[Soap-Python] WS-Security with certificates?
Dariusz Suchojad
dsuch at gefira.pl
Tue Nov 20 20:30:35 CET 2012
Israel Brewster wrote:
> Any other thoughts/solutions to this particular issue?
In one project, I worked around all the issues related to various xmlsec
bindings by simply invoking xmlsec1 in a subprocess whenever it was
needed, which meant signature verification and decryption in that case.
Wrapped in a convenient API the whole thing simply exposed two methods,
think def verify(self, xml) and def decrypt(self, xml).
I wasn't particularly concerned about the performance penalty of an
additional one tenth of a second because it was part of a bigger SAML2
exchange which already took some 10 or 12 seconds to complete due to a
sleepy IdP. Besides, it wasn't invoked more than several hundred times a
day.
I can't say I was overly happy that I had to do it that way but having
spent several days on various other cleaner approaches, I did welcome
the only working one without further complaints.
cheers,
--
Dariusz Suchojad
More information about the Soap
mailing list