You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ma...@apache.org on 2007/03/22 11:40:38 UTC
svn commit: r521199 - in /webservices/axis2/trunk/c/rampart: include/
samples/secpolicy/scenario3/ samples/secpolicy/scenario4/
samples/secpolicy/scenario5/ src/util/
Author: manjula
Date: Thu Mar 22 03:40:34 2007
New Revision: 521199
URL: http://svn.apache.org/viewvc?view=rev&rev=521199
Log:
Modified key identifier building and processing logic.
Modified:
webservices/axis2/trunk/c/rampart/include/rampart_context.h
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-incoming-secpolicy.xml
webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-outgoing-secpolicy.xml
webservices/axis2/trunk/c/rampart/src/util/rampart_context.c
webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c
webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c
Modified: webservices/axis2/trunk/c/rampart/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/rampart_context.h?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/rampart_context.h (original)
+++ webservices/axis2/trunk/c/rampart/include/rampart_context.h Thu Mar 22 03:40:34 2007
@@ -378,12 +378,38 @@
rampart_context_get_encryption_user(
rampart_context_t *rampart_context,
const axis2_env_t *env);
-
+
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_is_token_include(
+ rampart_context_t *rampart_context,
+ rp_property_t *token,
+ int token_type,
+ axis2_bool_t server_side,
+ const axis2_env_t *env);
+/*
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
rampart_context_get_enc_key_identifier(
rampart_context_t *rampart_context,
rp_property_t *token,
axis2_bool_t server_side,
+ const axis2_env_t *env);
+*/
+ AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+ rampart_context_get_key_identifier(
+ rampart_context_t *rampart_context,
+ rp_property_t *token,
+ const axis2_env_t *env);
+
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_is_token_type_supported(
+ int token_type,
+ const axis2_env_t *env);
+
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_is_key_identifier_type_supported(
+ rampart_context_t *rampart_context,
+ rp_property_t *token,
+ axis2_char_t *identifier,
const axis2_env_t *env);
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/client-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario3/service-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/client-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario4/service-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/client-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-incoming-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-incoming-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-incoming-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-outgoing-secpolicy.xml?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-outgoing-secpolicy.xml (original)
+++ webservices/axis2/trunk/c/rampart/samples/secpolicy/scenario5/service-outgoing-secpolicy.xml Thu Mar 22 03:40:34 2007
@@ -5,7 +5,7 @@
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
@@ -14,7 +14,7 @@
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
- <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_context.c?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_context.c Thu Mar 22 03:40:34 2007
@@ -909,7 +909,7 @@
wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
if(!wss)
{
- identifier = RAMPART_STR_DIRECT_REFERENCE;
+ AXIS2_LOG_INFO(env->log,"Problem identifying the key Identifier." );
return identifier;
}
@@ -929,7 +929,7 @@
else if(rp_wss10_get_must_support_ref_embedded_token(wss10,env))
identifier = RAMPART_STR_EMBEDDED;
else
- identifier = RAMPART_STR_DIRECT_REFERENCE;
+ identifier = NULL;
return identifier;
}
@@ -953,7 +953,7 @@
else if(rp_wss11_get_must_support_ref_encryptedkey(wss11,env))
identifier = RAMPART_STR_ENCRYPTED_KEY;
else
- identifier = RAMPART_STR_DIRECT_REFERENCE;
+ identifier = NULL;
return identifier;
}
@@ -961,6 +961,164 @@
}
+axis2_bool_t AXIS2_CALL
+rampart_context_is_key_identifier_supported(
+ rp_property_t *token,
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ rp_property_t *wss = NULL;
+ rp_wss10_t *wss10 = NULL;
+ rp_wss11_t *wss11 = NULL;
+
+ wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
+ if(!wss)
+ {
+ AXIS2_LOG_INFO(env->log,"wss properties are not set.." );
+ return AXIS2_FALSE;
+ }
+
+ if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+ {
+ wss10 = rp_property_get_value(wss,env);
+ }
+ else if(rp_property_get_type(wss,env)==RP_WSS_WSS11)
+ {
+ wss11 = rp_property_get_value(wss,env);
+ }
+
+ if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+ {
+ rp_x509_token_t *x509_token = NULL;
+ x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+
+ if(!x509_token)
+ {
+ AXIS2_LOG_INFO(env->log,"Cannot get the token value from policy.");
+ return AXIS2_FALSE;
+ }
+ if(rp_x509_token_get_require_key_identifier_reference(x509_token,env))
+ return AXIS2_TRUE;
+ }
+ else
+ return AXIS2_FALSE;
+
+ if(wss10)
+ return rp_wss10_get_must_support_ref_key_identifier(wss10,env);
+
+ else if(wss11)
+ return rp_wss11_get_must_support_ref_key_identifier(wss11,env);
+
+ else return AXIS2_FALSE;
+
+}
+
+axis2_bool_t AXIS2_CALL
+rampart_context_is_issuer_serial_supported(
+ rp_property_t *token,
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ rp_property_t *wss = NULL;
+ rp_wss10_t *wss10 = NULL;
+ rp_wss11_t *wss11 = NULL;
+
+ wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
+ if(!wss)
+ {
+ AXIS2_LOG_INFO(env->log,"wss properties are not set.." );
+ return AXIS2_FALSE;
+ }
+
+ if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+ {
+ wss10 = rp_property_get_value(wss,env);
+ }
+ else if(rp_property_get_type(wss,env)==RP_WSS_WSS11)
+ {
+ wss11 = rp_property_get_value(wss,env);
+ }
+
+ if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+ {
+ rp_x509_token_t *x509_token = NULL;
+ x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+
+ if(!x509_token)
+ {
+ AXIS2_LOG_INFO(env->log,"Cannot get the token value from policy.");
+ return AXIS2_FALSE;
+ }
+ if(rp_x509_token_get_require_issuer_serial_reference(x509_token,env))
+ return AXIS2_TRUE;
+ }
+ else
+ return AXIS2_FALSE;
+
+ if(wss10)
+ return rp_wss10_get_must_support_ref_issuer_serial(wss10,env);
+
+ else if(wss11)
+ return rp_wss11_get_must_support_ref_issuer_serial(wss11,env);
+
+ else return AXIS2_FALSE;
+
+}
+
+axis2_bool_t AXIS2_CALL
+rampart_context_is_embedded_token_supported(
+ rp_property_t *token,
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ rp_property_t *wss = NULL;
+ rp_wss10_t *wss10 = NULL;
+ rp_wss11_t *wss11 = NULL;
+
+ wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
+ if(!wss)
+ {
+ AXIS2_LOG_INFO(env->log,"wss properties are not set.." );
+ return AXIS2_FALSE;
+ }
+
+ if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+ {
+ wss10 = rp_property_get_value(wss,env);
+ }
+ else if(rp_property_get_type(wss,env)==RP_WSS_WSS11)
+ {
+ wss11 = rp_property_get_value(wss,env);
+ }
+
+ if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+ {
+ rp_x509_token_t *x509_token = NULL;
+ x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+
+ if(!x509_token)
+ {
+ AXIS2_LOG_INFO(env->log,"Cannot get the token value from policy.");
+ return AXIS2_FALSE;
+ }
+ if(rp_x509_token_get_require_embedded_token_reference(x509_token,env))
+ return AXIS2_TRUE;
+ }
+ else
+ return AXIS2_FALSE;
+
+ if(wss10)
+ return rp_wss10_get_must_support_ref_embedded_token(wss10,env);
+
+ else if(wss11)
+ return rp_wss11_get_must_support_ref_embedded_token(wss11,env);
+
+ else return AXIS2_FALSE;
+}
+
+
+
+
AXIS2_EXTERN axis2_bool_t AXIS2_CALL
rampart_context_is_include_timestamp(
rampart_context_t *rampart_context,
@@ -1489,18 +1647,34 @@
}
-AXIS2_EXTERN axis2_char_t *AXIS2_CALL
-rampart_context_get_enc_key_identifier(
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_token_type_supported(
+ int token_type,
+ const axis2_env_t *env)
+{
+ if(token_type == RP_TOKEN_X509)
+ return AXIS2_TRUE;
+ else
+ {
+ AXIS2_LOG_INFO(env->log,"We still only suppport X509 Tokens.");
+ return AXIS2_FALSE;
+ }
+ /*This method will be extended when we are supporting other types of tokens.*/
+}
+
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_token_include(
rampart_context_t *rampart_context,
rp_property_t *token,
+ int token_type,
axis2_bool_t server_side,
const axis2_env_t *env)
{
- axis2_char_t *inclusion = NULL;
+ axis2_char_t *inclusion = NULL;
axis2_bool_t include = AXIS2_TRUE;
- axis2_char_t *identifier = NULL;
- if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+ if(token_type == RP_TOKEN_X509)
{
rp_x509_token_t *x509_token = NULL;
x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
@@ -1510,31 +1684,81 @@
include = ((axis2_strcmp(inclusion,RP_INCLUDE_ALWAYS)==0)||
(axis2_strcmp(inclusion,RP_INCLUDE_ONCE)==0));
else
- include = ((axis2_strcmp(inclusion,RP_INCLUDE_ALWAYS)==0)||
+ include = ((axis2_strcmp(inclusion,RP_INCLUDE_ALWAYS)==0)||
(axis2_strcmp(inclusion,RP_INCLUDE_ONCE)==0)||
(axis2_strcmp(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0));
-
- if(include)
+
+ return include;
+ }
+ else
+ {
+ AXIS2_LOG_INFO(env->log,"We still only support x509 tokens");
+ return AXIS2_FALSE;
+ }
+}
+
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_key_identifier(
+ rampart_context_t *rampart_context,
+ rp_property_t *token,
+ const axis2_env_t *env)
+{
+ axis2_char_t *identifier = NULL;
+
+ if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+ {
+ rp_x509_token_t *x509_token = NULL;
+ x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+
+ if(!x509_token)
{
- if(rp_x509_token_get_require_key_identifier_reference(x509_token,env))
+ AXIS2_LOG_INFO(env->log,"Cannot get the token value from policy.");
+ return NULL;
+ }
+ else
+ {
+ if(rp_x509_token_get_require_key_identifier_reference(x509_token,env))
identifier = RAMPART_STR_KEY_IDENTIFIER;
- else if(rp_x509_token_get_require_issuer_serial_reference(x509_token,env))
- identifier = RAMPART_STR_ISSUER_SERIAL;
- else if(rp_x509_token_get_require_embedded_token_reference(x509_token,env))
- identifier = RAMPART_STR_EMBEDDED;
- else if(rp_x509_token_get_require_thumb_print_reference(x509_token,env))
+ else if(rp_x509_token_get_require_issuer_serial_reference(x509_token,env))
+ identifier = RAMPART_STR_ISSUER_SERIAL;
+ else if(rp_x509_token_get_require_embedded_token_reference(x509_token,env))
+ identifier = RAMPART_STR_EMBEDDED;
+ else if(rp_x509_token_get_require_thumb_print_reference(x509_token,env))
identifier = RAMPART_STR_THUMB_PRINT;
- else
- return rampart_context_get_key_identifier_from_wss(rampart_context,env);
+ else
+ return rampart_context_get_key_identifier_from_wss(rampart_context,env);
- return identifier;
+ return identifier;
}
- else return NULL;
-
}
/*This can be extended when we are supporting other token types.*/
else return NULL;
}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_key_identifier_type_supported(
+ rampart_context_t *rampart_context,
+ rp_property_t *token,
+ axis2_char_t *identifier,
+ const axis2_env_t *env)
+{
+ if(axis2_strcmp(identifier,RAMPART_STR_KEY_IDENTIFIER)==0)
+ return rampart_context_is_key_identifier_supported(token,rampart_context,env);
+
+ else if(axis2_strcmp(identifier,RAMPART_STR_ISSUER_SERIAL)==0)
+ return rampart_context_is_issuer_serial_supported(token,rampart_context,env);
+
+ else if(axis2_strcmp(identifier,RAMPART_STR_EMBEDDED)==0)
+ return rampart_context_is_embedded_token_supported(token,rampart_context,env);
+
+ else if(axis2_strcmp(identifier,RAMPART_STR_THUMB_PRINT)==0)
+ return rampart_context_is_thumb_print_supported(token,rampart_context,env);
+
+ else
+ return AXIS2_FALSE;
+}
+
AXIS2_EXTERN axis2_char_t *AXIS2_CALL
rampart_context_get_layout(
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c Thu Mar 22 03:40:34 2007
@@ -82,11 +82,10 @@
return AXIS2_SUCCESS;
}
token_type = rp_property_get_type(token,env);
- if(token_type != RP_TOKEN_X509)
- {
- AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We only support X509 tokens");
- return AXIS2_SUCCESS;
- }
+
+ if(!rampart_context_is_token_type_supported(token_type,env))
+ return AXIS2_FAILURE;
+
if(rampart_context_check_is_derived_keys(env,token))
{
AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We still do not support derived keys");
@@ -143,11 +142,21 @@
enc_asym_algo = rampart_context_get_enc_asym_algo(rampart_context,env);
/*Get encryption key identifier*/
- eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
+ /*First we should check whether we include the token in the
+ *message.*/
+
+ if(rampart_context_is_token_include(rampart_context,token,token_type,server_side,env))
+ {
+ eki = RAMPART_STR_DIRECT_REFERENCE;
+ }
+ else
+ {
+ eki = rampart_context_get_key_identifier(rampart_context,token,env);
+ }
if(!eki)
{
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] The token is not needed for inclusion.");
- return AXIS2_SUCCESS;
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No mechanism for attaching the token.");
+ return AXIS2_FAILURE;
}
/*Create asymmetric encryption context*/
@@ -205,7 +214,6 @@
}
}
}
-
oxs_asym_ctx_set_operation(asym_ctx, env, OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT);
oxs_asym_ctx_set_st_ref_pattern(asym_ctx, env, eki);
/*Encrypt the session key*/
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c Thu Mar 22 03:40:34 2007
@@ -452,6 +452,8 @@
oxs_x509_cert_t *cert = NULL;
axiom_node_t *key_info_child_node = NULL;
axiom_node_t *envelope_node = NULL;
+ axis2_bool_t is_include_token = AXIS2_FALSE;
+
server_side = axis2_msg_ctx_get_server_side(msg_ctx,env);
sig_mtd_pol = rampart_context_get_asym_sig_algo(rampart_context,env);
digest_mtd_pol = rampart_context_get_digest_mtd(rampart_context,env);
@@ -536,22 +538,19 @@
return AXIS2_SUCCESS;
}
token_type = rp_property_get_type(token,env);
- if(token_type != RP_TOKEN_X509)
+
+ if(!rampart_context_is_token_type_supported(token_type,env))
{
- AXIS2_LOG_INFO(env->log,"[rampart][shp] We still only support X509 tokens");
- return AXIS2_SUCCESS;
- }
+ return AXIS2_FAILURE;
+ }
+
if(rampart_context_check_is_derived_keys(env,token))
{
AXIS2_LOG_INFO(env->log,"[rampart][shp] We still do not support derived keys");
return AXIS2_FAILURE;
}
- eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
- if(!eki)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][shp] No way of gettting the token.");
- return AXIS2_FAILURE;
- }
+ is_include_token = rampart_context_is_token_include(rampart_context,token,token_type,server_side,env);
+
/*key_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node,
OXS_NODE_KEY_INFO,OXS_DSIG_NS, OXS_DS );*/
@@ -577,34 +576,46 @@
str_child_name = axiom_util_get_localname(str_child_node, env);
if(str_child_name)
{
- if(0 == axis2_strcmp(str_child_name,OXS_NODE_EMBEDDED))
+ if(is_include_token)
{
- if(axis2_strcmp(eki,RAMPART_STR_EMBEDDED)!=0)
+ if(axis2_strcmp(str_child_name,OXS_NODE_REFERENCE)!=0)
{
- AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
+ AXIS2_LOG_INFO(env->log,"[Rampart][shp]Token is not included in the message.");
return AXIS2_FAILURE;
- }
- }
- else if(0 == axis2_strcmp(str_child_name,OXS_NODE_KEY_IDENTIFIER))
+ }
+ }
+ else
{
- if(axis2_strcmp(eki,RAMPART_STR_KEY_IDENTIFIER)!=0)
+ if(0 == axis2_strcmp(str_child_name,OXS_NODE_EMBEDDED))
{
- AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
- return AXIS2_FAILURE;
+ if(!rampart_context_is_key_identifier_type_supported(rampart_context,token,RAMPART_STR_EMBEDDED,env))
+ {
+ AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
+ return AXIS2_FAILURE;
+ }
+
}
- }
- else if(0 == axis2_strcmp(str_child_name,OXS_NODE_X509_DATA))
- {
- if(axis2_strcmp(eki,RAMPART_STR_ISSUER_SERIAL)!=0)
+ else if(0 == axis2_strcmp(str_child_name,OXS_NODE_KEY_IDENTIFIER))
+ {
+ if(!rampart_context_is_key_identifier_type_supported(rampart_context,token,RAMPART_STR_KEY_IDENTIFIER,env))
+ {
+ AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
+ return AXIS2_FAILURE;
+ }
+ }
+ else if(0 == axis2_strcmp(str_child_name,OXS_NODE_X509_DATA))
+ {
+ if(!rampart_context_is_key_identifier_type_supported(rampart_context,token,RAMPART_STR_ISSUER_SERIAL,env))
+ {
+ AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
+ return AXIS2_FAILURE;
+ }
+ }
+ else
{
AXIS2_LOG_INFO(env->log,"[Rampart][shp]Key Reference Info is mismatch with policy");
return AXIS2_FAILURE;
}
- }
- else if(0 != axis2_strcmp(str_child_name,OXS_NODE_REFERENCE))
- {
- AXIS2_LOG_INFO(env->log,"[Rampart][shp]Unknown key reference element inside Security Token Reference");
- return AXIS2_FAILURE;
}
cert = oxs_x509_cert_create(env);
status = rampart_token_process_security_token_reference(env,str_node,sec_node,cert);
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c?view=diff&rev=521199&r1=521198&r2=521199
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_signature.c Thu Mar 22 03:40:34 2007
@@ -167,25 +167,18 @@
return AXIS2_FAILURE;
}
token_type = rp_property_get_type(token,env);
- if(token_type != RP_TOKEN_X509)
- {
- AXIS2_LOG_INFO(env->log,"[rampart][rampart_signature] We only support X509 tokens");
+
+ if(!rampart_context_is_token_type_supported(token_type,env))
return AXIS2_FAILURE;
- }
+
if(rampart_context_check_is_derived_keys(env,token))
{
AXIS2_LOG_INFO(env->log,"[rampart][rampart_signature] We still do not support derived keys");
return AXIS2_FAILURE;
- }
- eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
- if(!eki)
- {
- AXIS2_LOG_INFO(env->log,"[rampart][rampart_signature] Key Identifier cannot be found.");
- return AXIS2_FAILURE;
- }
-
- /*If the type is direct reference we first build bst element*/
- if(axis2_strcmp(eki,RAMPART_STR_DIRECT_REFERENCE)==0)
+ }
+ /*If the requirement is to include the token we should build the binary security
+ * token element here.*/
+ if(rampart_context_is_token_include(rampart_context,token,token_type,server_side,env))
{
axis2_char_t *bst_data = NULL;
@@ -196,6 +189,7 @@
}
/*This flag will be useful when creating key Info element.*/
is_direct_reference = AXIS2_TRUE;
+ eki = RAMPART_STR_DIRECT_REFERENCE;
cert_id = oxs_util_generate_id(env,(axis2_char_t*)OXS_CERT_ID);
bst_data = oxs_x509_cert_get_data(cert, env);
@@ -213,9 +207,17 @@
return AXIS2_FAILURE;
}
- }
+ }
else
+ {
+ eki = rampart_context_get_key_identifier(rampart_context,token,env);
is_direct_reference = AXIS2_FALSE;
+ }
+ if(!eki)
+ {
+ AXIS2_LOG_INFO(env->log,"[rampart][rampart_signature] No way of attaching the token.");
+ return AXIS2_FAILURE;
+ }
/*Get the asymmetric signature algorithm*/
asym_sig_algo = rampart_context_get_asym_sig_algo(rampart_context,env);
@@ -249,14 +251,6 @@
axis2_array_list_add(sign_parts, env, sign_part);
}
}
-/*
- eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
- if(!eki)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] The token is not needed for inclusion.");
- return AXIS2_SUCCESS;
- }
-*/
sign_ctx = oxs_sign_ctx_create(env);
/*First check whether the private key is set*/
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org