.org>
Date:	02/10/2009 12:47 AM
Subject:	[cmis] Looking for additional information around CMIS conformant authentication

---

Hi all,
 
we are currently investigating how to add support WS-Security 1.1 to our CMIS implementation. To test interoperability Java-.Net we are trying to build a sample (Hello World like) client to authenticate against server. It seems that in the WCF configuration in .Net you can set a whole bunch of various options and parameters in the behaviors and bindings sections. Currently we are facing the problem that the .Net client always generates some information that the server does not understand (causing exceptions etc.). Well this problem is just our implementation issue and probably the spec in this regard is accurate and precise enough. However I wonder if  we could make life easier (having the PlugFest in mind) from a practical perspective if:

a) someone has already tested this and could provide a sample configuration file that works at least in one repository
b) we should agree to support at least one common configuration (again not as part of the spec but just for practical reasons at the plugfest) for .Net and Java
c) we have a common place to share such things that are not directly spec related but are just tools, guidelines, best practices that make life easier for all us

I remember that multiple vendors ran into the authentication issue the last time. I assume that MTOM would be another candidate for such kind of additional information. So perhaps we can make some preparations to be as good as possible prepared for the next tests. Comments if you see any value in this would be welcome.
 
Thanks Jens
 
P.S. I am not 100% sure if this mailing list is the right place to ask questions like this. If there is any better place for questions not directly related to the work on the spec please let me know.