You are viewing a plain text version of this content. The canonical link for it is here.

Posted to c-dev@axis.apache.org by "Malinda Kaushalye Kapuruge (JIRA)" <ji...@apache.org> on 2006/11/23 07:52:05 UTC

[jira] Resolved: (AXIS2C-407) Add security processed results to the message context.

     [ http://issues.apache.org/jira/browse/AXIS2C-407?page=all ]

Malinda Kaushalye Kapuruge resolved AXIS2C-407.
-----------------------------------------------

    Fix Version/s: Current (Nightly)
       Resolution: Fixed

Results of a security verification will be stored in a hashtable and inserted in to the message context so that it can be used for another purpose in the future. For example in the service. 
The advantage is that the heavy process of getting the message envelope and processing it using AXIOM functions can be  avoided with this approach. 
All we have to do is call the function

void * rampart_get_security_processed_result(const axis2_env_t *env,
        axis2_msg_ctx_t *msg_ctx,
        axis2_char_t *key);

Here key is the key to a particular property 
e.g. 

RAMPART_SPR_UT_USERNAME user of the username token
RAMPART_SPR_UT_CREATED created time of the username token
RAMPART_SPR_UT_NONCE nonce of the username token
RAMPART_SPR_UT_PASSWORD_TYPE either plain text or the digest 
RAMPART_SPR_TS_CREATED reated time of the timestamp token
RAMPART_SPR_TS_EXPIRES expires time of the timestamp token

If the we need to get all the security processed results call the function
axis2_hash_t* rampart_get_security_processed_results_set(const axis2_env_t *env,
    axis2_msg_ctx_t *msg_ctx)




> Add security processed results to the message context.
> ------------------------------------------------------
>
>                 Key: AXIS2C-407
>                 URL: http://issues.apache.org/jira/browse/AXIS2C-407
>             Project: Axis2-C
>          Issue Type: New Feature
>          Components: rampart
>    Affects Versions: M0.1
>         Environment: NA
>            Reporter: Malinda Kaushalye Kapuruge
>         Assigned To: Malinda Kaushalye Kapuruge
>            Priority: Minor
>             Fix For: Current (Nightly)
>
>
> After processing security headers it is better to add security processed results to the message context. This will avoid the heavy SOAP header processing (which is kind of a repetition of the handler logic) in the service end.
> E.g. If username token is processed, add the usernametoken_processed_result property to the msg_ctx.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org

Re: [jira] Resolved: (AXIS2C-407) Add security processed results to the message context.

Posted by Kaushalye Kapuruge <ka...@wso2.com>.

Damitha Kumarage wrote:
> Malinda Kaushalye Kapuruge (JIRA) wrote:
>
>>     [ http://issues.apache.org/jira/browse/AXIS2C-407?page=all ]
>>
>> Malinda Kaushalye Kapuruge resolved AXIS2C-407.
>> -----------------------------------------------
>>
>>    Fix Version/s: Current (Nightly)
>>       Resolution: Fixed
>>
>> Results of a security verification will be stored in a hashtable and 
>> inserted in to the message context so that it can be used for another 
>> purpose in the future. For example in the service. The advantage is 
>> that the heavy process of getting the message envelope and processing 
>> it using AXIOM functions can be  avoided with this approach. All we 
>> have to do is call the function
>>
>> void * rampart_get_security_processed_result(const axis2_env_t *env,
>>        axis2_msg_ctx_t *msg_ctx,
>>        axis2_char_t *key);
>>  
>>
> Why we need to have return type as void *. Can't we have a definite 
> structure like a property here.
> Otherwise there will be freeing problems
>
Hmm... this is actually designed with axis2_char_t* in mind. But later 
changed for a void*. Will do the needful. Thanks for the input.
>> Here key is the key to a particular property e.g.
>> RAMPART_SPR_UT_USERNAME user of the username token
>> RAMPART_SPR_UT_CREATED created time of the username token
>> RAMPART_SPR_UT_NONCE nonce of the username token
>> RAMPART_SPR_UT_PASSWORD_TYPE either plain text or the digest 
>> RAMPART_SPR_TS_CREATED reated time of the timestamp token
>> RAMPART_SPR_TS_EXPIRES expires time of the timestamp token
>>
>> If the we need to get all the security processed results call the 
>> function
>> axis2_hash_t* rampart_get_security_processed_results_set(const 
>> axis2_env_t *env,
>>    axis2_msg_ctx_t *msg_ctx)
>>  
>>
> better to have this function as
> axis2_hash_t *rampart_get_all_security_processed_results(
>    const axis2_env_t *env,
>    axis2_msg_ctx_t *msg_ctx);
+1.

>
>>
>>
>>
>>  
>>
>>> Add security processed results to the message context.
>>> ------------------------------------------------------
>>>
>>>                Key: AXIS2C-407
>>>                URL: http://issues.apache.org/jira/browse/AXIS2C-407
>>>            Project: Axis2-C
>>>         Issue Type: New Feature
>>>         Components: rampart
>>>   Affects Versions: M0.1
>>>        Environment: NA
>>>           Reporter: Malinda Kaushalye Kapuruge
>>>        Assigned To: Malinda Kaushalye Kapuruge
>>>           Priority: Minor
>>>            Fix For: Current (Nightly)
>>>
>>>
>>> After processing security headers it is better to add security 
>>> processed results to the message context. This will avoid the heavy 
>>> SOAP header processing (which is kind of a repetition of the handler 
>>> logic) in the service end.
>>> E.g. If username token is processed, add the 
>>> usernametoken_processed_result property to the msg_ctx.
>>>   
>>
>>  
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-dev-help@ws.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org

Re: [jira] Resolved: (AXIS2C-407) Add security processed results to the message context.

Posted by Damitha Kumarage <da...@gmail.com>.

Malinda Kaushalye Kapuruge (JIRA) wrote:

>     [ http://issues.apache.org/jira/browse/AXIS2C-407?page=all ]
>
>Malinda Kaushalye Kapuruge resolved AXIS2C-407.
>-----------------------------------------------
>
>    Fix Version/s: Current (Nightly)
>       Resolution: Fixed
>
>Results of a security verification will be stored in a hashtable and inserted in to the message context so that it can be used for another purpose in the future. For example in the service. 
>The advantage is that the heavy process of getting the message envelope and processing it using AXIOM functions can be  avoided with this approach. 
>All we have to do is call the function
>
>void * rampart_get_security_processed_result(const axis2_env_t *env,
>        axis2_msg_ctx_t *msg_ctx,
>        axis2_char_t *key);
>  
>
Why we need to have return type as void *. Can't we have a definite 
structure like a property here.
Otherwise there will be freeing problems

>Here key is the key to a particular property 
>e.g. 
>
>RAMPART_SPR_UT_USERNAME user of the username token
>RAMPART_SPR_UT_CREATED created time of the username token
>RAMPART_SPR_UT_NONCE nonce of the username token
>RAMPART_SPR_UT_PASSWORD_TYPE either plain text or the digest 
>RAMPART_SPR_TS_CREATED reated time of the timestamp token
>RAMPART_SPR_TS_EXPIRES expires time of the timestamp token
>
>If the we need to get all the security processed results call the function
>axis2_hash_t* rampart_get_security_processed_results_set(const axis2_env_t *env,
>    axis2_msg_ctx_t *msg_ctx)
>  
>
better to have this function as
axis2_hash_t *rampart_get_all_security_processed_results(
    const axis2_env_t *env,
    axis2_msg_ctx_t *msg_ctx);

>
>
>
>  
>
>>Add security processed results to the message context.
>>------------------------------------------------------
>>
>>                Key: AXIS2C-407
>>                URL: http://issues.apache.org/jira/browse/AXIS2C-407
>>            Project: Axis2-C
>>         Issue Type: New Feature
>>         Components: rampart
>>   Affects Versions: M0.1
>>        Environment: NA
>>           Reporter: Malinda Kaushalye Kapuruge
>>        Assigned To: Malinda Kaushalye Kapuruge
>>           Priority: Minor
>>            Fix For: Current (Nightly)
>>
>>
>>After processing security headers it is better to add security processed results to the message context. This will avoid the heavy SOAP header processing (which is kind of a repetition of the handler logic) in the service end.
>>E.g. If username token is processed, add the usernametoken_processed_result property to the msg_ctx.
>>    
>>
>
>  
>


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org