You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ru...@apache.org on 2006/11/24 14:43:54 UTC
svn commit: r478882 - in
/webservices/axis2/branches/java/1_1/modules/samples/security/policy:
sample01/README.txt sample02/README.txt sample03/README.txt
sample04/README.txt sample04/policy.xml sample04/services.xml
Author: ruchithf
Date: Fri Nov 24 05:43:53 2006
New Revision: 478882
URL: http://svn.apache.org/viewvc?view=rev&rev=478882
Log:
updated README files of policy samples and updated the secure conversation configurations
Modified:
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample01/README.txt
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample02/README.txt
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample03/README.txt
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/README.txt
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/policy.xml
webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/services.xml
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample01/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample01/README.txt?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample01/README.txt (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample01/README.txt Fri Nov 24 05:43:53 2006
@@ -1 +1,8 @@
-TODO
\ No newline at end of file
+UsernameToken Authentication
+
+The policy uses a TransportBinding and requires a SignedSupportingToken which
+is a UsernameToken and the inclusion of a TimeStamp.
+
+Note that Rampart does not enforce the use of HTTPS transport and that
+{http://ws.apache.org/rampart/policy}RampartConfig assertion provides
+additional information required to secure the message.
\ No newline at end of file
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample02/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample02/README.txt?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample02/README.txt (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample02/README.txt Fri Nov 24 05:43:53 2006
@@ -1 +1,7 @@
-TODO
\ No newline at end of file
+Sign only
+
+An AsymmetricBinding is used. Entire headers and body to be signed.
+Algorithm suite is TripleDesRsa15
+
+Note that {http://ws.apache.org/rampart/policy}RampartConfig assertion provides
+additional information required to secure the message.
\ No newline at end of file
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample03/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample03/README.txt?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample03/README.txt (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample03/README.txt Fri Nov 24 05:43:53 2006
@@ -1 +1,9 @@
-TODO
\ No newline at end of file
+Sign and Encrypt messages
+
+An AsymmetricBinding is used. Entire headers and body to be signed.
+EncryptionParts specifies the Body to be encrypted.
+
+Algorithm suite is TripleDesRsa15
+
+Note that {http://ws.apache.org/rampart/policy}RampartConfig assertion provides
+additional information required to secure the message.
\ No newline at end of file
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/README.txt?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/README.txt (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/README.txt Fri Nov 24 05:43:53 2006
@@ -1 +1,15 @@
-TODO
\ No newline at end of file
+SecureConversation
+
+The secure session is bootstrapped using a SymetricBinding which uses
+derived keys based on an ephemeral key.
+
+Messages in the secure conversation :
+ - Includes a timestamp
+ - All headers are signed along with the timestamp
+ - Signature encrypted
+ - Body encrypted
+
+Algorithm suite is Basic128Rsa15
+
+Note that {http://ws.apache.org/rampart/policy}RampartConfig assertion provides
+additional information required to secure the message.
\ No newline at end of file
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/policy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/policy.xml?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/policy.xml (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/policy.xml Fri Nov 24 05:43:53 2006
@@ -126,68 +126,6 @@
</ramp:crypto>
</ramp:encryptionCypto>
- <ramp:tokenIssuerPolicy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:EncryptedParts>
- <sp:Body/>
- </sp:EncryptedParts>
- <sp:SymmetricBinding>
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:EndorsingSupportingTokens>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:EndorsingSupportingTokens>
- <sp:Wss11>
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- <sp:RequireSignatureConfirmation/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10>
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- </wsp:Policy>
- </ramp:tokenIssuerPolicy>
-
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
Modified: webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/services.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/services.xml?view=diff&rev=478882&r1=478881&r2=478882
==============================================================================
--- webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/services.xml (original)
+++ webservices/axis2/branches/java/1_1/modules/samples/security/policy/sample04/services.xml Fri Nov 24 05:43:53 2006
@@ -136,69 +136,7 @@
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</ramp:property>
</ramp:crypto>
</ramp:encryptionCypto>
-
- <ramp:tokenIssuerPolicy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
- <wsp:Policy>
- <sp:EncryptedParts>
- <sp:Body/>
- </sp:EncryptedParts>
- <sp:SymmetricBinding>
- <wsp:Policy>
- <sp:ProtectionToken>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
- <wsp:Policy>
- <sp:RequireDerivedKeys/>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:ProtectionToken>
- <sp:AlgorithmSuite>
- <wsp:Policy>
- <sp:Basic128Rsa15/>
- </wsp:Policy>
- </sp:AlgorithmSuite>
- <sp:Layout>
- <wsp:Policy>
- <sp:Strict/>
- </wsp:Policy>
- </sp:Layout>
- <sp:IncludeTimestamp/>
- <sp:EncryptSignature/>
- <sp:OnlySignEntireHeadersAndBody/>
- </wsp:Policy>
- </sp:SymmetricBinding>
- <sp:EndorsingSupportingTokens>
- <wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
- <wsp:Policy>
- <sp:RequireThumbprintReference/>
- <sp:WssX509V3Token10/>
- </wsp:Policy>
- </sp:X509Token>
- </wsp:Policy>
- </sp:EndorsingSupportingTokens>
- <sp:Wss11>
- <wsp:Policy>
- <sp:MustSupportRefKeyIdentifier/>
- <sp:MustSupportRefIssuerSerial/>
- <sp:MustSupportRefThumbprint/>
- <sp:MustSupportRefEncryptedKey/>
- <sp:RequireSignatureConfirmation/>
- </wsp:Policy>
- </sp:Wss11>
- <sp:Trust10>
- <wsp:Policy>
- <sp:MustSupportIssuedTokens/>
- <sp:RequireClientEntropy/>
- <sp:RequireServerEntropy/>
- </wsp:Policy>
- </sp:Trust10>
- </wsp:Policy>
- </ramp:tokenIssuerPolicy>
-
+
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org