You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/09/12 12:26:00 UTC
svn commit: r574880 - in /webservices/rampart/trunk/c:
samples/authn_provider/authn_provider.c src/util/rampart_context.c
xdocs/docs/installationguide.html
Author: kaushalye
Date: Wed Sep 12 03:25:56 2007
New Revision: 574880
URL: http://svn.apache.org/viewvc?rev=574880&view=rev
Log:
Code cleaning.
Modified the documentation (Rampart/C configurations)
Modified:
webservices/rampart/trunk/c/samples/authn_provider/authn_provider.c
webservices/rampart/trunk/c/src/util/rampart_context.c
webservices/rampart/trunk/c/xdocs/docs/installationguide.html
Modified: webservices/rampart/trunk/c/samples/authn_provider/authn_provider.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/authn_provider/authn_provider.c?rev=574880&r1=574879&r2=574880&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/authn_provider/authn_provider.c (original)
+++ webservices/rampart/trunk/c/samples/authn_provider/authn_provider.c Wed Sep 12 03:25:56 2007
@@ -66,54 +66,6 @@
}
return password;
}
-#if 0
-axis2_char_t* AXIS2_CALL
-ramaprt_get_sample_password(const axutil_env_t *env,
- const axis2_char_t *username)
-{
- /*First set pf password are for sample usernames*/
- axis2_char_t * pw = NULL;
- if (0 == axutil_strcmp(username, "Raigama"))
- {
- pw = "RaigamaPW" ;
- }
- else if (0 == axutil_strcmp(username, "Gampola"))
- {
- pw = "GampolaPW";
- }
- else if (0 == axutil_strcmp(username, "alice"))
- {
- pw = "password";
- }
- else if (0 == axutil_strcmp(username, "bob"))
- {
- pw = "bobPW";
- }
- /*These are for sample keystores*/
- else if (0 == axutil_strcmp(username, "a"))
- {
- pw = "a12345";
- }
- else if (0 == axutil_strcmp(username, "b"))
- {
- pw = "b12345";
- }
- else if (0 == axutil_strcmp(username, "x"))
- {
- pw = "x12345";
- }
- else if (0 == axutil_strcmp(username, "y"))
- {
- pw = "y12345";
- }
- else
- {
- /*Append 12345 for any name not specified above*/
- /*sprintf(pw, "%s%s", username, "12345");*/
- }
- return pw;
-};
-#endif
/*Two sample implementations*/
rampart_authn_provider_status_t AXIS2_CALL
@@ -125,7 +77,6 @@
{
axis2_char_t *local_pw = NULL;
- /*local_pw = ramaprt_get_sample_password( env, username);*/
local_pw = ramaprt_get_sample_password_from_file(env, username);
if(local_pw){
/*Compare passwords*/
@@ -151,7 +102,6 @@
axis2_char_t *local_pw = NULL;
- /*local_pw = ramaprt_get_sample_password( env, username);*/
local_pw = ramaprt_get_sample_password_from_file(env, username);
if(local_pw){
axis2_char_t *local_digest = NULL;
Modified: webservices/rampart/trunk/c/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_context.c?rev=574880&r1=574879&r2=574880&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_context.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_context.c Wed Sep 12 03:25:56 2007
@@ -1271,7 +1271,8 @@
wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
if(!wss)
{
- AXIS2_LOG_INFO(env->log,"wss properties are not set.." );
+ /*TODO error*/
+ AXIS2_LOG_INFO(env->log,"wss properties are not set" );
return AXIS2_FALSE;
}
@@ -2208,13 +2209,13 @@
axis2_char_t *identifier,
const axutil_env_t *env)
{
- if(axutil_strcmp(identifier,RAMPART_STR_KEY_IDENTIFIER)==0)
+ if(axutil_strcmp(identifier, RAMPART_STR_KEY_IDENTIFIER)==0)
return rampart_context_is_key_identifier_supported(token,rampart_context,env);
- else if(axutil_strcmp(identifier,RAMPART_STR_ISSUER_SERIAL)==0)
+ else if(axutil_strcmp(identifier, RAMPART_STR_ISSUER_SERIAL)==0)
return rampart_context_is_issuer_serial_supported(token,rampart_context,env);
- else if(axutil_strcmp(identifier,RAMPART_STR_EMBEDDED)==0)
+ else if(axutil_strcmp(identifier, RAMPART_STR_EMBEDDED)==0)
return rampart_context_is_embedded_token_supported(token,rampart_context,env);
else
Modified: webservices/rampart/trunk/c/xdocs/docs/installationguide.html
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/docs/installationguide.html?rev=574880&r1=574879&r2=574880&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/docs/installationguide.html (original)
+++ webservices/rampart/trunk/c/xdocs/docs/installationguide.html Wed Sep 12 03:25:56 2007
@@ -177,48 +177,39 @@
<p>You can engage Rampart/C in global level or in service level.</p>
<p>Just add the following entry either to axis2.xml(gloabl level) or in services.xml(service level) corresponding to the service you want to secure.</p>
<pre>
- <module ref="rampart"/>
+ <module ref="rampart"/>
</pre>
-<p>Apart from that you must define security policies for outgoing messages and incoming messages.
-This can be done by adding parameters in the same descriptor file that you engaged rampart as follows.</p>
-<pre>
- <parameter name="OutflowSecurityPolicy">/your/path/to/outgoing-secpolicy.xml</parameter>
- <parameter name="InflowSecurityPolicy">/your/path/to/incoming-secpolicy.xml</parameter>
+<p> Also you need to add follwoing phase under <phaseOrder type="outflow">
+<pre>
+ <phaseOrder type="outflow">
+ <!-- Other Phases-->
+ <phase name="Security"/>
+ </phaseOrder>
</pre>
+
+<p>Apart from that you must define security policies for the client and the server.
+<p/>
<p>
-<strong>NOTE:</strong> There are several sample security policy xml files for different scenarios under samples/secpolicy/.
- Please refer to the README file inside this folder for more information.
-</p>
-<p>
-The final configuration setup should be as follows:
-</p>
+<br>
<strong>CLIENT SIDE:</strong>
-<p>In axis2.xml</p>
-<pre>
- <module ref="rampart"/>
- <parameter name="OutflowSecurityPolicy">/../../outgoing-secpolicy.xml</parameter>
- <parameter name="InflowSecurityPolicy">/../../incoming-secpolicy.xml</parameter>
-</pre>
-
+<p>In the client side just drop a policy.xml file to the same location(client-repo) where you have the axis2.xml.
+<p/>
+<p>
+<br>
<strong>SERVER SIDE:</strong>
-<p>In services.xml(or axis2.xml)</p>
-<pre>
- <module ref="rampart"/>
- <parameter name="OutflowSecurityPolicy">/../../outgoing-secpolicy.xml</parameter>
- <parameter name="InflowSecurityPolicy">/../../incoming-secpolicy.xml>/parameter>
-</pre>
-
+<p>Add WS-Security Policy assertions to the services.xml.
+<p/>
<p><strong>NOTE:</strong> Please find sample security policy files that are located under <a href="http://svn.apache.org/repos/asf/webservices/rampart/trunk/c/samples/secpolicy/">samples/secpolicy</a></p>
-<p>You may go to each and every scenario and see how Rampart/C is configured using the policy assertions available in respective policy files.
+<p>You may go through each and every scenario and see how Rampart/C is configured using the policy assertions available in respective policy files.
<br>
-For each scenario there are four policy files:</p>
+For each scenario there are two files</p>
<ol>
- <li>client-outgoing-secpolicy.xml : Defines what the security configurations are for outgoing messages from the client</li>
- <li>service-incoming-secpolicy.xml : Defines what the security configurations are for incoming messages to the server</li>
- <li>service-outgoing-secpolicy.xml : Defines what the security configurations are for outgoing messages from the server</li>
- <li>client-incoming-secpolicy.xml : Defines what the security configurations are for incoming messages to the client</li>
+ <li>client-policy.xml : Defines what the security configurations are for the client using security policies</li>
+ <li>services.xml : Defines what the security configurations are for a particular service using security policies</li>
</ol>
-<p><strong>NOTE:</strong> If you have changed an outgoing policy file, make sure that you change the corresponding incoming policy file as well, and vise versa. </p>
+<p><strong>NOTE:</strong> If you have changed a client's policy file, make sure that you change the corresponding policy assertions in the services.xml file as well, and vise versa. </p>
+<p><strong>NOTE:</strong> To try out samples, use the client available under samples/client/sec_echo <br>
+Usage: echo [address] [client_repo]</p>
</body>
</html>