You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2006/12/13 15:21:50 UTC
svn commit: r486667 [6/6] - in /webservices/axis2/trunk/java: ./ etc/
modules/integration/ modules/integration/test/org/apache/rampart/
modules/rahas/ modules/rahas/src/org/apache/rahas/
modules/rahas/src/org/apache/rahas/client/ modules/rahas/src/org/...
Modified: webservices/axis2/trunk/java/modules/samples/security/policy/sample03/policy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/samples/security/policy/sample03/policy.xml?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/security/policy/sample03/policy.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/security/policy/sample03/policy.xml Wed Dec 13 06:21:47 2006
@@ -1,74 +1,92 @@
-<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:InitiatorToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:InitiatorToken>
- <sp:RecipientToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:RecipientToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:TripleDesRsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:AsymmetricBinding>
- <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- </wsp:Policy>
- </sp:Wss10>
- <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:SignedParts>
- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:EncryptedParts>
-
- <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>client</ramp:user>
- <ramp:encryptionUser>service</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample03.PWCBHandler</ramp:passwordCallbackClass>
-
- <ramp:signatureCrypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
- </ramp:crypto>
- </ramp:signatureCrypto>
- <ramp:encryptionCypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
- </ramp:crypto>
- </ramp:encryptionCypto>
- </ramp:RampartConfig>
-
- </wsp:All>
- </wsp:ExactlyOne>
-</wsp:Policy>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+
+<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>client</ramp:user>
+ <ramp:encryptionUser>service</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample03.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+ </ramp:RampartConfig>
+
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Modified: webservices/axis2/trunk/java/modules/samples/security/policy/sample03/services.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/samples/security/policy/sample03/services.xml?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/security/policy/sample03/services.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/security/policy/sample03/services.xml Wed Dec 13 06:21:47 2006
@@ -1,3 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
<!-- services.xml of sample-2 : Sign only-->
<service>
<operation name="echo">
Modified: webservices/axis2/trunk/java/modules/samples/security/policy/sample04/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/samples/security/policy/sample04/README.txt?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/security/policy/sample04/README.txt (original)
+++ webservices/axis2/trunk/java/modules/samples/security/policy/sample04/README.txt Wed Dec 13 06:21:47 2006
@@ -1 +1,15 @@
-TODO
\ No newline at end of file
+SecureConversation
+
+The secure session is bootstrapped using a SymetricBinding which uses
+derived keys based on an ephemeral key.
+
+Messages in the secure conversation :
+ - Includes a timestamp
+ - All headers are signed along with the timestamp
+ - Signature encrypted
+ - Body encrypted
+
+Algorithm suite is Basic128Rsa15
+
+Note that {http://ws.apache.org/rampart/policy}RampartConfig assertion provides
+additional information required to secure the message.
\ No newline at end of file
Modified: webservices/axis2/trunk/java/modules/samples/security/policy/sample04/policy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/samples/security/policy/sample04/policy.xml?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/security/policy/sample04/policy.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/security/policy/sample04/policy.xml Wed Dec 13 06:21:47 2006
@@ -1,194 +1,150 @@
-<wsp:Policy wsu:Id="SecConvPolicy2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:SecureConversationToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:BootstrapPolicy>
- <wsp:Policy>
- <sp:EncryptedParts>
- <sp:Body/>
- </sp:EncryptedParts>
- <sp:SymmetricBinding>
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:EndorsingSupportingTokens>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:EndorsingSupportingTokens>
- <sp:Wss11>
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- <sp:RequireSignatureConfirmation/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10>
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- </wsp:Policy>
- </sp:BootstrapPolicy>
- </wsp:Policy>
- </sp:SecureConversationToken>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <sp:Body/>
- </sp:EncryptedParts>
- <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
- <ramp:user>client</ramp:user>
- <ramp:encryptionUser>service</ramp:encryptionUser>
- <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample04.PWCBHandler</ramp:passwordCallbackClass>
-
- <ramp:signatureCrypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
- </ramp:crypto>
- </ramp:signatureCrypto>
- <ramp:encryptionCypto>
- <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
- <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
- </ramp:crypto>
- </ramp:encryptionCypto>
-
- <ramp:tokenIssuerPolicy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:EncryptedParts>
- <sp:Body/>
- </sp:EncryptedParts>
- <sp:SymmetricBinding>
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:EndorsingSupportingTokens>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:EndorsingSupportingTokens>
- <sp:Wss11>
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- <sp:RequireSignatureConfirmation/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10>
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- </wsp:Policy>
- </ramp:tokenIssuerPolicy>
-
- </ramp:RampartConfig>
- </wsp:All>
- </wsp:ExactlyOne>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+
+<wsp:Policy wsu:Id="SecConvPolicy2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ <ramp:user>client</ramp:user>
+ <ramp:encryptionUser>service</ramp:encryptionUser>
+ <ramp:passwordCallbackClass>org.apache.rampart.samples.policy.sample04.PWCBHandler</ramp:passwordCallbackClass>
+
+ <ramp:signatureCrypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:signatureCrypto>
+ <ramp:encryptionCypto>
+ <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
+ <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
+ </ramp:crypto>
+ </ramp:encryptionCypto>
+
+ </ramp:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
</wsp:Policy>
Modified: webservices/axis2/trunk/java/modules/samples/security/policy/sample04/services.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/samples/security/policy/sample04/services.xml?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/samples/security/policy/sample04/services.xml (original)
+++ webservices/axis2/trunk/java/modules/samples/security/policy/sample04/services.xml Wed Dec 13 06:21:47 2006
@@ -1,3 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
<!-- services.xml of sample-2 : Sign only-->
<service>
<operation name="echo">
@@ -136,69 +153,7 @@
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
-
- <ramp:tokenIssuerPolicy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:EncryptedParts>
- <sp:Body/>
- </sp:EncryptedParts>
- <sp:SymmetricBinding>
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:EndorsingSupportingTokens>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:EndorsingSupportingTokens>
- <sp:Wss11>
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- <sp:RequireSignatureConfirmation/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10>
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- </wsp:Policy>
- </ramp:tokenIssuerPolicy>
-
+
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
Modified: webservices/axis2/trunk/java/modules/secpolicy/src/org/apache/ws/secpolicy/model/X509Token.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/secpolicy/src/org/apache/ws/secpolicy/model/X509Token.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/secpolicy/src/org/apache/ws/secpolicy/model/X509Token.java (original)
+++ webservices/axis2/trunk/java/modules/secpolicy/src/org/apache/ws/secpolicy/model/X509Token.java Wed Dec 13 06:21:47 2006
@@ -176,6 +176,12 @@
writer.writeEndElement();
}
+ if(isDerivedKeys()) {
+ // <sp:RequireDerivedKeys/>
+ writer.writeStartElement(prefix, Constants.REQUIRE_DERIVED_KEYS.getLocalPart(), namespaceURI);
+ writer.writeEndElement();
+ }
+
// </wsp:Policy>
writer.writeEndElement();
Modified: webservices/axis2/trunk/java/modules/security/maven.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/maven.xml?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/maven.xml (original)
+++ webservices/axis2/trunk/java/modules/security/maven.xml Wed Dec 13 06:21:47 2006
@@ -72,12 +72,12 @@
<copy file="src/META-INF/services/org.apache.neethi.builders.AssertionBuilder"
tofile="target/temp-mar/META-INF/services/org.apache.neethi.builders.AssertionBuilder" overwrite="true" />
- <jar jarfile="target/rampart-${rampart_version}.mar" basedir="target/temp-mar/">
+ <jar jarfile="target/rampart-${rampart_module_version}.mar" basedir="target/temp-mar/">
<include name="**/*"/>
</jar>
- <copy file="target/rampart-${rampart_version}.mar" tofile="target/modules/rampart-${rampart_version}.mar"/>
- <copy file="target/rampart-${rampart_version}.mar" tofile="${maven.repo.local}/org.apache.axis2/mars/rampart-${rampart_version}.mar"/>
+ <copy file="target/rampart-${rampart_module_version}.mar" tofile="target/modules/rampart-${rampart_module_version}.mar"/>
+ <copy file="target/rampart-${rampart_module_version}.mar" tofile="${maven.repo.local}/org.apache.axis2/mars/rampart-${rampart_module_version}.mar"/>
<delete includeEmptyDirs="true">
<fileset dir="target/temp-mar"/>
@@ -155,9 +155,9 @@
<ant:include name="**/oasisOpen/**/*.class"/>
<ant:include name="**/xmlmime/**/*.class"/>
<ant:include name="**/PWCallback.class"/>
-
+ <ant:include name="**/InteropScenarioClient.class"/>
</ant:fileset>
- </ant:move>
+ </ant:move>
<delete includeEmptyDirs="true">
<fileset dir="${basedir}/target/classes/org/apache/axis2/oasis/"/>
@@ -199,9 +199,10 @@
<copy file="interop/interop2.jks"
tofile="${class.dir}/interop2.jks" overwrite="yes"/>
- <jar jarfile="target/PingPort.aar" basedir="target/interop/classes">
+ <jar jarfile="target/PingPort.aar" basedir="target/interop/classes">
<include name="**/*"/>
</jar>
+
</j:if>
</postGoal>
@@ -210,6 +211,14 @@
<copy toDir="target/classes/META-INF/services" overwrite="yes">
<fileset dir="src/META-INF/services" />
</copy>
+ <j:if test="${context.getVariable('maven.test.skip') != 'true'}">
+ <delete includeEmptyDirs="true">
+ <fileset dir="target/classes/org/xmlsoap/"/>
+ <fileset dir="target/classes/org/oasis_open/"/>
+ <fileset dir="target/classes/org/w3/"/>
+ <fileset file="target/classes/org/apache/axis2/security/InteropScenarioClient.class"/>
+ </delete>
+ </j:if>
</preGoal>
</project>
Modified: webservices/axis2/trunk/java/modules/security/release-docs/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/release-docs/README.txt?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/release-docs/README.txt (original)
+++ webservices/axis2/trunk/java/modules/security/release-docs/README.txt Wed Dec 13 06:21:47 2006
@@ -1,5 +1,5 @@
======================================================
-Apache Rampart-1.1-RC1 build (Month Day, 2006)
+Apache Rampart-1.1 build (December 5th, 2006)
http://ws.apache.org/axis2/modules/rampart/
------------------------------------------------------
@@ -12,14 +12,30 @@
in addition to the libraries available in the axis2 standard binary
release.
-modules - This directory contains all Apache Axis2 modules shipped with
- Apache Rampart:
- rampart-1.1.mar
- rahas-1.1.mar
+
+rampart-1.1.mar - WS-Security and WS-SecureConversation support for Axis2
+rahas-1.1.mar - STS module - to be used to add STS operations to a service
+ IMPORTANT: Note that the module versions are set to 1.1 enven
+ though this release is 1.1-RC1
+
+rahas-1.1.zip - STS zip - you can use this to create your own configured STS
samples - This contains samples on using Apache Rampart and configuring
different conponents to carryout different WS-Sec* operations.
+README.txt - This file
+
+build.xml - Setup file to copy all jars to required places
+
+IMPORTANT: Before you try any of the samples makesure you
+
+1.) Have the Axis2 standard binary distribution downloaded and extracted.
+2.) Set the AXIS2_HOME environment variable
+3.) Run ant from the "samples" directory to copy the required libraries and
+ modules to relevant directories in AXIS2_HOME.
+4.) Download xalan-2.7.0.jar from here[1] and put under AXIS2_HOME\lib folder,
+ if you use JDK 1.5.
+
___________________
Support
===================
@@ -40,3 +56,4 @@
The Apache Rampart team.
+[1] http://www.apache.org/dist/java-repository/xalan/jars/
Added: webservices/axis2/trunk/java/modules/security/release-docs/build.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/release-docs/build.xml?view=auto&rev=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/release-docs/build.xml (added)
+++ webservices/axis2/trunk/java/modules/security/release-docs/build.xml Wed Dec 13 06:21:47 2006
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+
+<project basedir="." default="setup">
+
+ <property name="lib.dir" value="lib"/>
+ <property name="modules.dir" value="."/>
+
+ <property environment="env"/>
+
+ <target name="check.dependency" unless="env.AXIS2_HOME">
+ <echo message="AXIS2_HOME must be set"/>
+ </target>
+
+ <!-- Copy the required jars and mars appropriately -->
+ <target name="setup" if="env.AXIS2_HOME" depends="check.dependency">
+
+ <property name="axis2.modules.dir" value="${env.AXIS2_HOME}/repository/modules/"/>
+ <property name="axis2.lib.dir" value="${env.AXIS2_HOME}/lib"/>
+
+ <!-- Delete exising axiom jars -->
+ <delete file="${axis2.lib.dir}/axiom-api-1.2.jar"/>
+ <delete file="${axis2.lib.dir}/axiom-impl-1.2.jar"/>
+ <delete file="${axis2.lib.dir}/axiom-dom-1.2.jar"/>
+
+ <copy todir="${axis2.lib.dir}">
+ <fileset dir="${lib.dir}">
+ <include name="**/*.jar"/>
+ </fileset>
+ </copy>
+
+ <copy todir="${axis2.modules.dir}">
+ <fileset dir="${modules.dir}">
+ <include name="**/*.mar"/>
+ </fileset>
+ </copy>
+
+ </target>
+
+</project>
\ No newline at end of file
Modified: webservices/axis2/trunk/java/modules/security/release-docs/release-notes.html
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/release-docs/release-notes.html?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/release-docs/release-notes.html (original)
+++ webservices/axis2/trunk/java/modules/security/release-docs/release-notes.html Wed Dec 13 06:21:47 2006
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+ <title>Apache Rampart - Release Notes</title>
+ <meta name="generator" content="amaya 9.2.2, see http://www.w3.org/Amaya/"
+ />
+</head>
+
+<body>
+<h1>Apache Rampart Release Notes</h1>
+
+<p>This is the 1.1 release of Apache Rampart.</p>
+
+<p>Apache Rampart 1.1 is a toolkit that provides implementations of the WS-Sec*
+specifications for Apache Axis 1.1, based on Apache WSS4J 1.5.1 and
+the Apache AXIOM-DOOM 1.2.1 implementation.</p>
+
+<b>What is in this release</b>
+
+<p>There are two main Apache Axis2 modules provided with this release.</p>
+<ul>
+<li>rampart-1.1.mar</li>
+This provides support for WS-Security and WS-SecureConversation features.
+<li>rahas-1.1.mar</li>
+This module provides the necessary components to enable SecurityTokenService
+functionality on a service.
+</ul>
+
+<p>Apache Rampart 1.1 introduces a new configuration model based on WS-Policy
+and WS-Security Policy and it is important to note that Apache Rampart 1.0 style
+configuration is now deprecated and will not be available in next major version.
+</p>
+
+<p>Apache Rampart 1.1 can be successfully used with the next Apache Sandesha2
+release targeted towards Apache Axis2 1.1 to configure
+WS-SecureConversation + WS-ReliableMessaging scenarios.</p>
+<p>
+The rampart module was successfully tested for interoperability with other
+WS-Security implementations.</p>
+
+<p>WS - Sec* specifications supported by Apache Rampart are as follows:</p>
+
+<ul>
+<li>WS - Security 1.0</li>
+<li>WS - Secure Conversation - February 2005</li>
+<li>WS - Security Policy - 1.1 - July 2005</li>
+<li>WS - Trust - February 2005</li>
+<li>WS - Trust - WS-SX spec - EXPERIMENTAL </li>
+</ul>
+
+
+
+
+<p>Thank you for using Apache Rampart.</p>
+
+<p></p>
+
+<p>Apache Rampart team</p>
+
+<p></p>
+
+<p></p>
+
+<p></p>
+
+<p></p>
+
+<p></p>
+
+<p></p>
+</body>
+</html>
\ No newline at end of file
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/PolicyBasedResultsValidator.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/PolicyBasedResultsValidator.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/PolicyBasedResultsValidator.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/PolicyBasedResultsValidator.java Wed Dec 13 06:21:47 2006
@@ -25,6 +25,7 @@
import org.apache.ws.secpolicy.model.Token;
import org.apache.ws.secpolicy.model.UsernameToken;
import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.message.token.Timestamp;
@@ -60,6 +61,14 @@
}
//sig/encr
+ Vector encryptedParts = RampartUtil.getEncryptedParts(rmd);
+ if(rpd.isSignatureProtection() && isSignatureRequired(rpd)) {
+ encryptedParts.add(new WSEncryptionPart(WSConstants.SIG_LN,
+ WSConstants.SIG_NS, "Element"));
+ }
+
+ Vector signatureParts = RampartUtil.getSignedParts(rmd);
+ validateEncrSig(encryptedParts, signatureParts, results);
validateProtectionOrder(data, results);
@@ -118,6 +127,56 @@
}
/**
+ * @param encryptedParts
+ * @param signatureParts
+ */
+ private void validateEncrSig(Vector encryptedParts, Vector signatureParts, Vector results)
+ throws RampartException {
+ ArrayList actions = getSigEncrActions(results);
+ boolean sig = false;
+ boolean encr = false;
+ for (Iterator iter = actions.iterator(); iter.hasNext();) {
+ Integer act = (Integer) iter.next();
+ if(act.intValue() == WSConstants.SIGN) {
+ sig = true;
+ } else if(act.intValue() == WSConstants.ENCR) {
+ encr = true;
+ }
+ }
+
+ if(sig && signatureParts.size() == 0) {
+
+ //Unexpected signature
+ throw new RampartException("unexprectedSignature");
+ } else if(!sig && signatureParts.size() > 0) {
+
+ //required signature missing
+ throw new RampartException("signatureMissing");
+ }
+
+ if(encr && encryptedParts.size() == 0) {
+
+ //Check whether its just an encrypted key
+ ArrayList list = this.getResults(results, WSConstants.ENCR);
+ boolean encrDataFound = false;
+ for (Iterator iter = list.iterator(); iter.hasNext();) {
+ WSSecurityEngineResult result = (WSSecurityEngineResult) iter.next();
+ if(result.getDataRefUris() != null) {
+ encrDataFound = true;
+ }
+ }
+ if(encrDataFound) {
+ //Unexpected encryption
+ throw new RampartException("unexprectedEncryptedPart");
+ }
+ } else if(!encr && encryptedParts.size() > 0) {
+
+ //required signature missing
+ throw new RampartException("encryptionMissing");
+ }
+ }
+
+ /**
* @param data
* @param results
*/
@@ -194,8 +253,7 @@
} else {
boolean encrFound = false;
- for (Iterator iter = sigEncrActions.iterator();
- iter.hasNext() || !done;) {
+ for (Iterator iter = sigEncrActions.iterator(); iter.hasNext();) {
Integer act = (Integer) iter.next();
if(act.intValue() == WSConstants.ENCR) {
encrFound = true;
@@ -236,7 +294,7 @@
//Check for encrypted body
if(rpd.isEncryptBody()) {
- if(!encrRefs.remove(data.getBodyEncrDataId())){
+ if(!encrRefs.contains(data.getBodyEncrDataId())){
throw new RampartException("encryptedPartMissing",
new String[]{data.getBodyEncrDataId()});
}
@@ -244,13 +302,6 @@
int refCount = 0;
- if(rpd.isSignatureProtection() &&
- ((rpd.isSymmetricBinding() && rpd.getSignatureToken() != null) ||
- (!rpd.isSymmetricBinding() && !rpd.isTransportBinding() &&
- rpd.getInitiatorToken() != null))) {
- refCount ++;
- }
-
refCount += rpd.getEncryptedParts().size();
if(encrRefs.size() != refCount) {
@@ -258,6 +309,12 @@
new String[]{Integer.toString(refCount)});
}
+ }
+
+ private boolean isSignatureRequired(RampartPolicyData rpd) {
+ return (rpd.isSymmetricBinding() && rpd.getSignatureToken() != null) ||
+ (!rpd.isSymmetricBinding() && !rpd.isTransportBinding() &&
+ rpd.getInitiatorToken() != null);
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartEngine.java Wed Dec 13 06:21:47 2006
@@ -19,23 +19,14 @@
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.WSSPolicyException;
-import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngine;
-import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.message.token.Timestamp;
import org.apache.ws.security.util.WSSecurityUtil;
-import java.math.BigInteger;
-import java.security.cert.X509Certificate;
-import java.util.Calendar;
-import java.util.Date;
import java.util.Vector;
public class RampartEngine {
@@ -45,8 +36,14 @@
RampartException, WSSecurityException, AxisFault {
RampartMessageData rmd = new RampartMessageData(msgCtx, false);
+
+
+ //If there is no policy information or if the message is a fault
RampartPolicyData rpd = rmd.getPolicyData();
- if(rpd == null) {
+ if(rpd == null ||
+ WSSecurityUtil.findElement(rmd.getDocument().getDocumentElement(),
+ "Fault",
+ rmd.getSoapConstants().getEnvelopeURI()) != null) {
SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOOMDocument(rmd.getDocument());
//Convert back to llom since the inflow cannot use llom
@@ -54,6 +51,7 @@
Axis2Util.useDOOM(false);
return null;
}
+
Vector results = null;
WSSecurityEngine engine = new WSSecurityEngine();
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/RampartMessageData.java Wed Dec 13 06:21:47 2006
@@ -254,7 +254,8 @@
MessageContext inMsgCtx;
if (opCtx != null
&& (inMsgCtx = opCtx
- .getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null) {
+ .getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null
+ && msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) == null) {
msgContext.setProperty(WSHandlerConstants.RECV_RESULTS,
inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
@@ -278,8 +279,10 @@
this.customClassLoader = msgCtx.getAxisService().getClassLoader();
- this.secHeader = new WSSecHeader();
- secHeader.insertSecurityHeader(this.document);
+ if(this.policyData != null) {
+ this.secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(this.document);
+ }
} catch (TrustException e) {
throw new RampartException("errorInExtractingMsgProps", e);
@@ -565,7 +568,7 @@
/**
* @param msgCtx
- * @return
+ * @return The key to store/pickup policy of an operation
*/
public static String getOperationPolicyKey(MessageContext msgCtx) {
if(msgCtx.getAxisOperation() != null) {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/AsymmetricBindingBuilder.java Wed Dec 13 06:21:47 2006
@@ -531,39 +531,55 @@
if(resultsObj != null) {
encryptedKeyId = RampartUtil.getRequestEncryptedKeyId((Vector)resultsObj);
encryptedKeyValue = RampartUtil.getRequestEncryptedKeyValue((Vector)resultsObj);
- if(encryptedKeyId == null || encryptedKeyValue == null) {
- throw new RampartException("missingEncryptedKeyInRequest");
+
+ //In the case where we don't have the EncryptedKey in the
+ //request, for the control to have reached this state,
+ //the scenario MUST be a case where this is the response
+ //message by a listener created for an async client
+ //Therefor we will create a new EncryptedKey
+ if(encryptedKeyId == null && encryptedKeyValue == null) {
+ createEncryptedKey(rmd, token);
}
} else {
throw new RampartException("noSecurityResults");
}
- } else {
- //Set up the encrypted key to use
- encrKey = this.getEncryptedKeyBuilder(rmd, token);
+ } else {
+ createEncryptedKey(rmd, token);
+ }
+ }
- Element bstElem = encrKey.getBinarySecurityTokenElement();
- if (bstElem != null) {
- // If a BST is available then use it
- RampartUtil.appendChildToSecHeader(rmd, bstElem);
- }
-
- // Add the EncryptedKey
- encrTokenElement = encrKey.getEncryptedKeyElement();
- this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
- encrTokenElement);
- encryptedKeyValue = encrKey.getEphemeralKey();
- encryptedKeyId = encrKey.getId();
+ /**
+ * Create an encrypted key element
+ * @param rmd
+ * @param token
+ * @throws RampartException
+ */
+ private void createEncryptedKey(RampartMessageData rmd, Token token) throws RampartException {
+ //Set up the encrypted key to use
+ encrKey = this.getEncryptedKeyBuilder(rmd, token);
- //Store the token for client - response verification
- // and server - response creation
- try {
- org.apache.rahas.Token tok = new org.apache.rahas.Token(
- encryptedKeyId, (OMElement)encrTokenElement , null, null);
- tok.setSecret(encryptedKeyValue);
- rmd.getTokenStorage().add(tok);
- } catch (TrustException e) {
- throw new RampartException("errorInAddingTokenIntoStore", e);
- }
- }
+ Element bstElem = encrKey.getBinarySecurityTokenElement();
+ if (bstElem != null) {
+ // If a BST is available then use it
+ RampartUtil.appendChildToSecHeader(rmd, bstElem);
+ }
+
+ // Add the EncryptedKey
+ encrTokenElement = encrKey.getEncryptedKeyElement();
+ this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
+ encrTokenElement);
+ encryptedKeyValue = encrKey.getEphemeralKey();
+ encryptedKeyId = encrKey.getId();
+
+ //Store the token for client - response verification
+ // and server - response creation
+ try {
+ org.apache.rahas.Token tok = new org.apache.rahas.Token(
+ encryptedKeyId, (OMElement)encrTokenElement , null, null);
+ tok.setSecret(encryptedKeyValue);
+ rmd.getTokenStorage().add(tok);
+ } catch (TrustException e) {
+ throw new RampartException("errorInAddingTokenIntoStore", e);
+ }
}
}
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/BindingBuilder.java Wed Dec 13 06:21:47 2006
@@ -71,7 +71,6 @@
/**
* @param rmd
- * @param doc
*/
protected void addTimestamp(RampartMessageData rmd) {
log.debug("Adding timestamp");
@@ -97,9 +96,7 @@
/**
* Add a UsernameToken to the security header
* @param rmd
- * @param rpd
- * @param doc
- * @return
+ * @return The <code>WSSecUsernameToken</code> instance
* @throws RampartException
*/
protected WSSecUsernameToken addUsernameToken(RampartMessageData rmd) throws RampartException {
@@ -176,8 +173,13 @@
WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
- //Use thumbprint
- encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+ if(rpd.getWss11() != null) {
+ //Use thumbprint
+ encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+ } else {
+ //Use SKI
+ encrKey.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+ }
} else {
encrKey.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
}
@@ -204,8 +206,13 @@
log.debug("Token inclusion: " + token.getInclusion());
if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
- //Use thumbprint
- sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+ if(rpd.getWss11() != null) {
+ //Use thumbprint
+ sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+ } else {
+ //Use SKI
+ sig.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+ }
} else {
sig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
}
@@ -381,7 +388,7 @@
return endSuppTokMap;
}
/**
- * @param sigSuppTokMap
+ * @param tokenMap
* @param sigParts
* @throws RampartException
*/
@@ -537,8 +544,7 @@
* Get hold of the token from the token storage
* @param rmd
* @param tokenId
- * @param tok
- * @return
+ * @return token from the token storage
* @throws RampartException
*/
protected org.apache.rahas.Token getToken(RampartMessageData rmd,
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/builder/TransportBindingBuilder.java Wed Dec 13 06:21:47 2006
@@ -77,7 +77,7 @@
Token token = (Token) iter.next();
if(token instanceof UsernameToken) {
WSSecUsernameToken utBuilder = addUsernameToken(rmd);
- utBuilder.setPasswordType(WSConstants.PW_TEXT);
+ utBuilder.setPasswordType(WSConstants.PASSWORD_TEXT);
utBuilder.prepare(rmd.getDocument());
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationCallbackHandler.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationCallbackHandler.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationCallbackHandler.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationCallbackHandler.java Wed Dec 13 06:21:47 2006
@@ -28,6 +28,7 @@
/**
* This is ths callback handler used to extract he secure conversation
* session key for a given context identifier
+ * @deprecated
*/
public class ConversationCallbackHandler implements CallbackHandler {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationConfiguration.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationConfiguration.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationConfiguration.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/ConversationConfiguration.java Wed Dec 13 06:21:47 2006
@@ -43,6 +43,7 @@
/**
* Configuration manager for Ramapart-SecConv
+ * @deprecated
*/
public class ConversationConfiguration {
@@ -277,7 +278,7 @@
/**
* @param msgCtx
- * @return
+ * @return The configuration parameter from the given message context
*/
public static Parameter getParameter(MessageContext msgCtx) {
Parameter param = msgCtx.getParameter(SC_CONFIG);
@@ -300,7 +301,7 @@
/**
* Generate the Axis2 parameter representing ConversationConfiguration
- * @return
+ * @return The Axis2 parameter representing ConversationConfiguration
*/
public Parameter getParameter() {
Parameter param = new Parameter();
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/STSRequester.java Wed Dec 13 06:21:47 2006
@@ -39,6 +39,9 @@
import javax.xml.namespace.QName;
+/**
+ * @deprecated
+ */
public class STSRequester {
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/conversation/Util.java Wed Dec 13 06:21:47 2006
@@ -43,7 +43,7 @@
* <code>Crypto</code> instance of the configuration.
*
* @param config
- * @return
+ * @return The crypto instance of this configuration
* @throws RahasException
*/
public static Crypto getCryptoInstace(ConversationConfiguration config)
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/errors.properties Wed Dec 13 06:21:47 2006
@@ -77,4 +77,7 @@
encryptedPartMissing = Missing encryption result for id : {0}
invalidNumberOfEncryptedParts = Invalid number of encrypted parts
protectionOrderMismatch = Protection order mismatch
-usernameTokenMissing = UsernameToken missing in request
\ No newline at end of file
+usernameTokenMissing = UsernameToken missing in request
+signatureMissing = Message is not signed
+unexprectedEncryptedPart = Unexpected encrypted data found, no encryption required
+encryptionMissing = Expected encrypted part missing
\ No newline at end of file
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/RampartReceiver.java Wed Dec 13 06:21:47 2006
@@ -26,7 +26,6 @@
import org.apache.axis2.engine.Handler;
import org.apache.rampart.RampartEngine;
import org.apache.rampart.RampartException;
-import org.apache.rampart.util.Axis2Util;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityException;
@@ -58,6 +57,10 @@
this.handlerDesc = handlerdesc;
}
+ public void flowComplete(MessageContext msgContext)
+ {
+ }
+
public InvocationResponse invoke(MessageContext msgContext) throws AxisFault {
if (!msgContext.isEngaged(new QName(WSSHandlerConstants.SECURITY_MODULE_NAME))) {
@@ -119,9 +122,6 @@
}
- public void flowComplete(MessageContext msgContext)
- {
- }
public HandlerDescription getHandlerDesc() {
return this.handlerDesc;
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllReceiver.java Wed Dec 13 06:21:47 2006
@@ -52,6 +52,9 @@
import java.util.Iterator;
import java.util.Vector;
+/**
+ * @deprecated
+ */
public class WSDoAllReceiver extends WSDoAllHandler {
private static final Log log = LogFactory.getLog(WSDoAllReceiver.class);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/WSDoAllSender.java Wed Dec 13 06:21:47 2006
@@ -57,6 +57,9 @@
import java.util.Date;
import java.util.Vector;
+/**
+ * @deprecated
+ */
public class WSDoAllSender extends WSDoAllHandler {
private static final Log log = LogFactory.getLog(WSDoAllSender.class);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/InflowConfiguration.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/InflowConfiguration.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/InflowConfiguration.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/InflowConfiguration.java Wed Dec 13 06:21:47 2006
@@ -114,7 +114,7 @@
/**
* Sets the decryption property ref key.
- * @param decryptionPropFile
+ * @param decryptionPropRefKey
*/
public void setDecryptionPropRefKey(String decryptionPropRefKey) {
this.action.put(WSHandlerConstants.DEC_PROP_REF_ID,decryptionPropRefKey);
@@ -154,7 +154,7 @@
/**
* Sets the signature property ref key.
- * @param signaturePropFile
+ * @param signaturePropRefId
*/
public void setSignaturePropRefId(String signaturePropRefId) {
this.action.put(WSHandlerConstants.SIG_PROP_REF_ID, signaturePropRefId);
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/OutflowConfiguration.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/OutflowConfiguration.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/OutflowConfiguration.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/handler/config/OutflowConfiguration.java Wed Dec 13 06:21:47 2006
@@ -496,7 +496,7 @@
/**
* Enable/Disable PrecisionInMilliseconds
- * @param encPropFile
+ * @param value
*/
public void setPrecisionInMilliseconds(boolean value) {
this.actionList[this.currentAction].put(
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/policy/RampartPolicyData.java Wed Dec 13 06:21:47 2006
@@ -436,7 +436,7 @@
}
/**
- * @param signedEndorsingSupportingToken The signedEndorsingSupportingToken to set.
+ * @param signedEndorsingSupportingTokens The signedEndorsingSupportingToken to set.
*/
public void setSignedEndorsingSupportingTokens(
SupportingToken signedEndorsingSupportingTokens) {
@@ -451,7 +451,7 @@
}
/**
- * @param signedSupportingToken The signedSupportingToken to set.
+ * @param signedSupportingTokens The signedSupportingToken to set.
*/
public void setSignedSupportingTokens(SupportingToken signedSupportingTokens) {
this.signedSupportingTokens = signedSupportingTokens;
@@ -465,7 +465,7 @@
}
/**
- * @param endorsingSupportingToken The endorsingSupportingToken to set.
+ * @param endorsingSupportingTokens The endorsingSupportingToken to set.
*/
public void setEndorsingSupportingTokens(SupportingToken endorsingSupportingTokens) {
this.endorsingSupportingTokens = endorsingSupportingTokens;
Modified: webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java?view=diff&rev=486667&r1=486666&r2=486667
==============================================================================
--- webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java (original)
+++ webservices/axis2/trunk/java/modules/security/src/org/apache/rampart/util/RampartUtil.java Wed Dec 13 06:21:47 2006
@@ -86,7 +86,7 @@
/**
* @param msgContext
* @param rpd
- * @return
+ * @return The <code>CallbackHandler</code> instance
* @throws RampartException
*/
public static CallbackHandler getPasswordCB(MessageContext msgContext, RampartPolicyData rpd) throws RampartException {
@@ -172,7 +172,7 @@
* from the rampart configuration assertion
*
* @param config
- * @return
+ * @return The <code>Crypto</code> instance to be used for encryption
* @throws RampartException
*/
public static Crypto getEncryptionCrypto(RampartConfig config, ClassLoader loader)
@@ -208,7 +208,7 @@
* from the rampart configuration assertion
*
* @param config
- * @return
+ * @return The <code>Crypto</code> instance to be used for signature
* @throws RampartException
*/
public static Crypto getSignatureCrypto(RampartConfig config, ClassLoader loader)
@@ -231,7 +231,7 @@
/**
* figureout the key identifier of a give X509Token
* @param token
- * @return
+ * @return The key identifier of a give X509Token
* @throws RampartException
*/
public static int getKeyIdentifier(X509Token token) throws RampartException {
@@ -251,7 +251,7 @@
/**
* Process a give issuer address element and return the address.
* @param issuerAddress
- * @return
+ * @return The address of an issuer address element
* @throws RampartException If the issuer address element is malformed.
*/
public static String processIssuerAddress(OMElement issuerAddress)
@@ -320,7 +320,7 @@
* Obtain a security context token.
* @param rmd
* @param secConvTok
- * @return
+ * @return Return the SecurityContextidentifier of the token
* @throws TrustException
* @throws RampartException
*/
@@ -372,7 +372,7 @@
* Obtain an issued token.
* @param rmd
* @param issuedToken
- * @return
+ * @return The identifier of the issued token
* @throws RampartException
*/
public static String getIssuedToken(RampartMessageData rmd,
@@ -408,7 +408,7 @@
* @param issuerEpr
* @param action
* @param issuerPolicy
- * @return
+ * @return Return the identifier of the obtained token
* @throws RampartException
*/
public static String getToken(RampartMessageData rmd, OMElement rstTemplate,
@@ -581,7 +581,7 @@
/**
* Creates the unique (reproducible) id for to hold the context identifier
* of the message exchange.
- * @return
+ * @return Id to hold the context identifier in the message context
*/
public static String getContextIdentifierKey(MessageContext msgContext) {
return msgContext.getAxisService().getName();
@@ -590,7 +590,7 @@
/**
* Returns the map of security context token identifiers
- * @return
+ * @return the map of security context token identifiers
*/
public static Hashtable getContextMap(MessageContext msgContext) {
//Fist check whether its there
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org