In the Parameter config, the username/password has to be hardcoded in the client.axis2.xml file. So it essentially means that you have to change the username/password for every new user (or maybe have separate installations for every user).
With the Policy config however, the username/password combo is retrieved via the password callback handler class. The username/password can be retrieved from any authentication backend you can think of. As such, you can dynamically set the username/password from the client code. Cheers Sanjay >-----Original Message----- >From: Roxanne Yee [mailto:[EMAIL PROTECTED] >Sent: 15 July 2008 08:09 >To: [email protected] >Subject: RE: Rampart: Policy versus Parameters > >Dynamically? How so? > >Thanks. > >=>RY > > >-----Original Message----- >From: Sanjay Vivek [mailto:[EMAIL PROTECTED] >Sent: Mon 7/14/2008 8:25 PM >To: [email protected] >Subject: RE: Rampart: Policy versus Parameters > >The policy method is far more flexible. It allows you to >dynammically set the username/password (which cannot be done >by the Parameter method) and much more. > >Cheers >Sanjay > > >-----Original Message----- >From: Roxanne Yee [mailto:[EMAIL PROTECTED] >Sent: Mon 14/07/2008 18:35 >To: [email protected] >Subject: Rampart: Policy versus Parameters > >I was just wondering, what method of WS-Security with Rampart >do most people use and find the easiest: the Policy method >(with the RampConfig element) or the Parameter method (with >the InflowSecurity and OutflowSecurity parameters in services.xml)? > >Thanks. > >=> RY > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
