[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ebxml-msg] AS4 - clarification on pulling from the default channel with no WS-Security UserName tokens
I'm guessing, Makesh, that implementation occurs at the HTTP transport layer, correct? Not at the AS4 message processing layer, right? You are talking about HTTP Basic Auth, right? Theo's question is really about the AS4 MSH use case for the ebHandler receiving a Pull Request with no WSSE token on the default MPC. It would seem at first blush based on Section 2.3.1 and 3.3 that "minimally" a pull request is authenticated by either a WSSE username/password token -OR- the alternative use of HTTPs client authentication of an SSL certificate (obviously X.509 authentication is also supported). Unlike the Minimal Sender, which has a non-secure push scenario (presumably because the receiver can "authenticate" using the Party-ID, et. al. in the as4 message header), there is no provision of a "non-authenticated" pull request -- even on the default MPC. Is my understanding correct, here? -----Original Message----- From: Makesh Rao (marao) [mailto:marao@cisco.com] Sent: Thursday, May 09, 2013 9:40 AM To: Theo Kramer; ebxml-msg@lists.oasis-open.org Subject: Re: [ebxml-msg] AS4 - clarification on pulling from the default channel with no WS-Security UserName tokens Hi Theo We do support plain old basic auth in our implementation. This is because some of our clients did not agree to support WS-S. They only agreed to support the basic auth. So we built some authorization around the username that we get access to and determine if there is a message in the default queue. ~Makesh On 5/9/13 5:34 AM, "Theo Kramer" <theo@flame.co.za> wrote: >Hi All > >I'm wondering if anyone could clarify what the expected use case should >be when an AS4 pull signal message is received for the default MPC with >no WS-Security user name tokens. > >Possibilities could include any of the following > >i Return any message stored on the default MPC for the default user as >defined in section 4.3 of the ebms 3 core spec. > >ii Return an HTTP 401 authorisation failed unknown reason. > >-- >Regards >Theo > > >--------------------------------------------------------------------- >To unsubscribe from this mail list, you must leave the OASIS TC that >generates this mail. Follow this link to all your TCs in OASIS at: >https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]