You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by sh...@apache.org on 2008/07/02 10:56:06 UTC
svn commit: r673323 - in /webservices/rampart/trunk/c:
ides/Rampart/Rampart/Rampart.vcproj include/trust_sts_client.h
src/omxmlsec/key_mgr.c src/secconv/sct_provider_utility.c
src/trust/sts_client.c
Author: shankar
Date: Wed Jul 2 01:56:06 2008
New Revision: 673323
URL: http://svn.apache.org/viewvc?rev=673323&view=rev
Log:
using user specified rampart context if possible.
Modified:
webservices/rampart/trunk/c/ides/Rampart/Rampart/Rampart.vcproj
webservices/rampart/trunk/c/include/trust_sts_client.h
webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c
webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c
webservices/rampart/trunk/c/src/trust/sts_client.c
Modified: webservices/rampart/trunk/c/ides/Rampart/Rampart/Rampart.vcproj
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/ides/Rampart/Rampart/Rampart.vcproj?rev=673323&r1=673322&r2=673323&view=diff
==============================================================================
--- webservices/rampart/trunk/c/ides/Rampart/Rampart/Rampart.vcproj (original)
+++ webservices/rampart/trunk/c/ides/Rampart/Rampart/Rampart.vcproj Wed Jul 2 01:56:06 2008
@@ -698,7 +698,7 @@
Name="secconv"
>
<File
- RelativePath="..\..\..\src\secconv\sct_provider.c"
+ RelativePath="..\..\..\src\secconv\sct_provider_utility.c"
>
</File>
<File
@@ -989,6 +989,10 @@
>
</File>
<File
+ RelativePath="..\..\..\include\rampart_sct_provider_utility.h"
+ >
+ </File>
+ <File
RelativePath="..\..\..\include\rampart_sec_header_builder.h"
>
</File>
Modified: webservices/rampart/trunk/c/include/trust_sts_client.h
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/include/trust_sts_client.h?rev=673323&r1=673322&r2=673323&view=diff
==============================================================================
--- webservices/rampart/trunk/c/include/trust_sts_client.h (original)
+++ webservices/rampart/trunk/c/include/trust_sts_client.h Wed Jul 2 01:56:06 2008
@@ -103,7 +103,8 @@
trust_context_t *trust_context,
neethi_policy_t *issuer_policy,
axis2_char_t *address_version,
- axis2_bool_t is_soap11);
+ axis2_bool_t is_soap11,
+ rampart_context_t *rampart_context);
AXIS2_EXTERN axis2_status_t AXIS2_CALL
trust_sts_client_set_issuer_policy_location(
Modified: webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c?rev=673323&r1=673322&r2=673323&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c (original)
+++ webservices/rampart/trunk/c/src/omxmlsec/key_mgr.c Wed Jul 2 01:56:06 2008
@@ -135,7 +135,7 @@
{
if (key_mgr->prv_key_password)
{
- AXIS2_FREE(env->allocator, password);
+ AXIS2_FREE(env->allocator, key_mgr->prv_key_password);
}
key_mgr->prv_key_password = axutil_strdup(env, password);
return AXIS2_SUCCESS;
Modified: webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c?rev=673323&r1=673322&r2=673323&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c (original)
+++ webservices/rampart/trunk/c/src/secconv/sct_provider_utility.c Wed Jul 2 01:56:06 2008
@@ -22,6 +22,7 @@
#include <rampart_constants.h>
#include <trust_sts_client.h>
#include <oxs_utility.h>
+#include <rampart_handler_util.h>
#define RAMPART_SCT_PROVIDER_HASH_PROB "Rampart_SCT_Prov_DB_Prop"
@@ -29,7 +30,13 @@
sct_provider_obtain_token_from_sts(
const axutil_env_t* env,
rp_security_context_token_t* rp_sct,
- axis2_msg_ctx_t* msg_ctx);
+ axis2_msg_ctx_t* msg_ctx,
+ rampart_context_t *rampart_context);
+
+static rampart_context_t *
+get_new_rampart_context(
+ const axutil_env_t *env,
+ axis2_msg_ctx_t *msg_ctx);
/* This method finds security context token using given parameters. If it is called without sct_id,
@@ -98,7 +105,7 @@
{
/* we can request sct from sts */
- sct = sct_provider_obtain_token_from_sts(env, rp_sct, msg_ctx);
+ sct = sct_provider_obtain_token_from_sts(env, rp_sct, msg_ctx, rampart_context);
}
else
{
@@ -346,7 +353,8 @@
sct_provider_obtain_token_from_sts(
const axutil_env_t* env,
rp_security_context_token_t* rp_sct,
- axis2_msg_ctx_t* msg_ctx)
+ axis2_msg_ctx_t* msg_ctx,
+ rampart_context_t *rampart_context)
{
axis2_char_t* issuer_address = NULL;
axis2_char_t* client_home = NULL;
@@ -455,7 +463,8 @@
}
buffer = trust_sts_client_request_security_token_using_policy(
- sts_client, env, trust_context, cloned_policy, addressing_version_from_msg_ctx, is_soap11);
+ sts_client, env, trust_context, cloned_policy, addressing_version_from_msg_ctx,
+ is_soap11, get_new_rampart_context(env, msg_ctx));
/* Obtain the reply from sts */
rstr = trust_context_get_rstr(trust_context, env);
@@ -758,4 +767,60 @@
return AXIS2_SUCCESS;
}
+/* this is used to create a new rampart context and copy details given by rampart specific
+ * assertions. */
+static rampart_context_t *
+get_new_rampart_context(
+ const axutil_env_t *env,
+ axis2_msg_ctx_t *msg_ctx)
+{
+ rampart_context_t *in_rampart_ctx = NULL;
+ rampart_context_t *out_rampart_ctx = NULL;
+
+ in_rampart_ctx = (rampart_context_t*)rampart_get_rampart_configuration(
+ env, msg_ctx, RAMPART_CONFIGURATION);
+
+ /* rampart context is not given by user. It was built by policy */
+ if(!in_rampart_ctx)
+ {
+ return NULL;
+ }
+
+ out_rampart_ctx = rampart_context_create(env);
+ if(!out_rampart_ctx)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart]Cannot create new rampart context. Insufficient memory.");
+ return NULL;
+ }
+
+ rampart_context_set_ttl(out_rampart_ctx, env, rampart_context_get_ttl(in_rampart_ctx, env));
+ rampart_context_set_user(out_rampart_ctx, env,
+ axutil_strdup(env, rampart_context_get_user(in_rampart_ctx, env)));
+ rampart_context_set_certificate(out_rampart_ctx, env,
+ rampart_context_get_certificate(in_rampart_ctx, env));
+ rampart_context_set_certificate_type(out_rampart_ctx, env,
+ rampart_context_get_certificate_type(in_rampart_ctx, env));
+ rampart_context_set_receiver_certificate(out_rampart_ctx, env,
+ rampart_context_get_receiver_certificate(in_rampart_ctx, env));
+ rampart_context_set_receiver_certificate_type(out_rampart_ctx, env,
+ rampart_context_get_receiver_certificate_type(in_rampart_ctx, env));
+ rampart_context_set_prv_key(out_rampart_ctx, env,
+ rampart_context_get_prv_key(in_rampart_ctx, env));
+ rampart_context_set_prv_key_type(out_rampart_ctx, env,
+ rampart_context_get_prv_key_type(in_rampart_ctx, env));
+ rampart_context_set_password_type(out_rampart_ctx, env,
+ rampart_context_get_password_type(in_rampart_ctx, env));
+ rampart_context_set_password(out_rampart_ctx, env,
+ rampart_context_get_password(in_rampart_ctx, env));
+ rampart_context_set_pwcb_function(out_rampart_ctx, env,
+ rampart_context_get_pwcb_function(in_rampart_ctx, env),
+ rampart_context_get_pwcb_user_params(in_rampart_ctx, env));
+ rampart_context_set_replay_detect_function(out_rampart_ctx, env,
+ rampart_context_get_replay_detect_function(in_rampart_ctx, env),
+ rampart_context_get_rd_user_params(in_rampart_ctx, env));
+ rampart_context_set_rd_val(out_rampart_ctx, env,
+ rampart_context_get_rd_val(in_rampart_ctx, env));
+ return out_rampart_ctx;
+}
Modified: webservices/rampart/trunk/c/src/trust/sts_client.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/trust/sts_client.c?rev=673323&r1=673322&r2=673323&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/trust/sts_client.c (original)
+++ webservices/rampart/trunk/c/src/trust/sts_client.c Wed Jul 2 01:56:06 2008
@@ -413,7 +413,8 @@
trust_context_t *trust_context,
neethi_policy_t *issuer_policy,
axis2_char_t *address_version,
- axis2_bool_t is_soap11)
+ axis2_bool_t is_soap11,
+ rampart_context_t *rampart_context)
{
axis2_status_t status = AXIS2_SUCCESS;
axiom_node_t *rst_node = NULL;
@@ -456,6 +457,23 @@
if (sts_client->svc_client)
{
+ /* if rampart context is set, we can set it to svc_client. This will be used by
+ * scripting bindings to specify rampart specific values */
+ if(rampart_context)
+ {
+ axis2_svc_ctx_t *svc_ctx = NULL;
+ axis2_conf_ctx_t *conf_ctx = NULL;
+ axis2_conf_t *conf = NULL;
+ axutil_param_t *security_param = NULL;
+
+ svc_ctx = axis2_svc_client_get_svc_ctx (sts_client->svc_client, env);
+ conf_ctx = axis2_svc_ctx_get_conf_ctx (svc_ctx, env);
+ conf = axis2_conf_ctx_get_conf (conf_ctx, env);
+ security_param = axutil_param_create (
+ env, RAMPART_CONFIGURATION, (void *)rampart_context);
+ axis2_conf_add_param (conf, env, security_param);
+ }
+
if(issuer_policy)
{
status = axis2_svc_client_set_policy(sts_client->svc_client, env, issuer_policy);