You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by ka...@apache.org on 2007/09/11 06:41:12 UTC
svn commit: r574450 [3/3] - in /webservices/rampart/trunk/c/src:
omxmlsec/c14n/ util/
Modified: webservices/rampart/trunk/c/src/util/rampart_username_token.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_username_token.c?rev=574450&r1=574449&r2=574450&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_username_token.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_username_token.c Mon Sep 10 21:41:08 2007
@@ -73,8 +73,8 @@
username = rampart_context_get_user(rampart_context, env);
if(!username)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] User is not specified.");
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] User is not specified.");
return AXIS2_FAILURE;
}
@@ -88,8 +88,8 @@
param = rampart_context_get_ctx(rampart_context, env);
if(!param)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Param is not set.");
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Param is not set.");
return AXIS2_FAILURE;
}
password = (*password_function)(env, username, param);
@@ -99,8 +99,8 @@
password_callback = rampart_context_get_password_callback(rampart_context, env);
if(!password_callback)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] password callback module is not loaded. ERROR");
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] password callback module is not loaded. ERROR");
return AXIS2_FAILURE;
}
password = rampart_callback_password(env, password_callback, username);
@@ -108,8 +108,8 @@
}
if (!password)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Cannot find the password for user %s. ERROR", username);
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Cannot find the password for user %s. ERROR", username);
return AXIS2_FAILURE;
}
@@ -129,8 +129,8 @@
{
axiom_namespace_increment_ref(sec_ns_obj, env);
- un_ele = axiom_element_create(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_USERNAME, sec_ns_obj, &un_node);
+ un_ele = axiom_element_create(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_USERNAME, sec_ns_obj, &un_node);
if (un_ele)
{
axiom_element_set_text(un_ele, env, username, un_node);
@@ -138,7 +138,7 @@
password_type = rampart_context_get_password_type(rampart_context, env);
if(!password_type)
- {
+ {
password_type = RAMPART_PASSWORD_TEXT;
}
@@ -154,29 +154,29 @@
axiom_namespace_increment_ref(sec_ns_obj, env);
- pw_ele = axiom_element_create(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, sec_ns_obj, &pw_node);
+ pw_ele = axiom_element_create(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, sec_ns_obj, &pw_node);
if (pw_ele)
{
axiom_element_set_text(pw_ele, env, digest_val, pw_node);
- om_attr = axiom_attribute_create(env, RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE,
- RAMPART_PASSWORD_DIGEST_URI, NULL);
+ om_attr = axiom_attribute_create(env, RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE,
+ RAMPART_PASSWORD_DIGEST_URI, NULL);
axiom_element_add_attribute(pw_ele, env, om_attr, pw_node);
}
- nonce_ele = axiom_element_create(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_NONCE, sec_ns_obj, &nonce_node);
+ nonce_ele = axiom_element_create(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_NONCE, sec_ns_obj, &nonce_node);
if (nonce_ele)
{
axiom_element_set_text(nonce_ele, env, nonce_val , nonce_node);
}
- created_ele = axiom_element_create(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_CREATED, wsu_ns_obj, &created_node);
+ created_ele = axiom_element_create(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_CREATED, wsu_ns_obj, &created_node);
if (created_ele)
{
axiom_element_set_text(created_ele, env, created_val, created_node);
@@ -200,14 +200,14 @@
else /*default is passwordText*/
{
- pw_ele = axiom_element_create(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, sec_ns_obj, &pw_node);
+ pw_ele = axiom_element_create(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, sec_ns_obj, &pw_node);
if (pw_ele)
{
axiom_element_set_text(pw_ele, env, password, pw_node);
- om_attr = axiom_attribute_create(env,
- RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE, RAMPART_PASSWORD_TEXT_URI, NULL);
+ om_attr = axiom_attribute_create(env,
+ RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE, RAMPART_PASSWORD_TEXT_URI, NULL);
axiom_element_add_attribute(pw_ele, env, om_attr, pw_node);
}
@@ -246,37 +246,37 @@
ut_ele = axiom_node_get_data_element(ut_node, env);
if(!ut_ele)
- {
-
+ {
+
return AXIS2_FAILURE;
}
/*Check: Any USERNAME_TOKEN MUST NOT have more than one PASSWORD*/
- if (1 < oxs_axiom_get_number_of_children_with_qname(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
+ if (1 < oxs_axiom_get_number_of_children_with_qname(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_PASSWORD, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Username token must not have more than one password");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Username token must not have more than one password");
return AXIS2_FAILURE;
}
/*Check: Any USERNAME_TOKEN MUST NOT have more than one CREATED*/
- if (1 < oxs_axiom_get_number_of_children_with_qname(env,
- ut_node, RAMPART_SECURITY_USERNAMETOKEN_CREATED, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
+ if (1 < oxs_axiom_get_number_of_children_with_qname(env,
+ ut_node, RAMPART_SECURITY_USERNAMETOKEN_CREATED, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Username token must not have more than one creted element");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Username token must not have more than one creted element");
return AXIS2_FAILURE;
}
/*Check: Any USERNAME_TOKEN MUST NOT have more than one NONCE*/
- if (1 < oxs_axiom_get_number_of_children_with_qname(env, ut_node,
- RAMPART_SECURITY_USERNAMETOKEN_NONCE, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
+ if (1 < oxs_axiom_get_number_of_children_with_qname(env, ut_node,
+ RAMPART_SECURITY_USERNAMETOKEN_NONCE, RAMPART_WSSE_XMLNS, RAMPART_WSSE))
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Username token must not have more than one nonce element");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Username token must not have more than one nonce element");
return AXIS2_FAILURE;
}
@@ -295,43 +295,43 @@
element = axiom_node_get_data_element(node, env);
localname = axiom_element_get_localname(element, env);
- if (0 == axutil_strcmp(localname,
- RAMPART_SECURITY_USERNAMETOKEN_USERNAME))
+ if (0 == axutil_strcmp(localname,
+ RAMPART_SECURITY_USERNAMETOKEN_USERNAME))
{
username = axiom_element_get_text(element, env, node);
}
- else if (0 == axutil_strcmp(localname ,
- RAMPART_SECURITY_USERNAMETOKEN_PASSWORD))
+ else if (0 == axutil_strcmp(localname ,
+ RAMPART_SECURITY_USERNAMETOKEN_PASSWORD))
{
- password_type = axiom_element_get_attribute_value_by_name(element,
- env, RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE);
+ password_type = axiom_element_get_attribute_value_by_name(element,
+ env, RAMPART_SECURITY_USERNAMETOKEN_PASSWORD_ATTR_TYPE);
if (!password_type)
{
/*R4201 Any PASSWORD MUST specify a Type attribute */
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password Type is not specified in the password element");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Password Type is not specified in the password element");
return AXIS2_FAILURE;
}
/*Then we must check the password type with policy*/
password_type_pol = rampart_context_get_password_type(rampart_context, env);
if(!password_type_pol)
- {
+ {
password_type_pol = RP_PLAINTEXT;
- }
+ }
if(axutil_strcmp(password_type_pol, RP_DIGEST)==0)
{
if(0 != axutil_strcmp(password_type, RAMPART_PASSWORD_DIGEST_URI))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][shp] Password Type is Wrong ");
+ "[rampart][shp] Password Type is Wrong ");
rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_AUTHENTICATION,
- "Password Type is Wrong. Should be Digested.",
- RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
-
+ "Password Type is Wrong. Should be Digested.",
+ RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
+
return AXIS2_FAILURE;
}
}
@@ -340,38 +340,38 @@
if(0 == axutil_strcmp(password_type, RAMPART_PASSWORD_DIGEST_URI))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][shp] Password Type is Wrong ");
+ "[rampart][shp] Password Type is Wrong ");
rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_AUTHENTICATION,
- "Password Type is Wrong. Should be PlainText.",
- RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
-
+ "Password Type is Wrong. Should be PlainText.",
+ RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
+
return AXIS2_FAILURE;
}
}
password = axiom_element_get_text(element, env, node);
}
- else if (0 == axutil_strcmp(localname,
- RAMPART_SECURITY_USERNAMETOKEN_NONCE))
+ else if (0 == axutil_strcmp(localname,
+ RAMPART_SECURITY_USERNAMETOKEN_NONCE))
{
nonce = axiom_element_get_text(element, env, node);
- rampart_set_security_processed_result(env, msg_ctx,
- RAMPART_SPR_UT_NONCE, nonce);
+ rampart_set_security_processed_result(env, msg_ctx,
+ RAMPART_SPR_UT_NONCE, nonce);
}
- else if (0 == axutil_strcmp(localname ,
- RAMPART_SECURITY_USERNAMETOKEN_CREATED))
+ else if (0 == axutil_strcmp(localname ,
+ RAMPART_SECURITY_USERNAMETOKEN_CREATED))
{
created = axiom_element_get_text(element, env, node);
- rampart_set_security_processed_result(env,
- msg_ctx, RAMPART_SPR_UT_CREATED, created);
+ rampart_set_security_processed_result(env,
+ msg_ctx, RAMPART_SPR_UT_CREATED, created);
}
else
{
- AXIS2_LOG_INFO(env->log,
- "\n[rampart][rampart_usernametoken] Unknown element found %s -> %s",
- localname, axiom_element_get_text(element, env, node));
+ AXIS2_LOG_INFO(env->log,
+ "\n[rampart][rampart_usernametoken] Unknown element found %s -> %s",
+ localname, axiom_element_get_text(element, env, node));
}
@@ -379,8 +379,8 @@
}
else
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Cannot find child elements of Usernametoken");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Cannot find child elements of Usernametoken");
return AXIS2_FAILURE;
}
@@ -388,14 +388,14 @@
if (!username)
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Username is not specified");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Username is not specified");
return AXIS2_FAILURE;
}
/*Set the username to the SPR*/
- rampart_set_security_processed_result(env,
- msg_ctx, RAMPART_SPR_UT_USERNAME, username);
+ rampart_set_security_processed_result(env,
+ msg_ctx, RAMPART_SPR_UT_USERNAME, username);
ctx = axis2_msg_ctx_get_base(msg_ctx, env);
/**
@@ -413,24 +413,24 @@
if (0 == axutil_strcmp(password_type, RAMPART_PASSWORD_DIGEST_URI))
{
authenticate_with_digest = rampart_context_get_auth_digest_function(
- rampart_context, env);
+ rampart_context, env);
if(authenticate_with_digest)
{
- auth_status = authenticate_with_digest(env,
- username, nonce, created, password);
+ auth_status = authenticate_with_digest(env,
+ username, nonce, created, password);
if(RAMPART_AUTHN_PROVIDER_GRANTED == auth_status)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] User authenticated");
- rampart_set_security_processed_result(env,
- msg_ctx,RAMPART_SPR_UT_CHECKED, RAMPART_YES);
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] User authenticated");
+ rampart_set_security_processed_result(env,
+ msg_ctx,RAMPART_SPR_UT_CHECKED, RAMPART_YES);
return AXIS2_SUCCESS;
}
else
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
- username, auth_status);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
+ username, auth_status);
return AXIS2_FAILURE;
}
}
@@ -438,7 +438,7 @@
else
{
- authenticate_with_password =
+ authenticate_with_password =
rampart_context_get_auth_password_function(rampart_context, env);
if(authenticate_with_password)
{
@@ -446,15 +446,15 @@
if(RAMPART_AUTHN_PROVIDER_GRANTED == auth_status)
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] User authenticated");
- rampart_set_security_processed_result(env,
- msg_ctx, RAMPART_SPR_UT_CHECKED, RAMPART_YES);
+ rampart_set_security_processed_result(env,
+ msg_ctx, RAMPART_SPR_UT_CHECKED, RAMPART_YES);
return AXIS2_SUCCESS;
}
else
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
- username, auth_status);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
+ username, auth_status);
return AXIS2_FAILURE;
}
}
@@ -462,22 +462,22 @@
authn_provider = rampart_context_get_authn_provider(rampart_context, env);
if(authn_provider)
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Password authentication using AUTH MODULE");
- auth_status = rampart_authenticate_un_pw(env, authn_provider,
- username, password, nonce, created, password_type, msg_ctx);
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Password authentication using AUTH MODULE");
+ auth_status = rampart_authenticate_un_pw(env, authn_provider,
+ username, password, nonce, created, password_type, msg_ctx);
if(RAMPART_AUTHN_PROVIDER_GRANTED == auth_status)
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] User authenticated");
- rampart_set_security_processed_result(env, msg_ctx,
- RAMPART_SPR_UT_CHECKED, RAMPART_YES);
+ rampart_set_security_processed_result(env, msg_ctx,
+ RAMPART_SPR_UT_CHECKED, RAMPART_YES);
return AXIS2_SUCCESS;
}
else
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
- username, auth_status);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Password is not valid for user %s : status %d",
+ username, auth_status);
return AXIS2_FAILURE;
}
@@ -488,7 +488,7 @@
/*First we must check the password in rampart_context.*/
password_from_svr = rampart_context_get_password(
- rampart_context, env);
+ rampart_context, env);
/*If not then check the call back function*/
if(!password_from_svr)
@@ -500,9 +500,9 @@
if(!param)
{
rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_CHECK,
- "Error in the Internal configuration.", RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
+ "Error in the Internal configuration.", RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Error in the pwcb function.");
+ "[rampart][rampart_usernametoken] Error in the pwcb function.");
return AXIS2_FAILURE;
}
password_from_svr = (*password_function)(env, username, param);
@@ -513,22 +513,22 @@
if(!password_callback)
{
rampart_create_fault_envelope(env, RAMPART_FAULT_FAILED_CHECK,
- "Error in the Internal configuration.", RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
+ "Error in the Internal configuration.", RAMPART_FAULT_IN_USERNAMETOKEN, msg_ctx);
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password callback module is not specified");
-
+ "[rampart][rampart_usernametoken] Password callback module is not specified");
+
return AXIS2_FAILURE;
}
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Password authentication using CALLBACK MODULE ");
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Password authentication using CALLBACK MODULE ");
password_from_svr = rampart_callback_password(env, password_callback, username);
}
}
if (!password_from_svr)
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Cannot get the password for user %s", username);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Cannot get the password for user %s", username);
return AXIS2_FAILURE;
}
@@ -536,35 +536,35 @@
if (0 == axutil_strcmp(password_type, RAMPART_PASSWORD_DIGEST_URI))
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Generating digest to compare from the password");
- password_to_compare = rampart_crypto_sha1(env, nonce,
- created, password_from_svr);
- rampart_set_security_processed_result(env, msg_ctx,
- RAMPART_SPR_UT_PASSWORD_TYPE, RAMPART_PASSWORD_DIGEST_URI);
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Generating digest to compare from the password");
+ password_to_compare = rampart_crypto_sha1(env, nonce,
+ created, password_from_svr);
+ rampart_set_security_processed_result(env, msg_ctx,
+ RAMPART_SPR_UT_PASSWORD_TYPE, RAMPART_PASSWORD_DIGEST_URI);
}
else
{
password_to_compare = password_from_svr;
- rampart_set_security_processed_result(env, msg_ctx,
- RAMPART_SPR_UT_PASSWORD_TYPE, RAMPART_PASSWORD_TEXT_URI);
+ rampart_set_security_processed_result(env, msg_ctx,
+ RAMPART_SPR_UT_PASSWORD_TYPE, RAMPART_PASSWORD_TEXT_URI);
}
/*The BIG moment. Compare passwords*/
if (0 == axutil_strcmp(password_to_compare , password))
{
- AXIS2_LOG_INFO(env->log,
- "[rampart][rampart_usernametoken] Password comparison SUCCESS");
- rampart_set_security_processed_result(env, msg_ctx,
- RAMPART_SPR_UT_CHECKED, RAMPART_YES);
+ AXIS2_LOG_INFO(env->log,
+ "[rampart][rampart_usernametoken] Password comparison SUCCESS");
+ rampart_set_security_processed_result(env, msg_ctx,
+ RAMPART_SPR_UT_CHECKED, RAMPART_YES);
return AXIS2_SUCCESS;
}
else
{
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[rampart][rampart_usernametoken] Password is not valid for user %s",
- username);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
+ "[rampart][rampart_usernametoken] Password is not valid for user %s",
+ username);
return AXIS2_FAILURE;
}
}
Modified: webservices/rampart/trunk/c/src/util/rampart_util.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/src/util/rampart_util.c?rev=574450&r1=574449&r2=574450&view=diff
==============================================================================
--- webservices/rampart/trunk/c/src/util/rampart_util.c (original)
+++ webservices/rampart/trunk/c/src/util/rampart_util.c Mon Sep 10 21:41:08 2007
@@ -59,7 +59,7 @@
axutil_param_set_value_free(impl_info_param, env, axutil_dll_desc_free_void_arg);
axutil_class_loader_init(env);
ptr = axutil_class_loader_create_dll(env, impl_info_param);
-
+
*param = impl_info_param;
if (!ptr)