Skip to main content

Kumar Jayanti

Kumar Jayanti is a staff engineer at Sun Microsystems and works in the Web Technologies and Standards team. In his current role, Kumar is the implementation lead for GlassFish V3 Security, Metro WebServices Security and also the specification and implementation lead for the SAAJ (JSR 67). He has been working in the areas of application and infrastructure security effort at Sun since early 2004. Kumar holds an M.Tech degree in Computer Science from IIT Mumbai, India. His areas of interest include Distributed computing, CORBA, XML, WebServices and Security.

 

kumarjayanti's blog

Security Token Configuration in Metro Contd....

Posted by kumarjayanti on July 8, 2009 at 1:17 AM PDT

My previous post Security Token Configuration in Metro has exceeded the maximum limits (even after having used the extended entry) of a post and hence when i added some more details yesterday, i am seeing that the tail end of my post was truncated.

Attaching Security Policies to Individual Operations

Posted by kumarjayanti on July 1, 2009 at 6:36 AM PDT

The earliest version of WS-SecurityPolicy implemented during early days of Metro/WSIT did not allow Binding Assertions to be attached to any scope other than the EndPoint scope. The latest versions of WS-SecurityPolicy specification allows Binding Assertions to be attached to operation scope.

Security Token Configuration in Metro

Posted by kumarjayanti on June 1, 2009 at 4:45 AM PDT

In this post, i  would like to describe how to configure various types of security tokens that Metro supports. There are various aspects to token configuration depending on the type of the token and the article i wrote long ago is outdated, things have changed for good and i will talk about it here.

Overriding WebServiceContext in Metro to handle security related methods

Posted by kumarjayanti on May 26, 2009 at 2:25 AM PDT

One of the design goals of Metro is to be able to run on any Application Server as a WebServices Stack. One project that i know levarages this ability is OpenSSO. The OpenSSO product is supported on several application servers.

SOAP Message Security with Password Derived Keys

Posted by kumarjayanti on April 6, 2009 at 6:02 AM PDT

With Latest Metro 2.0 bits you can now try signing and encrypting SOAP Messages using the WSS 1.1 Password Derived Keys Feature. This is useful incase one does not want to use Certificates or Kerberos tokens etc.

Custom Realms in GlassFish V3

Posted by kumarjayanti on January 8, 2009 at 3:49 AM PST

My colleague Nithya has written about an interesting recent feature addition to GlassFish V3 where you can dynamically add a new Custom Realm (built as an OSGI module) to a running glassfish server (No Restart Required !!).

If you are using latest GlassFish V3 builds : Latest V3 Promoted Builds

Plain Text Username Password security with Metro

Posted by kumarjayanti on November 25, 2008 at 1:10 AM PST

Although not considered very secure many users in the past have asked
for it.

Client Side Certificate Handling in Secure Metro WebServices

Posted by kumarjayanti on November 24, 2008 at 5:42 AM PST



If you have a WebService configured to use the href="https://wsit-docs.dev.java.net/releases/m6/WSIT_Security4.html#wp129317">Mutual
Certificates Security  mechanism as supported by
Netbeans.  Then when developing a client for the service you would
generally be required to configure the client side keystore alias or
provide a callbackhandler.

Support for Programmatic Authorization in WebServices With Metro 1.3

Posted by kumarjayanti on September 15, 2008 at 6:57 AM PDT



Starting with  Promoted href="https://sailfin.dev.java.net/downloads/v1-b36.html">Build 36 
of  SailFin,  Metro 1.3 users can perform Programmatic
Authorization decisions inside their  SEI Implementations. 


1. What is the API to be used for Programmatic Authorization ?

Accessing the SAML Assertion in the WebService

Posted by kumarjayanti on December 7, 2007 at 1:01 AM PST


A Question that is often asked is, I am  Using  a WSIT Secure
Scenario containing SAML Assertion, How do i access the SAML Assertion ?



Here is how you can access the SAML Assertion inside your WebService
Endpoint Implementation Class. Note the method getSAMLAssertion() in
particular.





package test;