You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Narayan S Dhillon (JIRA)" <ji...@apache.org> on 2008/01/28 19:49:36 UTC
[jira] Created: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
-------------------------------------------------------------------------------------------
Key: RAMPART-135
URL: https://issues.apache.org/jira/browse/RAMPART-135
Project: Rampart
Issue Type: Improvement
Components: rampart-core
Affects Versions: 1.3
Reporter: Narayan S Dhillon
Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
...
</ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya resolved RAMPART-135.
------------------------------------------------
Resolution: Fixed
Reviewed and applied the patch in revision 616608. Thanks Narayan .
> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-135
> URL: https://issues.apache.org/jira/browse/RAMPART-135
> Project: Rampart
> Issue Type: Improvement
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
> Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
> ...
> </ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya updated RAMPART-135:
-----------------------------------------------
Fix Version/s: 1.4
Set Fix version to 1.4.
> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-135
> URL: https://issues.apache.org/jira/browse/RAMPART-135
> Project: Rampart
> Issue Type: Improvement
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
> Fix For: 1.4
>
> Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
> ...
> </ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Posted by "Narayan S Dhillon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Narayan S Dhillon updated RAMPART-135:
--------------------------------------
Attachment: PolicyValidatorCallbackHandler.java
New callback interface for policy based results validation
> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-135
> URL: https://issues.apache.org/jira/browse/RAMPART-135
> Project: Rampart
> Issue Type: Improvement
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
> Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
> ...
> </ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Posted by "Narayan S Dhillon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Narayan S Dhillon updated RAMPART-135:
--------------------------------------
Attachment: rampart-135.patch
Patched files
> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-135
> URL: https://issues.apache.org/jira/browse/RAMPART-135
> Project: Rampart
> Issue Type: Improvement
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
> Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
> ...
> </ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-135) Allow custom implementation of
PolicyBasedResultsValidator using callback handler mechanism
Posted by "Narayan S Dhillon (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12563253#action_12563253 ]
Narayan S Dhillon commented on RAMPART-135:
-------------------------------------------
I have attached the patch, could some one from dev please apply it. Thanks.
> Allow custom implementation of PolicyBasedResultsValidator using callback handler mechanism
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-135
> URL: https://issues.apache.org/jira/browse/RAMPART-135
> Project: Rampart
> Issue Type: Improvement
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
> Attachments: PolicyValidatorCallbackHandler.java, rampart-135.patch
>
>
> Cert validation is important part in WS-Security and different organizations have different rules for that, and that could be fulfilled by ability to have custom implementation of PolicyBasedResultsValidator.
> All the documentation and intention in the Rampart code seems to suggest that org.apache.rampart.PolicyBasedResultsValidator.verifyTrust() method could be overridden in custom implementations. However currently PolicyBasedResultsValidator is hard-wired into RampartEngine; which makes it impossible to override unless RampartReceiver & RampartEngine are overridden as well.
> After having discussion with Ruchith, callback handler based approach is best suited for this. PolicyBasedResultsValidator will be used as default implementation, and allow customers to specify their custom implementation using rampart config as shown in below example:
> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
> <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
> ...
> </ramp:RampartConfig>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.