[Perlgssapi-users] Ws-Security
Brought to you by:
achimgrolms
From: Massimiliano M. <mas...@ce...> - 2006-10-13 13:57:47
|
Hello, I've another tedious question. I've decided to implement my webservices as is, exchanging gss messages in the soap envelope. Is secure by the protocol. I'm referring at your examples, from now: As you told me, once created the context, I would like to use this context, using GSS_wrap() and GSS_unwrap(). First question: are these function available in your perl module? What is the value of the variable $gss_output_token, after the first call to GSSAPI::Context::init? Where is stored the session key? Second question: of course, the webservice is stateless. I've to mantaining a state between the client and the webserver, as a session. I've to create a function like this (your example: line 123 and following): # $gss_output_token is returned by the init() context if($gss_output_token) { print "$counter CLIENT::have token to send ...\n"; print "$counter CLIENT::GSS token length is " . length($gss_output_token) . "\n"; # # $gss_output_token is binary data # my $gss_input_token = soap_send(encode_base64($gss_output_token, ''), uniqueid); print "$counter CLIENT::sent token to server\n"; } if ($status->major & GSS_S_CONTINUE_NEEDED) { print "$counter CLIENT::Mutual auth requested ...\n"; if ($gss_input_token) { print "$counter CLIENT::got mutual auth token from server\n"; $gss_input_token = decode_base64($gss_input_token); print "$counter CLIENT::mutual auth token length is " . length($gss_input_token) . "\n"; } else { print "$counter CLIENT::server did not send needed continue token back\n"; $error = 1; } And then, second time of while, call to init() for the second time, and get mutualauth. Where uniqueid is a value unique for the client that the server stores in the disk as httpsession for maintaining a state. My question is: Imagine that now I've to send a message to the server, containing the string "Achim". What I should pass now to the server, for using the context? What I must store with the uniqueid for continuing to use the context, after the death of the webserice? Thank you! -- Massimiliano Masi http://www.comunidelchianti.it/~max |