You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ma...@apache.org on 2007/04/25 12:51:16 UTC
svn commit: r532308 - in /webservices/axis2/scratch/c/neethi/rampart: ./
build/win32/ include/ samples/ samples/client/sec_echo/ samples/secpolicy/
samples/secpolicy/scenario6/ samples/secpolicy/scenario9/ src/core/
src/handlers/ src/omxmlsec/ src/secp...
Author: manjula
Date: Wed Apr 25 03:51:14 2007
New Revision: 532308
URL: http://svn.apache.org/viewvc?view=rev&rev=532308
Log:
Committing the latest merge with rampart trunk.
Added:
webservices/axis2/scratch/c/neethi/rampart/build/win32/deploy_rampart.bat
- copied unchanged from r532302, webservices/rampart/trunk/c/build/win32/deploy_rampart.bat
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/run_all.sh
- copied unchanged from r532302, webservices/rampart/trunk/c/samples/secpolicy/run_all.sh
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/test_scen.sh
- copied unchanged from r532302, webservices/rampart/trunk/c/samples/secpolicy/test_scen.sh
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_timestamp_token.c
- copied unchanged from r532302, webservices/rampart/trunk/c/src/util/rampart_timestamp_token.c
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_username_token.c
- copied unchanged from r532302, webservices/rampart/trunk/c/src/util/rampart_username_token.c
Removed:
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/change-user.sh
webservices/axis2/scratch/c/neethi/rampart/src/util/timestamp_token.c
webservices/axis2/scratch/c/neethi/rampart/src/util/username_token.c
Modified:
webservices/axis2/scratch/c/neethi/rampart/ (props changed)
webservices/axis2/scratch/c/neethi/rampart/INSTALL
webservices/axis2/scratch/c/neethi/rampart/README
webservices/axis2/scratch/c/neethi/rampart/build/win32/makefile
webservices/axis2/scratch/c/neethi/rampart/configure.ac
webservices/axis2/scratch/c/neethi/rampart/include/rampart_authn_provider.h
webservices/axis2/scratch/c/neethi/rampart/include/rampart_constants.h
webservices/axis2/scratch/c/neethi/rampart/include/rampart_engine.h
webservices/axis2/scratch/c/neethi/rampart/samples/Makefile.am
webservices/axis2/scratch/c/neethi/rampart/samples/client/sec_echo/echo.c
webservices/axis2/scratch/c/neethi/rampart/samples/configure.ac
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/README.txt
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario6/client-outgoing-secpolicy.xml
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/client-outgoing-secpolicy.xml
webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/service-incoming-secpolicy.xml
webservices/axis2/scratch/c/neethi/rampart/src/core/mod_rampart.c
webservices/axis2/scratch/c/neethi/rampart/src/handlers/rampart_in_handler.c
webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/encryption.c
webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/xml_signature.c
webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/builder/policy_creator.c
webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/model/algorithmsuite.c
webservices/axis2/scratch/c/neethi/rampart/src/util/Makefile.am
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_context.c
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_engine.c
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_sec_header_processor.c
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_signature.c
webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_token_builder.c
Propchange: webservices/axis2/scratch/c/neethi/rampart/
------------------------------------------------------------------------------
--- svnmerge-integrated (original)
+++ svnmerge-integrated Wed Apr 25 03:51:14 2007
@@ -1 +1 @@
-/webservices/rampart/trunk/c:1-529950
+/webservices/rampart/trunk/c:1-532306
Modified: webservices/axis2/scratch/c/neethi/rampart/INSTALL
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/INSTALL?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/INSTALL (original)
+++ webservices/axis2/scratch/c/neethi/rampart/INSTALL Wed Apr 25 03:51:14 2007
@@ -23,14 +23,14 @@
Configuring:
-----------------------------------
-1. Run build.sh in axis2/c/rampart directory
+1. Run build.sh in rampart/trunk/c directory
2. This will install the rampart module under AXIS2C_HOME/deploy/modules
3. To engage rampart add to axis2.xml
<module ref="rampart"/>
-NOTE: See the README file in samples/client/enc_echo for more information.
+NOTE: See the README file in samples/client/enc_echo for more information on configuration setup.
-----------------------------------
Writing callback modules:
@@ -38,7 +38,13 @@
User can specify which .so (or DLL) library to use to callback the password.
For this user must provide a function pointer for get_password() operation in rampart_callback_t
-See rampart/samples/callback/pwcb.c for clarity
+See samples/callback/pwcb.c for clarity
+Getting Rampart/C binary distribution working on Linux
+============================================
+1. Copy modules/rampart to $AXIS2C_HOME/modules
+2. Copy samples/sec_echo to $AXIS2C_HOME/services/
+3. Go to samples/secpolicy/ and try a scenario
+ %s test_scen.sh scenarioX server-port
Modified: webservices/axis2/scratch/c/neethi/rampart/README
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/README?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/README (original)
+++ webservices/axis2/scratch/c/neethi/rampart/README Wed Apr 25 03:51:14 2007
@@ -53,3 +53,4 @@
Apache Axis2/C Rampart relies heavily on the use of autoconf and libtool to provide
a build environment. And also it uses openssl.
+
Modified: webservices/axis2/scratch/c/neethi/rampart/build/win32/makefile
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/build/win32/makefile?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/build/win32/makefile (original)
+++ webservices/axis2/scratch/c/neethi/rampart/build/win32/makefile Wed Apr 25 03:51:14 2007
@@ -68,10 +68,12 @@
distdir:
if not exist $(RAMPART_DISTDIR) mkdir $(RAMPART_DISTDIR)
mkdir $(RAMPART_DISTDIR)\bin
- mkdir $(RAMPART_DISTDIR)\bin\clients
- mkdir $(RAMPART_DISTDIR)\bin\services
+ mkdir $(RAMPART_DISTDIR)\bin\samples\callback
+ mkdir $(RAMPART_DISTDIR)\bin\samples\authn_provider
+ mkdir $(RAMPART_DISTDIR)\bin\samples\services
+ mkdir $(RAMPART_DISTDIR)\bin\samples\services\sec_echo
+ mkdir $(RAMPART_DISTDIR)\bin\samples\client\sec_echo
mkdir $(RAMPART_DISTDIR)\rampart
- mkdir $(RAMPART_DISTDIR)\samples
mkdir $(RAMPART_DISTDIR)\include
clean:
@@ -83,7 +85,7 @@
if not exist $(RAMPART_INTDIR)\samples\callback\pwcb mkdir $(RAMPART_INTDIR)\samples\callback\pwcb
if not exist $(RAMPART_INTDIR)\samples\authn_provider mkdir $(RAMPART_INTDIR)\samples\authn_provider
if not exist $(RAMPART_INTDIR)\samples\services\sec_echo\ mkdir $(RAMPART_INTDIR)\samples\services\sec_echo
- if not exist $(RAMPART_INTDIR)\samples\clients\sec_echo\ mkdir $(RAMPART_INTDIR)\samples\clients\sec_echo
+ if not exist $(RAMPART_INTDIR)\samples\client\sec_echo\ mkdir $(RAMPART_INTDIR)\samples\client\sec_echo
mod_rampart:
$(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) $(MOD_RAMPART_SRC) $(OMXMLSEC_SRC) $(SECPOLICY_SRC) $(APPLINK_FILE) /Fo$(RAMPART_INTDIR)\ /c
@@ -95,16 +97,16 @@
mod_rampart_pwcb:
- $(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) $(RAMPART_SOURCE_DIR)\samples\callback\pwcb.c /Fo$(RAMPART_INTDIR)\samples\callback\pwcb\ /c
- $(LD) $(LDFLAGS) $(LIBS) axutil.lib $(RAMPART_INTDIR)\samples\callback\pwcb\*.obj /DLL /OUT:$(RAMPART_DISTDIR)\bin\pwcb.dll \
- /IMPLIB:$(RAMPART_DISTDIR)\bin\pwcb.lib
+ $(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) $(RAMPART_SOURCE_DIR)\samples\callback\pwcb.c /Fo$(RAMPART_INTDIR)\samples\callback\ /c
+ $(LD) $(LDFLAGS) $(LIBS) axutil.lib $(RAMPART_INTDIR)\samples\callback\*.obj /DLL /OUT:$(RAMPART_DISTDIR)\bin\samples\callback\pwcb.dll \
+ /IMPLIB:$(RAMPART_DISTDIR)\bin\samples\callback\pwcb.lib
mod_rampart_authn:
$(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) $(RAMPART_SOURCE_DIR)\samples\authn_provider\authn_provider.c \
/Fo$(RAMPART_INTDIR)\samples\authn_provider\ /c
$(LD) $(LDFLAGS) $(RAMPART_INTDIR)\samples\authn_provider\*.obj mod_rampart.lib axutil.lib /LIBPATH:$(RAMPART_DISTDIR)\rampart /DLL \
- /OUT:$(RAMPART_DISTDIR)\bin\authn.dll
+ /OUT:$(RAMPART_DISTDIR)\bin\samples\authn_provider\authn.dll
mod_rampart_services_sec_echo:
$(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) /I$(RAMPART_SOURCE_DIR)\samples\server\sec_echo \
@@ -113,16 +115,16 @@
$(LD) $(LDFLAGS) $(RAMPART_INTDIR)\samples\services\sec_echo\*.obj \
axutil.lib axiom.lib axis2_parser.lib $(LIBS) axis2_engine.lib \
axis2_http_receiver.lib axis2_http_sender.lib \
- /DLL /OUT:$(RAMPART_DISTDIR)\bin\sec_echo.dll
+ /DLL /OUT:$(RAMPART_DISTDIR)\bin\samples\services\sec_echo\sec_echo.dll
- copy $(RAMPART_SOURCE_DIR)\samples\server\sec_echo\services.xml $(RAMPART_DISTDIR)\bin
+ copy $(RAMPART_SOURCE_DIR)\samples\server\sec_echo\services.xml $(RAMPART_DISTDIR)\bin\samples\services\sec_echo\
mod_rampart_samples_sec_echo:
$(CC) $(CFLAGS) $(MOD_RAMPART_INCLUDE_PATH) \
$(RAMPART_SOURCE_DIR)\samples\client\sec_echo\echo.c \
- /Fo$(RAMPART_INTDIR)\samples\clients\sec_echo\ /c
- $(LD) $(LDFLAGS) $(RAMPART_INTDIR)\samples\clients\sec_echo\echo.obj axutil.lib axiom.lib \
- axis2_parser.lib axis2_engine.lib /OUT:$(RAMPART_DISTDIR)\bin\echo.exe
+ /Fo$(RAMPART_INTDIR)\samples\client\sec_echo\ /c
+ $(LD) $(LDFLAGS) $(RAMPART_INTDIR)\samples\client\sec_echo\echo.obj axutil.lib axiom.lib \
+ axis2_parser.lib axis2_engine.lib /OUT:$(RAMPART_DISTDIR)\bin\samples\client\sec_echo\echo.exe
mod_rampart_samples: mod_rampart_samples_sec_echo mod_rampart_services_sec_echo
@@ -134,9 +136,12 @@
if not exist $(RAMPART_SAMPLES_KEYS_DIR) mkdir $(RAMPART_SAMPLES_KEYS_DIR)
xcopy /E /I /Y $(RAMPART_SOURCE_DIR)\rampart\samples\keys\* $(RAMPART_SAMPLES_KEYS_DIR)
+mod_rampart_copy_deploy:
+ copy deploy_rampart.bat $(RAMPART_DISTDIR)\
+
mod_rampart_all: mod_rampart mod_rampart_authn mod_rampart_pwcb mod_rampart_htpwcb mod_rampart_samples mod_rampart_copy_include
-dist: clean distdir intdirs mod_rampart mod_rampart_pwcb mod_rampart_authn mod_rampart_services_sec_echo mod_rampart_samples_sec_echo
+dist: clean distdir intdirs mod_rampart mod_rampart_pwcb mod_rampart_authn mod_rampart_services_sec_echo mod_rampart_samples_sec_echo mod_rampart_copy_deploy
Modified: webservices/axis2/scratch/c/neethi/rampart/configure.ac
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/configure.ac?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/configure.ac (original)
+++ webservices/axis2/scratch/c/neethi/rampart/configure.ac Wed Apr 25 03:51:14 2007
@@ -2,7 +2,7 @@
AC_PREREQ(2.59)
-AC_INIT(rampartc-src, 0.96)
+AC_INIT(rampartc-src, 0.90)
AC_CANONICAL_SYSTEM
AM_CONFIG_HEADER(config.h)
AM_INIT_AUTOMAKE([tar-ustar])
Modified: webservices/axis2/scratch/c/neethi/rampart/include/rampart_authn_provider.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/include/rampart_authn_provider.h?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/include/rampart_authn_provider.h (original)
+++ webservices/axis2/scratch/c/neethi/rampart/include/rampart_authn_provider.h Wed Apr 25 03:51:14 2007
@@ -68,6 +68,15 @@
{
+ /**
+ * Check plain text passwords. If the UseranmeToken is in plain text this function will be called.
+ * @param authn_provider the authentication provider struct
+ * @param env pointer to environment struct
+ * @param msg_ctx message context
+ * @username the username
+ * @password the password in plain text
+ * @return the status of the check
+ */
rampart_authn_provider_status_t (AXIS2_CALL*
rampart_authn_provider_check_password)(
rampart_authn_provider_t *authn_provider,
@@ -77,6 +86,17 @@
const axis2_char_t *password
);
+ /**
+ * Check digested passwords. If the UseranmeToken is in password digest form this function will be called.
+ * @param authn_provider the authentication provider struct
+ * @param env pointer to environment struct
+ * @param msg_ctx message context
+ * @username the username
+ * @nonce the noce or the random value of the username token
+ * @created the created value of the username token
+ * @digest the digest value of the SHA-1(password+created+nonce)
+ * @return the status of the check
+ */
rampart_authn_provider_status_t (AXIS2_CALL*
rampart_authn_provider_check_password_digest)(
rampart_authn_provider_t *authn_provider,
@@ -88,6 +108,12 @@
const char *digest
);
+ /**
+ * The free function to free all resources allocated
+ * @param authn_provider the authentication provider struct
+ * @param env pointer to environment struct
+ *
+ */
axis2_status_t (AXIS2_CALL*
free)(rampart_authn_provider_t *authn_provider,
const axutil_env_t* env);
Modified: webservices/axis2/scratch/c/neethi/rampart/include/rampart_constants.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/include/rampart_constants.h?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/include/rampart_constants.h (original)
+++ webservices/axis2/scratch/c/neethi/rampart/include/rampart_constants.h Wed Apr 25 03:51:14 2007
@@ -84,6 +84,7 @@
#define RAMPART_FAULT_IN_USERNAMETOKEN "wsse:UsernameToken"
#define RAMPART_FAULT_IN_ENCRYPTED_KEY "xenc:EncryptedKey"
#define RAMPART_FAULT_IN_ENCRYPTED_DATA "xenc:EncryptedData"
+#define RAMPART_FAULT_IN_SIGNATURE "ds:Signature"
/*Dynamically set values*/
#define RAMPART_ACTION_PASSWORD "password"
Modified: webservices/axis2/scratch/c/neethi/rampart/include/rampart_engine.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/include/rampart_engine.h?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/include/rampart_engine.h (original)
+++ webservices/axis2/scratch/c/neethi/rampart/include/rampart_engine.h Wed Apr 25 03:51:14 2007
@@ -40,11 +40,21 @@
{
#endif
+ /**
+ * Initializes the rampart engine. This will perform the configuration loading for the rampart module.
+ * @param env pointer to environment struct
+ * @param msg_ctx message context
+ * @param is_inflow if the initialization is in IN-FLOW of the message this should be set to TRUE
+ * @return a rampart context nurished with configurations.
+ */
AXIS2_EXTERN rampart_context_t* AXIS2_CALL
rampart_engine_init(const axutil_env_t *env,
axis2_msg_ctx_t *msg_ctx,
axis2_bool_t is_inflow);
-
+ /**
+ *
+ *
+ */
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_engine_shutdown(const axutil_env_t *env,
rampart_context_t *rampart_context);
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/Makefile.am?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/Makefile.am (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/Makefile.am Wed Apr 25 03:51:14 2007
@@ -1,3 +1,3 @@
TESTS =
-SUBDIRS = callback client server keys authn_provider data credential_provider
+SUBDIRS = callback client server keys authn_provider credential_provider
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/client/sec_echo/echo.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/client/sec_echo/echo.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/client/sec_echo/echo.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/client/sec_echo/echo.c Wed Apr 25 03:51:14 2007
@@ -141,6 +141,12 @@
endpoint_ref = NULL;
}
*/
+ if (env)
+ {
+ axutil_env_free((axutil_env_t *) env);
+ env = NULL;
+ }
+
return 0;
}
@@ -163,8 +169,10 @@
axiom_element_set_text(text_om_ele, env, "echo5\n", text_om_node);
om_str = axiom_node_to_string(echo_om_node, env);
- if (om_str)
+ if (om_str){
printf("\nSending OM : %s\n", om_str);
-
+ AXIS2_FREE(env->allocator, om_str);
+ om_str = NULL;
+ }
return echo_om_node;
}
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/configure.ac
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/configure.ac?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/configure.ac (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/configure.ac Wed Apr 25 03:51:14 2007
@@ -2,7 +2,7 @@
AC_PREREQ(2.59)
-AC_INIT(rampart-samples-src, 0.96)
+AC_INIT(rampart-samples-src, 0.90)
AC_CANONICAL_SYSTEM
AM_CONFIG_HEADER(config.h)
AM_INIT_AUTOMAKE([tar-ustar])
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/README.txt
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/README.txt?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/README.txt (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/README.txt Wed Apr 25 03:51:14 2007
@@ -25,3 +25,26 @@
8. A complete scenario, where both client and server encrypt/sign,
add Timestamps, Usernametokens.
+FAQ:
+---
+* I am in a HURRY and I need to try a scenario
+--------------------------------------------
+If you are in a really hurry and need to try a scenario please use the
+test_scen.sh
+Usage : %sh test_scen.sh scenarioX server-port
+e.g. %s test_scen.sh scenario3 8080
+
+* I need to try all the scenarios
+-------------------------------
+In this case please use the script run_all.sh.
+Usage: %sh run_all.sh server-port
+e.g. %sh run_all.sh 8080
+
+* I need to see the messages exchanged
+--------------------------------------
+For that you may use the TCP Monitor utility.
+http://ws.apache.org/commons/tcpmon/
+Make sure that you give the correct port that you configured in TCPMon
+while running the scripts
+
+
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario6/client-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario6/client-outgoing-secpolicy.xml?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario6/client-outgoing-secpolicy.xml (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario6/client-outgoing-secpolicy.xml Wed Apr 25 03:51:14 2007
@@ -47,8 +47,9 @@
<rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
<rampc:EncryptionUser>a</rampc:EncryptionUser>
<rampc:PasswordCallbackClass>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
- <rampc:Certificate>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/keys/ahome/a_cert.cert</rampc:Certificate>
- <rampc:PrivateKey>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/keys/ahome/a_store.pfx</rampc:PrivateKey>
+ <rampc:ReceiverCertificate>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/keys/ahome/b_cert.cert</rampc:ReceiverCertificate>
+ <rampc:Certificate>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/keys/ahome/a_cert.cert</rampc:Certificate>
+ <rampc:PrivateKey>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/keys/ahome/a_key.pem</rampc:PrivateKey>
</rampc:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/client-outgoing-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/client-outgoing-secpolicy.xml?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/client-outgoing-secpolicy.xml (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/client-outgoing-secpolicy.xml Wed Apr 25 03:51:14 2007
@@ -23,7 +23,7 @@
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
- <sp:Basic256Rsa15/>
+ <sp:Basic192Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
@@ -35,10 +35,11 @@
</sp:AsymmetricBinding>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
+ <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
- <rampc:SignedItems xmlns:rampc="http://ws.apache.org/rampart/c/policy">
+ <!--rampc:SignedItems xmlns:rampc="http://ws.apache.org/rampart/c/policy">
<rampc:Element Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
- </rampc:SignedItems>
+ </rampc:SignedItems-->
<rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
<rampc:EncryptionUser>a</rampc:EncryptionUser>
<rampc:PasswordCallbackClass>/home/AXIS2_USER/axis2/c/deploy/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
Modified: webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/service-incoming-secpolicy.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/service-incoming-secpolicy.xml?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/service-incoming-secpolicy.xml (original)
+++ webservices/axis2/scratch/c/neethi/rampart/samples/secpolicy/scenario9/service-incoming-secpolicy.xml Wed Apr 25 03:51:14 2007
@@ -23,7 +23,7 @@
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
- <sp:Basic256Rsa15/>
+ <sp:Basic192Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
@@ -35,6 +35,7 @@
</sp:AsymmetricBinding>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
+ <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
<rampc:SignedItems xmlns:rampc="http://ws.apache.org/rampart/c/policy">
<rampc:Element Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
Modified: webservices/axis2/scratch/c/neethi/rampart/src/core/mod_rampart.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/core/mod_rampart.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/core/mod_rampart.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/core/mod_rampart.c Wed Apr 25 03:51:14 2007
@@ -69,9 +69,6 @@
if (module->handler_create_func_map)
{
- /* TODO
- * do the neccessary clean in hash map
- */
axutil_hash_free(module->handler_create_func_map, env);
module->handler_create_func_map = NULL;
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/handlers/rampart_in_handler.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/handlers/rampart_in_handler.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/handlers/rampart_in_handler.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/handlers/rampart_in_handler.c Wed Apr 25 03:51:14 2007
@@ -95,7 +95,6 @@
return AXIS2_SUCCESS;
}
- serverside = axis2_msg_ctx_get_server_side(msg_ctx,env);
soap_envelope = axis2_msg_ctx_get_soap_envelope(msg_ctx, env);
if(!soap_envelope)
@@ -145,8 +144,12 @@
return status;
}
+ serverside = axis2_msg_ctx_get_server_side(msg_ctx,env);
+ /*We do not need rampart context to be freed in the server side*/
+ if(!serverside){
/*This method will free the rampart_context*/
- /*status = rampart_engine_shutdown(env,rampart_context);*/
+ status = rampart_engine_shutdown(env, rampart_context);
+ }
return status;
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/encryption.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/encryption.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/encryption.c Wed Apr 25 03:51:14 2007
@@ -260,7 +260,5 @@
/**/
}
- /*TODO Set certificate information taken from the PEM file */
-
return AXIS2_SUCCESS;
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/xml_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/xml_signature.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/xml_signature.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/omxmlsec/xml_signature.c Wed Apr 25 03:51:14 2007
@@ -191,7 +191,7 @@
oxs_buffer_t *output_buf = NULL;
axis2_status_t status = AXIS2_FAILURE;
- /*TODO : Cannonicalize <SignedInfo>*/
+ /*Cannonicalize <SignedInfo>*/
c14n_algo = oxs_sign_ctx_get_c14n_mtd(sign_ctx, env);
doc = axiom_node_get_document(signed_info_node, env);
@@ -256,7 +256,7 @@
for (i = 0; i < axutil_array_list_size(sign_parts, env); i++){
oxs_sign_part_t *sign_part = NULL;
- /*TODO Get ith sign_part*/
+ /*Get ith sign_part*/
sign_part = (oxs_sign_part_t*)axutil_array_list_get(sign_parts, env, i);
/*Create <ds:Reference> elements */
oxs_xml_sig_build_reference(env, signed_info_node, sign_part);
@@ -304,7 +304,6 @@
child_node_name = axiom_util_get_localname(child_node, env);
if(0 == axutil_strcmp(child_node_name, OXS_NODE_TRANSFORMS)){
/*Transforms found*/
- /*TODO*/
axiom_node_t *tr_node = NULL;
axutil_array_list_t *tr_list = NULL;
@@ -568,7 +567,6 @@
oxs_error(env, ERROR_LOCATION, OXS_ERROR_SIG_VERIFICATION_FAILED,"<ds:Signature> node processing failed " );
return AXIS2_FAILURE;
}
- /*TODO Process KeyInfo if available*/
/*-----------------------------------------------------------------------------------------*/
/*At this point we have a ready to process signature context. So start verification process*/
Modified: webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/builder/policy_creator.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/builder/policy_creator.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/builder/policy_creator.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/builder/policy_creator.c Wed Apr 25 03:51:14 2007
@@ -39,7 +39,9 @@
return NULL;
}
- root = axiom_document_get_root_element(document, env);
+ /*root = axiom_document_get_root_element(document, env);*/
+ /*This is to get rid of the BUG in axiom. We can't use axiom_document_get_root_element without calling the build_all*/
+ root = axiom_document_build_all(document, env);
if(!root)
{
axiom_stax_builder_free(builder, env);
Modified: webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/model/algorithmsuite.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/model/algorithmsuite.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/model/algorithmsuite.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/secpolicy/model/algorithmsuite.c Wed Apr 25 03:51:14 2007
@@ -107,6 +107,26 @@
return algorithmsuite->algosuite_string;
}
+/* Set different algorithm for enryption and signing etc. depending on the algorithm suite.
+ * The suites are defined in section 7.1 of WS-Security Policy specification
+ * Algorithm Suite [Dig] [Enc] [Sym KW] [Asym KW] [Enc KD] [Sig KD] [Min SKL]
+ * Basic256 Sha1 Aes256 KwAes256 KwRsaOaep PSha1L256 PSha1L192 256
+ * Basic192 Sha1 Aes192 KwAes192 KwRsaOaep PSha1L192 PSha1L192 192
+ * Basic128 Sha1 Aes128 KwAes128 KwRsaOaep PSha1L128 PSha1L128 128
+ * TripleDes Sha1 TripleDes KwTripleDes KwRsaOaep PSha1L192 PSha1L192 192
+ * Basic256Rsa15 Sha1 Aes256 KwAes256 KwRsa15 PSha1L256 PSha1L192 256
+ * Basic192Rsa15 Sha1 Aes192 KwAes192 KwRsa15 PSha1L192 PSha1L192 192
+ * Basic128Rsa15 Sha1 Aes128 KwAes128 KwRsa15 PSha1L128 PSha1L128 128
+ * TripleDesRsa15 Sha1 TripleDes KwTripleDes KwRsa15 PSha1L192 PSha1L192 192
+ * Basic256Sha256 Sha256 Aes256 KwAes256 KwRsaOaep PSha1L256 PSha1L192 256
+ * Basic192Sha256 Sha256 Aes192 KwAes192 KwRsaOaep PSha1L192 PSha1L192 192
+ * Basic128Sha256 Sha256 Aes128 KwAes128 KwRsaOaep PSha1L128 PSha1L128 128
+ * TripleDesSha256 Sha256 TripleDes KwTripleDes KwRsaOaep PSha1L192 PSha1L192 192
+ * Basic256Sha256Rsa15 Sha256 Aes256 KwAes256 KwRsa15 PSha1L256 PSha1L192 256
+ * Basic192Sha256Rsa15 Sha256 Aes192 KwAes192 KwRsa15 PSha1L192 PSha1L192 192
+ * Basic128Sha256Rsa15 Sha256 Aes128 KwAes128 KwRsa15 PSha1L128 PSha1L128 128
+ * TripleDesSha256Rsa15 Sha256 TripleDes KwTripleDes KwRsa15 PSha1L192 PSha1L192 192
+ **/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rp_algorithmsuite_set_algosuite(rp_algorithmsuite_t *algorithmsuite,
@@ -118,7 +138,7 @@
algorithmsuite->algosuite_string = algosuite_string;
- if(axutil_strcmp(algosuite_string,RP_ALGO_SUITE_BASIC256)==0)
+ if(axutil_strcmp(algosuite_string, RP_ALGO_SUITE_BASIC256)==0)
{
algorithmsuite->digest = RP_SHA1;
algorithmsuite->encryption = RP_AES256;
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/Makefile.am?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/Makefile.am (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/Makefile.am Wed Apr 25 03:51:14 2007
@@ -3,7 +3,7 @@
noinst_LTLIBRARIES = librampart_util.la
librampart_util_la_SOURCES = rampart_crypto_util.c \
- rampart_util.c rampart_handler_util.c username_token.c timestamp_token.c \
+ rampart_util.c rampart_handler_util.c rampart_username_token.c rampart_timestamp_token.c \
rampart_encryption.c rampart_sec_header_processor.c rampart_sec_processed_result.c \
rampart_sec_header_builder.c rampart_context.c rampart_engine.c rampart_token_processor.c rampart_signature.c \
rampart_token_builder.c rampart_rd_record.c rampart_replay_detector.c
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_context.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_context.c Wed Apr 25 03:51:14 2007
@@ -887,11 +887,11 @@
if(node)
{
axutil_array_list_add(nodes_to_encrypt_or_sign,env,node);
- return AXIS2_SUCCESS;
}
}
- }
+ }/*eof for*/
+ return AXIS2_SUCCESS;
}
else if(axutil_strcmp(local_name,"Security")==0)
{
@@ -1511,8 +1511,9 @@
if(header)
{
status = rampart_context_set_nodes_to_encrypt_or_sign(header,env,soap_envelope,nodes_to_sign_or_encrypt);
- if(status!=AXIS2_FAILURE)
+ if(status == AXIS2_FAILURE){
return AXIS2_FAILURE;
+ }
}
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_engine.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_engine.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_engine.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_engine.c Wed Apr 25 03:51:14 2007
@@ -166,6 +166,8 @@
"[rampart][rampart_Engine] No Security in the flow. So nothing to do");
return NULL;
}
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_Engine] Trying to build rampart context from file %s ", file_name);
+
secpolicy = rp_policy_create_from_file(env,file_name);
if(!secpolicy)
@@ -246,18 +248,25 @@
{
return (rampart_context_t *)axutil_property_get_value(property,env);
}else{
+ /*We cannot find the rampart_context as a property in axis2_ctx. Thus we need to create*/
axis2_char_t *file_name = NULL;
rampart_context_t *rampart_context = NULL;
- if(axutil_strcmp(key,IN_MESSAGE_SECURITY)==0)
+ if(axutil_strcmp(key, IN_MESSAGE_SECURITY)==0)
{
file_name =(axis2_char_t *)rampart_get_rampart_configuration(env,msg_ctx,RAMPART_INFLOW_SECURITY_POLICY);
if(file_name)
{
rampart_context = build_rampart_context_from_file(env,file_name);
+ /*
property = axutil_property_create(env);
axutil_property_set_value(property,env,rampart_context);
- axis2_ctx_set_property(ctx,env,key,property);
+ */
+
+ property = axutil_property_create_with_args(env, AXIS2_SCOPE_APPLICATION,
+ AXIS2_FALSE, (void *)rampart_engine_shutdown, rampart_context );
+
+ axis2_ctx_set_property(ctx, env, key, property);
return rampart_context;
}
else
@@ -272,8 +281,11 @@
if(file_name)
{
rampart_context = build_rampart_context_from_file(env,file_name);
- property = axutil_property_create(env);
- axutil_property_set_value(property,env,rampart_context);
+ /*property = axutil_property_create(env);
+ axutil_property_set_value(property,env,rampart_context);*/
+
+ property = axutil_property_create_with_args(env, AXIS2_SCOPE_APPLICATION,
+ AXIS2_FALSE, (void *)rampart_engine_shutdown, rampart_context );
axis2_ctx_set_property(ctx,env,key,property);
return rampart_context;
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_sec_header_processor.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_sec_header_processor.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_sec_header_processor.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_sec_header_processor.c Wed Apr 25 03:51:14 2007
@@ -770,9 +770,13 @@
return AXIS2_FAILURE;
}
AXIS2_LOG_INFO(env->log, "[rampart][shp] Processing Signature element.");
+
status = rampart_shp_process_signature(env,msg_ctx,rampart_context,soap_envelope,sec_node,cur_node);
- if(status!=AXIS2_SUCCESS)
+
+ if(status!=AXIS2_SUCCESS){
+ rampart_create_fault_envelope(env, RAMPART_FAULT_INVALID_SECURITY, "Signature is not valid", RAMPART_FAULT_IN_SIGNATURE, msg_ctx);
return status;
+ }
}
else
{
@@ -868,8 +872,10 @@
}
AXIS2_LOG_INFO(env->log, "[rampart][shp] Processing Signature element.");
status = rampart_shp_process_signature(env,msg_ctx,rampart_context,soap_envelope,sec_node,cur_node);
- if(status!=AXIS2_SUCCESS)
+ if(status!=AXIS2_SUCCESS){
+ rampart_create_fault_envelope(env, RAMPART_FAULT_INVALID_SECURITY, "Signature is not valid", RAMPART_FAULT_IN_SIGNATURE, msg_ctx);
return status;
+ }
}
else
{
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_signature.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_signature.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_signature.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_signature.c Wed Apr 25 03:51:14 2007
@@ -105,12 +105,11 @@
status2 = rampart_context_get_elements_to_sign(rampart_context,env,soap_envelope,nodes_to_sign);
- if(status1 == AXIS2_SUCCESS || status2 == AXIS2_SUCCESS)
+ if(status1 == AXIS2_SUCCESS || status2 == AXIS2_SUCCESS){
return AXIS2_SUCCESS;
-
- else
+ }else{
return AXIS2_FAILURE;
-
+ }
}
Modified: webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_token_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_token_builder.c?view=diff&rev=532308&r1=532307&r2=532308
==============================================================================
--- webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_token_builder.c (original)
+++ webservices/axis2/scratch/c/neethi/rampart/src/util/rampart_token_builder.c Wed Apr 25 03:51:14 2007
@@ -31,6 +31,7 @@
#include <oxs_x509_cert.h>
#include <oxs_xml_key_processor.h>
#include <oxs_tokens.h>
+#include <oxs_utility.h>
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_token_build_security_token_reference(const axutil_env_t *env,
@@ -77,7 +78,7 @@
return AXIS2_FAILURE;
}
embedded_node = oxs_token_build_embedded_element(env, parent, "ID");
- bst_id = "bst-id";/*TODO*/
+ bst_id = oxs_util_generate_id(env, (axis2_char_t*)"BST-");
bst_node = oxs_token_build_binary_security_token_element(env, embedded_node, bst_id , OXS_VALUE_X509V3, OXS_ENCODING_BASE64BINARY, data);
return AXIS2_SUCCESS;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org