You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by bi...@apache.org on 2020/04/15 16:09:11 UTC
[axis-axis2-java-rampart] branch 1_5 created (now 763d33d)
This is an automated email from the ASF dual-hosted git repository.
billblough pushed a change to branch 1_5
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git.
at 763d33d RAMPART-375 - Merged r1350592 to 1.5 branch.
This branch includes the following new commits:
new de88d8b Moving axis svn, part of TLP move INFRA-2441
new 763d33d RAMPART-375 - Merged r1350592 to 1.5 branch.
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[axis-axis2-java-rampart] 01/02: Moving axis svn,
part of TLP move INFRA-2441
Posted by bi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch 1_5
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
commit de88d8b711478ffcef73490b2868de3c71e7b93e
Author: Gavin McDonald <gm...@apache.org>
AuthorDate: Sat Feb 13 14:04:20 2010 +0000
Moving axis svn, part of TLP move INFRA-2441
---
build.xml | 160 ++
legal/commons-collections-LICENSE.txt | 202 +++
legal/joda-time-LICENSE.txt | 202 +++
legal/opensaml-LICENSE.txt | 202 +++
legal/openws-LICENSE.txt | 202 +++
legal/slf4j-api-LICENSE.txt | 12 +
legal/slf4j-jdk14-LICENSE.txt | 12 +
legal/velocity-LICENSE.txt | 202 +++
legal/wss4j-LICENSE.txt | 202 +++
legal/xmlsec-LICENSE.txt | 202 +++
legal/xmltooling-LICENSE.txt | 202 +++
modules/distribution/bin.xml | 86 +
modules/distribution/build.xml | 49 +
modules/distribution/pom.xml | 120 ++
modules/distribution/src.xml | 48 +
modules/documentation/pom.xml | 33 +
.../src/site/resources/css/maven-base.css | 143 ++
.../src/site/resources/css/maven-theme.css | 129 ++
.../documentation/src/site/resources/css/print.css | 7 +
.../documentation/src/site/resources/css/site.css | 297 ++++
.../documentation/src/site/resources/css/style.css | 184 +++
.../images/apache-rampart-banner-background.jpg | Bin 0 -> 373 bytes
.../resources/images/apache-rampart-banner.jpg | Bin 0 -> 14840 bytes
.../images/apache-rampart-content-back.jpg | Bin 0 -> 309 bytes
.../site/resources/images/apache-rampart-logo.jpg | Bin 0 -> 4906 bytes
.../images/apache-rampart-menu-bottom.jpg | Bin 0 -> 381 bytes
.../images/apache-rampart-menu-button.gif | Bin 0 -> 192 bytes
.../resources/images/apache-rampart-menu-top.jpg | Bin 0 -> 633 bytes
.../site/resources/images/apache-rampart-menu.jpg | Bin 0 -> 1221 bytes
.../resources/images/apache-rampart-spliter.jpg | Bin 0 -> 650 bytes
.../src/site/resources/images/external.png | Bin 0 -> 230 bytes
.../site/resources/images/logos/asf_logo_wide.png | Bin 0 -> 7090 bytes
.../images/logos/build-by-maven-black.png | Bin 0 -> 2294 bytes
.../images/logos/build-by-maven-white.png | Bin 0 -> 2260 bytes
.../site/resources/images/logos/maven-feather.png | Bin 0 -> 3330 bytes
.../src/site/resources/images/message-builder.jpg | Bin 0 -> 24213 bytes
.../src/site/resources/images/rampart-engine.jpg | Bin 0 -> 20540 bytes
.../src/site/resources/images/rampart-handlers.jpg | Bin 0 -> 22455 bytes
.../src/site/resources/images/rampart-trust.jpg | Bin 0 -> 29532 bytes
.../src/site/resources/images/security-stack.jpg | Bin 0 -> 16687 bytes
.../src/site/resources/rampart-config.xsd | 41 +
.../src/site/resources/samples/msgs/creq04.xml | 60 +
.../src/site/resources/samples/msgs/cres04.xml | 56 +
.../src/site/resources/samples/msgs/req01.xml | 22 +
.../src/site/resources/samples/msgs/req02.xml | 55 +
.../src/site/resources/samples/msgs/req03.xml | 69 +
.../src/site/resources/samples/msgs/req04.xml | 60 +
.../src/site/resources/samples/msgs/res01.xml | 11 +
.../src/site/resources/samples/msgs/res02.xml | 51 +
.../src/site/resources/samples/msgs/res03.xml | 72 +
.../src/site/resources/samples/msgs/res04.xml | 56 +
.../src/site/resources/samples/msgs/rst04.xml | 97 ++
.../src/site/resources/samples/msgs/rstr04.xml | 97 ++
.../src/site/resources/samples/policy/sample01.xml | 32 +
.../src/site/resources/samples/policy/sample02.xml | 50 +
.../src/site/resources/samples/policy/sample03.xml | 53 +
.../src/site/resources/samples/policy/sample04.xml | 112 ++
.../src/site/resources/samples/policy/sample05.xml | 75 +
.../src/site/resources/samples/policy/sample06.xml | 87 +
modules/documentation/src/site/site.xml | 80 +
modules/documentation/src/site/xdoc/articles.xml | 80 +
.../src/site/xdoc/developer-guide.xml | 192 +++
modules/documentation/src/site/xdoc/download.xml | 90 +
.../src/site/xdoc/download/1.1/download.cgi | 6 +
.../src/site/xdoc/download/1.1/download.xml | 97 ++
.../src/site/xdoc/download/1.2/download.cgi | 6 +
.../src/site/xdoc/download/1.2/download.xml | 97 ++
.../src/site/xdoc/download/1.3/download.cgi | 6 +
.../src/site/xdoc/download/1.3/download.xml | 97 ++
.../src/site/xdoc/download/1.4/download.cgi | 6 +
.../src/site/xdoc/download/1.4/download.xml | 97 ++
modules/documentation/src/site/xdoc/index.xml | 65 +
.../documentation/src/site/xdoc/quick-start.xml | 38 +
.../src/site/xdoc/rampartconfig-guide.xml | 76 +
modules/documentation/src/site/xdoc/samples.xml | 135 ++
.../documentation/src/site/xdoc/setting-up-sts.xml | 64 +
modules/documentation/src/site/xdoc/siteHowTo.xml | 60 +
.../documentation/src/site/xdoc/specifications.xml | 60 +
modules/documentation/src/site/xdoc/svn.xml | 114 ++
modules/rampart-core/pom.xml | 64 +
.../org.apache.neethi.builders.AssertionBuilder | 3 +
.../java/org/apache/rampart/MessageBuilder.java | 188 +++
.../rampart/PolicyBasedResultsValidator.java | 963 +++++++++++
.../rampart/PolicyValidatorCallbackHandler.java | 44 +
.../src/main/java/org/apache/rampart/Rampart.java | 55 +
.../rampart/RampartConfigCallbackHandler.java | 37 +
.../java/org/apache/rampart/RampartConstants.java | 9 +
.../java/org/apache/rampart/RampartEngine.java | 319 ++++
.../java/org/apache/rampart/RampartException.java | 101 ++
.../org/apache/rampart/RampartMessageData.java | 746 +++++++++
.../org/apache/rampart/TokenCallbackHandler.java | 103 ++
.../java/org/apache/rampart/ValidatorData.java | 87 +
.../rampart/builder/AsymmetricBindingBuilder.java | 877 ++++++++++
.../org/apache/rampart/builder/BindingBuilder.java | 806 +++++++++
.../rampart/builder/SymmetricBindingBuilder.java | 929 +++++++++++
.../rampart/builder/TransportBindingBuilder.java | 646 ++++++++
.../main/java/org/apache/rampart/errors.properties | 98 ++
.../handler/PostDispatchVerificationHandler.java | 230 +++
.../apache/rampart/handler/RampartReceiver.java | 178 ++
.../org/apache/rampart/handler/RampartSender.java | 97 ++
.../org/apache/rampart/handler/WSDoAllHandler.java | 210 +++
.../apache/rampart/handler/WSDoAllReceiver.java | 383 +++++
.../org/apache/rampart/handler/WSDoAllSender.java | 270 +++
.../rampart/handler/WSSHandlerConstants.java | 153 ++
.../handler/config/InflowConfiguration.java | 181 ++
.../handler/config/OutflowConfiguration.java | 600 +++++++
.../rampart/policy/RampartPolicyBuilder.java | 358 ++++
.../apache/rampart/policy/RampartPolicyData.java | 896 ++++++++++
.../rampart/policy/SupportingPolicyData.java | 53 +
.../policy/builders/CryptoConfigBuilder.java | 85 +
.../policy/builders/OptimizePartsBuilder.java | 83 +
.../policy/builders/RampartConfigBuilder.java | 145 ++
.../rampart/policy/builders/SSLConfigBuilder.java | 68 +
.../apache/rampart/policy/model/CryptoConfig.java | 149 ++
.../rampart/policy/model/OptimizePartsConfig.java | 128 ++
.../apache/rampart/policy/model/RampartConfig.java | 430 +++++
.../org/apache/rampart/policy/model/SSLConfig.java | 75 +
.../java/org/apache/rampart/util/Axis2Util.java | 296 ++++
.../rampart/util/HandlerParameterDecoder.java | 292 ++++
.../org/apache/rampart/util/MessageOptimizer.java | 130 ++
.../java/org/apache/rampart/util/RampartUtil.java | 1725 ++++++++++++++++++++
.../extensions/jpam/JPAMCallbackHandler.java | 49 +
modules/rampart-integration/pom.xml | 812 +++++++++
.../org/apache/axis2/integration/TestingUtils.java | 56 +
.../org/apache/axis2/integration/UtilServer.java | 244 +++
.../axis2/integration/UtilServerBasedTestCase.java | 68 +
.../apache/axis2/integration/UtilsTCPServer.java | 99 ++
.../src/main/java/org/apache/rahas/PWCallback.java | 195 +++
.../src/main/java/org/apache/rahas/Service.java | 29 +
.../src/main/java/org/apache/rahas/TestClient.java | 186 +++
.../main/java/org/apache/rampart/PWCallback.java | 193 +++
.../org/apache/rampart/RampartConfigUpdater.java | 28 +
.../src/main/java/org/apache/rampart/Service.java | 38 +
.../src/main/resources/ping/ping.wsdl | 68 +
.../apache/axis2/oasis/ping/PingPortSkeleton.java | 74 +
.../axis2/security/InteropScenarioClient.java | 180 ++
.../src/org/apache/axis2/security/PWCallback.java | 185 +++
.../src/test/java/commons-logging.properties | 30 +
.../axis2/security/AddressingMTOMSecurityTest.java | 125 ++
.../org/apache/axis2/security/InteropTestBase.java | 239 +++
.../axis2/security/MTOMOptimizedSecurityTest.java | 119 ++
.../org/apache/axis2/security/Scenario1Test.java | 68 +
.../org/apache/axis2/security/Scenario2Test.java | 105 ++
.../org/apache/axis2/security/Scenario2aTest.java | 99 ++
.../org/apache/axis2/security/Scenario3Test.java | 119 ++
.../org/apache/axis2/security/Scenario4Test.java | 119 ++
.../org/apache/axis2/security/Scenario5Test.java | 113 ++
.../org/apache/axis2/security/Scenario6Test.java | 114 ++
.../org/apache/axis2/security/Scenario7Test.java | 141 ++
.../rahas/RahasSAML2TokenCertForHoKTest.java | 131 ++
.../java/org/apache/rahas/RahasSAML2TokenTest.java | 129 ++
.../apache/rahas/RahasSAMLTokenAttributeTest.java | 104 ++
.../apache/rahas/RahasSAMLTokenCertForHoKTest.java | 139 ++
.../rahas/RahasSAMLTokenCertForHoKV1205Test.java | 153 ++
.../java/org/apache/rahas/RahasSAMLTokenTest.java | 133 ++
.../rahas/RahasSAMLTokenUTForBearerTest.java | 124 ++
.../rahas/RahasSAMLTokenUTForBearerV1205Test.java | 127 ++
.../apache/rahas/RahasSAMLTokenUTForHoKTest.java | 121 ++
.../rahas/RahasSAMLTokenUTForHoKV1205Test.java | 254 +++
.../org/apache/rahas/RahasSAMLTokenV1205Test.java | 135 ++
.../java/org/apache/rahas/SAMLDataProvider.java | 31 +
.../test/java/org/apache/rampart/RampartTest.java | 230 +++
.../src/test/resources/commons-logging.properties | 30 +
.../src/test/resources/conf/axis2.xml | 280 ++++
.../src/test/resources/interop.properties | 5 +
.../src/test/resources/interop2.jks | Bin 0 -> 4857 bytes
.../src/test/resources/rahas/issuer.properties | 4 +
...service-policy-symm-binding-saml2-publicKey.xml | 70 +
.../policy/service-policy-symm-binding-saml2.xml | 70 +
.../rahas/policy/service-policy-symm-binding.xml | 70 +
.../policy/service-policy-transport-binding.xml | 73 +
.../src/test/resources/rahas/policy/store.jks | Bin 0 -> 6377 bytes
.../rahas/policy/sts-policy-asymm-binding.xml | 66 +
.../rahas/policy/sts-policy-symm-binding.xml | 73 +
.../rahas/policy/sts-policy-transport-binding.xml | 63 +
.../src/test/resources/rahas/rahas-sec.properties | 5 +
.../src/test/resources/rahas/rahas-sts.jks | Bin 0 -> 6377 bytes
.../src/test/resources/rahas/s1-services.xml | 74 +
.../src/test/resources/rahas/s3-services.xml | 70 +
.../src/test/resources/rahas/s5-services.xml | 70 +
.../src/test/resources/rahas/saml.s1.properties | 9 +
.../src/test/resources/rahas/samlIssuer.properties | 4 +
.../src/test/resources/rahas/sec.jks | Bin 0 -> 6377 bytes
.../src/test/resources/rampart/issuer.properties | 4 +
.../src/test/resources/rampart/policy/1.xml | 52 +
.../src/test/resources/rampart/policy/10.xml | 69 +
.../src/test/resources/rampart/policy/11.xml | 101 ++
.../src/test/resources/rampart/policy/12.xml | 84 +
.../src/test/resources/rampart/policy/13.xml | 31 +
.../src/test/resources/rampart/policy/14.xml | 92 ++
.../src/test/resources/rampart/policy/15.xml | 58 +
.../src/test/resources/rampart/policy/16.xml | 76 +
.../src/test/resources/rampart/policy/17.xml | 68 +
.../src/test/resources/rampart/policy/18.xml | 69 +
.../src/test/resources/rampart/policy/19.xml | 72 +
.../src/test/resources/rampart/policy/2.xml | 69 +
.../src/test/resources/rampart/policy/20.xml | 72 +
.../src/test/resources/rampart/policy/21.xml | 70 +
.../src/test/resources/rampart/policy/22.xml | 64 +
.../src/test/resources/rampart/policy/23.xml | 64 +
.../src/test/resources/rampart/policy/24.xml | 67 +
.../src/test/resources/rampart/policy/25.xml | 68 +
.../src/test/resources/rampart/policy/26.xml | 70 +
.../src/test/resources/rampart/policy/27.xml | 72 +
.../src/test/resources/rampart/policy/28.xml | 76 +
.../src/test/resources/rampart/policy/29.xml | 76 +
.../src/test/resources/rampart/policy/3.xml | 73 +
.../src/test/resources/rampart/policy/4.xml | 74 +
.../src/test/resources/rampart/policy/5.xml | 75 +
.../src/test/resources/rampart/policy/6.xml | 72 +
.../src/test/resources/rampart/policy/7.xml | 74 +
.../src/test/resources/rampart/policy/8.xml | 74 +
.../src/test/resources/rampart/policy/9.xml | 73 +
.../src/test/resources/rampart/policy/sc-1.xml | 123 ++
.../src/test/resources/rampart/policy/sc-2.xml | 131 ++
.../src/test/resources/rampart/policy/sc-3.xml | 98 ++
.../src/test/resources/rampart/services-1.xml | 55 +
.../src/test/resources/rampart/services-10.xml | 81 +
.../src/test/resources/rampart/services-11.xml | 119 ++
.../src/test/resources/rampart/services-12.xml | 101 ++
.../src/test/resources/rampart/services-13.xml | 55 +
.../src/test/resources/rampart/services-14.xml | 110 ++
.../src/test/resources/rampart/services-15.xml | 77 +
.../src/test/resources/rampart/services-16.xml | 95 ++
.../src/test/resources/rampart/services-17.xml | 87 +
.../src/test/resources/rampart/services-18.xml | 88 +
.../src/test/resources/rampart/services-19.xml | 90 +
.../src/test/resources/rampart/services-2.xml | 87 +
.../src/test/resources/rampart/services-20.xml | 90 +
.../src/test/resources/rampart/services-21.xml | 81 +
.../src/test/resources/rampart/services-22.xml | 82 +
.../src/test/resources/rampart/services-23.xml | 77 +
.../src/test/resources/rampart/services-24.xml | 80 +
.../src/test/resources/rampart/services-25.xml | 81 +
.../src/test/resources/rampart/services-26.xml | 84 +
.../src/test/resources/rampart/services-27.xml | 82 +
.../src/test/resources/rampart/services-28.xml | 82 +
.../src/test/resources/rampart/services-29.xml | 87 +
.../src/test/resources/rampart/services-3.xml | 93 ++
.../src/test/resources/rampart/services-4.xml | 94 ++
.../src/test/resources/rampart/services-5.xml | 94 ++
.../src/test/resources/rampart/services-6.xml | 91 ++
.../src/test/resources/rampart/services-7.xml | 94 ++
.../src/test/resources/rampart/services-8.xml | 94 ++
.../src/test/resources/rampart/services-9.xml | 92 ++
.../src/test/resources/rampart/services-sc-1.xml | 176 ++
.../src/test/resources/rampart/services-sc-2.xml | 186 +++
.../src/test/resources/rampart/services-sc-3.xml | 154 ++
.../src/test/resources/rampart/store.jks | Bin 0 -> 6377 bytes
.../src/test/resources/rampart/sts.jks | Bin 0 -> 6377 bytes
.../src/test/resources/sctIssuer.properties | 4 +
.../rampart-integration/src/test/resources/sec.jks | Bin 0 -> 5467 bytes
.../src/test/resources/sec.properties | 5 +
.../resources/security/complete.client.axis2.xml | 133 ++
.../resources/security/complete.service.axis2.xml | 147 ++
.../test/resources/security/complete.service.xml | 31 +
.../test/resources/security/s1.client.axis2.xml | 109 ++
.../test/resources/security/s1.service.axis2.xml | 139 ++
.../src/test/resources/security/s1.service.xml | 15 +
.../test/resources/security/s2.client.axis2.xml | 118 ++
.../test/resources/security/s2.service.axis2.xml | 139 ++
.../src/test/resources/security/s2.service.xml | 16 +
.../test/resources/security/s2a.client.axis2.xml | 116 ++
.../test/resources/security/s2a.service.axis2.xml | 138 ++
.../src/test/resources/security/s2a.service.xml | 16 +
.../test/resources/security/s3.client.axis2.xml | 127 ++
.../test/resources/security/s3.service.axis2.xml | 138 ++
.../src/test/resources/security/s3.service.xml | 31 +
.../test/resources/security/s4.client.axis2.xml | 124 ++
.../test/resources/security/s4.service.axis2.xml | 139 ++
.../src/test/resources/security/s4.service.xml | 30 +
.../test/resources/security/s5.client.axis2.xml | 122 ++
.../test/resources/security/s5.service.axis2.xml | 140 ++
.../src/test/resources/security/s5.service.xml | 16 +
.../test/resources/security/s6.client.axis2.xml | 125 ++
.../test/resources/security/s6.service.axis2.xml | 140 ++
.../src/test/resources/security/s6.service.xml | 29 +
.../test/resources/security/s7.client.axis2.xml | 125 ++
.../test/resources/security/s7.service.axis2.xml | 141 ++
.../src/test/resources/security/s7.service.xml | 31 +
.../test/resources/security/sST1.client.axis2.xml | 109 ++
.../test/resources/security/sST1.service.axis2.xml | 140 ++
.../src/test/resources/security/sST1.service.xml | 14 +
.../src/test/resources/security/sc/s1-services.xml | 84 +
.../src/test/resources/security/sc/s2-services.xml | 64 +
.../src/test/resources/security/sc/s3-services.xml | 66 +
.../src/test/resources/security/sc/s4-services.xml | 67 +
.../resources/security/sc/sctIssuer.properties | 4 +
.../src/test/resources/security/sc/sec.jks | Bin 0 -> 5467 bytes
.../src/test/resources/security/sc/sec.properties | 5 +
.../src/test/resources/security/sc/sts.jks | Bin 0 -> 4759 bytes
.../resources/security/secMtom.client.axis2.xml | 126 ++
.../resources/security/secMtom.service.axis2.xml | 141 ++
.../test/resources/security/secMtom.service.xml | 31 +
.../rampart-integration/src/test/resources/sts.jks | Bin 0 -> 4759 bytes
modules/rampart-mar/module.xml | 46 +
modules/rampart-mar/pom.xml | 134 ++
modules/rampart-policy/pom.xml | 52 +
.../org.apache.neethi.builders.AssertionBuilder | 47 +
.../java/org/apache/ws/secpolicy/Constants.java | 435 +++++
.../org/apache/ws/secpolicy/SP11Constants.java | 293 ++++
.../org/apache/ws/secpolicy/SP12Constants.java | 356 ++++
.../java/org/apache/ws/secpolicy/SPConstants.java | 429 +++++
.../apache/ws/secpolicy/WSSPolicyException.java | 31 +
.../AbstractConfigurableSecurityAssertion.java | 45 +
.../secpolicy/model/AbstractSecurityAssertion.java | 73 +
.../apache/ws/secpolicy/model/AlgorithmSuite.java | 522 ++++++
.../ws/secpolicy/model/AlgorithmWrapper.java | 23 +
.../ws/secpolicy/model/AsymmetricBinding.java | 225 +++
.../org/apache/ws/secpolicy/model/Binding.java | 90 +
.../secpolicy/model/ContentEncryptedElements.java | 130 ++
.../apache/ws/secpolicy/model/EncryptionToken.java | 119 ++
.../java/org/apache/ws/secpolicy/model/Header.java | 49 +
.../org/apache/ws/secpolicy/model/HttpsToken.java | 144 ++
.../apache/ws/secpolicy/model/InitiatorToken.java | 102 ++
.../org/apache/ws/secpolicy/model/IssuedToken.java | 223 +++
.../java/org/apache/ws/secpolicy/model/Layout.java | 112 ++
.../apache/ws/secpolicy/model/ProtectionToken.java | 127 ++
.../apache/ws/secpolicy/model/RecipientToken.java | 104 ++
.../ws/secpolicy/model/RequiredElements.java | 134 ++
.../apache/ws/secpolicy/model/RequiredParts.java | 98 ++
.../secpolicy/model/SecureConversationToken.java | 185 +++
.../ws/secpolicy/model/SecurityContextToken.java | 96 ++
.../apache/ws/secpolicy/model/SignatureToken.java | 120 ++
.../secpolicy/model/SignedEncryptedElements.java | 158 ++
.../ws/secpolicy/model/SignedEncryptedParts.java | 164 ++
.../apache/ws/secpolicy/model/SupportingToken.java | 296 ++++
.../model/SymmetricAsymmetricBindingBase.java | 100 ++
.../ws/secpolicy/model/SymmetricBinding.java | 241 +++
.../java/org/apache/ws/secpolicy/model/Token.java | 91 ++
.../apache/ws/secpolicy/model/TokenWrapper.java | 22 +
.../ws/secpolicy/model/TransportBinding.java | 191 +++
.../apache/ws/secpolicy/model/TransportToken.java | 110 ++
.../org/apache/ws/secpolicy/model/Trust10.java | 204 +++
.../org/apache/ws/secpolicy/model/Trust13.java | 247 +++
.../apache/ws/secpolicy/model/UsernameToken.java | 174 ++
.../java/org/apache/ws/secpolicy/model/Wss10.java | 157 ++
.../java/org/apache/ws/secpolicy/model/Wss11.java | 154 ++
.../org/apache/ws/secpolicy/model/X509Token.java | 228 +++
.../builders/AlgorithmSuiteBuilder.java | 66 +
.../builders/AsymmetricBindingBuilder.java | 105 ++
.../builders/EncryptedElementsBuilder.java | 69 +
.../builders/EncryptedPartsBuilder.java | 79 +
.../builders/InitiatorTokenBuilder.java | 68 +
.../secpolicy11/builders/IssuedTokenBuilder.java | 118 ++
.../ws/secpolicy11/builders/LayoutBuilder.java | 73 +
.../builders/ProtectionTokenBuilder.java | 61 +
.../builders/RecipientTokenBuilder.java | 72 +
.../builders/RequiredElementsBuilder.java | 67 +
.../builders/SecureConversationTokenBuilder.java | 82 +
.../builders/SecurityContextTokenBuilder.java | 69 +
.../builders/SignedElementsBuilder.java | 66 +
.../secpolicy11/builders/SignedPartsBuilder.java | 69 +
.../builders/SupportingTokensBuilder.java | 106 ++
.../builders/SymmetricBindingBuilder.java | 92 ++
.../builders/TransportBindingBuilder.java | 88 +
.../builders/TransportTokenBuilder.java | 74 +
.../ws/secpolicy11/builders/Trust10Builder.java | 71 +
.../secpolicy11/builders/UsernameTokenBuilder.java | 85 +
.../ws/secpolicy11/builders/WSS10Builder.java | 81 +
.../ws/secpolicy11/builders/WSS11Builder.java | 89 +
.../ws/secpolicy11/builders/X509TokenBuilder.java | 150 ++
.../builders/AlgorithmSuiteBuilder.java | 66 +
.../builders/AsymmetricBindingBuilder.java | 106 ++
.../builders/ContentEncryptedElementsBuilder.java | 67 +
.../builders/EncryptedElementsBuilder.java | 69 +
.../builders/EncryptedPartsBuilder.java | 79 +
.../ws/secpolicy12/builders/HttpsTokenBuilder.java | 102 ++
.../builders/InitiatorTokenBuilder.java | 68 +
.../secpolicy12/builders/IssuedTokenBuilder.java | 119 ++
.../ws/secpolicy12/builders/LayoutBuilder.java | 71 +
.../builders/ProtectionTokenBuilder.java | 61 +
.../builders/RecipientTokenBuilder.java | 72 +
.../builders/RequiredElementsBuilder.java | 68 +
.../secpolicy12/builders/RequiredPartsBuilder.java | 68 +
.../builders/SecureConversationTokenBuilder.java | 86 +
.../builders/SecurityContextTokenBuilder.java | 68 +
.../builders/SignedElementsBuilder.java | 67 +
.../secpolicy12/builders/SignedPartsBuilder.java | 71 +
.../builders/SupportingTokensBuilder.java | 127 ++
.../builders/SymmetricBindingBuilder.java | 92 ++
.../builders/TransportBindingBuilder.java | 88 +
.../builders/TransportTokenBuilder.java | 85 +
.../ws/secpolicy12/builders/Trust13Builder.java | 79 +
.../secpolicy12/builders/UsernameTokenBuilder.java | 94 ++
.../ws/secpolicy12/builders/WSS10Builder.java | 81 +
.../ws/secpolicy12/builders/WSS11Builder.java | 89 +
.../ws/secpolicy12/builders/X509TokenBuilder.java | 154 ++
modules/rampart-samples/README.txt | 21 +
modules/rampart-samples/basic/README.txt | 44 +
modules/rampart-samples/basic/build.xml | 259 +++
modules/rampart-samples/basic/sample01/README.txt | 6 +
.../basic/sample01/client.axis2.xml | 455 ++++++
.../rampart-samples/basic/sample01/services.xml | 27 +
.../apache/rampart/samples/sample01/Client.java | 62 +
.../rampart/samples/sample01/SimpleService.java | 24 +
modules/rampart-samples/basic/sample02/README.txt | 10 +
.../basic/sample02/client.axis2.xml | 464 ++++++
.../rampart-samples/basic/sample02/services.xml | 33 +
.../apache/rampart/samples/sample02/Client.java | 62 +
.../rampart/samples/sample02/PWCBHandler.java | 40 +
.../rampart/samples/sample02/SimpleService.java | 25 +
modules/rampart-samples/basic/sample03/README.txt | 12 +
.../basic/sample03/client.axis2.xml | 465 ++++++
.../rampart-samples/basic/sample03/services.xml | 33 +
.../apache/rampart/samples/sample03/Client.java | 62 +
.../rampart/samples/sample03/PWCBHandler.java | 51 +
.../rampart/samples/sample03/SimpleService.java | 36 +
modules/rampart-samples/basic/sample04/README.txt | 7 +
.../basic/sample04/client.axis2.xml | 473 ++++++
.../rampart-samples/basic/sample04/services.xml | 44 +
.../apache/rampart/samples/sample04/Client.java | 62 +
.../rampart/samples/sample04/PWCBHandler.java | 43 +
.../rampart/samples/sample04/SimpleService.java | 25 +
modules/rampart-samples/basic/sample05/README.txt | 7 +
.../basic/sample05/client.axis2.xml | 472 ++++++
.../rampart-samples/basic/sample05/services.xml | 45 +
.../apache/rampart/samples/sample05/Client.java | 62 +
.../rampart/samples/sample05/PWCBHandler.java | 43 +
.../rampart/samples/sample05/SimpleService.java | 25 +
modules/rampart-samples/basic/sample06/README.txt | 8 +
.../basic/sample06/client.axis2.xml | 478 ++++++
.../rampart-samples/basic/sample06/services.xml | 47 +
.../apache/rampart/samples/sample06/Client.java | 62 +
.../rampart/samples/sample06/PWCBHandler.java | 43 +
.../rampart/samples/sample06/SimpleService.java | 25 +
modules/rampart-samples/basic/sample07/README.txt | 8 +
.../basic/sample07/client.axis2.xml | 477 ++++++
.../rampart-samples/basic/sample07/services.xml | 46 +
.../apache/rampart/samples/sample07/Client.java | 62 +
.../rampart/samples/sample07/PWCBHandler.java | 43 +
.../rampart/samples/sample07/SimpleService.java | 25 +
modules/rampart-samples/basic/sample08/README.txt | 10 +
.../basic/sample08/client.axis2.xml | 478 ++++++
.../rampart-samples/basic/sample08/services.xml | 35 +
.../apache/rampart/samples/sample08/Client.java | 62 +
.../rampart/samples/sample08/PWCBHandler.java | 43 +
.../rampart/samples/sample08/SimpleService.java | 25 +
modules/rampart-samples/basic/sample09/README.txt | 8 +
.../basic/sample09/client.axis2.xml | 476 ++++++
.../rampart-samples/basic/sample09/services.xml | 46 +
.../apache/rampart/samples/sample09/Client.java | 62 +
.../rampart/samples/sample09/PWCBHandler.java | 50 +
.../rampart/samples/sample09/SimpleService.java | 25 +
modules/rampart-samples/basic/sample10/README.txt | 8 +
.../basic/sample10/client.axis2.xml | 481 ++++++
.../rampart-samples/basic/sample10/services.xml | 47 +
.../apache/rampart/samples/sample10/Client.java | 62 +
.../rampart/samples/sample10/PWCBHandler.java | 43 +
.../rampart/samples/sample10/SimpleService.java | 25 +
modules/rampart-samples/basic/sample11/README.txt | 8 +
.../basic/sample11/client.axis2.xml | 454 ++++++
.../rampart-samples/basic/sample11/services.xml | 46 +
.../apache/rampart/samples/sample11/Client.java | 98 ++
.../rampart/samples/sample11/PWCBHandler.java | 43 +
.../rampart/samples/sample11/SimpleService.java | 25 +
modules/rampart-samples/build.xml | 49 +
modules/rampart-samples/keys/client.jks | Bin 0 -> 5226 bytes
modules/rampart-samples/keys/client.properties | 4 +
modules/rampart-samples/keys/service.jks | Bin 0 -> 2936 bytes
modules/rampart-samples/keys/service.properties | 4 +
modules/rampart-samples/keys/sts.jks | Bin 0 -> 2936 bytes
modules/rampart-samples/policy/build.xml | 287 ++++
.../rampart-samples/policy/sample-tomcat/README | 37 +
.../rampart-samples/policy/sample-tomcat/build.xml | 143 ++
.../policy/sample-tomcat/policy.xml | 42 +
.../policy/sample-tomcat/services.xml | 65 +
.../org/apache/rampart/tomcat/sample/Client.java | 79 +
.../apache/rampart/tomcat/sample/PWCBHandler.java | 49 +
.../rampart/tomcat/sample/SimpleService.java | 26 +
modules/rampart-samples/policy/sample01/README.txt | 17 +
modules/rampart-samples/policy/sample01/policy.xml | 54 +
.../rampart-samples/policy/sample01/services.xml | 65 +
.../rampart/samples/policy/sample01/Client.java | 77 +
.../samples/policy/sample01/PWCBHandler.java | 49 +
.../samples/policy/sample01/SimpleService.java | 24 +
modules/rampart-samples/policy/sample02/README.txt | 7 +
modules/rampart-samples/policy/sample02/policy.xml | 88 +
.../rampart-samples/policy/sample02/services.xml | 100 ++
.../rampart/samples/policy/sample02/Client.java | 77 +
.../samples/policy/sample02/PWCBHandler.java | 42 +
.../samples/policy/sample02/SimpleService.java | 24 +
modules/rampart-samples/policy/sample03/README.txt | 9 +
modules/rampart-samples/policy/sample03/policy.xml | 101 ++
.../rampart-samples/policy/sample03/services.xml | 112 ++
.../rampart/samples/policy/sample03/Client.java | 77 +
.../samples/policy/sample03/PWCBHandler.java | 42 +
.../samples/policy/sample03/SimpleService.java | 24 +
modules/rampart-samples/policy/sample04/README.txt | 15 +
modules/rampart-samples/policy/sample04/policy.xml | 150 ++
.../rampart-samples/policy/sample04/services.xml | 198 +++
.../rampart/samples/policy/sample04/Client.java | 85 +
.../samples/policy/sample04/PWCBHandler.java | 42 +
.../samples/policy/sample04/SimpleService.java | 24 +
modules/rampart-samples/policy/sample05/README.txt | 11 +
modules/rampart-samples/policy/sample05/policy.xml | 86 +
.../rampart-samples/policy/sample05/services.xml | 231 +++
.../rampart/samples/policy/sample05/Client.java | 124 ++
.../samples/policy/sample05/PWCBHandler.java | 42 +
.../samples/policy/sample05/SimpleService.java | 24 +
.../rampart-samples/policy/sample05/sts_policy.xml | 83 +
modules/rampart-samples/policy/sample06/README.txt | 5 +
.../rampart-samples/policy/sample06/mex_policy.xml | 49 +
modules/rampart-samples/policy/sample06/policy.xml | 109 ++
.../rampart-samples/policy/sample06/services.xml | 253 +++
.../rampart/samples/policy/sample06/Client.java | 109 ++
.../samples/policy/sample06/MexService.java | 68 +
.../samples/policy/sample06/PWCBHandler.java | 44 +
.../samples/policy/sample06/SimpleService.java | 24 +
.../rampart-samples/policy/sample06/sts_policy.xml | 64 +
modules/rampart-samples/policy/sample07/README.txt | 13 +
.../rampart-samples/policy/sample07/mex_policy.xml | 97 ++
modules/rampart-samples/policy/sample07/policy.xml | 124 ++
.../rampart-samples/policy/sample07/services.xml | 158 ++
.../rampart/samples/policy/sample07/Client.java | 77 +
.../samples/policy/sample07/PWCBHandler.java | 44 +
.../samples/policy/sample07/SimpleService.java | 24 +
modules/rampart-samples/policy/sample08/README.txt | 8 +
modules/rampart-samples/policy/sample08/policy.xml | 73 +
.../rampart-samples/policy/sample08/services.xml | 127 ++
.../rampart/samples/policy/sample08/Client.java | 94 ++
.../samples/policy/sample08/PWCBHandler.java | 42 +
.../samples/policy/sample08/SimpleService.java | 24 +
.../rampart-samples/policy/sample08/sts_policy.xml | 83 +
modules/rampart-tests/pom.xml | 72 +
.../org/apache/rahas/SimpleTokenStoreTest.java | 150 ++
.../src/test/java/org/apache/rahas/TempIssuer.java | 58 +
.../rahas/TokenRequestDispatcherConfigTest.java | 86 +
.../rampart/AsymmetricBindingBuilderTest.java | 250 +++
.../org/apache/rampart/MessageBuilderTestBase.java | 124 ++
.../java/org/apache/rampart/RampartEngineTest.java | 77 +
.../rampart/SymmetricBindingBuilderTest.java | 210 +++
.../java/org/apache/rampart/TestCBHandler.java | 174 ++
.../rampart/TransportBindingBuilderTest.java | 128 ++
.../handler/config/InflowConfigurationTest.java | 73 +
.../handler/config/OutflowConfigurationTest.java | 194 +++
.../rampart/policy/model/RampartPolicyTest.java | 87 +
.../ws/secpolicy/model/SecpolicyModelTest.java | 94 ++
.../rampart-tests/test-resources/PWCallback.java | 185 +++
modules/rampart-tests/test-resources/axis2.xml | 98 ++
.../test-resources/commons-logging.properties | 30 +
.../rampart-tests/test-resources/keys/interop2.jks | Bin 0 -> 4857 bytes
.../test-resources/policy-asymm-binding.xml | 46 +
.../test-resources/policy-symm-binding.xml | 53 +
.../test-resources/policy-transport-binding.xml | 43 +
.../policy/SecurityPolicyBindings.xml | 50 +
.../policy/SecurityPolicyBindingsSymm.xml | 43 +
.../test-resources/policy/SecurityPolicyMsg.xml | 19 +
.../policy/rampart-asymm-binding-1.xml | 75 +
.../policy/rampart-asymm-binding-2-sig-dk.xml | 76 +
.../policy/rampart-asymm-binding-3-dk.xml | 77 +
.../policy/rampart-asymm-binding-4-dk-ebs.xml | 85 +
.../policy/rampart-asymm-binding-5-ebs.xml | 81 +
.../policy/rampart-asymm-binding-6-3des-r15.xml | 74 +
.../policy/rampart-asymm-binding-7-3des-r15-DK.xml | 76 +
.../test-resources/policy/rampart-policy-1.xml | 15 +
.../policy/rampart-symm-binding-1.xml | 76 +
.../policy/rampart-symm-binding-2-dk.xml | 76 +
.../policy/rampart-symm-binding-3-dk-es.xml | 77 +
.../policy/rampart-symm-binding-4-ebs.xml | 77 +
.../policy/rampart-symm-binding-5-dk-ebs.xml | 78 +
.../policy/rampart-transport-binding-dk.xml | 68 +
.../policy/rampart-transport-binding-no-bst.xml | 64 +
.../policy/rampart-transport-binding.xml | 64 +
.../test-resources/policy/soapmessage.xml | 57 +
.../trust/dispatcher.config.invalid.1.xml | 6 +
.../trust/dispatcher.config.invalid.2.xml | 6 +
.../test-resources/trust/dispatcher.config.xml | 6 +
.../trust/impl/sct-issuer-config.xml | 4 +
.../test-resources/trust/impl/sctIssuer.properties | 4 +
.../test-resources/trust/impl/sts-services.xml | 29 +
.../test-resources/trust/impl/sts.jks | Bin 0 -> 2989 bytes
.../trust/impl/token-dispatcher-configuration.xml | 6 +
modules/rampart-trust-mar/module.xml | 56 +
modules/rampart-trust-mar/pom.xml | 111 ++
modules/rampart-trust/pom.xml | 60 +
.../java/org/apache/rahas/EncryptedKeyToken.java | 62 +
.../main/java/org/apache/rahas/RahasConstants.java | 135 ++
.../src/main/java/org/apache/rahas/RahasData.java | 542 ++++++
.../java/org/apache/rahas/STSMessageReceiver.java | 71 +
.../java/org/apache/rahas/SimpleTokenStore.java | 232 +++
.../src/main/java/org/apache/rahas/Token.java | 338 ++++
.../main/java/org/apache/rahas/TokenCanceler.java | 73 +
.../main/java/org/apache/rahas/TokenIssuer.java | 79 +
.../main/java/org/apache/rahas/TokenRenewer.java | 66 +
.../org/apache/rahas/TokenRequestDispatcher.java | 140 ++
.../apache/rahas/TokenRequestDispatcherConfig.java | 425 +++++
.../main/java/org/apache/rahas/TokenStorage.java | 87 +
.../main/java/org/apache/rahas/TokenValidator.java | 66 +
.../main/java/org/apache/rahas/TrustException.java | 131 ++
.../src/main/java/org/apache/rahas/TrustUtil.java | 617 +++++++
.../java/org/apache/rahas/client/STSClient.java | 829 ++++++++++
.../main/java/org/apache/rahas/errors.properties | 88 +
.../apache/rahas/impl/AbstractIssuerConfig.java | 87 +
.../org/apache/rahas/impl/SAML2TokenIssuer.java | 753 +++++++++
.../org/apache/rahas/impl/SAMLTokenIssuer.java | 605 +++++++
.../apache/rahas/impl/SAMLTokenIssuerConfig.java | 451 +++++
.../org/apache/rahas/impl/SAMLTokenRenewer.java | 199 +++
.../org/apache/rahas/impl/SAMLTokenValidator.java | 250 +++
.../main/java/org/apache/rahas/impl/SCTIssuer.java | 220 +++
.../org/apache/rahas/impl/SCTIssuerConfig.java | 82 +
.../org/apache/rahas/impl/TokenCancelerConfig.java | 80 +
.../org/apache/rahas/impl/TokenCancelerImpl.java | 204 +++
.../org/apache/rahas/impl/TokenIssuerUtil.java | 164 ++
.../org/apache/rahas/impl/util/SAML2KeyInfo.java | 62 +
.../org/apache/rahas/impl/util/SAML2Utils.java | 309 ++++
.../rahas/impl/util/SAMLAttributeCallback.java | 53 +
.../org/apache/rahas/impl/util/SAMLCallback.java | 25 +
.../rahas/impl/util/SAMLCallbackHandler.java | 28 +
.../impl/util/SAMLNameIdentifierCallback.java | 47 +
.../java/org/apache/rahas/impl/util/SAMLUtils.java | 30 +
.../org/apache/rahas/impl/util/SignKeyHolder.java | 118 ++
.../rampart-trust/sts-aar-resources/rahas-sts.jks | Bin 0 -> 6377 bytes
.../sts-aar-resources/saml-issuer-config.xml | 46 +
.../sts-aar-resources/sct-issuer-config.xml | 29 +
.../rampart-trust/sts-aar-resources/services.xml | 89 +
.../sts-aar-resources/token-canceler-config.xml | 3 +
.../token-dispatcher-configuration.xml | 20 +
pom.xml | 463 ++++++
release-docs/ChangeLog.txt | 169 ++
release-docs/LICENSE.txt | 203 +++
release-docs/NOTICE.txt | 9 +
release-docs/README.txt | 133 ++
release-docs/build.xml | 50 +
release-docs/release-notes.html | 77 +
625 files changed, 70565 insertions(+)
diff --git a/build.xml b/build.xml
new file mode 100644
index 0000000..84a7528
--- /dev/null
+++ b/build.xml
@@ -0,0 +1,160 @@
+<project name="Apache Rampart release build" default="dist">
+
+ <property name="rampart.version" value="SNAPSHOT"/>
+ <property name="rampart.bin.dist" value="rampart"/>
+ <property name="rampart.src.dist" value="rampart-src"/>
+ <property name="rampart.docs.dist" value="rampart-docs"/>
+
+ <property name="dir.dist" value="dist"/>
+ <property name="dir.dist.bin" value="${dir.dist}/bin/${rampart.bin.dist}-${rampart.version}"/>
+ <property name="dir.dist.src" value="${dir.dist}/src/${rampart.src.dist}-${rampart.version}"/>
+ <property name="dir.dist.docs" value="${dir.dist}/docs/${rampart.docs.dist}-${rampart.version}"/>
+
+ <property name="dir.mvn2.repo" value="${user.home}/.m2/repository"/>
+
+ <property name="version.bcprov13" value="132"/>
+ <property name="version.bcprov15" value="132"/>
+
+ <property name="version.xmlsec" value="1.4.0"/>
+ <property name="version.opensaml" value="1.1"/>
+ <property name="version.wss4j" value="SNAPSHOT"/>
+
+
+ <condition property="jdk14.present">
+ <equals arg1="${ant.java.version}" arg2="1.4"/>
+ </condition>
+
+ <target name="init">
+ <mkdir dir="${dir.dist}"/>
+ </target>
+
+ <target name="dist" depends="clean, bin-dist, src-dist, docs-dist">
+ <copy todir="${dir.dist}" file="modules/rampart-mar/target/rampart-${rampart.version}.mar"/>
+ <copy todir="${dir.dist}" file="modules/rampart-trust-mar/target/rahas-${rampart.version}.mar"/>
+ <copy todir="${dir.dist}" file="modules/rampart-core/target/rampart-core-${rampart.version}.jar"/>
+ <copy todir="${dir.dist}" file="modules/rampart-policy/target/rampart-policy-${rampart.version}.jar"/>
+ <copy todir="${dir.dist}" file="modules/rampart-trust/target/rampart-trust-${rampart.version}.jar"/>
+ </target>
+
+ <target name="bin-dist" depends="init">
+
+ <mkdir dir="${dir.dist.bin}"/>
+
+ <copy todir="${dir.dist.bin}">
+ <fileset dir="release-docs">
+ </fileset>
+ </copy>
+
+ <!-- Modules -->
+ <echo>Copying mars in to modules</echo>
+ <copy todir="${dir.dist.bin}" file="modules/rampart-mar/target/rampart-${rampart.version}.mar"/>
+ <copy todir="${dir.dist.bin}" file="modules/rampart-trust-mar/target/rahas-${rampart.version}.mar"/>
+
+ <!-- All dep jars -->
+ <echo>Copying dependencies into lib</echo>
+ <mkdir dir="${dir.dist.bin}/lib"/>
+
+ <copy todir="${dir.dist.bin}/lib" file="modules/rampart-core/target/rampart-core-${rampart.version}.jar"/>
+ <copy todir="${dir.dist.bin}/lib" file="modules/rampart-policy/target/rampart-policy-${rampart.version}.jar"/>
+ <copy todir="${dir.dist.bin}/lib" file="modules/rampart-trust/target/rampart-trust-${rampart.version}.jar"/>
+ <copy todir="${dir.dist.bin}/lib" file="${dir.mvn2.repo}/org/apache/santuario/xmlsec/${version.xmlsec}/xmlsec-${version.xmlsec}.jar"/>
+ <copy todir="${dir.dist.bin}/lib" file="${dir.mvn2.repo}/opensaml/opensaml/${version.opensaml}/opensaml-${version.opensaml}.jar"/>
+ <copy todir="${dir.dist.bin}/lib" file="${dir.mvn2.repo}/org/apache/ws/security/wss4j/${version.wss4j}/wss4j-${version.wss4j}.jar"/>
+ <antcall target="copy-bc-jar-14" />
+ <antcall target="copy-bc-jar-15" />
+
+ <echo>Copying samples</echo>
+ <!-- copy samples -->
+ <mkdir dir="${dir.dist.bin}/samples"/>
+
+ <copy todir="${dir.dist.bin}/samples">
+ <fileset dir="modules/rampart-samples/">
+ </fileset>
+ </copy>
+
+ <zip destfile="${dir.dist}/${rampart.bin.dist}-${rampart.version}.zip">
+ <zipfileset dir="${dir.dist.bin}/../"/>
+ </zip>
+
+ <delete dir="${dir.dist.bin}/../"/>
+
+ </target>
+
+ <target name="copy-bc-jar-14" if="${jdk14.present}">
+ <copy todir="${dir.dist.bin}/lib" file="${dir.mvn2.repo}/bouncycastle/bcprov-jdk13/${version.bcprov13}/bcprov-jdk13-${version.bcprov13}.jar"/>
+ </target>
+
+ <target name="copy-bc-jar-15" unless="${jdk14.present}">
+ <copy todir="${dir.dist.bin}/lib" file="${dir.mvn2.repo}/bouncycastle/bcprov-jdk15/${version.bcprov15}/bcprov-jdk15-${version.bcprov15}.jar"/>
+ </target>
+
+ <target name="src-dist" depends="init">
+
+ <mkdir dir="${dir.dist.src}"/>
+
+ <copy todir="${dir.dist.src}">
+ <fileset dir="release-docs">
+ <exclude name="build.xml"/>
+ <exclude name="README.txt"/>
+ </fileset>
+ </copy>
+
+ <copy todir="${dir.dist.src}">
+ <fileset dir="modules">
+ <include name="rampart-core/**/*"/>
+ <include name="rampart-policy/**/*"/>
+ <include name="rampart-trust/**/*"/>
+ <include name="rampart-samples/**/*"/>
+ <exclude name=".svn"/>
+ </fileset>
+ </copy>
+
+ <zip destfile="${dir.dist}/${rampart.src.dist}-${rampart.version}.zip">
+ <zipfileset dir="${dir.dist.src}/../"/>
+ </zip>
+
+ <delete dir="${dir.dist.src}/../"/>
+ </target>
+
+ <target name="docs-dist">
+
+ <mkdir dir="${dir.dist.docs}"/>
+
+ <copy todir="${dir.dist.docs}">
+ <fileset dir="release-docs">
+ <exclude name="build.xml"/>
+ <exclude name="README.txt"/>
+ </fileset>
+ </copy>
+
+ <mkdir dir="${dir.dist.docs}/core"/>
+ <mkdir dir="${dir.dist.docs}/policy"/>
+ <mkdir dir="${dir.dist.docs}/trust"/>
+
+ <copy todir="${dir.dist.docs}/core">
+ <fileset dir="modules/rampart-core/target/site/apidocs/">
+ </fileset>
+ </copy>
+
+ <copy todir="${dir.dist.docs}/policy">
+ <fileset dir="modules/rampart-policy/target/site/apidocs/">
+ </fileset>
+ </copy>
+
+ <copy todir="${dir.dist.docs}/trust">
+ <fileset dir="modules/rampart-trust/target/site/apidocs/">
+ </fileset>
+ </copy>
+
+ <zip destfile="${dir.dist}/${rampart.docs.dist}-${rampart.version}.zip">
+ <zipfileset dir="${dir.dist.docs}/../"/>
+ </zip>
+
+ <delete dir="${dir.dist.docs}/../"/>
+ </target>
+
+ <target name="clean">
+ <delete dir="${dir.dist}"/>
+ </target>
+
+</project>
diff --git a/legal/commons-collections-LICENSE.txt b/legal/commons-collections-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/commons-collections-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/joda-time-LICENSE.txt b/legal/joda-time-LICENSE.txt
new file mode 100644
index 0000000..75b5248
--- /dev/null
+++ b/legal/joda-time-LICENSE.txt
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/legal/opensaml-LICENSE.txt b/legal/opensaml-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/opensaml-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/openws-LICENSE.txt b/legal/openws-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/openws-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/slf4j-api-LICENSE.txt b/legal/slf4j-api-LICENSE.txt
new file mode 100644
index 0000000..479c603
--- /dev/null
+++ b/legal/slf4j-api-LICENSE.txt
@@ -0,0 +1,12 @@
+Copyright (c) 2004-2008 QOS.ch
+All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software
+without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit
+persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
+OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/legal/slf4j-jdk14-LICENSE.txt b/legal/slf4j-jdk14-LICENSE.txt
new file mode 100644
index 0000000..5715aa3
--- /dev/null
+++ b/legal/slf4j-jdk14-LICENSE.txt
@@ -0,0 +1,12 @@
+Copyright (c) 2004-2008 QOS.ch
+All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software
+without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit
+persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
+OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/legal/velocity-LICENSE.txt b/legal/velocity-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/velocity-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/wss4j-LICENSE.txt b/legal/wss4j-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/wss4j-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/xmlsec-LICENSE.txt b/legal/xmlsec-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/xmlsec-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/legal/xmltooling-LICENSE.txt b/legal/xmltooling-LICENSE.txt
new file mode 100644
index 0000000..57bc88a
--- /dev/null
+++ b/legal/xmltooling-LICENSE.txt
@@ -0,0 +1,202 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
diff --git a/modules/distribution/bin.xml b/modules/distribution/bin.xml
new file mode 100644
index 0000000..d88e88b
--- /dev/null
+++ b/modules/distribution/bin.xml
@@ -0,0 +1,86 @@
+<assembly>
+ <id>bin</id>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <formats>
+ <format>zip</format>
+ </formats>
+ <dependencySets>
+ <dependencySet>
+ <outputDirectory>${dist.dir}/modules</outputDirectory>
+ <includes>
+ <include>org.apache.rampart:rampart:mar</include>
+ <include>org.apache.rampart:rahas:mar</include>
+ </includes>
+ </dependencySet>
+ <dependencySet>
+ <outputDirectory>${dist.dir}/lib</outputDirectory>
+ <includes>
+ <include>org.apache.santuario:xmlsec:jar</include>
+ <include>opensaml:opensaml:jar</include>
+ <include>org.apache.ws.security:wss4j:jar</include>
+ <include>bouncycastle:bcprov-jdk15:jar</include>
+ <include>org.apache.rampart:rampart-core:jar</include>
+ <include>org.apache.rampart:rampart-policy:jar</include>
+ <include>org.apache.rampart:rampart-trust:jar</include>
+ <include>org.opensaml:opensaml:jar</include>
+ <include>org.opensaml:xmltooling:jar</include>
+ <include>joda-time:joda-time:jar</include>
+ <include>org.slf4j:slf4j-api:jar</include>
+ <include>org.slf4j:slf4j-jdk14:jar</include>
+ <include>velocity:velocity:jar</include>
+ <include>commons-collections:commons-collections:jar</include>
+ <include>org.opensaml:openws:jar</include>
+ </includes>
+ </dependencySet>
+ </dependencySets>
+ <fileSets>
+ <fileSet>
+ <directory>target/apidocs</directory>
+ <outputDirectory>${dist.dir}/docs/apidocs</outputDirectory>
+ </fileSet>
+ <fileSet>
+ <directory>../documentation/target/site</directory>
+ <outputDirectory>${dist.dir}/docs</outputDirectory>
+ </fileSet>
+ <fileSet>
+ <directory>../rampart-samples</directory>
+ <outputDirectory>${dist.dir}/samples</outputDirectory>
+ </fileSet>
+ <fileSet>
+ <directory>../../legal</directory>
+ <outputDirectory>${dist.dir}/lib</outputDirectory>
+ </fileSet>
+ </fileSets>
+
+ <files>
+ <file>
+ <source>../../release-docs/README.txt</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ <destName>README</destName>
+ </file>
+ <file>
+ <source>../../release-docs/LICENSE.txt</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ <destName>LICENSE</destName>
+ </file>
+ <file>
+ <source>../../release-docs/NOTICE.txt</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ <destName>NOTICE</destName>
+ </file>
+ <file>
+ <source>../../release-docs/ChangeLog.txt</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ <destName>ChangeLog</destName>
+ </file>
+ <file>
+ <source>../../release-docs/release-notes.html</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ </file>
+ <file>
+ <source>build.xml</source>
+ <outputDirectory>${dist.dir}</outputDirectory>
+ </file>
+ </files>
+
+</assembly>
diff --git a/modules/distribution/build.xml b/modules/distribution/build.xml
new file mode 100644
index 0000000..6441f51
--- /dev/null
+++ b/modules/distribution/build.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ !
+ ! Copyright 2006 The Apache Software Foundation.
+ !
+ ! Licensed under the Apache License, Version 2.0 (the "License");
+ ! you may not use this file except in compliance with the License.
+ ! You may obtain a copy of the License at
+ !
+ ! http://www.apache.org/licenses/LICENSE-2.0
+ !
+ ! Unless required by applicable law or agreed to in writing, software
+ ! distributed under the License is distributed on an "AS IS" BASIS,
+ ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ! See the License for the specific language governing permissions and
+ ! limitations under the License.
+ !-->
+<project basedir="." default="setup">
+
+ <property name="lib.dir" value="lib"/>
+ <property name="modules.dir" value="modules"/>
+
+ <property environment="env"/>
+
+ <target name="check.dependency" unless="env.AXIS2_HOME">
+ <echo message="AXIS2_HOME must be set"/>
+ </target>
+
+ <!-- Copy the required jars and mars appropriately -->
+ <target name="setup" if="env.AXIS2_HOME" depends="check.dependency">
+
+ <property name="axis2.modules.dir" value="${env.AXIS2_HOME}/repository/modules/"/>
+ <property name="axis2.lib.dir" value="${env.AXIS2_HOME}/lib"/>
+
+ <copy todir="${axis2.lib.dir}">
+ <fileset dir="${lib.dir}">
+ <include name="**/*.jar"/>
+ </fileset>
+ </copy>
+
+ <copy todir="${axis2.modules.dir}">
+ <fileset dir="${modules.dir}">
+ <include name="**/*.mar"/>
+ </fileset>
+ </copy>
+
+ </target>
+
+</project>
diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml
new file mode 100644
index 0000000..e105927
--- /dev/null
+++ b/modules/distribution/pom.xml
@@ -0,0 +1,120 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <parent>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-project</artifactId>
+ <version>1.5</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>rampart-dist</artifactId>
+ <packaging>pom</packaging>
+ <name>Rampart - Distribution</name>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <version>1.1</version>
+ <executions>
+ <execution>
+ <id>build-javadoc</id>
+ <phase>package</phase>
+ <configuration>
+ <tasks>
+ <javadoc packagenames="org.apache.rampart.*,org.apache.rahas.*"
+ destdir="target/apidocs"
+ author="true"
+ breakiterator="true"
+ version="true"
+ use="true"
+ windowtitle="Apache Rampart API">
+
+ <sourcepath>
+ <dirset dir="../..">
+ <include name="**/rampart-core/src/main/java"/>
+ <include name="**/rampart-policy/src/main/java"/>
+ <include name="**/rampart-trust/src/main/java"/>
+ </dirset>
+ </sourcepath>
+
+ <classpath refid="maven.dependency.classpath"/>
+ <classpath refid="maven.compile.classpath"/>
+ <classpath refid="maven.runtime.classpath"/>
+
+ </javadoc>
+ </tasks>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>2.2-beta-1</version>
+ <executions>
+ <execution>
+ <id>distribution-package</id>
+ <phase>package</phase>
+ <goals>
+ <goal>attached</goal>
+ </goals>
+ <configuration>
+ <descriptors>
+ <descriptor>bin.xml</descriptor>
+ <descriptor>src.xml</descriptor>
+ </descriptors>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart</artifactId>
+ <version>${rampart.mar.version}</version>
+ <type>mar</type>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rahas</artifactId>
+ <version>${rahas.mar.version}</version>
+ <type>mar</type>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-core</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-policy</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-trust</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>bouncycastle</groupId>
+ <artifactId>bcprov-jdk14</artifactId>
+ <version>${bcprov.jdk14.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>bouncycastle</groupId>
+ <artifactId>bcprov-jdk15</artifactId>
+ <version>${bcprov.jdk15.version}</version>
+ </dependency>
+ </dependencies>
+
+</project>
diff --git a/modules/distribution/src.xml b/modules/distribution/src.xml
new file mode 100644
index 0000000..91e84e3
--- /dev/null
+++ b/modules/distribution/src.xml
@@ -0,0 +1,48 @@
+<assembly>
+ <id>src</id>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <formats>
+ <format>zip</format>
+ </formats>
+
+ <fileSets>
+ <fileSet>
+ <directory>../..</directory>
+ <outputDirectory>rampart-src-${rampart.version}</outputDirectory>
+ <includes>
+ <include>**/modules/**/*</include>
+ <include>**/pom.xml</include>
+ <include>src</include>
+ <include>release-docs/*</include>
+ </includes>
+ <excludes>
+ <exclude>**/target</exclude>
+ <exclude>**/target/**/*</exclude>
+ <exclude>**/build</exclude>
+ <exclude>**/build/**/*</exclude>
+ <exclude>**/.settings</exclude>
+ <exclude>**/.classpath</exclude>
+ <exclude>**/.project</exclude>
+ <exclude>**/.wtpmodules</exclude>
+ <exclude>**/*.iml</exclude>
+ <exclude>**/.settings</exclude>
+ <exclude>**/.settings/**/*</exclude>
+ <exclude>**/.svn/**</exclude>
+ </excludes>
+ </fileSet>
+ </fileSets>
+
+ <files>
+ <file>
+ <source>../../release-docs/LICENSE.txt</source>
+ <outputDirectory>rampart-src-${rampart.version}</outputDirectory>
+ <destName>LICENSE</destName>
+ </file>
+ <file>
+ <source>../../release-docs/NOTICE.txt</source>
+ <outputDirectory>rampart-src-${rampart.version}</outputDirectory>
+ <destName>NOTICE</destName>
+ </file>
+ </files>
+
+</assembly>
diff --git a/modules/documentation/pom.xml b/modules/documentation/pom.xml
new file mode 100644
index 0000000..ee652e8
--- /dev/null
+++ b/modules/documentation/pom.xml
@@ -0,0 +1,33 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <parent>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-project</artifactId>
+ <version>1.5</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>rampart-documentaion</artifactId>
+ <packaging>pom</packaging>
+ <name>Rampart - Documentation</name>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-site-plugin</artifactId>
+ <version>2.0-beta-5</version>
+ <inherited>false</inherited>
+ <executions>
+ <execution>
+ <phase>install</phase>
+ <goals>
+ <goal>site</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git a/modules/documentation/src/site/resources/css/maven-base.css b/modules/documentation/src/site/resources/css/maven-base.css
new file mode 100755
index 0000000..b47862a
--- /dev/null
+++ b/modules/documentation/src/site/resources/css/maven-base.css
@@ -0,0 +1,143 @@
+body {
+ margin: 0px;
+ padding: 0px;
+}
+img {
+ border:none;
+}
+table {
+ padding:0px;
+ width: 100%;
+ margin-left: -2px;
+ margin-right: -2px;
+}
+acronym {
+ cursor: help;
+ border-bottom: 1px dotted #feb;
+}
+table.bodyTable th, table.bodyTable td {
+ padding: 2px 4px 2px 4px;
+ vertical-align: top;
+}
+div.clear{
+ clear:both;
+ visibility: hidden;
+}
+div.clear hr{
+ display: none;
+}
+#bannerLeft, #bannerRight {
+ font-size: xx-large;
+ font-weight: bold;
+}
+#bannerLeft img, #bannerRight img {
+ margin: 0px;
+}
+.xleft, #bannerLeft img {
+ float:left;
+}
+.xright, #bannerRight {
+ float:right;
+}
+#banner {
+ padding: 0px;
+}
+#banner img {
+ border: none;
+}
+#breadcrumbs {
+ padding: 3px 10px 3px 10px;
+}
+#leftColumn {
+ width: 170px;
+ float:left;
+ overflow: auto;
+}
+#bodyColumn {
+ margin-right: 1.5em;
+ margin-left: 197px;
+}
+#legend {
+ padding: 8px 0 8px 0;
+}
+#navcolumn {
+ padding: 8px 4px 0 8px;
+}
+#navcolumn h5 {
+ margin: 0;
+ padding: 0;
+ font-size: small;
+}
+#navcolumn ul {
+ margin: 0;
+ padding: 0;
+ font-size: small;
+}
+#navcolumn li {
+ list-style-type: none;
+ background-image: none;
+ background-repeat: no-repeat;
+ background-position: 0 0.4em;
+ padding-left: 16px;
+ list-style-position: outside;
+ line-height: 1.2em;
+ font-size: smaller;
+}
+#navcolumn li.expanded {
+ background-image: url(../images/expanded.gif);
+}
+#navcolumn li.collapsed {
+ background-image: url(../images/collapsed.gif);
+}
+#poweredBy {
+ text-align: center;
+}
+#navcolumn img {
+ margin-top: 10px;
+ margin-bottom: 3px;
+}
+#poweredBy img {
+ display:block;
+ margin: 20px 0 20px 17px;
+}
+#search img {
+ margin: 0px;
+ display: block;
+}
+#search #q, #search #btnG {
+ border: 1px solid #999;
+ margin-bottom:10px;
+}
+#search form {
+ margin: 0px;
+}
+#lastPublished {
+ font-size: x-small;
+}
+.navSection {
+ margin-bottom: 2px;
+ padding: 8px;
+}
+.navSectionHead {
+ font-weight: bold;
+ font-size: x-small;
+}
+.section {
+ padding: 4px;
+}
+#footer {
+ padding: 3px 10px 3px 10px;
+ font-size: x-small;
+}
+#breadcrumbs {
+ font-size: x-small;
+ margin: 0pt;
+}
+.source {
+ padding: 12px;
+ margin: 1em 7px 1em 7px;
+}
+.source pre {
+ margin: 0px;
+ padding: 0px;
+}
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/css/maven-theme.css b/modules/documentation/src/site/resources/css/maven-theme.css
new file mode 100755
index 0000000..67bb41b
--- /dev/null
+++ b/modules/documentation/src/site/resources/css/maven-theme.css
@@ -0,0 +1,129 @@
+body {
+ padding: 0px 0px 10px 0px;
+}
+body, td, select, input, li{
+ font-family: Verdana, Helvetica, Arial, sans-serif;
+ font-size: 13px;
+}
+code{
+ font-family: Courier, monospace;
+ font-size: 13px;
+}
+#legend li.externalLink {
+ background: url(../images/external.png) left top no-repeat;
+ padding-left: 18px;
+}
+a.externalLink, a.externalLink:link, a.externalLink:visited, a.externalLink:active, a.externalLink:hover {
+ background: url(../images/external.png) right center no-repeat;
+ padding-right: 18px;
+}
+#legend li.newWindow {
+ background: url(../images/newwindow.png) left top no-repeat;
+ padding-left: 18px;
+}
+a.newWindow, a.newWindow:link, a.newWindow:visited, a.newWindow:active, a.newWindow:hover {
+ background: url(../images/newwindow.png) right center no-repeat;
+ padding-right: 18px;
+}
+h2 {
+ padding: 4px 4px 4px 6px;
+ border: 1px solid #999;
+ color: #900;
+ background-color: #ddd;
+ font-weight:900;
+ font-size: x-large;
+}
+h3 {
+ padding: 4px 4px 4px 6px;
+ border: 1px solid #aaa;
+ color: #900;
+ background-color: #eee;
+ font-weight: normal;
+ font-size: large;
+}
+h4 {
+ padding: 4px 4px 4px 6px;
+ border: 1px solid #bbb;
+ color: #900;
+ background-color: #fff;
+ font-weight: normal;
+ font-size: large;
+}
+h5 {
+ padding: 4px 4px 4px 6px;
+ color: #900;
+ font-size: normal;
+}
+p {
+ line-height: 1.3em;
+ font-size: small;
+}
+#breadcrumbs {
+ border-top: 1px solid #aaa;
+ border-bottom: 1px solid #aaa;
+ background-color: #ccc;
+}
+#leftColumn {
+ margin: 10px 0 0 5px;
+ border: 1px solid #999;
+ background-color: #eee;
+}
+#navcolumn h5 {
+ font-size: smaller;
+ border-bottom: 1px solid #aaaaaa;
+ padding-top: 2px;
+ color: #000;
+}
+
+table.bodyTable th {
+ color: white;
+ background-color: #bbb;
+ text-align: left;
+ font-weight: bold;
+}
+
+table.bodyTable th, table.bodyTable td {
+ font-size: 1em;
+}
+
+table.bodyTable tr.a {
+ background-color: #ddd;
+}
+
+table.bodyTable tr.b {
+ background-color: #eee;
+}
+
+.source {
+ border: 1px solid #999;
+}
+dl {
+ padding: 4px 4px 4px 6px;
+ border: 1px solid #aaa;
+ background-color: #ffc;
+}
+dt {
+ color: #900;
+}
+#organizationLogo img, #projectLogo img, #projectLogo span{
+ margin: 8px;
+}
+#banner {
+ border-bottom: 1px solid #fff;
+}
+.errormark, .warningmark, .donemark, .infomark {
+ background: url(../images/icon_error_sml.gif) no-repeat;
+}
+
+.warningmark {
+ background-image: url(../images/icon_warning_sml.gif);
+}
+
+.donemark {
+ background-image: url(../images/icon_success_sml.gif);
+}
+
+.infomark {
+ background-image: url(../images/icon_info_sml.gif);
+}
+
diff --git a/modules/documentation/src/site/resources/css/print.css b/modules/documentation/src/site/resources/css/print.css
new file mode 100755
index 0000000..49aae7e
--- /dev/null
+++ b/modules/documentation/src/site/resources/css/print.css
@@ -0,0 +1,7 @@
+#banner, #footer, #leftcol, #breadcrumbs, .docs #toc, .docs .courtesylinks, #leftColumn, #navColumn {
+ display: none !important;
+}
+#bodyColumn, body.docs div.docs {
+ margin: 0 !important;
+ border: none !important
+}
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/css/site.css b/modules/documentation/src/site/resources/css/site.css
new file mode 100755
index 0000000..9a3c9f9
--- /dev/null
+++ b/modules/documentation/src/site/resources/css/site.css
@@ -0,0 +1,297 @@
+/* page general styles */
+body{
+ padding:0px;
+ margin:0px;
+ width:1000px;
+}
+a{
+ color:#557f95;
+ text-decoration:none;
+}
+a:hover{
+ color:#000000;
+ text-decoration:underline;
+}
+body, td, tr, input,h1,h2,h3,h4,h5,h6,a{
+ font: 12px Verdana, Arial, Helvetica, sans-serif;
+ line-height:18px;
+}
+pre{
+ overflow-x:auto;
+}
+h1 {
+ color:#575757;
+ font-size:24px;
+ font-weight:bold;
+ line-height:normal;
+ margin:5px 0px;
+ padding:2px;
+}
+}
+h2{
+ padding:0px;
+ margin:0px;
+ font-size:14px;
+ font-weight:bold;
+ height:22px;
+ background-color:#bcbcbc;
+ text-indent:10px;
+ color:#000000;
+}
+h3{
+ padding:0px;
+ margin:0px;
+ font-weight:bold;
+}
+h4{
+ font-weight:bold;
+ color:#777777;
+}
+p{
+ padding-top:5px;
+ padding-bottom:5px;
+ line-height:18px;
+}
+/* page styles */
+.page-padding{
+ padding-left:10px;
+ padding-right:10px;
+}
+.composite{
+/* Uncomment these lines to give a fixed width with centered positioning ....*/
+ position:absolute;
+ left:50%;
+ width:980px;
+ margin-left:-490px;
+ border:solid 1px #83b0c0;
+ margin-top:5px;
+}
+
+/* header styles */
+#banner{
+ background-image:url(../images/apache-rampart-banner-background.jpg);
+ background-repeat:repeat-x;
+ background-position:0px 0px;
+ height:98px;
+}
+#bannerLeft{
+ background-image:url(../images/apache-rampart-logo.jpg);
+ background-repeat:no-repeat;
+ background-position:0px 0px;
+ height:103px;
+ text-align:right;
+ padding-right:10px;
+ display:block;
+}
+#breadcrumbs{
+ position:absolute;
+ top:70px;
+ background-color:transparent;
+ border-bottom:none;
+ border-top:none;
+ font-size:auto;
+ margin:0pt;
+ padding:0px;
+}
+#bannerRight{
+ background-image:url(../images/apache-rampart-banner.jpg);
+ background-repeat:no-repeat;
+ background-position:right 0px;
+ display:block;
+ height:65px;
+ position:absolute;
+ right:0px;
+ top:0px;
+}
+.xleft{
+ color:#929292;
+ right:200px;
+ position:absolute;
+}
+.top-menu a{
+ color:#000000;
+ text-decoration:none;
+}
+.top-menu a:hover{
+ text-decoration:underline;
+}
+.top-menu-gap{
+ padding-left:30px;
+}
+
+/* content text */
+.content{
+
+}
+#leftColumn{
+ width:179px;
+ background-color:transparent;
+ border:none;
+ margin:10px 0px 0px 5px;
+}
+#navcolumn h5{
+ text-indent:15px;
+ height:23px;
+ color:#ffffff;
+ background-image:url(../images/apache-rampart-menu-top.jpg);
+ background-repeat:no-repeat;
+ background-position:left 0px;
+}
+#navcolumn{
+ background-image:url(../images/apache-rampart-menu.jpg);
+ background-repeat:no-repeat;
+ background-position:0px 0px;
+ background-color:#e5e5e5;
+ border-bottom:solid 1px #b4b4b4;
+ padding:0px 0px 0pt 0px;
+ font-size:11px;
+}
+#navcolumn ul{
+ padding:0px;
+ margin:0px;
+ list-style:none;
+ padding-left:10px;
+}
+#navcolumn ul ul{
+ margin-left:-10px;
+}
+#navcolumn li{
+ margin-top:3px;
+}
+#navcolumn strong{
+ font-weight:bold;
+}
+#navcolumn ul li a {
+ text-indent:0px;
+ font-size:12px;
+ color:#224351;
+}
+#navcolumn li.expanded {
+ background-image:url(../images/apache-rampart-menu-button.gif);
+ background-repeat:no-repeat;
+ background-position:0px 5px;
+}
+#navcolumn ul li ul li a{
+ background-image:none;
+ text-indent:0px;
+ font-size:11px;
+ color:#557f95;
+ font-size:11px;
+}
+#bodyColumn{
+ background-color:#F3F3F3;
+ border:1px solid #B4B4B4;
+ margin-right:10px;
+ margin-left:194px;
+ margin-top:10px;
+ padding-left:10px;
+}
+.menu-bottom-left{
+ background-image:url(../images/apache-rampart-menu-bottom.jpg);
+ background-repeat:no-repeat;
+ background-position:0px 0px;
+ background-color:#e5e5e5;
+ width:15px;
+ height:13px;
+ float:left;
+}
+.menu-bottom-right{
+ background-color:#e5e5e5;
+ border-bottom:solid 1px #b4b4b4;
+ height:13px;
+ float:right;
+ width:164px;
+}
+.content-back1{
+ background-image:url(../images/apache-rampart-spliter.jpg);
+ background-repeat:no-repeat;
+ background-position:0px 0px;
+}
+.content-back2{
+ background-image:url(../images/apache-rampart-content-back.jpg);
+ background-repeat:repeat-y;
+ background-position:0px 0px;
+ background-color:#f3f3f3;
+ border-bottom:solid 1px #b4b4b4;
+ border-right:solid 1px #b4b4b4;
+ margin-right:10px;
+}
+.content-display{
+ margin-left:32px;
+ padding-bottom:10px;
+}
+.poweredBy{
+ margin-left:30px;
+ margin-top:5px;
+}
+.footer{
+ color:#929292;
+ margin-top:10px;
+ margin-left:10px;
+}
+.command {
+ border: 1px dashed #3c78b5;
+ text-align: left;
+ background-color: #f0f0f0;
+ padding: 3px;
+ font-size: 11px;
+ font-family: Courier;
+ margin: 10px;
+ line-height: 13px;
+}
+.consoleOutput {
+ border: 1px dashed #3c78b5;
+ font-size: 11px;
+ font-family: Courier;
+ margin: 10px;
+ line-height: 13px;
+ background-color: #f0f0f0;
+ border-bottom: 1px dashed #3c78b5;
+ padding: 3px;
+ border-style: solid;
+}
+.info {
+ border-style: solid;
+ border-width: 1px;
+ border-color: #090;
+ background-color: #dfd;
+ text-align:left;
+ margin-top: 5px;
+ margin-bottom: 5px;
+}
+.data-table{
+ font-family:Verdana,Arial,Helvetica,sans-serif;
+ font-size:11px;
+ border:0px;
+ margin:0px;
+ border:solid 1px #cdcdcd;
+}
+.data-table th{
+ background-color:#eeeeee;
+ border-bottom:solid 1px #8d8d8d;
+ padding-top:5px;
+ padding-left:3px;
+ text-align:left;
+}
+.data-table td{
+ padding-top:4px;
+ padding-left:3px;
+ border-bottom:solid 1px #e1e1e1;
+}
+.download-pre {
+ font-family:Verdana,Arial,Helvetica,sans-serif;
+ font-size:11px;
+ font-style:normal;
+ margin:0;
+ padding-bottom:3px;
+ padding-top:3px;
+}
+
+.download-header-pre {
+ font-family:Verdana,Arial,Helvetica,sans-serif;
+ font-size:12px;
+ font-weight:bold;
+ margin:0;
+ padding-top:3px;
+ padding-bottom:3px;
+}
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/css/style.css b/modules/documentation/src/site/resources/css/style.css
new file mode 100755
index 0000000..7893e2f
--- /dev/null
+++ b/modules/documentation/src/site/resources/css/style.css
@@ -0,0 +1,184 @@
+/* page general styles */
+body{
+padding:0px;
+margin:0px;
+}
+a{
+color:#557f95;
+text-decoration:none;
+}
+a:hover{
+color:#000000;
+text-decoration:underline;
+}
+body, td, tr, input,h1,h2{
+font: 12px Verdana, Arial, Helvetica, sans-serif;
+line-height:18px;
+}
+h1{
+padding:0px;
+margin:0px;
+font-size:14px;
+font-weight:bold;
+height:22px;
+background-color:#bcbcbc;
+text-indent:10px;
+}
+h2{
+padding:0px;
+margin:0px;
+font-weight:bold;
+}
+h3{
+font-weight:bold;
+color:#777777;
+}
+p{
+padding-top:5px;
+padding-bottom:5px;
+line-height:18px;
+}
+/* page styles */
+.page-padding{
+padding-left:10px;
+padding-right:10px;
+}
+.page-external{
+/* Uncomment these lines to give a fixed width with centered positioning ....
+position:absolute;
+left:50%;
+width:980px;
+margin-left:-490px;
+border:solid 1px #83b0c0;
+*/
+}
+
+/* header styles */
+.header{
+background-image:url(../images/apache-rampart-banner-background.jpg);
+background-repeat:repeat-x;
+background-position:0px 0px;
+height:98px;
+}
+.header-logo{
+background-image:url(../images/apache-rampart-logo.jpg);
+background-repeat:no-repeat;
+background-position:0px 0px;
+height:103px;
+text-align:right;
+padding-right:10px;
+}
+.top-menu{
+background-image:url(../images/apache-rampart-banner.jpg);
+background-repeat:no-repeat;
+background-position:right 0px;
+padding-top:65px;
+}
+.top-menu a{
+color:#000000;
+text-decoration:none;
+}
+.top-menu a:hover{
+text-decoration:underline;
+}
+.top-menu-gap{
+padding-left:30px;
+}
+.last-update-text{
+color:#929292;
+}
+
+/* content text */
+.content{
+
+}
+.menu{
+width:179px;
+padding-left:10px;
+}
+.menu-top{
+text-indent:15px;
+height:23px;
+color:#ffffff;
+background-image:url(../images/apache-rampart-menu-top.jpg);
+background-repeat:no-repeat;
+background-position:left 0px;
+}
+.menu-middle{
+background-image:url(../images/apache-rampart-menu.jpg);
+background-repeat:no-repeat;
+background-position:0px 0px;
+background-color:#e5e5e5;
+border-left:solid 1px #b4b4b4;
+padding-top:5px;
+font-size:11px;
+}
+.menu-middle ul{
+padding:0px;
+margin:0px;
+list-style:none;
+padding-left:10px;
+}
+.menu-middle ul ul{
+padding-left:15px;
+}
+.menu-middle li{
+margin-top:3px;
+}
+.menu-selected{
+font-weight:bold;
+}
+.navHeadings{
+background-image:url(../images/apache-rampart-menu-button.gif);
+background-repeat:no-repeat;
+background-position:0px 5px;
+text-indent:15px;
+font-size:12px;
+color:#224351;
+}
+.navHeadings-link{
+display:block;
+}
+.menu-bottom-left{
+background-image:url(../images/apache-rampart-menu-bottom.jpg);
+background-repeat:no-repeat;
+background-position:0px 0px;
+background-color:#e5e5e5;
+width:15px;
+height:13px;
+float:left;
+}
+.menu-bottom-right{
+background-color:#e5e5e5;
+border-bottom:solid 1px #b4b4b4;
+height:13px;
+float:right;
+width:164px;
+}
+.content-back1{
+background-image:url(../images/apache-rampart-spliter.jpg);
+background-repeat:no-repeat;
+background-position:0px 0px;
+}
+.content-back2{
+background-image:url(../images/apache-rampart-content-back.jpg);
+background-repeat:repeat-y;
+background-position:0px 0px;
+background-color:#f3f3f3;
+border-bottom:solid 1px #b4b4b4;
+border-right:solid 1px #b4b4b4;
+margin-right:10px;
+}
+.content-display{
+margin-left:32px;
+padding-bottom:10px;
+}
+.poweredBy{
+margin-left:30px;
+margin-top:5px;
+}
+.footer{
+color:#929292;
+margin-top:10px;
+margin-left:10px;
+}
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-banner-background.jpg b/modules/documentation/src/site/resources/images/apache-rampart-banner-background.jpg
new file mode 100755
index 0000000..29b5350
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-banner-background.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-banner.jpg b/modules/documentation/src/site/resources/images/apache-rampart-banner.jpg
new file mode 100644
index 0000000..e3b3738
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-banner.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-content-back.jpg b/modules/documentation/src/site/resources/images/apache-rampart-content-back.jpg
new file mode 100755
index 0000000..58f9b88
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-content-back.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-logo.jpg b/modules/documentation/src/site/resources/images/apache-rampart-logo.jpg
new file mode 100644
index 0000000..7ebc608
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-logo.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-menu-bottom.jpg b/modules/documentation/src/site/resources/images/apache-rampart-menu-bottom.jpg
new file mode 100755
index 0000000..96c85e5
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-menu-bottom.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-menu-button.gif b/modules/documentation/src/site/resources/images/apache-rampart-menu-button.gif
new file mode 100755
index 0000000..319460c
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-menu-button.gif differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-menu-top.jpg b/modules/documentation/src/site/resources/images/apache-rampart-menu-top.jpg
new file mode 100755
index 0000000..12c593e
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-menu-top.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-menu.jpg b/modules/documentation/src/site/resources/images/apache-rampart-menu.jpg
new file mode 100755
index 0000000..fad5611
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-menu.jpg differ
diff --git a/modules/documentation/src/site/resources/images/apache-rampart-spliter.jpg b/modules/documentation/src/site/resources/images/apache-rampart-spliter.jpg
new file mode 100755
index 0000000..926622d
Binary files /dev/null and b/modules/documentation/src/site/resources/images/apache-rampart-spliter.jpg differ
diff --git a/modules/documentation/src/site/resources/images/external.png b/modules/documentation/src/site/resources/images/external.png
new file mode 100755
index 0000000..3f999fc
Binary files /dev/null and b/modules/documentation/src/site/resources/images/external.png differ
diff --git a/modules/documentation/src/site/resources/images/logos/asf_logo_wide.png b/modules/documentation/src/site/resources/images/logos/asf_logo_wide.png
new file mode 100755
index 0000000..c584eba
Binary files /dev/null and b/modules/documentation/src/site/resources/images/logos/asf_logo_wide.png differ
diff --git a/modules/documentation/src/site/resources/images/logos/build-by-maven-black.png b/modules/documentation/src/site/resources/images/logos/build-by-maven-black.png
new file mode 100755
index 0000000..919fd0f
Binary files /dev/null and b/modules/documentation/src/site/resources/images/logos/build-by-maven-black.png differ
diff --git a/modules/documentation/src/site/resources/images/logos/build-by-maven-white.png b/modules/documentation/src/site/resources/images/logos/build-by-maven-white.png
new file mode 100755
index 0000000..7d44c9c
Binary files /dev/null and b/modules/documentation/src/site/resources/images/logos/build-by-maven-white.png differ
diff --git a/modules/documentation/src/site/resources/images/logos/maven-feather.png b/modules/documentation/src/site/resources/images/logos/maven-feather.png
new file mode 100755
index 0000000..b5ada83
Binary files /dev/null and b/modules/documentation/src/site/resources/images/logos/maven-feather.png differ
diff --git a/modules/documentation/src/site/resources/images/message-builder.jpg b/modules/documentation/src/site/resources/images/message-builder.jpg
new file mode 100644
index 0000000..922fcce
Binary files /dev/null and b/modules/documentation/src/site/resources/images/message-builder.jpg differ
diff --git a/modules/documentation/src/site/resources/images/rampart-engine.jpg b/modules/documentation/src/site/resources/images/rampart-engine.jpg
new file mode 100644
index 0000000..9c10718
Binary files /dev/null and b/modules/documentation/src/site/resources/images/rampart-engine.jpg differ
diff --git a/modules/documentation/src/site/resources/images/rampart-handlers.jpg b/modules/documentation/src/site/resources/images/rampart-handlers.jpg
new file mode 100644
index 0000000..5a84e2b
Binary files /dev/null and b/modules/documentation/src/site/resources/images/rampart-handlers.jpg differ
diff --git a/modules/documentation/src/site/resources/images/rampart-trust.jpg b/modules/documentation/src/site/resources/images/rampart-trust.jpg
new file mode 100644
index 0000000..8c32f0a
Binary files /dev/null and b/modules/documentation/src/site/resources/images/rampart-trust.jpg differ
diff --git a/modules/documentation/src/site/resources/images/security-stack.jpg b/modules/documentation/src/site/resources/images/security-stack.jpg
new file mode 100644
index 0000000..502f31e
Binary files /dev/null and b/modules/documentation/src/site/resources/images/security-stack.jpg differ
diff --git a/modules/documentation/src/site/resources/rampart-config.xsd b/modules/documentation/src/site/resources/rampart-config.xsd
new file mode 100644
index 0000000..ed8dd06
--- /dev/null
+++ b/modules/documentation/src/site/resources/rampart-config.xsd
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ramp="http://ws.apache.org/rampart/policy" targetNamespace="http://ws.apache.org/rampart/policy" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:element name="RampartConfig">
+ <xs:annotation>
+ <xs:documentation>http://ws.apache.org/rampart/rampartconfig-guide.html</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="user" type="xs:string"/>
+ <xs:element name="userCertAlias" type="xs:string" minOccurs="0"/>
+ <xs:element name="encryptionUser" type="xs:string" minOccurs="0"/>
+ <xs:element name="passwordCallbackClass" type="xs:string" minOccurs="0"/>
+ <xs:element name="policyValidatorCbClass" type="xs:string" minOccurs="0"/>
+ <xs:element name="rampartConfigCallbackClass" type="xs:string" minOccurs="0"/>
+ <xs:element name="signatureCrypto" type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="encryptionCypto" type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="decryptionCrypto" type="ramp:crypto" minOccurs="0"/>
+ <xs:element name="timestampPrecisionInMilliseconds" type="xs:boolean" minOccurs="0"/>
+ <xs:element name="timestampTTL" type="xs:integer" minOccurs="0"/>
+ <xs:element name="timestampMaxSkew" type="xs:integer" minOccurs="0"/>
+ <xs:element name="tokenStoreClass" type="xs:string" minOccurs="0"/>
+ <xs:element name="optimizeParts" type="xs:string" minOccurs="0"/>
+ <xs:element name="sslConfig" type="ssl" minOccurs="0"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="crypto">
+ <xs:annotation>
+ <xs:documentation>http://ws.apache.org/wss4j/apidocs/org/apache/ws/security/components/crypto/Crypto.html</xs:documentation>
+ </xs:annotation>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="property" type="xs:string"/>
+ </xs:sequence>
+ <xs:attribute name="provider"/>
+ </xs:complexType>
+ <xs:complexType name="ssl">
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="property" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/creq04.xml b/modules/documentation/src/site/resources/samples/msgs/creq04.xml
new file mode 100644
index 0000000..737eee0
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/creq04.xml
@@ -0,0 +1,60 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-32330841">
+ <wsu:Created>2008-06-23T13:25:35.928Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:35.928Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsc:SecurityContextToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sctId-5683514">
+ <wsc:Identifier>urn:uuid:20189D76AA5794EBCA12142275347662</wsc:Identifier>
+ </wsc:SecurityContextToken>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-6169134">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#sctId-5683514" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>RIyJ8H6YBzSPvPAEYwpIhA==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <xenc:DataReference URI="#EncDataId-12675864" />
+ <xenc:DataReference URI="#EncDataId-1440568" />
+ </xenc:ReferenceList>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-3977333">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#sctId-5683514" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>RPK+fuKlKgvF2V6LOoyePQ==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-1440568" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-6169134" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>4izBgpNhZl1HsP29cXfi0WhPqzh02PCUyKxEQt/MSw+6qliho7IFlpFQ/ksjGIUt/QyUsQArlOHlRrY+AORyToiqcTjMOZXZB4LqClFNhApsdfEfvKtREsrXrzp5v2K6B+ymqiFysbiMO5Y9KnbTFJAL6cCrJCVlO89DCzwskoyPcDVCqeRB9T47cYArFCWmeeXw6UgDiEEGVVx0zL5NYNoCyLlveYrluuGpQFVJOHhaqms3ptWmQspAoWfa94wb1OJnK4iBLtf/zlmpB/5Syl79J6ZA0GeqECVFZXKVMoWSD2qXFefV/ZmqEETXDdFI6qOhfYM8GMnIcNu3v3cvlRv/DKoGhHDggN0rYAl/w0KVRAEVTvbyMI9zj9IPsoG/BjMapKobBKTRjOS/C7I7dq6XYGAZLgxM9o+xs7vqshtejVYiQ7rZ3HtDw6NeTzZ1jVKpPGY5 [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample04</wsa:To>
+ <wsa:MessageID>urn:uuid:BD9F0E2AF11BC797341214227535941</wsa:MessageID>
+ <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-12675864">
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-12675864" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#derivedKeyId-6169134" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>XNAHHDEFk05rH/5clOgRx4gZa3c5erLcVJibI44syKfnC1n2guBWpujceQFpflgrvDf3Rw6m4qthtbJQwBPCJwQzzVsY4j3MFRk7BtXJ/Tw1jwF+E+v29qNrvgE4ZKQ48vP9MlLesBGizXNz8IaJWah3wolz7HAXIipRhtHsuYaTRtYttz0rFtO0dyDjhoKZtcMvdYTOPQ+4d6PyKH50em09aFuT/fN7DWd4s9OI+6BEoxGZ2V8ObQckSpyRTyGHDWt6NIfKxbqEwXHXnADmpcykiWXmIsCDOxKph8F3NFxa3Q2sG/rftROHCxhv9sq/3gaiNmSE1qw1kiKqVKkOPsGOf9CeU3FE6uisr9WTm6edSsK6uJMno+7BYWEb0AsQAUlFiqDSdkn5Z8XekeN4nsFcwXkBBa47J/MBKpy+vXcamdJG5V4cXCmZiDBvzF5ji7jvrX3/lOS [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/cres04.xml b/modules/documentation/src/site/resources/samples/msgs/cres04.xml
new file mode 100644
index 0000000..1b792cc
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/cres04.xml
@@ -0,0 +1,56 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-10163824">
+ <wsu:Created>2008-06-23T13:25:36.119Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:36.119Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-14765441">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="urn:uuid:20189D76AA5794EBCA12142275347662" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>0KWR9ekXOIuW9G3tK4nnNg==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <xenc:DataReference URI="#EncDataId-33355664" />
+ <xenc:DataReference URI="#EncDataId-31361307" />
+ </xenc:ReferenceList>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-31346136">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="urn:uuid:20189D76AA5794EBCA12142275347662" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>rq51rXQ1eUqPz4o8J3LW4w==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-31361307" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-14765441" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>xmAr5CVUrAydkaG05w1ozsIO3ukZgHAhtRzXAFNk0nXmH/GZ1uVyUG+upDktbnrp0hHKMVmYFfnZnILSqvjI0/qA5Bdh/DWaH18jyGmQsQUXXIaCPDthBTx4iokklSKjnYjUbsry8MRfHeC7AKhB3OrwU85q75S3WBYIHRRH28b2bbdBkjn9wTrdcPMkh54Kx1yZTuZ2H0El6g5xkLP1k4Vf/7sZ3VYRklmA4yy/r13MEYQ0kLnXIaSkQO1PUtONLJiiHCBW07xUwmf7bLDpLBtm4Jo6gjqDwEMSJdkLJrqEFxs0kLXFx53+7/pZ1S0SvHByjF2cFqxVjNFJc66D+yhIYlaB3sVtHa42vp9Vk1fJewww2dd7Xs7Oj9M0MWZaBlH/SPVxevGr3AJE5+Jvg0SRah7Nb7Aq49tU64wiMdJoWmQe7+TlZouZsGFxX6/9xqT/6iDO [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </wsse:Security>
+ <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Cancel</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:BD9F0E2AF11BC797341214227535941</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-33355664">
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-33355664" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#derivedKeyId-14765441" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>Y09S9IsFW31fIw62vUPPkQ45DUtG/HuN5gQbcZPUtUIKzJnZm5x0YLO0bh5wr9/tXFPooAdgZnARzraojulwLjMC/IZI1NDgPuTdm0JWdHpmolS2CuJ6qrqKC0FZB41CyygvAqvSjw5aTlYSYS1rQ2iy8h04NxcegmdaEw3cV+0zduq2NnK19TuL4CTthYiN8ViGbO/x0KwG4ZIHUKXEh1Tx2wGOMhD3QjX+awT1jFCnyveopdc/1uH3mOdMiXnCTg53j38uRLFY/pHWl00QbJVcADUkf73/Bt7zOT3rSYgKp53wO043mOEEiQBUddFSELlu24W8uNFb651TiPctqnZfbZ3RhKmymBbc5YBvQ3hEkz37akgJMKOKfISALzFD8NXGjgF98tEp1TsHX5vPM5MddnLa1Ul26MilQpuWpUGc9FQVUWDydRrj7joy/s7SuMZg21gETL/ [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/req01.xml b/modules/documentation/src/site/resources/samples/msgs/req01.xml
new file mode 100644
index 0000000..69bdbc9
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/req01.xml
@@ -0,0 +1,22 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-12468716">
+ <wsu:Created>2008-06-23T13:17:13.841Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:22:13.841Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-31571602">
+ <wsse:Username>alice</wsse:Username>
+ <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">bobPW</wsse:Password>
+ </wsse:UsernameToken>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample01</wsa:To>
+ <wsa:MessageID>urn:uuid:AEDBA74A8D1FC94B631214227032877</wsa:MessageID>
+ <wsa:Action>urn:echo</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body>
+ <ns1:echo xmlns:ns1="http://sample01.policy.samples.rampart.apache.org">
+ <param0>Hello world</param0>
+ </ns1:echo>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/req02.xml b/modules/documentation/src/site/resources/samples/msgs/req02.xml
new file mode 100644
index 0000000..e7d6ecc
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/req02.xml
@@ -0,0 +1,55 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-671035">
+ <wsu:Created>2008-06-23T13:10:54.892Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:15:54.892Z</wsu:Expires>
+ </wsu:Timestamp>
+ <xenc:EncryptedKey Id="EncKeyId-urn:uuid:4BB2B4A78829897FA412142266555822">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>DPqhh74Sed1b4ftUFuxdJDN+EqacoDLWwLuhioh+JBdJdeUrMcBT35CVENhQLjdmn1KupGz7AOA5MnKZTxTz9db4vvb0NWSENw6LYRMbMoosSOEhIA661kl7Nh2DSu1zUCj1uaBEUcSLanoLXV2ukBl5xpOztsjnxtv+PBDATuk=</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedKey>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-24833256">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
+ <ds:Reference URI="#Id-17427094">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>ER13nSQoU0r4ClwmIomrNeFT/GM=</ds:DigestValue>
+ </ds:Reference>
+ <ds:Reference URI="#Timestamp-671035">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>0c73jMRXfdIP8g12FVgtXWZEJVs=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>lnQpzG7gC0ScRaVLZZeZac/dbDA=</ds:SignatureValue>
+ <ds:KeyInfo Id="KeyId-5313146">
+ <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-9708927">
+ <wsse:Reference URI="#EncKeyId-urn:uuid:4BB2B4A78829897FA412142266555822" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#EncryptedKey" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ </ds:Signature>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample02</wsa:To>
+ <wsa:MessageID>urn:uuid:62D436CDF33F6A15561214226653256</wsa:MessageID>
+ <wsa:Action>urn:echo</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-17427094">
+ <ns1:echo xmlns:ns1="http://sample02.policy.samples.rampart.apache.org">
+ <param0>Hello world</param0>
+ </ns1:echo>
+ </soapenv:Body>
+</soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/req03.xml b/modules/documentation/src/site/resources/samples/msgs/req03.xml
new file mode 100644
index 0000000..9693cb9
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/req03.xml
@@ -0,0 +1,69 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-27682895">
+ <wsu:Created>2008-06-23T13:20:49.334Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:25:49.334Z</wsu:Expires>
+ </wsu:Timestamp>
+ <xenc:EncryptedKey Id="EncKeyId-urn:uuid:64DB4A7E53F67EF3F112142272504712">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>Y1G4IvsVfHLHWEW89D7wC7wVYfks1/Q5JHru0NaZlDE89rRTIITZrjjS6ajcXcjNiRcQMbElYoG4tnfXOyqOYYPAWaBGXbQIQo+jFZq+hHfYt+j8YrOP8hg9uELzwtmPT7GAv1bFn+dEwEU6Ez5ZdCVH0cImWcf1fdezMkxvXcY=</xenc:CipherValue>
+ </xenc:CipherData>
+ <xenc:ReferenceList>
+ <xenc:DataReference URI="#EncDataId-3808966" />
+ </xenc:ReferenceList>
+ </xenc:EncryptedKey>
+ <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1" wsu:Id="CertId-148082">MIICTDCCAbUCBEbJZMQwDQYJKoZIhvcNAQEEBQAwbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNo [...]
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-10233621">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#Id-3808966">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>tcezUPWEWmP8G5BUusQhkrWU7aw=</ds:DigestValue>
+ </ds:Reference>
+ <ds:Reference URI="#Timestamp-27682895">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>jJppWrhxEVdbWqD6QwgDzMfkObc=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>a7ZfqKgggx+1r/0hg/Mt8y6S5MXUM/9Fzb9F/FTSENm+4QfI6Q8wRYj38hKYcOUU5cZ/hAk0WkmnTHDVjjKuvgxRIuQ5E/awM4t248TgGRjYrTcv5HQdqe/6KJSIxxdLj900B39hEMpYXmkZvkPPUCsvCrIawkKfe0I9WyRv1N4=</ds:SignatureValue>
+ <ds:KeyInfo Id="KeyId-3823508">
+ <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1503089">
+ <wsse:Reference URI="#CertId-148082" ValueT
+5f0
+ype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ </ds:Signature>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample03</wsa:To>
+ <wsa:MessageID>urn:uuid:24DADACCF0309270B71214227248314</wsa:MessageID>
+ <wsa:Action>urn:echo</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-3808966">
+ <xenc:EncryptedData Id="EncDataId-3808966" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#EncKeyId-urn:uuid:64DB4A7E53F67EF3F112142272504712" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>lSDNH2zpu/R0039i85GoB93Sp2hg3rl20exTPccmN26YCt9rX54cbXFDwbZuIATYl52YPYHkHLK1WZP0JW+o7G8mjPAxiwBUK5hWwoOO1/I35wV7wJIvARS6CxS+IhHK3fnXsee8nLZulYaH1LDv7R+if2S1/v6YdhNodtZh2UqEZq0iHkr+GChEDwWpaiOUnyQ8mJS3hRq4GYnJEk4apQBIeuF8t64mNmY+ISlqNvQes2w5YVOsTUptmH4HPyVnfRuO/5tr7VNbh00myh0/309W8qgLCUlMJqN9nRa1v5+MX9t68pUgg92V1bV/46wE4xGDxyGgxk9asrJDvt+vNreMl5o3dOnvIaI8W5Dwpp/o7IkMtlFlT3aP7cETJ/Kb7VXLasQju2qPnSceXLJOWjLmMlqf9HraAmjaM/IbyEo=</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/req04.xml b/modules/documentation/src/site/resources/samples/msgs/req04.xml
new file mode 100644
index 0000000..85fd05c
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/req04.xml
@@ -0,0 +1,60 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-3808966">
+ <wsu:Created>2008-06-23T13:25:33.480Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:33.480Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsc:SecurityContextToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sctId-5683514">
+ <wsc:Identifier>urn:uuid:20189D76AA5794EBCA12142275347662</wsc:Identifier>
+ </wsc:SecurityContextToken>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-24666758">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#sctId-5683514" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>KaI3GpoIgWoAv4LgJ1vzWQ==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <xenc:DataReference URI="#EncDataId-24124380" />
+ <xenc:DataReference URI="#EncDataId-9199266" />
+ </xenc:ReferenceList>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-20700470">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#sctId-5683514" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>pZ24ckrNMfd/VbP+TxkD0A==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-9199266" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-24666758" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>KpDwIrT0cobs0P8DXa5msyP0mH2QEYkbm5MQh5egtKx4MuRS6cZteSW+M+5h2w4DPCLZD9V+B0KQPaDUU726ih4c4RaF8dT5Ed62S+xTADHnnJGPtRRYteC3LdZ29mqLDCKhAGDLmGJGCF9UnP9/sJ3tu3xc3qvxMRJ7RaKP6XezXCXUjHFpViSx3IKSvApYWcCWQqhG8+k2W70577nXw69HKT1E0q3py5tvfkkir2l5mXEcykg4CTKYLAkS5N9/301LfmOZz1Q0v4TeiPA4Qx/IwtgtQhT3/a3LxSW1eUK8ciDrlVwaUBya9vHDG3PMcyQlwjdUi4cnTLessS5X6ab7UWNp5sD7vJmgL4AEh8CFmsRaZJfaFwQNKfdmA5VioegRw7QLQfLuZt4INjF3L7SNPO+X8Q5jmTTA7Txosys760GcA7AysGQ4UIcZ7fFnPy3UwPv/ [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample04</wsa:To>
+ <wsa:MessageID>urn:uuid:BD9F0E2AF11BC797341214227532472</wsa:MessageID>
+ <wsa:Action>urn:echo</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-24124380">
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-24124380" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#derivedKeyId-24666758" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>sTJduVO8zqRUxHAou5OXAPjqQfGXnplm2a05btJ73RTTAGQYXGMOqh3JyTJoWUMsu355Qdq1dZV5U9ehQ8ZL9TrmO2ykNKcMQKg23lR1pCblS0o5qnAi24SR2lFzg2vFgY+Vu2nbx0U9jHNyfP+NW6k8Q0oQBZ6Cs+6k+EnhF2JsTBsViKT3cAgGcPDny/dgo3Wzf5sUPFY0E8JxS5itE9QgPAaWxYHvuo4eFruCrUx24JfIN4JsdeWCzGNGYTP5RCZLCHtIa0n/YJDntG55GdizdSWbmUjTHAqmSPJedB/JWwVjJR7+u0/01thQ2r1o9kjw/xngO/tHHIt98+XifS44THxLdwYuXgT2WccmXQwGVxZeL2o110N3VQ0dvbOP</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/res01.xml b/modules/documentation/src/site/resources/samples/msgs/res01.xml
new file mode 100644
index 0000000..445a569
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/res01.xml
@@ -0,0 +1,11 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:AEDBA74A8D1FC94B631214227032877</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body>
+ <ns:echoResponse xmlns:ns="http://sample01.policy.samples.rampart.apache.org">
+ <ns:return>Hello world</ns:return>
+ </ns:echoResponse>
+ </soapenv:Body>
+ </soapenv:Envelope>
diff --git a/modules/documentation/src/site/resources/samples/msgs/res02.xml b/modules/documentation/src/site/resources/samples/msgs/res02.xml
new file mode 100644
index 0000000..fea586d
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/res02.xml
@@ -0,0 +1,51 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-6068467">
+ <wsu:Created>2008-06-23T13:10:58.684Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:15:58.684Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsse11:SignatureConfirmation xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Value="lnQpzG7gC0ScRaVLZZeZac/dbDA=" wsu:Id="SigConf-2978880" />
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-9131644">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
+ <ds:Reference URI="#Id-3113238">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>8Iw0fcrzAlpQTWYUpBu+buoja1U=</ds:DigestValue>
+ </ds:Reference>
+ <ds:Reference URI="#Timestamp-6068467">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>71u8cNu/ryfjOyBMikPMtH9S4mc=</ds:DigestValue>
+ </ds:Reference>
+ <ds:Reference URI="#SigConf-2978880">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>c9CrB86xdRLBxXKP3c/eyiAhVg4=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>8O+EyTq5iO/Fbyv6dpER6yTWpYk=</ds:SignatureValue>
+ <ds:KeyInfo Id="KeyId-29477163">
+ <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-25054702">
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">ZPkio0wGfnnM6UNibtVTOwWGON8=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ </ds:Signature>
+ </wsse:Security>
+ <wsa:Action>urn:echoResponse</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:62D436CDF33F6A15561214226653256</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-3113238">
+ <ns:echoResponse xmlns:ns="http://sample02.policy.samples.rampart.apache.org">
+ <ns:return>Hello world</ns:return>
+ </ns:echoResponse>
+ </soapenv:Body>
+</soapenv:Envelope>
diff --git a/modules/documentation/src/site/resources/samples/msgs/res03.xml b/modules/documentation/src/site/resources/samples/msgs/res03.xml
new file mode 100644
index 0000000..d3162eb
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/res03.xml
@@ -0,0 +1,72 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-12626425">
+ <wsu:Created>2008-06-23T13:20:50.749Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:25:50.749Z</wsu:Expires>
+ </wsu:Timestamp>
+ <xenc:EncryptedKey Id="EncKeyId-urn:uuid:B589FBB48DDA12104612142272508274">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">CJ+I51M5honzWpG12gKyLwsXErk=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>Kk0j8Zk5KqJ7Jcc9LkbkxM5stlcpjDy9n4O0AfpgbngsJX7Z/HK5jYvMe5ChYMS++IRIKqqfUca5LBZtZtJJX3sMqY49OR5F/spB1d4KjQdS5BL/GjOy/ZAT73BMC0hl+CHIt9v3tSYFOlBjajHONRbtSr8tHun7sc556nC9rCg=</xenc:CipherValue>
+ </xenc:CipherData>
+ <xenc:ReferenceList>
+ <xenc:DataReference URI="#EncDataId-14098944" />
+ </xenc:ReferenceList>
+ </xenc:EncryptedKey>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-27790058">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#Id-14098944">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>2Df7AEDjv1rqZRAmbOK/Yv8O0JQ=</ds:DigestValue>
+ </ds:Reference>
+ <ds:Reference URI="#Timestamp-12626425">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>plHpVd2xj/dm5zK1y0RZL2X8h2w=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>ZX+lCvF+cKhzUaQmqydUMSgHBpaQQff1hwElqe3Fx5AOOyRvrE+J/MCvz1OVf3BNRBsDfSpRMcqdl55W5SBhrABGadYulA4Zu//ooMwRQJHiuWXZjoC5Pbjm5QDHhRzGusf0+nD5Jecsi9vAoRgx+P/CO8Q0VF6IJPSusy23PgI=</ds:SignatureValue>
+ <ds:KeyInfo Id="KeyId-23378358">
+ <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-31220901">
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ </ds:Signature>
+ </wsse:Security>
+ <wsa:Action>urn:echoResponse</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:24DADACCF0309270B71214227248314</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-14098944">
+ <xenc:EncryptedData Id="EncDataId-14098944" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#EncKeyId-urn:uuid:B589FBB48DDA12104612142272508274" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>9LzEPjoSFIy/HF4rzKtNvXqy6Cg7JCbzJnxRz2YYoYdSr30jEZsmwpHBHncACf62FPbjm45Gy+v8NeNMlGO4nkI
+1d6
+v89IH2IAofXQ2emi6xP8Isn6Tq7REOVECoIDMGDN5HlOGmE8FWtCgbU226MEWHR2l
+jwb+BzPTyd5w4b4LbhjN9ZZz9CaP1Pl/vAhxiOCpRnCqFdevOMfp9t+vGBvzTI7gmgIs+WwbuOoW
+KEzaUVj4yPNeA3M/X545+RhEs04zb/7Pukq31p5Vh8Hy3zIZyaXqlUrlHtcQn/YMWSg2OJtTmt2M
+NbXQCiXrNz7nB0xMSi+MeV46JUgWwPH4Sa9aOOuGFzF3LXOmDKgAX7brzzJ6IlpjUEOqTo7+QTDO
+GK6vk8aY1w3ctZXKOhQ67NalE8YRozqNctmeedINNXp5rDftlcYkYjt19zLRpuaravKUuWvKLBMm
+cjI=</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/res04.xml b/modules/documentation/src/site/resources/samples/msgs/res04.xml
new file mode 100644
index 0000000..4200f21
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/res04.xml
@@ -0,0 +1,56 @@
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-17240206">
+ <wsu:Created>2008-06-23T13:25:35.100Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:35.100Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-25106497">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="urn:uuid:20189D76AA5794EBCA12142275347662" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>KIJiXAuNJTvoaiL44sQbZQ==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <xenc:DataReference URI="#EncDataId-28291271" />
+ <xenc:DataReference URI="#EncDataId-17922592" />
+ </xenc:ReferenceList>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-13623369">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="urn:uuid:20189D76AA5794EBCA12142275347662" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>xEZqEIZj46Nlc8XNDC3V+Q==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-17922592" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-25106497" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>siDF8c4esfSq3ip6Ye20UY1syF42AMyEBUV0rat2qZsHqVPmLmCCJdZ2b5InaXg4Yk8xU0sFSi+IYqLBnwLFDdMvmedzwSHgVvIyKDIn16xEp9cf5pdDc9vgJ+O9iLONSFGSvXHhlx1+O+xNraZioz+1kTbzx7YGX53o+bdbfblgY+P2CA/tMdFudjSCsebdxksLk6rQmPlT4BkuOr0+B4YUx+5gqCecFxukSTE78j2mLbaMRY8k4rjqnRgHcrzIsRcRjqK7Ajz55h9O+JsajECLcEmRaSx+2LDCiBuL+3yD0ZGjFLTDFBCafH6v51mzB+tHcGJb3kWoA+qH7YYCR7+SwaO7nQA89X9S3RKYRrIkln36MzFa6VOI1GD58moYc0Ij2MYC0uzENWLk/gM2DWaJqYct5WRLXcVl3VgEKcBmjb1TuX83J/bYEjkqPaDbtE86k/5I [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </wsse:Security>
+ <wsa:Action>urn:echoResponse</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:BD9F0E2AF11BC797341214227532472</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004514/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-28291271">
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-28291271" Type="http://www.w3.org/2001/04/xmlenc#Content">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#derivedKeyId-25106497" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>w/UNfm7u/dN4madTnK3ClmZ0q03RA55IRMoy6L/YmZTi/arP19svjPuKyXa7qgY2ah7wrmWzOKboAQEyuOuet1P8N+pb160BNLYYoLpUB51Cxco3pEQn05MLXn+DlMIrpm3b8oxPKHZ66oLRtRuEsc21hsyt/fqIcBB0MIEe91j0WsXif8HFpsVKhAYKjNHSG166cTJgYS1oecyBkXW0xvDfhNQaeX7uwvt9ZyQDIb++tf8ij0PW7IHahcR7dAOEoVixIwb7aaouO4NTxmSQMwXmyF58jN21Oxx46Yzidt8FBZCLOdu5xf7wFDRfaZZjdFkJ8Gr0KJ3kSvwRZ4/h6YyOWp6yJ6l3bY86jHHEKwbhGJhx1PbvyUjQHCdilkLQFW6BHoRC6VLM5rbcmsbc5w==</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/rst04.xml b/modules/documentation/src/site/resources/samples/msgs/rst04.xml
new file mode 100644
index 0000000..c94031a
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/rst04.xml
@@ -0,0 +1,97 @@
+<?xml version='1.0' encoding='UTF-8'?>
+ <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <soapenv:Header xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-15855697">
+ <wsu:Created>2008-06-23T13:25:33.597Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:33.597Z</wsu:Expires>
+ </wsu:Timestamp>
+ <xenc:EncryptedKey Id="EncKeyId-urn:uuid:A4CC588C97FAD2AA9D12142275341932">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>LXeQVa/sqiYZ+D+hxeEHigVMsBJn4SkmYhsuEutZEhueDuIKpNnmFGhXsF9H187dwWJLgAm4hE4nE6tTA/nhJq/nLiwEbjR3G4b6c5kFvKJMBSxzjGZeW7urbDZ1qaIjX4U69pdmh/POqegtJ35OvHE8IJ9oCtbXVkxUwz5DIBA=</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedKey>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-14949315">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#EncKeyId-urn:uuid:A4CC588C97FAD2AA9D12142275341932" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>8GNOzdMY+l532yPT/gCHHg==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList>
+ <xenc:DataReference URI="#EncDataId-13994297" />
+ </xenc:ReferenceList>
+ <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1" wsu:Id="CertId-148082">MIICTDCCAbUCBEbJZMQwDQYJKoZIhvcNAQEEBQAwbDELMAkGA1UEBhMCTEsxEDAOBgNVBAgTB1dlc3Rlcm4xEDAOBgNVBAcTB0NvbG9tYm8xDzANBgNVBAoTBkFwYWNo [...]
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-28318458">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#EncKeyId-urn:uuid:A4CC588C97FAD2AA9D12142275341932" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" />
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>xmvBzN+/IS2QXtCRe0dAjQ==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData Id="EncDataId-13994297" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-14949315" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>w2Zv0Qv615LWUV4iViAwMhAjhzI9Sxjq2T+GIJyKY3VDgYLQc0G8tXLVfwv1QgZc2xb2Hx7Qj3Jvn1w0ggvroYFBBPHtnkpKkjrnF/hUvrf54DwyS3icMsiC+5CxAEluskDj7KxmCMLt0+pWmgtR9Z5rUAIAGrqB6EZAuqQLJiEQvjicC8W9E9DtniD24VcpQer++65sRyUT5p7DOy+YknRJJ05hf4bu/fBKSveZvtxlXQ/Z0+9wS35kxGMWmnayvP9752S9AshPjTkOXD5vV+R2gUmG6aHdnKa2bWYBSkf4ZT8DQTAeTp/e0joBDSR8vwuNBjUF9t9fnpJN0NgpegfxHsJ8Nux1FW7umIQ/dztYqpPj6hHBdWK+nR8dP8ewQuan2enD+2t8QpdBL8siUdl4eyAHkHvqxM4odEUeBLOBUicQFOhZvp/PYpdo1MgVNYwAi6P9 [...]
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-1668655">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#Signature-29945809">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>nHZS/5KwQR/dTCtdpIqDwilRR8s=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>QB+Xyuvruvws9z/Mq2b7JVVHByBMdkA4Nf7LEdYqSt2s98llkrrhuaGkZ2DAbagXwFn14BeJ7x4CDyJ8A+nK0YE2vYBRtHWNnlsue2tU/9apEF3ItOFOgvw0H9YrzG1BmEgECeYvpPzOtCGmc1rAjXmMdPZqpg9I79IrmumOOKE=</ds:SignatureValue>
+ <ds:KeyInfo Id="KeyId-10481832">
+ <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-7388808">
+ <wsse:Reference URI="#CertId-148082" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ </ds:Signature>
+ </wsse:Security>
+ <wsa:To>http://localhost:8081/axis2/services/sample04</wsa:To>
+ <wsa:ReplyTo>
+ <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
+ </wsa:ReplyTo>
+ <wsa:MessageID>urn:uuid:BD9F0E2AF11BC797341214227533594</wsa:MessageID>
+ <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</wsa:Action>
+ </soapenv:Header>
+ <soapenv:Body>
+ <wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
+ <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>
+ <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
+ <wsa:Address>http://localhost:8081/axis2/services/sample04</wsa:Address>
+ </wsa:EndpointReference>
+ </wsp:AppliesTo>
+ <wst:Lifetime>
+ <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-06-23T13:25:33.580Z</wsu:Created>
+ <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-06-23T13:30:33.580Z</wsu:Expires>
+ </wst:Lifetime>
+ <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</wst:TokenType>
+ <wst:Entropy>
+ <wst:BinarySecret Type="http://schemas.xmlsoap.org/ws/2005/02/trust/Nonce">LvNYXcA6HKhPIAzUrsswYA==</wst:BinarySecret>
+ </wst:Entropy>
+ <wst:ComputedKeyAlgorithm>http://schemas.xmlsoap.org/ws/2005/02/trust/CK/PSHA1</wst:ComputedKeyAlgorithm>
+ </wst:RequestSecurityToken>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/msgs/rstr04.xml b/modules/documentation/src/site/resources/samples/msgs/rstr04.xml
new file mode 100644
index 0000000..ad43e9f
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/msgs/rstr04.xml
@@ -0,0 +1,97 @@
+ <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+ <soapenv:Header xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
+ <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
+ <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-26918187">
+ <wsu:Created>2008-06-23T13:25:34.780Z</wsu:Created>
+ <wsu:Expires>2008-06-23T13:30:34.780Z</wsu:Expires>
+ </wsu:Timestamp>
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-9633996">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">Ex5vdwadjBaRqNFUi5w1L7JcgFs=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>Mf8glJ0/L8UtteM6uMSsEA==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ <xenc:DataReference URI="#EncDataId-26665270" />
+ </xenc:ReferenceList>
+ <wsse11:SignatureConfirmation xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Value="QB+Xyuvruvws9z/Mq2b7JVVHByBMdkA4Nf7LEdYqSt2s98llkrrhuaGkZ2DAbagXwFn14BeJ7x4CDyJ8A+nK0YE2vYBRtHWNnlsue2tU/9apEF3ItOFOgvw0H9YrzG1BmEgECeYvpPzOtCGmc1rAjXmMdPZqpg9I79IrmumOOKE=" wsu:Id="SigConf-11446032" />
+ <wsse11:SignatureConfirmation xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" Value="UPx8N9c32i9RGIr0618ZawNnGZ0=" wsu:Id="SigConf-5910186" />
+ <wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-11382417">
+ <wsse:SecurityTokenReference>
+ <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">Ex5vdwadjBaRqNFUi5w1L7JcgFs=</wsse:KeyIdentifier>
+ </wsse:SecurityTokenReference>
+ <wsc:Offset>0</wsc:Offset>
+ <wsc:Length>16</wsc:Length>
+ <wsc:Nonce>nkGdUk1zK2gHmFBGS2l46w==</wsc:Nonce>
+ </wsc:DerivedKeyToken>
+ <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EncDataId-26665270" Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <wsse:SecurityTokenReference>
+ <wsse:Reference URI="#derivedKeyId-9633996" />
+ </wsse:SecurityTokenReference>
+ </ds:KeyInfo>
+ <xenc:CipherData>
+ <xenc:CipherValue>Mae0zgDx0V/jpaT6sgWRXNJ9TQSfBAgsxFG1TutgTEGG4u512QSmvv1EhCpoLnSc1mEaQSVhYGkXMkw4mVPe8YXznxVnzQQjW6NXAmw/BIqz6mDGDfikmjs/c/8j/Jpkij13pbUrT9L9x24DV5i76bWt/uI8yHEW04t+c5HdeKOXqgFp1MdcaqVGamGhBHK+T39tCxsv0VpSJDRG6Et3I7mzsjGg7ElisFV90qZT54s3nIQFoIWNL4Ju+BT3vAzymR4r88sKWxk9NuvVDTqT9YyjGpMQD0ZvVAl8KtO4+58ChmEjJZuZjv5KTEVvPP0NfWJc8U8cvo+H3iFngQPx6FDehytBDZocioZwOxixNc/Q5ZNQ9dRqGo2fdMbIsgt5xKrISM4WvXfJDZCEfNpwH0+dJyWj/BVAym6331LZn783n3qRTrRIJ48zN8me9EMQMtUGsgzU [...]
+e9d
+a2
+CSTUncCIr9tlAR8R1gQRwN2wFqHg7Lj71jaVkF7PSlICQMZZsXATYNPRscxNN0JzAsDqLvb9IWA0
+vkeL+mK7kRn46Tm9ivo1bfkl9q+Ihj2nZOg1i0KcZoDNLdwFFmVnus23bMrMJJPsXXBu0F23mhEq
+xolAy6pnNYGptsYZWtEB58KKp08MS89bZ3PGve9zHM8slLl12mBxp/9DYE9z8YYIBVGNtwC5PrW3
+ryFE5GWsdkoiTd7TVNTL4FlSWHuZvHgEvdPO1DWfsAMtPl8e3+l/W2sqvUw+JHjhtzUGXrUnfv1D
+r82PLvT3GiXXeFucSu+lYNyqSDaJyIkMw3GibFQZtO6uR0RXVymL0PTflkxDgfkTXs2DgjZF48GS
+KXejdiBfX//hosv1loqXzFKzOyaac2jQd/IbOv/3d1Xb/s/fX4byn+IQ8Akq3mCsYHIOkgsfyd/f
+b5eTB08rqMlvQpFk4w7Tms2ngxhj+AB7DejrjdqAd+HFoMYnsf5Bs2l7QQe7OS5p6lCpIQKla0y0
+7rcwjFU8AqWrDvN9Q39POzl+OUzJi4rRHmji/W/Tcuh1/1nXxk2WfwLle1LS++4ypqWw6eY5K2Mg
+wRO5IjjsD1fFuVgc1FIOywLJ2bj/xF6EzOn6MpsiC9t8sUt5+s7dYSdotvLg4kCcmPQqfeCrH7zY
+mrslAmmy1xRwPza2OFS9iNRYcJ5IerGJv8TB3tWIJznXczjW95SZrvRd1CRcDnYkGjaz0WddWlAe
+GuXuXvKhBScp5n1d+4TI1HuohK7dpLjPvng68rTaSgtQSVwdJrihxj8oZNQlK+4aF/jBA42Y3v38
+7UKyRwYw7pqnyfh4BDM68EKN+Ra0yz+RTOEudJyKJUWYah+oJPADNZepk6lOS0mKSCPjmv4bXj82
+8gfRnnp/foIDUzPQnJwYBhyPtkjjth43AZpTFBoYqAPDXIncvd5Jrfd5U3Y5oPJ5W2HORqDzW/z3
+6BUSRYu3ht/w6K7U1hg0TyZD0RsVL9zpsPFlwMtsWcDK37RSuD1E9YL3dHbT12gEcbyKEHBKGLC6
+yTaN/03Mctek+oGE7ycVk9dujooSmJ3aW6TjG44h1uNofsnB0P1Ui4z7G1R5gwGsrWLLooQQHrQX
+T9BOzb9pFCZsMrHrCBgahUzUnxSwMVTnyoPwL5oFHKzW5V4DfD3jq8nzAzfWa8bhzSIc2XJ1ErHm
+sxRvVWdXVCCAnpAfb3NwIUbyZuASJONl1TROudLv+DN0OM8QbzarMv65uVSPDrgOozuwvrdi5KiD
+TdwEXhVJyNY8iC76WN1EBGTblr0RcBOaSUJXswbV9Bo3Y3nbqcjcF7vg6MRjkPUjR7WmhAjXRsIf
+At0Yzv9EcowGqf5HxJDouldsN4H3kUXuiXABF1GLRaAGf6+O0qndnuAF1CJzE9V454wXjR5ZdfjA
+W7Ac9oCExPgLLeXHCi8S9wLtkOQV9fkmsfGqfhEQIq285zCgsLij5H5FLQePRxBHZobIQd+gm7Oz
+huNnRNx89tFPTV8urEO8yp3X3tMvy31RQZl08V3WxoH5MOSzhS0NmJkgDX4VI7de8njgp8aKQzZy
+JaKO8xchtLfoTOYzeybQqU0cI51szvTEYm8lMyWNdPaVvM2IjGI1eRRO3vpqF9s5yEydPap+gqDC
+kxt9UYq1hQ==</xenc:CipherValue>
+ </xenc:CipherData>
+ </xenc:EncryptedData>
+ </wsse:Security>
+ <wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
+ <wsa:MessageID>urn:uuid:ECC3D6AB9593AF9DA41214227534790</wsa:MessageID>
+ <wsa:Action>http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT</wsa:Action>
+ <wsa:RelatesTo>urn:uuid:BD9F0E2AF11BC797341214227533594</wsa:RelatesTo>
+ </soapenv:Header>
+ <soapenv:Body>
+ <wst:RequestSecurityTokenResponse xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
+ <wst:RequestedSecurityToken>
+ <wsc:SecurityContextToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sctId-5683514">
+ <wsc:Identifier>urn:uuid:20189D76AA5794EBCA12142275347662</wsc:Identifier>
+ </wsc:SecurityContextToken>
+ </wst:RequestedSecurityToken>
+ <wst:RequestedAttachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="#sctId-5683514" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ </wst:RequestedAttachedReference>
+ <wst:RequestedUnattachedReference>
+ <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+ <wsse:Reference URI="urn:uuid:20189D76AA5794EBCA12142275347662" ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" />
+ </wsse:SecurityTokenReference>
+ </wst:RequestedUnattachedReference>
+ <wst:Lifetime>
+ <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-06-23T13:25:34.767Z</wsu:Created>
+ <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-06-23T13:30:34.767Z</wsu:Expires>
+ </wst:Lifetime>
+ <wst:RequestedProofToken>
+ <wst:BinarySecret>WWrxszI9Rg5Iy5klit8SdFt+X05pewNBbvotsYPtX9A=</wst:BinarySecret>
+ </wst:RequestedProofToken>
+ </wst:RequestSecurityTokenResponse>
+ </soapenv:Body>
+ </soapenv:Envelope>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/policy/sample01.xml b/modules/documentation/src/site/resources/samples/policy/sample01.xml
new file mode 100644
index 0000000..c4df639
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample01.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy wsu:Id="UTOverTransport" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:TransportToken>
+ <wsp:Policy>
+ <sp:HttpsToken RequireClientCertificate="false"/>
+ </wsp:Policy>
+ </sp:TransportToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ </wsp:Policy>
+ </sp:TransportBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient" />
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/policy/sample02.xml b/modules/documentation/src/site/resources/samples/policy/sample02.xml
new file mode 100644
index 0000000..7d5508c
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample02.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/policy/sample03.xml b/modules/documentation/src/site/resources/samples/policy/sample03.xml
new file mode 100644
index 0000000..f5d86c5
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample03.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:InitiatorToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:InitiatorToken>
+ <sp:RecipientToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:RecipientToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:TripleDesRsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:AsymmetricBinding>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
diff --git a/modules/documentation/src/site/resources/samples/policy/sample04.xml b/modules/documentation/src/site/resources/samples/policy/sample04.xml
new file mode 100644
index 0000000..afac818
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample04.xml
@@ -0,0 +1,112 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<wsp:Policy wsu:Id="SecConvPolicy2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:SecureConversationToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:BootstrapPolicy>
+ <wsp:Policy>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EndorsingSupportingTokens>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:EndorsingSupportingTokens>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:Policy>
+ </sp:BootstrapPolicy>
+ </wsp:Policy>
+ </sp:SecureConversationToken>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128Rsa15/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptSignature/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/policy/sample05.xml b/modules/documentation/src/site/resources/samples/policy/sample05.xml
new file mode 100644
index 0000000..d16bca6
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample05.xml
@@ -0,0 +1,75 @@
+<wsp:Policy wsu:Id="SgnOnlyAnonymous"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <Address xmlns="http://www.w3.org/2005/08/addressing">http://localhost:8080/axis2/services/STS</Address>
+ </Issuer>
+ <sp:RequestSecurityTokenTemplate>
+ <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
+ <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>
+ <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ <sp:SignedParts>
+ <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/documentation/src/site/resources/samples/policy/sample06.xml b/modules/documentation/src/site/resources/samples/policy/sample06.xml
new file mode 100644
index 0000000..bccbfe6
--- /dev/null
+++ b/modules/documentation/src/site/resources/samples/policy/sample06.xml
@@ -0,0 +1,87 @@
+<wsp:Policy wsu:Id="SgnOnlyAnonymous"
+ xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
+ xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+ <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <Address xmlns="http://www.w3.org/2005/08/addressing">http://localhost:8080/axis2/services/STS</Address>
+ <Metadata xmlns="http://www.w3.org/2005/08/addressing">
+ <mex:Metadata
+ xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <mex:MetadataSection Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <mex:MetadataReference>
+ <Address
+ xmlns="http://www.w3.org/2005/08/addressing">http://localhost:8080/axis2/services/mex</Address>
+ </mex:MetadataReference>
+ </mex:MetadataSection>
+ </mex:Metadata>
+ </Metadata>
+ </Issuer>
+ <sp:RequestSecurityTokenTemplate>
+ <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
+ <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType>
+ <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
+ </sp:RequestSecurityTokenTemplate>
+ <wsp:Policy>
+ <sp:RequireInternalReference/>
+ </wsp:Policy>
+ </sp:IssuedToken>
+ <sp:SignedParts>
+ <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ </wsp:Policy>
+ </sp:SupportingTokens>
+ <sp:SignedParts>
+ <sp:Body/>
+ </sp:SignedParts>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
diff --git a/modules/documentation/src/site/site.xml b/modules/documentation/src/site/site.xml
new file mode 100644
index 0000000..3731d60
--- /dev/null
+++ b/modules/documentation/src/site/site.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<project name="Apache Rampart">
+
+ <bannerLeft>
+ <name>Apache Rampart</name>
+ <href>images/apache-rampart-logo.jpg</href>
+ </bannerLeft>
+
+ <bannerRight>
+ <src>images/apache-rampart-banner.jpg</src>
+ <href>http://www.apache.org</href>
+ </bannerRight>
+
+ <skin>
+ <groupId>org.apache.maven.skins</groupId>
+ <artifactId>maven-default-skin</artifactId>
+ <version>1.0</version>
+ </skin>
+
+ <publishDate format="dd MMM yyyy"/>
+
+ <body>
+ <links>
+ <item name="WebServices" href="http://ws.apache.org/"/>
+ <item name="Axis2/Java" href="http://ws.apache.org/axis2" />
+ </links>
+
+ <menu name="Apache Rampart">
+ <item name="Home" href="index.html" />
+ <item name="Downloads">
+ <item name="Releases" href="download.html"/>
+ <item name="Source Code" href="source-repository.html"/>
+ </item>
+ <item name="Documentation">
+ <item name="Getting Started" href="quick-start.html"/>
+ <item name="Samples" href="samples.html"/>
+ <item name="FAQ" href="http://wiki.apache.org/ws/FrontPage/Rampart/FAQ"/>
+ <item name="Rampart Configuration" href="rampartconfig-guide.html"/>
+ <item name="STS Configuration" href="setting-up-sts.html"/>
+ <item name="Developer Guide" href="developer-guide.html"/>
+ <item name="Build the Site" href="siteHowTo.html" />
+ </item>
+ <item name="Resources">
+ <item name="Articles" href="articles.html" />
+ <item name="Specifications" href="specifications.html"/>
+ <item name="Online Javadocs" href="apidocs/index.html"/>
+ </item>
+ <item name="Project Information">
+ <item name="Project Team" href="team-list.html" />
+ <item name="Issue Tracking" href="http://issues.apache.org/jira/browse/Rampart" />
+ <item name="Mailing Lists" href="mail-lists.html"/>
+ <item name="Source Code"
+ href="http://svn.apache.org/viewcvs.cgi/webservices/rampart/trunk/?root=Apache-SVN" />
+ <item name="Dependencies" href="dependencies.html"/>
+ <item name="License"
+ href="http://www.apache.org/licenses/LICENSE-2.0.html" />
+ </item>
+ </menu>
+
+ </body>
+</project>
diff --git a/modules/documentation/src/site/xdoc/articles.xml b/modules/documentation/src/site/xdoc/articles.xml
new file mode 100644
index 0000000..d6c23ab
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/articles.xml
@@ -0,0 +1,80 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+</head>
+<body>
+<h1>Apache Rampart Knowledge Base</h1>
+<p>This page contains articles, tutorials, presentations and
+question and answers published on various Web sites on the Apache
+Rampart. </p>
+<h2>Articles:</h2>
+<ul>
+<li><a href="http://wso2.org/library/240">
+UsernameToken Authentication with Rampart</a>- By Ruchith Ferenando</li>
+<li><a href="http://www.xml.com/pub/a/2007/05/02/sure-reliable-web-services-with-apache.html">
+Secure, Reliable Web Services with Apache</a>- By Kyle Gabhart</li>
+<li><a href="http://wso2.org/library/3132">
+Understanding WS - Security Policy Language</a>- By Nandana Mihindukulasooriya</li>
+<li><a href="http://wso2.org/library/1027">
+Integrating WS-Security and WS-SecureConversation Implementations with Apache Sandesha2 </a>- By Chamikara Jayalath</li>
+</ul>
+
+<h2>Tutorials</h2>
+<ul>
+<li><a href="http://wso2.org/library/140">Secure Message Exchanges with Multiple Users</a>- By
+Ruchith Fernando</li>
+<li><a href="http://wso2.org/library/174">Setting Up Keystores for a Client and a Service</a>- By
+Ruchith Fernando</li>
+<li><a href="http://wso2.org/library/3190">Web Services Security with Apache Rampart - Part 1 (Transport Level Security)</a>- By
+Nandana Mihindukulasooriya</li>
+<li><a href="http://wso2.org/library/3415">Web Services Security with Apache Rampart - Part 2 (Message-Level Security)</a>- By
+Nandana Mihindukulasooriya</li>
+</ul>
+
+<h2>Presentations</h2>
+<ul>
+<li><a href="http://www.slideshare.net/prabathsiriwardena/the-secured-enterprise-leverage-openid-with-web-service">The Secured Enterprise</a>- By
+Prabath Siriwardena</li>
+<li><a href="http://wso2.org/library/136">Secure Web Services with Apache Rampart</a>- By
+Ruchith Fernando</li>
+<li><a href="http://wso2.org/library/2534">Apache Rahas</a>- By
+Ruchith Fernando</li>
+</ul>
+<h2>Interviews</h2>
+<ul>
+<li><a href="http://wso2.org/library/695">Secure Messaging with Apache Rampart/Java</a>- By
+Ruchith Fernando</li>
+</ul>
+<h2>Blogs</h2>
+<ul>
+<li><a href="http://RampartFAQ.com">http://RampartFAQ.com</a></li>
+</ul>
+<h2>Questions and Answers</h2>
+<ul>
+<li><a href="http://wso2.org/library/2507">Timestamp validation fails! Why?</a></li>
+<li><a href="http://wso2.org/library/2506">How can I convert an LLOM AXIOM tree into a DOOM AXIOM tree?</a></li>
+<li><a href="http://wso2.org/library/169">How can I obtain UsernameToken information at the service?</a></li>
+<li><a href="http://wso2.org/library/116">Unexpected number of X509Data: for Signature. Why?</a></li>
+</ul>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/developer-guide.xml b/modules/documentation/src/site/xdoc/developer-guide.xml
new file mode 100644
index 0000000..d7471f1
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/developer-guide.xml
@@ -0,0 +1,192 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title></title>
+</head>
+ <body >
+<h1>Apache Rampart Developer Guide</h1>
+<h2>Getting Involved in Rampart</h2>
+
+<h3>Introduction</h3>
+
+Components of Rampart
+<ul>
+ <li>Rampart Core</li>
+ <li>Rampart Policy</li>
+ <li>Rampart Trust</li>
+</ul>
+
+<p></p>
+<img alt="Rampart Components and WS-Security Stack"
+title="Rampart Components and WS-Security Stack" src="images/security-stack.jpg" align="middle" />
+
+<p><strong><em>Figure 1 : Rampart Components and WS-Security
+Stack</em></strong></p>
+
+<h3>Building Rampart</h3>
+<ol>
+ <li>Install maven2. Refer to the <a
+ href="http://maven.apache.org/guides/getting-started/maven-in-five-minutes.html">Installation
+ guide</a>.</li>
+ <li>Install SVN on your machine. (The Rampart repository uses SVN.) Please
+ read the ASF <a
+ href="http://www.apache.org/dev/version-control.html">Source Code
+ Repositories page.</a></li>
+ <li>Download the source code.
+ <ul>
+ <li>Anon Checkout <a
+ href="http://svn.apache.org/repos/asf/webservices/rampart/trunk/java/">http://svn.apache.org/repos/asf/webservices/rampart/trunk/java/</a></li>
+ <li>Committers <a
+ href="https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/">https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/</a></li>
+ </ul>
+ </li>
+ <li>The Rampart project has 8 modules under it. They are:
+ <ul>
+ <li>rampart-policy contains security policy assertions.</li>
+ <li>rampart-core has core components that process and enforce
+ security.</li>
+ <li>rampart-trust contains trust components.</li>
+ <li>rampart-mar builds the rampart.mar that is deployed in the
+ "modules" directory of the Axis2 repository.</li>
+ <li>rampart-trust-mar builds the rahas.mar that adds WS-Trust into
+ Axis2.</li>
+ <li>rampart-test has a set of unit test cases.</li>
+ <li>integration-test has functional tests.</li>
+ <li>rampart-samples consist of samples provided with the
+ distribution.</li>
+ </ul>
+ </li>
+ <li>Build by typing <code>$mvn clean install</code></li>
+</ol>
+
+<p>When deploying rampart.mar and rampart-trust.mar in the Axis2 repository,
+you may notice that they do not contain any dependencies. Therefore all the
+dependencies must be in the classpath.</p>
+
+<h3>Rampart in Axis2</h3>
+
+<p>Rampart is deployed as a module in Axis2, in the security phase. The
+security phase is right after the transport phase. The Rampart module
+introduces a couple of handlers -
+"org.apache.rampart.handler.RampartReciever" and
+"org.apache.rampart.handler.RampartSender" to the security phase.</p>
+
+<p></p>
+<img alt="DOOM" title="Rampart in Axis2" src="images/rampart-handlers.jpg"
+align="middle" />
+
+<p><strong><em>Figure 2 : Rampart in Axis2</em></strong></p>
+
+<p>The "RampartReciver" handler intercepts the incoming message. Then Rampart
+validates the security of the incoming message, and checks whether it is
+in-line with the specified security policy. All security actions such as
+decryption of the message, validating the digital signature, validating the
+timestamp, and authenticating the user happens inside the Rampart module.</p>
+
+<p>"RampartSender" is the last handler in the outflow. The outgoing message
+is intercepted by this handler and Rampart takes the security actions. For
+example SOAP message can be encrypted, digitally signed, and security tokens
+are included according to the security policy.</p>
+
+<h3>Rampart, WSS4J, and DOOM</h3>
+
+<p>Rampart uses WSS4J for securing SOAP messages. WSS4J is an Apache project
+which implements the WS-Security specification. SOAP messages are signed and
+encrypted according to the <a href="http://www.w3.org/TR/xmlenc-core/">XML
+Encryption</a> and <a href="http://www.w3.org/TR/xmldsig-core/">XML Digital
+Signature</a> specifications, but the WS-Security specification introduces an
+additional set of rules. Therefore WSS4J ensures that SOAP messages are
+singed according to all the rules defined in the specifications. WSS4J uses
+Apache's <a href="http://santuario.apache.org/Java/index.html">xmlsec
+libraries</a> for XML Encryption and XML Digital Signature.</p>
+
+<p>Rather than re-inventing the wheel, it was decided to use WSS4J for SOAP
+message security in Rampart but there was a fundamental problem. WSS4J and
+all the incorporating XML security libraries use "DOM" for parsing and
+generating XML, while Axis2 uses "AXIOM" as the object model. This was
+resolved by using a new object model named "DOOM". DOOM is both AXIOM and DOM
+implementations. Therefore you can manipulate/access a DOOM object structure
+through DOM interfaces and AXIOM interfaces.</p>
+
+<p>When Rampart is engaged and configured, the incoming SOAP messages are
+converted to DOOM. Since DOOM implements the DOM interface it is possible for
+WSS4J to process messages. After performing the security validations, before
+flushing the message down the message inflow, the DOOM SOAP message is
+converted back to OM. At the outgoing flow, the message is converted to DOOM
+and then the security functions are performed using WSS4J.</p>
+
+<h3>Rampart Core</h3>
+
+<p>Rampart core drives security enforcement and validation on SOAP messages.
+It binds all components together to create the final product. The important
+components of Rampart core are,</p>
+<ul>
+ <li>org.apache.rampart.RampartEngine</li>
+ <li>org.apache.rampart.MessageBuilder</li>
+</ul>
+
+<p><strong>SOAP Message Inflow</strong></p>
+
+<p>Incoming messages are intercepted by RampartReciver and handed over to the
+RampartEngine. RampartEngine is responsible for handling validation of
+security in the incoming SOAP message.</p>
+<img alt="Rampart Engine" title="Rampart Engine"
+src="images/rampart-engine.jpg" align="middle" />
+
+<p><strong><em>Figure 3: Control flow in RampartEngine</em></strong></p>
+
+<p><strong>Note</strong>: RampartMessageData stores
+"org.apache.rampart.policy.RampartPolicyData", which contains security policy
+in the manner required by "RampartEngine" and "MessageBuilder".</p>
+
+<p><strong>SOAP Message Outflow</strong></p>
+
+<p>Outgoing messages are intercepted by RampartSender and handed over to
+org.apache.rampart.RampartMessageBuilder. It is responsible for enforcing
+security on an outgoing SOAP message.</p>
+<img alt="Message Builder" title="Message Builder"
+src="images/message-builder.jpg" align="middle" />
+
+<p><strong><em>Figure 4: Control flow in MessageBuilder</em></strong></p>
+
+<h3>Rampart Policy</h3>
+
+<p>WS - Security Policy is an extension of WS-Policy specification.
+Corresponding to this, the implementation of the security policy in Rampart
+is based on "Neethi", which is the Apache implementation of WS Policy
+specification. For each policy assertion introduced in the WS-Security
+Policy, there is an "Assertion Builder" and an "Assertion Model" defined in
+Rampart-policy.</p>
+
+<p>Apache Neethi is a highly extensible framework. When reading a security
+policy file, these builders and models in Rampart Policy are picked up by the
+Neethi framework using the "Jar file Service Provider Mechanism". All Rampart
+builders are listed in the
+META-INF/services/org.apache.neethi.builders.AssertionBuilder file. When
+adding a new Policy assertion it requires only a builder, assertion model,
+and an entry in the file.</p>
+
+<p>The RampartPolicyBuilder creates a RampartPolicyData given a "Policy"
+object created using the Rampart-policy and Neethi frameworks.</p>
+
+<h3>Rampart Trust</h3>
+
+<p>Rampart Trust implements the WS-Trust specification, which can be used
+in-conjunction with the Rampart Core and Rampart Policy modules. Rampart
+Trust defines a framework that can be used to issue, cancel, renew, and
+validate tokens, i.e., it defines a set of interfaces that must be
+implemented by different token issuing parties. Basically, Rampart Trust
+provides the functionality needed to host a STS - Security Token Service.</p>
+<img alt="Rampart Trust" title="Rampart Trust" src="images/rampart-trust.jpg"
+align="middle" />
+
+<p><strong><em>Figure 5: Control flow in Rampart Trust</em></strong></p>
+
+<p></p>
+
+<p></p>
+
+<p></p>
+ </body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/download.xml b/modules/documentation/src/site/xdoc/download.xml
new file mode 100644
index 0000000..a42ae83
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download.xml
@@ -0,0 +1,90 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <body>
+ <h1>Download Apache Rampart module</h1>
+ <h2>Apache Rampart Releases</h2>
+ <p>This page provides links to the release versions of Apache Rampart Java.</p>
+ <table border="1" style="border-collapse: collapse" width="93%" id="table1">
+ <tbody>
+ <tr>
+ <th>Version</th>
+ <th>Date</th>
+ <th>Description</th>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.5/download.cgi">
+ <strong>1.5</strong>
+ </a>
+ </td>
+ <td></td>
+ <td>1.5 Release (Mirrored)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.4/download.cgi">
+ <strong>1.4</strong>
+ </a>
+ </td>
+ <td>12 Jun 2008</td>
+ <td>1.4 Release (Archived)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.3/download.cgi">
+ <strong>1.3</strong>
+ </a>
+ </td>
+ <td>06 Sep 2007</td>
+ <td>1.3 Release (Archived)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.2/download.cgi">
+ <strong>1.2</strong>
+ </a>
+ </td>
+ <td>02 Jun 2007</td>
+ <td>1.2 Release (Archived)</td>
+ </tr>
+ <tr>
+ <td>
+ <a href="download/1.1/download.cgi">
+ <strong>1.1</strong>
+ </a>
+ </td>
+ <td>11 Dec 2006</td>
+ <td>1.1 Release (Archived)</td>
+ </tr>
+ </tbody>
+ </table>
+ <p>
+ <strong>Apache Rampart Distributions : <a href="http://people.apache.org/~ruchithf/rampart/SNAPSHOT">Nightly builds</a>
+ </strong>
+ </p>
+ <p>
+ <strong>Maven Repository: <a href="http://people.apache.org/repo/m2-ibiblio-rsync-repository/">Released Apache Rampart jars</a> | <a href="http://people.apache.org/repo/m2-snapshot-repository/">Nightly SNAPSHOT</a>
+ <a href=""></a>
+ </strong>
+ </p>
+ </body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/download/1.1/download.cgi b/modules/documentation/src/site/xdoc/download/1.1/download.cgi
new file mode 100644
index 0000000..8bdb438
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.1/download.cgi
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Wrapper script around mirrors.cgi script
+# (we must change to that directory in order for python to pick up the
+# python includes correctly)
+cd /www/www.apache.org/dyn/mirrors
+/www/www.apache.org/dyn/mirrors/mirrors.cgi $*
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/download/1.1/download.xml b/modules/documentation/src/site/xdoc/download/1.1/download.xml
new file mode 100644
index 0000000..b8ce317
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.1/download.xml
@@ -0,0 +1,97 @@
+<!--
+~ Licensed to the Apache Software Foundation (ASF) under one
+~ or more contributor license agreements. See the NOTICE file
+~ distributed with this work for additional information
+~ regarding copyright ownership. The ASF licenses this file
+~ to you under the Apache License, Version 2.0 (the
+~ "License"); you may not use this file except in compliance
+~ with the License. You may obtain a copy of the License at
+~
+~ http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied. See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta name="generator" content=
+"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
+<meta http-equiv="content-type" content="" />
+<title>Apache Rampart 1.1 Release</title>
+</head>
+<body>
+<!--Google Anayitcs tracking code-->
+<script type="text/javascript" src=
+"http://www.google-analytics.com/urchin.js">
+</script><script type="text/javascript">
+//<![CDATA[
+_uacct = "UA-1954378-3";
+urchinTracker();
+//]]>
+</script>
+<!--End of Google Anayitcs tracking code-->
+<h2>Apache Rampart 1.1 Release</h2>
+<div>
+<table border="1" cellpadding="1">
+<tbody>
+<tr>
+<th scope="col">Distribution Name</th>
+<th scope="col">Description</th>
+<!--<th scope="col">Items</th>-->
+<th scope="col">Download</th>
+</tr>
+<tr>
+<td><a name="std-bin" id="std-bin"></a><strong>Standard Binary
+Distribution</strong></td>
+<td>This is the complete version of Apache Rampart and will contain samples
+as well.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.1.zip');">zip</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip.md5"
+title="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip.asc"
+title="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><a name="src" id="src"></a> <strong>Source
+Distribution</strong></td>
+<td>This will contain the sources of Apache Rampart distribution.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.1-src.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-src.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><strong>Documents Distribution</strong></td>
+<td>This will contain all the documentation in one package.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.1-docs.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_1/rampart-1.1-docs.zip.asc">PGP</a></td>
+</tr>
+</tbody>
+</table>
+</div>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/download/1.2/download.cgi b/modules/documentation/src/site/xdoc/download/1.2/download.cgi
new file mode 100644
index 0000000..8bdb438
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.2/download.cgi
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Wrapper script around mirrors.cgi script
+# (we must change to that directory in order for python to pick up the
+# python includes correctly)
+cd /www/www.apache.org/dyn/mirrors
+/www/www.apache.org/dyn/mirrors/mirrors.cgi $*
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/download/1.2/download.xml b/modules/documentation/src/site/xdoc/download/1.2/download.xml
new file mode 100644
index 0000000..70822ce
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.2/download.xml
@@ -0,0 +1,97 @@
+<!--
+~ Licensed to the Apache Software Foundation (ASF) under one
+~ or more contributor license agreements. See the NOTICE file
+~ distributed with this work for additional information
+~ regarding copyright ownership. The ASF licenses this file
+~ to you under the Apache License, Version 2.0 (the
+~ "License"); you may not use this file except in compliance
+~ with the License. You may obtain a copy of the License at
+~
+~ http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied. See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta name="generator" content=
+"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
+<meta http-equiv="content-type" content="" />
+<title>Apache Rampart 1.2 Release</title>
+</head>
+<body>
+<!--Google Anayitcs tracking code-->
+<script type="text/javascript" src=
+"http://www.google-analytics.com/urchin.js">
+</script><script type="text/javascript">
+//<![CDATA[
+_uacct = "UA-1954378-3";
+urchinTracker();
+//]]>
+</script>
+<!--End of Google Anayitcs tracking code-->
+<h2>Apache Rampart 1.2 Release</h2>
+<div>
+<table border="1" cellpadding="1">
+<tbody>
+<tr>
+<th scope="col">Distribution Name</th>
+<th scope="col">Description</th>
+<!--<th scope="col">Items</th>-->
+<th scope="col">Download</th>
+</tr>
+<tr>
+<td><a name="std-bin" id="std-bin"></a><strong>Standard Binary
+Distribution</strong></td>
+<td>This is the complete version of Apache Rampart and will contain samples
+as well.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.2.zip');">zip</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip.md5"
+title="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip.asc"
+title="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><a name="src" id="src"></a> <strong>Source
+Distribution</strong></td>
+<td>This will contain the sources of Apache Rampart distribution.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.2-src.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-src.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><strong>Documents Distribution</strong></td>
+<td>This will contain all the documentation in one package.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.2-docs.zip');">zip</a>
+<a href=
+"hhttp://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_2/rampart-1.2-docs.zip.asc">PGP</a></td>
+</tr>
+</tbody>
+</table>
+</div>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/download/1.3/download.cgi b/modules/documentation/src/site/xdoc/download/1.3/download.cgi
new file mode 100644
index 0000000..8bdb438
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.3/download.cgi
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Wrapper script around mirrors.cgi script
+# (we must change to that directory in order for python to pick up the
+# python includes correctly)
+cd /www/www.apache.org/dyn/mirrors
+/www/www.apache.org/dyn/mirrors/mirrors.cgi $*
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/download/1.3/download.xml b/modules/documentation/src/site/xdoc/download/1.3/download.xml
new file mode 100644
index 0000000..50dde84
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.3/download.xml
@@ -0,0 +1,97 @@
+<!--
+~ Licensed to the Apache Software Foundation (ASF) under one
+~ or more contributor license agreements. See the NOTICE file
+~ distributed with this work for additional information
+~ regarding copyright ownership. The ASF licenses this file
+~ to you under the Apache License, Version 2.0 (the
+~ "License"); you may not use this file except in compliance
+~ with the License. You may obtain a copy of the License at
+~
+~ http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied. See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta name="generator" content=
+"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
+<meta http-equiv="content-type" content="" />
+<title>Apache Rampart 1.3 Release</title>
+</head>
+<body>
+<!--Google Anayitcs tracking code-->
+<script type="text/javascript" src=
+"http://www.google-analytics.com/urchin.js">
+</script><script type="text/javascript">
+//<![CDATA[
+_uacct = "UA-1954378-3";
+urchinTracker();
+//]]>
+</script>
+<!--End of Google Anayitcs tracking code-->
+<h2>Apache Rampart 1.3 Release</h2>
+<div>
+<table border="1" cellpadding="1">
+<tbody>
+<tr>
+<th scope="col">Distribution Name</th>
+<th scope="col">Description</th>
+<!--<th scope="col">Items</th>-->
+<th scope="col">Download</th>
+</tr>
+<tr>
+<td><a name="std-bin" id="std-bin"></a><strong>Standard Binary
+Distribution</strong></td>
+<td>This is the complete version of Apache Rampart and will contain samples
+as well.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.3.zip');">zip</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip.md5"
+title="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip.asc"
+title="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><a name="src" id="src"></a> <strong>Source
+Distribution</strong></td>
+<td>This will contain the sources of Apache Rampart distribution.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.3-src.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-src.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><strong>Documents Distribution</strong></td>
+<td>This will contain all the documentation in one package.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.3-docs.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.3-docs.zip.asc">PGP</a></td>
+</tr>
+</tbody>
+</table>
+</div>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/download/1.4/download.cgi b/modules/documentation/src/site/xdoc/download/1.4/download.cgi
new file mode 100644
index 0000000..8bdb438
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.4/download.cgi
@@ -0,0 +1,6 @@
+#!/bin/sh
+# Wrapper script around mirrors.cgi script
+# (we must change to that directory in order for python to pick up the
+# python includes correctly)
+cd /www/www.apache.org/dyn/mirrors
+/www/www.apache.org/dyn/mirrors/mirrors.cgi $*
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/download/1.4/download.xml b/modules/documentation/src/site/xdoc/download/1.4/download.xml
new file mode 100644
index 0000000..76a0ab1
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/download/1.4/download.xml
@@ -0,0 +1,97 @@
+<!--
+~ Licensed to the Apache Software Foundation (ASF) under one
+~ or more contributor license agreements. See the NOTICE file
+~ distributed with this work for additional information
+~ regarding copyright ownership. The ASF licenses this file
+~ to you under the Apache License, Version 2.0 (the
+~ "License"); you may not use this file except in compliance
+~ with the License. You may obtain a copy of the License at
+~
+~ http://www.apache.org/licenses/LICENSE-2.0
+~
+~ Unless required by applicable law or agreed to in writing,
+~ software distributed under the License is distributed on an
+~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+~ KIND, either express or implied. See the License for the
+~ specific language governing permissions and limitations
+~ under the License.
+-->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta name="generator" content=
+"HTML Tidy for Windows (vers 14 June 2007), see www.w3.org" />
+<meta http-equiv="content-type" content="" />
+<title>Apache Rampart 1.3 Release</title>
+</head>
+<body>
+<!--Google Anayitcs tracking code-->
+<script type="text/javascript" src=
+"http://www.google-analytics.com/urchin.js">
+</script><script type="text/javascript">
+//<![CDATA[
+_uacct = "UA-1954378-3";
+urchinTracker();
+//]]>
+</script>
+<!--End of Google Anayitcs tracking code-->
+<h2>Apache Rampart 1.3 Release</h2>
+<div>
+<table border="1" cellpadding="1">
+<tbody>
+<tr>
+<th scope="col">Distribution Name</th>
+<th scope="col">Description</th>
+<!--<th scope="col">Items</th>-->
+<th scope="col">Download</th>
+</tr>
+<tr>
+<td><a name="std-bin" id="std-bin"></a><strong>Standard Binary
+Distribution</strong></td>
+<td>This is the complete version of Apache Rampart and will contain samples
+as well.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.4.zip');">zip</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip.md5"
+title="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip.md5">MD5</a>
+<a href="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip.asc"
+title="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-bin.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><a name="src" id="src"></a> <strong>Source
+Distribution</strong></td>
+<td>This will contain the sources of Apache Rampart distribution.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-dist-1.4-src.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.asc">PGP</a></td>
+</tr>
+<tr>
+<td><strong>Documents Distribution</strong></td>
+<td>This will contain all the documentation in one package.</td>
+<td><a href="http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.zip" title=
+"http://archive.apache.org/dist/ws/rampart/1_3/rampart-1.4-docs.zip" onClick=
+"javascript:urchinTracker ('/downloads/rampart-1.4-docs.zip');">zip</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.md5"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-1.4-docs.zip.md5">MD5</a>
+<a href=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-dist-1.4-src.zip.asc"
+title=
+"http://archive.apache.org/dist/ws/rampart/1_4/rampart-1.4-docs.zip.asc">PGP</a></td>
+</tr>
+</tbody>
+</table>
+</div>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/index.xml b/modules/documentation/src/site/xdoc/index.xml
new file mode 100644
index 0000000..62b2bf9
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/index.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<document>
+
+ <properties>
+
+ </properties>
+
+ <body>
+ <h1>Apache Rampart - Axis2 Security Module</h1>
+ <section name="Welcome to Apache Rampart">
+ <p>Rampart is the security module of Axis2. With Rampary module, you can secure Axis2
+ web services for authentication, integrity, confidentiality and non - repudiation.
+ Rampart secures SOAP messages according to specifications in the WS-Security stack.
+ Please go through the <a href="articles.html">Apache Rampart Knowledge Base</a> to
+ get more information about Rampart and it's usage.
+ </p>
+ </section>
+
+ <h2>Features of Rampart Latest Version</h2>
+ <p>
+ Rampart supports the following specifications:
+ </p>
+ <ul>
+ <li>WS - Security 1.0</li>
+ <li>WS - Security 1.1</li>
+ <li>WS - Secure Conversation - February 2005</li>
+ <li>WS - Security Policy - 1.1 - July 2005</li>
+ <li>WS - Security Policy - 1.2 </li>
+ <li>WS - Trust - February 2005</li>
+ <li>WS - Trust - WS-SX</li>
+ <li>SAML 1.1</li>
+ <li>SAML 2.0 - Issurance</li>
+ </ul>
+
+ <h2>Apache Rampart News</h2>
+ <h3>Oct xx, 2009 : Apache Rampart 1.5 released</h3>
+ <p>Apache Rampart 1.5 was released with lots of bug fixes and new features.<br></br>
+ New features include</p>
+ <ul>
+ <li>SAML 2.0 support</li>
+ <li>Key store caching</li>
+ <li>Signing / Encrypting with multiple keys</li>
+ <li>Tests for negative scenarios</li>
+ </ul>
+ </body>
+</document>
diff --git a/modules/documentation/src/site/xdoc/quick-start.xml b/modules/documentation/src/site/xdoc/quick-start.xml
new file mode 100644
index 0000000..a5d41cc
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/quick-start.xml
@@ -0,0 +1,38 @@
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ </head>
+ <body>
+ <h1>Rampart Quick Start Guide</h1>
+
+ <h3>Installing Rampart module in Axis2</h3>
+ <p>Steps to install</p>
+ <ol>
+ <li>If you haven't installed Axis2, then download and extract the standard binary distribution. Make sure you have set the AXIS2_HOME environment variable</li>
+ <li>Run ant from the "samples" directory to copy the required libraries and modules to relevant directories in AXIS2_HOME.</li>
+ </ol>
+ <p></p>
+
+ <h3>Engaging Rampart</h3>
+ <p>When securing a SOAP message, the sender must know the security actions to be performed on the message and the receiver must know enough details to process and validate the security of the message. Therefore when using Rampart with Axis2, it must be engaged at both ends.</p>
+ <p>Observe how module has been engaged in server side by opening samples/policy/sample01/services.xml. The following line has engaged the module.</p>
+ <p>Engaging Rampart at client side is done programatically as follows.</p>
+ <pre>
+ ServiceClient client = new ServiceClient(ctx, null);<br/>
+ client.engageModule("rampart");
+ </pre>
+ <h3>Understanding policy</h3>
+ <p>WS-Security Policy can be used to indicate what security actions that needs be performed on SOAP messages and and what actions should be validated. The file 'samples/policy/sample01/policy.xml' configures Rampart to add Username Token with Timestamp to this message. The element <RampartConfig> in policy.xml defines Rampart specific configurations. </p>
+ <p>Policy at serverside is included in samples/policy/sample01/services.xml file. This configures Rampart module at serverside to validate the message for Username Token an Timestamp.</p>
+ <p>More details on RampartConfig can be found <a href="rampartconfig-guide.html">here</a>.</p>
+
+ <h3>Viewing the Message on wire</h3>
+ <p>It is interesting to view the secured SOAP message on the wire using TCP monitor. Change the "client.port" property in samples/policy/build.xml file to the listening port of TCP monitor. This will send all the messages through TCP monitor when you execute the ant script. Observe the <wsse:Security> header in the SOAP message.</p>
+
+
+
+ </body>
+</html>
+
diff --git a/modules/documentation/src/site/xdoc/rampartconfig-guide.xml b/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
new file mode 100644
index 0000000..3dccfb6
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/rampartconfig-guide.xml
@@ -0,0 +1,76 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+</head>
+ <body>
+<h1>Apache Rampart - Configuration Guide</h1>
+<h2>Rampart Configurations</h2>
+<p>RampartConfig element can have any of the following child elements. Schema is available <a href="rampart-config.xsd">here</a></p>
+<table class="bodyTable"><tbody>
+ <tr class="a"><td><b>Parameter</b></td><td><b>Description</b></td><td><b>Example</b></td></tr>
+
+ <tr class="b"><td>user</td><td>The user's name</td><td>Set username of UsernameToken to be used <br></br>
+ <user> bob</user></td></tr>
+ <tr class="a"><td>userCertAlias</td><td>The user's cert alias</td><td>Set alias of the key to be used to sign<br></br>
+ <userCertAlias> bob</userCertAlias></td></tr>
+ <tr class="b"><td>encryptionUser</td><td>The user's name for encryption.</td><td>
+ <encryptionUser>alice</encryptionUser></td></tr>
+ <tr class="a"><td>passwordCallbackClass</td><td>Callback class used to provide the password required to create the
+ UsernameToken or to sign the message</td><td>
+<pre>
+<passwordCallbackClass>
+ org.apache.axis2.security.PWCallback
+</passwordCallbackClass>
+</pre></td></tr>
+ <tr class="b"><td>policyValidatorCbClass</td><td>Callback class used to provide custom validater </td><td>
+<pre>
+<policyValidatorCbClass>
+ org.apache.axis2.security.CustomPolicyValidater
+</policyValidatorCbClass>
+</pre></td></tr>
+ <tr class="a"><td>signatureCrypto</td><td>properties to needed perform signature, such as crypto
+ provider, keystore and its password</td><td>
+<pre>
+<signatureCrypto>
+ <crypto provider="org.apache.ws.security.components.crypto.Merlin">
+ <property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</property>
+ <property name="org.apache.ws.security.crypto.merlin.file">client.jks</property>
+ <property name="org.apache.ws.security.crypto.merlin.keystore.password">apache</property>
+ </crypto>
+<signatureCrypto>
+</pre>
+ </td></tr>
+ <tr class="b"><td>encryptionCypto</td><td>properties to needed perform signature, such as crypto
+ provider, keystore and its password</td><td>
+<pre>
+<encryptionCypto>
+ ....crypto element ......
+</encryptionCypto>
+</pre></td></tr>
+ <tr class="a"><td>decryptionCrypto</td><td>properties to needed perform signature, such as crypto
+ provider, keystore and its password</td><td>
+<pre>
+<decryptionCrypto>
+ ....crypto element ......
+</decryptionCrypto></pre></td></tr>
+ <tr class="b"><td>timestampTTL</td><td>Time to live of Timestamp</td><td>The default timestamp time to live is 300 seconds</td></tr>
+ <tr class="a"><td>timestampMaxSkew</td><td>The maximum tolerence limit for timeskew of the timestamp</td><td>Rampart allows timestamps created slightly ahead of the reciever's time.<br/> This parameter allows to specify the tolerence limit</td></tr>
+ <tr class="b"><td>timestampPrecisionInMilliseconds</td><td> Whether the timestamps precision should be milliseconds </td><td>When this value is set false, generated timestamps doesn't contain milliseconds </td></tr>
+ <tr class="a"><td>optimizeParts</td><td></td><td></td></tr>
+ <tr class="b"><td>tokenStoreClass</td><td></td><td></td></tr>
+ <tr class="a"><td>sslConfig</td><td>SSL Configuration need for Transportbinding</td><td>Can specify the properties such as "javax.net.ssl.trustStore" and "javax.net.ssl.trustStorePassword". Please see below for more information.</td></tr>
+ </tbody></table>
+<br></br>
+<h3>Crypto Provider</h3>
+ <p>org.apache.ws.security.crypto.provider defines the implementation of
+the org.apache.ws.security.components.crypto.Crypto interface to provide the
+crypto information required by WSS4J. The other properties defined are the
+configuration properties used by the implementation class
+(org.apache.ws.security.components.crypto.Merlin).
+<br></br>
+<a name="ref"></a><a name="references"></a></p>
+<a name="References"></a>
+<h3>References</h3>1. <a href="http://ws.apache.org/wss4j">Apache WSS4J -Home</a>
+ </body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/samples.xml b/modules/documentation/src/site/xdoc/samples.xml
new file mode 100644
index 0000000..574d7f7
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/samples.xml
@@ -0,0 +1,135 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <document>
+ <properties>
+ <title>Apache Rampart Samples</title>
+ </properties>
+ <head>
+ </head>
+ <body>
+ <h1>Rampart Samples</h1>
+ <h2> Basic samples </h2>
+ <p>These samples use parameter based configuration model. This will be a great starting point to get a basic understanding of how WS Security really works. </p>
+ <h2> Policy samples </h2>
+ <p>These samples use WS Security Policy Language for configuration. It is recommended to use policy based configuration model for all production scenarios </p>
+ <h3>Running Samples</h3>
+ <p>Now we'll look at how to run the first sample inside samples/policy folder.</p>
+ <ol>
+ <li>Open a console and change the directory to sample/policy and give the following command. This will start the server at port 8080</li>
+ <pre>
+<code>$ant service.01</code>
+ </pre>
+ <li>Open a new console and change the directory to sample/policy and type the following command.</li>
+ <pre>
+<code>$ant client.01</code>
+ </pre>
+ </ol>
+ <p>Congratulations! Now you have executed the first sample. Rest of the samples can be run by changing the sample number.</p>
+ <br></br>
+ <br></br>
+ <h3>Samples</h3>
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 01</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div style="margin-left:2px;margin-right:-2px;">UsernameToken Authentication, The policy uses a TransportBinding and requires a SignedSupportingToken which
+is a UsernameToken and the inclusion of a TimeStamp. </div>
+ <ul>
+ <li><a href="samples/policy/sample01.xml">Policy</a></li>
+ <li><a href="samples/msgs/req01.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res01.xml">Response Message</a></li>
+ </ul>
+
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 02</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div class="b" style="margin-left:2px;margin-right:-2px;">Sign only, An AsymmetricBinding is used. Entire headers and body to be signed.
+Algorithm suite is TripleDesRsa15.</div>
+ <ul>
+ <li><a href="samples/policy/sample02.xml">Policy</a></li>
+ <li><a href="samples/msgs/req02.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res02.xml">Response Message</a></li>
+ </ul>
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 03</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div class="b" style="margin-left:2px;margin-right:-2px;">Sign and Encrypt messages, An AsymmetricBinding is used. Entire headers and body to be signed.
+EncryptionParts specifies the Body to be encrypted. </div>
+ <ul>
+ <li><a href="samples/policy/sample03.xml">Policy</a></li>
+ <li><a href="samples/msgs/req03.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res03.xml">Response Message</a></li>
+ </ul>
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 04</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div class="b" style="margin-left:2px;margin-right:-2px;">SecureConversation , The secure session is bootstrapped using a SymetricBinding which uses derived keys based on an ephemeral key.
+Messages in the secure conversation includes a timestamp, all headers are signed along with the timestamp, signature encrypted and body encrypted.</div>
+ <ul>
+ <li><a href="samples/policy/sample04.xml">Policy</a></li>
+ <li><a href="samples/msgs/rst04.xml">Bootstrap request (RST)</a></li>
+ <li><a href="samples/msgs/rstr04.xml">Bootstrap response (RSTR)</a></li>
+ <li><a href="samples/msgs/req04.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res04.xml">Response Message</a></li>
+ <li><a href="samples/msgs/creq04.xml">Cancel request </a></li>
+ <li><a href="samples/msgs/cres04.xml">Cancel response</a></li>
+ </ul>
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 05</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div class="b" style="margin-left:2px;margin-right:-2px;">WS-Trust - RST - Resquest Security Token Service - Issuing a SAML token - issuing a token </div>
+ <ul>
+ <li><a href="samples/policy/sample05.xml">Policy</a></li>
+ <li><a href="samples/msgs/req05.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res05.xml">Response Message</a></li>
+ </ul>
+ <br></br>
+ <table class="bodyTable">
+ <tbody>
+ <tr class="a"><td>Sample 06</td></tr>
+ <tr/>
+ </tbody>
+ </table>
+ <div class="b" style="margin-left:2px;margin-right:-2px;">WS-Trust ( With WS Metada Exchange) - RST - Resquest Security Token Service - Issuing a SAML token </div>
+ <ul>
+ <li><a href="samples/policy/sample01.xml">Policy</a></li>
+ <li><a href="samples/msgs/req06.xml">Request Message</a></li>
+ <li><a href="samples/msgs/res06.xml">Response Message</a></li>
+ </ul>
+ </body>
+ </document>
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/setting-up-sts.xml b/modules/documentation/src/site/xdoc/setting-up-sts.xml
new file mode 100644
index 0000000..14fc044
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/setting-up-sts.xml
@@ -0,0 +1,64 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <document>
+ <properties>
+ <title>Setting up a Security Token Service</title>
+ </properties>
+ <head>
+ </head>
+ <body>
+ <h1>Setting up a Security Token Service</h1>
+ <h3>Setting up a Security Token Service</h3>
+ <p>Security Token Service can be set up as per WS-Trust specification using Rampart. The default security token service shipped with the rampart distribution is contained in the rampart-trust.mar module. It can issue SCT tokens and SAML tokens. Sample05 contains a client that connects to the default STS and obtain a SAML token. The services.xml in the sample contains "saml-issuer-config" parameter that is used to configure the default SAML issuer.</p>
+ <strong>STS with a custom issuer</strong>
+ <p>First the default rampart.mar has to be removed from the modules. Then write you own issuer implementing the <code>"org.apache.rahas.TokenIssuer"</code> interface. Let's say that your issuer is <code>"org.custom.MyIssuer"</code>. Then create a Axis2 service archive with the following in the services.xml. Drop the archive into the repository and you have a STS with a CustomToken issuer.</p>
+
+ <pre>
+
+<module ref="rampart" />
+
+<operation name="IssueToken"
+ mep="http://www.w3.org/2006/01/wsdl/in-out">
+ <messageReceiver
+ class="org.apache.rahas.STSMessageReceiver"/>
+
+ <!-- Action mapping to accept RST requests -->
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate</actionMapping>
+
+ <parameter name="token-dispatcher-configuration">
+ <token-dispatcher-configuration>
+ <!-- Issuers. You may have many issuers. -->
+ <issuer class="org.custom.MyIssuer" default="true">
+ <configuration
+ type="parameter">saml-issuer-config</configuration>
+ <tokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</tokenType>
+ </issuer>
+ </token-dispatcher-configuration>
+ </parameter>
+
+</operation>
+
+</pre>
+ </body>
+ </document>
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/siteHowTo.xml b/modules/documentation/src/site/xdoc/siteHowTo.xml
new file mode 100644
index 0000000..1ccdbe2
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/siteHowTo.xml
@@ -0,0 +1,60 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title></title>
+</head>
+<body>
+<h1>How to Build the Rampart Project's Website</h1>
+<h2>Installing Maven2</h2>
+<p>The Apache Rampart website build system solely depends on <a href=
+"http://maven.apache.org/">Maven2</a>. The build has been
+specifically tested to work with Maven version 2.0.7. To install
+Maven, download the distributions and follow the instructions in
+the documentation. Make sure you don't forget to add MAVEN_HOME/bin
+directory in the path.</p>
+<h2>Checking out Apache Rampart</h2>
+<p>Checkout the <a href=
+"http://svn.apache.org/repos/asf/webservices/rampart/trunk/java">latest
+source</a> using your favorite SVN client. If you are a committer,
+get a <a href=
+"https://svn.apache.org/repos/asf/webservices/rampart/trunk/java">commiter
+check out.</a></p>
+<h2>Building the Site</h2>
+<p>cd to modules/documentation and type <i>mvn install</i> The built
+site will be available under target/site.</p>
+<h2>FAQ</h2>
+<ol>
+<li>How can I update a document in the site ?<br />
+Get a commiter check out. All the documents are in XHTML format
+under the modules/documentation/src/site/xdoc folder, and you can change only the documents found
+under this folder. Change the relevant file and run <i>mvn
+install</i>. New documentation will be available under
+the target folder.</li>
+<li>How can I add a new document?<br />
+Add the new document in the xdoc folder. Change the site.xml
+found under the modules/documentation/src/site folder by adding a link to the newly added
+document. Re-generate the site.<br />
+Please make sure you have not included any of the illegal
+characters and your document should be well formed.</li>
+</ol>
+</body>
+</html>
diff --git a/modules/documentation/src/site/xdoc/specifications.xml b/modules/documentation/src/site/xdoc/specifications.xml
new file mode 100644
index 0000000..70f4559
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/specifications.xml
@@ -0,0 +1,60 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <document>
+ <properties>
+ <title></title>
+ </properties>
+ <head>
+
+ </head>
+ <body>
+ <h1>WS Security Specifications</h1>
+ <h2>WSS: SOAP Message Security </h2>
+ <ul>
+ <li><a href="http://www.oasis-open.org/committees/download.php/5941/oasis-200401-wss-soap-message-security-1.0.pdf">
+ SOAP Message Security 1.0 </a></li>
+ <li><a href="http://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf">
+ SOAP Message Security 1.1 </a></li>
+ </ul>
+ <h2>WS Security Policy</h2>
+ <ul>
+ <li><a href="http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf">
+ WS-SecurityPolicy 1.1</a></li>
+ </ul>
+ <h2>Web Services Trust Language (WS-Trust)</h2>
+ <ul>
+ <li><a href="http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf">
+ WS Trust 1.0 </a></li>
+ </ul>
+ <h2>WS Secure Conversation</h2>
+ <ul>
+ <li><a href="http://specs.xmlsoap.org/ws/2005/02/sc/WS-SecureConversation.pdf">
+ WS Secure Conversation 1.0 </a></li>
+ </ul>
+ <h2>WS-SX specifications</h2>
+ <ul>
+ <li><a href="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.pdf">
+ WS-SecurityPolicy 1.2 </a></li>
+ <li><a href="http://docs.oasis-open.org/ws-sx/ws-trust/200512/ws-trust-1.3-os.pdf">
+ WS Trust 1.3</a></li>
+ <li><a href="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/ws-secureconversation-1.3-os.pdf">
+ WS Secure Conversation 1.3</a></li>
+ </ul>
+ </body>
+ </document>
\ No newline at end of file
diff --git a/modules/documentation/src/site/xdoc/svn.xml b/modules/documentation/src/site/xdoc/svn.xml
new file mode 100644
index 0000000..21da0ff
--- /dev/null
+++ b/modules/documentation/src/site/xdoc/svn.xml
@@ -0,0 +1,114 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Developing Apache Rampart</title>
+</head>
+<body lang="en" xml:lang="en">
+<h1>Developing Apache Rampart</h1>
+<p>This document provides information on how to use SVN to get an
+SVN checkout/update, make commits to the repository, etc., in the
+process of contributing to Apache projects (specifically Apache Rampart).
+Instructions on configuring IDEs for development and using Maven to
+build the project is also included here.</p>
+<h2>Content</h2>
+<ul>
+<li><a href="#svn">Working with Subversion (SVN)</a></li>
+<li><a href="#checkout">Checkout Rampart from Subversion</a></li>
+<li><a href="#maven">Installing Maven 2</a></li>
+<li><a href="#ide">Configuring your IDE</a></li>
+</ul>
+<a name="svn" id="svn"></a>
+<h2>Working with Subversion (SVN)</h2>
+<p>The Rampart development team uses Subversion (SVN) for source
+control. Subversion is a compelling replacement for CVS, developed
+under the auspices of the Tigris community and licensed under an
+Apache compatible license. To learn more about Subversion or to
+download the latest distribution, visit the <a href=
+"http:///subversion.tigris.org" target="_blank">Subversion project
+site</a>. If you are looking for guidance on setting up and
+installing Subversion, please read the ASF <a href=
+"http://www.apache.org/dev/version-control.html" target=
+"_blank">Source Code Repositories page</a>.</p>
+<a name="checkout" id="checkout"></a>
+<h2>Checkout Axis2 from Subversion</h2>
+<p>To check out the latest version of Rampart from the Foundation's
+Subversion repository, you must use one of the following URLs
+depending on your level of access to the Rampart source code:</p>
+<ul>
+<li><b>If you are not a committer:</b> <a href=
+"http://svn.apache.org/repos/asf/webservices/rampart/trunk/java"
+target=
+"_blank">http://svn.apache.org/repos/asf/webservices/rampart/trunk/java</a></li>
+<li><b>If you are a committer:</b> <a href=
+"https://svn.apache.org/repos/asf/webservices/rampart/trunk/java"
+target=
+"_blank">https://svn.apache.org/repos/asf/webservices/rampart/trunk/java</a></li>
+</ul>
+If you are a committer, make sure that you have selected an
+svnpasswd. To do this, you must log into svn.apache.org. For more
+information, please read the ASF <a href=
+"http://www.apache.org/dev/version-control.html" target=
+"_blank">Source Code Repositories page</a>.
+<p>Once you have successfully installed Subversion, you can check
+out Rampart trunk by following these steps:</p>
+<ol type="1">
+<li>Run <strong>svn co <repository URL> axis2</strong> where
+the repository URL is one of the URLs from the previous list.</li>
+<li>This step will check out the latest version of the Rampart Java
+codebase to a directory named "rampart". The second parameter to the
+<strong>svn co</strong> selects a directory to create on your local
+machine. If you want to checkout Rampart to a different directory,
+feel free to change rampart to any other directory name.</li>
+<li>To update your working copy to the latest version from the
+repository, execute the <strong>svn update</strong> command.</li>
+<li>If you would like to submit a patch, you can execute
+<strong>svn diff</strong> to create a unified diff for submission
+to the Rampart JIRA issue tracker.</li>
+</ol>
+<a name="maven" id="maven"></a>
+<h2>Installing Maven 2</h2>
+<p>Rampart's build is based on Maven 2. Maven is a build system that
+allows for the reuse of common build projects across multiple
+projects. For information about obtaining, installing, and
+configuring Maven 2, please see the <a href=
+"http://maven.apache.org" target="_blank">Maven project page</a>.
+To use Maven to build the Axis2 project, Please install <a href="http://maven.apache.org/download.html" target=
+"_blank">Maven2</a> and follow instructions here - <a href="maven-help.html">Quick Guide to Maven for Axis 2.0</a></p>.
+<a name="ide" id="ide"></a>
+<h2>Configuring your IDE</h2>
+<p>The Rampart development team uses a variety of development tools
+from vi to emacs to eclipse to Intellij/IDEA. The following section
+is not an endorsement of a specific set of tools, it is simply
+meant as a pointer to ease the process of getting started with
+Rampart development.</p>
+<ul>
+<li><strong>Intellij IDEA</strong> - type <strong>mvn
+idea:idea</strong>. Generates the necessary IDEA .ipr, .iml
+and .iws project files</li>
+<li><strong>Eclipse</strong>- type <strong>mvn eclipse:eclipse</strong>. Then in Eclipse, setup a Classpath Variable
+for MAVEN_REPO, and select File > Import > Existing Projects
+into Workspace > Select root directory. Selecting the root of
+the Rampart source discovers all the modules and allows them to be
+imported as individual projects at once.</li>
+</ul>
+</body>
+</html>
diff --git a/modules/rampart-core/pom.xml b/modules/rampart-core/pom.xml
new file mode 100644
index 0000000..cbd1919
--- /dev/null
+++ b/modules/rampart-core/pom.xml
@@ -0,0 +1,64 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+ <parent>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-project</artifactId>
+ <version>1.5</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>rampart-core</artifactId>
+ <packaging>jar</packaging>
+ <name>Rampart - Core</name>
+
+ <build>
+ <sourceDirectory>src/main/java</sourceDirectory>
+ <resources>
+ <resource>
+ <directory>src/main/java</directory>
+ <excludes>
+ <exclude>**/*.java</exclude>
+ </excludes>
+ </resource>
+ </resources>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <configuration>
+ <source>1.5</source>
+ <target>1.5</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-policy</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.rampart</groupId>
+ <artifactId>rampart-trust</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ </dependencies>
+
+ <reporting>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-site-plugin</artifactId>
+ <configuration>
+ <templateDirectory>${basedir}</templateDirectory>
+ <menu ref="parent"/>
+ </configuration>
+ </plugin>
+ </plugins>
+ </reporting>
+</project>
diff --git a/modules/rampart-core/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder b/modules/rampart-core/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder
new file mode 100644
index 0000000..34900b9
--- /dev/null
+++ b/modules/rampart-core/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder
@@ -0,0 +1,3 @@
+org.apache.rampart.policy.builders.CryptoConfigBuilder
+org.apache.rampart.policy.builders.RampartConfigBuilder
+org.apache.rampart.policy.builders.SSLConfigBuilder
\ No newline at end of file
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
new file mode 100644
index 0000000..40f9563
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
@@ -0,0 +1,188 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.Constants;
+import org.apache.axis2.addressing.AddressingConstants;
+import org.apache.axis2.addressing.AddressingConstants.Final;
+import org.apache.axis2.addressing.AddressingConstants.Submission;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.context.OperationContext;
+import org.apache.axis2.util.XMLUtils;
+import org.apache.axis2.wsdl.WSDLConstants;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TrustUtil;
+import org.apache.rampart.builder.AsymmetricBindingBuilder;
+import org.apache.rampart.builder.SymmetricBindingBuilder;
+import org.apache.rampart.builder.TransportBindingBuilder;
+import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.policy.model.OptimizePartsConfig;
+import org.apache.rampart.util.Axis2Util;
+import org.apache.rampart.util.MessageOptimizer;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.message.token.SecurityContextToken;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import javax.xml.namespace.QName;
+
+public class MessageBuilder {
+
+ private static Log log = LogFactory.getLog(MessageBuilder.class);
+
+ public void build(MessageContext msgCtx) throws WSSPolicyException,
+ RampartException, WSSecurityException, AxisFault {
+
+ Axis2Util.useDOOM(true);
+
+ RampartMessageData rmd = new RampartMessageData(msgCtx, true);
+
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+ if(rpd == null || isSecurityValidationFault(msgCtx) ||
+ !RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false)) {
+
+ Document doc = rmd.getDocument();
+ WSSecHeader secHeader = rmd.getSecHeader();
+
+ if ( secHeader != null && secHeader.isEmpty(doc) ) {
+ secHeader.removeSecurityHeader(doc);
+ }
+
+ return;
+ }
+
+ //Copy the RECV_RESULTS if available
+ if(!rmd.isInitiator()) {
+ OperationContext opCtx = msgCtx.getOperationContext();
+ MessageContext inMsgCtx;
+ if(opCtx != null &&
+ (inMsgCtx = opCtx.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null) {
+ msgCtx.setProperty(WSHandlerConstants.RECV_RESULTS,
+ inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
+ }
+ }
+
+
+ String isCancelreq = (String)msgCtx.getProperty(RampartMessageData.CANCEL_REQUEST);
+ if(isCancelreq != null && Constants.VALUE_TRUE.equals(isCancelreq)) {
+ try {
+
+ String cancelAction = TrustUtil.getWSTNamespace(rmd.getWstVersion()) + RahasConstants.RST_ACTION_CANCEL_SCT;
+ //Set action
+ msgCtx.getOptions().setAction(cancelAction);
+
+ //Change the wsa:Action header
+ String wsaNs = Final.WSA_NAMESPACE;
+ Object addressingVersionFromCurrentMsgCtxt = msgCtx.getProperty(AddressingConstants.WS_ADDRESSING_VERSION);
+ if (Submission.WSA_NAMESPACE.equals(addressingVersionFromCurrentMsgCtxt)) {
+ wsaNs = Submission.WSA_NAMESPACE;
+ }
+ OMElement header = msgCtx.getEnvelope().getHeader();
+ if(header != null) {
+ OMElement actionElem = header.getFirstChildWithName(new QName(wsaNs, AddressingConstants.WSA_ACTION));
+ if(actionElem != null) {
+ actionElem.setText(cancelAction);
+ }
+ }
+
+ //set payload to a cancel request
+ String ctxIdKey = RampartUtil.getContextIdentifierKey(msgCtx);
+ String tokenId = (String)RampartUtil.getContextMap(msgCtx).get(ctxIdKey);
+
+ if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) {
+ OMElement bodyElem = msgCtx.getEnvelope().getBody();
+ OMElement child = bodyElem.getFirstElement();
+ SecurityContextToken sct = new SecurityContextToken(
+ (Element) rmd.getTokenStorage().getToken(tokenId)
+ .getToken());
+ OMElement newChild = TrustUtil.createCancelRequest(sct
+ .getIdentifier(), rmd.getWstVersion());
+ Element newDomChild = XMLUtils.toDOM(newChild);
+ Node importedNode = rmd.getDocument().importNode((Element) newDomChild, true);
+ ((Element) bodyElem).replaceChild(importedNode, (Element) child);
+ } else {
+ throw new RampartException("tokenToBeCancelledInvalid");
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new RampartException("errorInTokenCancellation");
+ }
+ }
+
+ if(rpd.isTransportBinding()) {
+ log.debug("Building transport binding");
+ TransportBindingBuilder building = new TransportBindingBuilder();
+ building.build(rmd);
+ } else if(rpd.isSymmetricBinding()) {
+ log.debug("Building SymmetricBinding");
+ SymmetricBindingBuilder builder = new SymmetricBindingBuilder();
+ builder.build(rmd);
+ } else {
+ AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder();
+ builder.build(rmd);
+ }
+
+ //TODO remove following check, we don't need this check here as we do a check to see whether
+ // security header required
+
+ Document doc = rmd.getDocument();
+ WSSecHeader secHeader = rmd.getSecHeader();
+
+ if ( secHeader != null && secHeader.isEmpty(doc) ) {
+ secHeader.removeSecurityHeader(doc);
+ }
+
+ /*
+ * Checking whether MTOMSerializable is there. If so set optimizeElement.
+ * */
+ if(rpd.isMTOMSerialize()){
+ msgCtx.setProperty(Constants.Configuration.ENABLE_MTOM, Constants.VALUE_TRUE);
+ OptimizePartsConfig config= rpd.getOptimizePartsConfig();
+ if(config != null){
+ MessageOptimizer.optimize(msgCtx.getEnvelope(), config.getExpressions(), config.getNamespaces());
+ }
+ }
+
+ }
+
+ private boolean isSecurityValidationFault(MessageContext msgCtx) throws AxisFault {
+
+ OperationContext opCtx = msgCtx.getOperationContext();
+ MessageContext inMsgCtx;
+ if(opCtx != null &&
+ (inMsgCtx = opCtx.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null) {
+ Boolean secErrorFlag = (Boolean) inMsgCtx.getProperty(RampartConstants.SEC_FAULT);
+
+ if (secErrorFlag != null && secErrorFlag.equals(Boolean.TRUE)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
new file mode 100644
index 0000000..fe8f49f
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
@@ -0,0 +1,963 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axiom.om.xpath.AXIOMXPath;
+import org.apache.axiom.om.OMNamespace;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.policy.SupportingPolicyData;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.SPConstants;
+import org.apache.ws.secpolicy.model.*;
+import org.apache.ws.security.*;
+import org.apache.ws.security.message.token.Timestamp;
+import org.apache.ws.security.util.WSSecurityUtil;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.jaxen.XPath;
+import org.jaxen.JaxenException;
+
+import javax.xml.namespace.QName;
+import java.math.BigInteger;
+import java.security.cert.X509Certificate;
+import java.util.*;
+
+public class PolicyBasedResultsValidator implements PolicyValidatorCallbackHandler {
+
+ private static Log log = LogFactory.getLog(PolicyBasedResultsValidator.class);
+
+ /**
+ * {@inheritDoc}
+ */
+ public void validate(ValidatorData data, Vector results)
+ throws RampartException {
+
+ RampartMessageData rmd = data.getRampartMessageData();
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+
+ //If there's Security policy present and no results
+ //then we should throw an error
+ if(rpd != null && results == null) {
+ throw new RampartException("noSecurityResults");
+ }
+
+ //Check presence of timestamp
+ WSSecurityEngineResult tsResult = null;
+ if(rpd != null && rpd.isIncludeTimestamp()) {
+ tsResult =
+ WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
+ if(tsResult == null) {
+ throw new RampartException("timestampMissing");
+ }
+
+ }
+
+ //sig/encr
+ Vector encryptedParts = RampartUtil.getEncryptedParts(rmd);
+ if(rpd != null && rpd.isSignatureProtection() && isSignatureRequired(rmd)) {
+
+ String sigId = RampartUtil.getSigElementId(rmd);
+
+ encryptedParts.add(new WSEncryptionPart(WSConstants.SIG_LN,
+ WSConstants.SIG_NS, "Element"));
+ }
+
+ Vector signatureParts = RampartUtil.getSignedParts(rmd);
+
+ //Timestamp is not included in sig parts
+ if(rpd != null && rpd.isIncludeTimestamp() && !rpd.isTransportBinding()) {
+ signatureParts.add(new WSEncryptionPart("timestamp"));
+ }
+
+ if(!rmd.isInitiator()) {
+
+ //Just an indicator for EndorsingSupportingToken signature
+ SupportingToken endSupportingToken = rpd.getEndorsingSupportingTokens();
+ if(endSupportingToken != null) {
+ SignedEncryptedParts endSignedParts = endSupportingToken.getSignedParts();
+ if((endSignedParts != null &&
+ (endSignedParts.isBody() ||
+ endSignedParts.getHeaders().size() > 0)) ||
+ rpd.isIncludeTimestamp()) {
+ signatureParts.add(
+ new WSEncryptionPart("EndorsingSupportingTokens"));
+ }
+ }
+ //Just an indicator for SignedEndorsingSupportingToken signature
+ SupportingToken sgndEndSupportingToken = rpd.getSignedEndorsingSupportingTokens();
+ if(sgndEndSupportingToken != null) {
+ SignedEncryptedParts sgndEndSignedParts = sgndEndSupportingToken.getSignedParts();
+ if((sgndEndSignedParts != null &&
+ (sgndEndSignedParts.isBody() ||
+ sgndEndSignedParts.getHeaders().size() > 0)) ||
+ rpd.isIncludeTimestamp()) {
+ signatureParts.add(
+ new WSEncryptionPart("SignedEndorsingSupportingTokens"));
+ }
+ }
+
+ Vector supportingToks = rpd.getSupportingTokensList();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ SupportingToken supportingToken = (SupportingToken) supportingToks.get(i);
+ if (supportingToken != null) {
+ SupportingPolicyData policyData = new SupportingPolicyData();
+ policyData.build(supportingToken);
+ encryptedParts.addAll(RampartUtil.getSupportingEncryptedParts(rmd, policyData));
+ signatureParts.addAll(RampartUtil.getSupportingSignedParts(rmd, policyData));
+ }
+ }
+ }
+
+ validateEncrSig(data,encryptedParts, signatureParts, results);
+
+ if(!rpd.isTransportBinding()) {
+ validateProtectionOrder(data, results);
+ }
+
+ validateEncryptedParts(data, encryptedParts, results);
+
+ validateSignedPartsHeaders(data, signatureParts, results);
+
+ validateRequiredElements(data);
+
+ //Supporting tokens
+ if(!rmd.isInitiator()) {
+ validateSupportingTokens(data, results);
+ }
+
+ /*
+ * Now we can check the certificate used to sign the message. In the
+ * following implementation the certificate is only trusted if either it
+ * itself or the certificate of the issuer is installed in the keystore.
+ *
+ * Note: the method verifyTrust(X509Certificate) allows custom
+ * implementations with other validation algorithms for subclasses.
+ */
+
+ // Extract the signature action result from the action vector
+ WSSecurityEngineResult actionResult = WSSecurityUtil.fetchActionResult(
+ results, WSConstants.SIGN);
+
+ if (actionResult != null) {
+ X509Certificate returnCert = (X509Certificate) actionResult
+ .get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+
+ if (returnCert != null) {
+ if (!verifyTrust(returnCert, rmd)) {
+ throw new RampartException ("trustVerificationError");
+ }
+ }
+ }
+
+ /*
+ * Perform further checks on the timestamp that was transmitted in the
+ * header.
+ * In the following implementation the timestamp is valid if :
+ * Timestamp->Created < 'now' < Timestamp->Expires (Last test already handled by WSS4J)
+ *
+ * Note: the method verifyTimestamp(Timestamp) allows custom
+ * implementations with other validation algorithms for subclasses.
+ */
+
+ // Extract the timestamp action result from the action vector
+ actionResult = WSSecurityUtil.fetchActionResult(results, WSConstants.TS);
+
+ if (actionResult != null) {
+ Timestamp timestamp = (Timestamp) actionResult
+ .get(WSSecurityEngineResult.TAG_TIMESTAMP);
+
+ if (timestamp != null) {
+ if (!verifyTimestamp(timestamp, rmd)) {
+ throw new RampartException("cannotValidateTimestamp");
+ }
+ }
+ }
+ }
+
+ /**
+ * @param encryptedParts
+ * @param signatureParts
+ */
+ protected void validateEncrSig(ValidatorData data,Vector encryptedParts, Vector signatureParts, Vector results)
+ throws RampartException {
+ ArrayList actions = getSigEncrActions(results);
+ boolean sig = false;
+ boolean encr = false;
+ for (Iterator iter = actions.iterator(); iter.hasNext();) {
+ Integer act = (Integer) iter.next();
+ if(act.intValue() == WSConstants.SIGN) {
+ sig = true;
+ } else if(act.intValue() == WSConstants.ENCR) {
+ encr = true;
+ }
+ }
+
+ RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
+
+ SupportingToken sgndSupTokens = rpd.getSignedSupportingTokens();
+ SupportingToken sgndEndorSupTokens = rpd.getSignedEndorsingSupportingTokens();
+
+ if(sig && signatureParts.size() == 0
+ && (sgndSupTokens == null || sgndSupTokens.getTokens().size() == 0)
+ && (sgndEndorSupTokens == null || sgndEndorSupTokens.getTokens().size() == 0)) {
+
+ //Unexpected signature
+ throw new RampartException("unexprectedSignature");
+ } else if(!sig && signatureParts.size() > 0) {
+
+ //required signature missing
+ throw new RampartException("signatureMissing");
+ }
+
+ if(encr && encryptedParts.size() == 0) {
+
+ //Check whether its just an encrypted key
+ ArrayList list = this.getResults(results, WSConstants.ENCR);
+ boolean encrDataFound = false;
+ for (Iterator iter = list.iterator(); iter.hasNext();) {
+ WSSecurityEngineResult result = (WSSecurityEngineResult) iter.next();
+ ArrayList dataRefURIs = (ArrayList)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+ if ( dataRefURIs != null && dataRefURIs.size() != 0) {
+ encrDataFound = true;
+ }
+ }
+ //TODO check whether the encrptedDataFound is an UsernameToken
+ if(encrDataFound && !isUsernameTokenPresent(data)) {
+ //Unexpected encryption
+ throw new RampartException("unexprectedEncryptedPart");
+ }
+ } else if(!encr && encryptedParts.size() > 0) {
+
+ //required signature missing
+ throw new RampartException("encryptionMissing");
+ }
+ }
+
+ /**
+ * @param data
+ * @param results
+ */
+ protected void validateSupportingTokens(ValidatorData data, Vector results)
+ throws RampartException {
+
+ //Check for UsernameToken
+ RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
+ Vector supportingToks = rpd.getSupportingTokensList();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ SupportingToken suppTok = (SupportingToken) supportingToks.get(i);
+ handleSupportingTokens(results, suppTok);
+ }
+ SupportingToken signedSuppToken = rpd.getSignedSupportingTokens();
+ handleSupportingTokens(results, signedSuppToken);
+ SupportingToken signedEndSuppToken = rpd.getSignedEndorsingSupportingTokens();
+ handleSupportingTokens(results, signedEndSuppToken);
+ SupportingToken endSuppToken = rpd.getEndorsingSupportingTokens();
+ handleSupportingTokens(results, endSuppToken);
+ }
+
+ /**
+ * @param results
+ * @param suppTok
+ * @throws RampartException
+ */
+ protected void handleSupportingTokens(Vector results, SupportingToken suppTok) throws RampartException {
+
+ if(suppTok == null) {
+ return;
+ }
+
+ ArrayList tokens = suppTok.getTokens();
+ for (Iterator iter = tokens.iterator(); iter.hasNext();) {
+ Token token = (Token) iter.next();
+ if(token instanceof UsernameToken) {
+ //Check presence of a UsernameToken
+ WSSecurityEngineResult utResult = WSSecurityUtil.fetchActionResult(results, WSConstants.UT);
+ if(utResult == null) {
+ throw new RampartException("usernameTokenMissing");
+ }
+
+ } else if ( token instanceof IssuedToken ) {
+ //TODO is is enough to check for ST_UNSIGNED results ??
+ WSSecurityEngineResult samlResult = WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+ if(samlResult == null) {
+ throw new RampartException("samlTokenMissing");
+ }
+ } else if ( token instanceof X509Token) {
+ WSSecurityEngineResult x509Result = WSSecurityUtil.fetchActionResult(results, WSConstants.BST);
+ if(x509Result == null) {
+ throw new RampartException("binaryTokenMissing");
+ }
+ }
+ }
+ }
+
+
+
+
+ /**
+ * @param data
+ * @param results
+ */
+ protected void validateProtectionOrder(ValidatorData data, Vector results)
+ throws RampartException {
+
+ String protectionOrder = data.getRampartMessageData().getPolicyData().getProtectionOrder();
+ ArrayList sigEncrActions = this.getSigEncrActions(results);
+
+ if(sigEncrActions.size() < 2) {
+ //There are no results to COMPARE
+ return;
+ }
+
+ boolean sigNotPresent = true;
+ boolean encrNotPresent = true;
+
+ for (Iterator iter = sigEncrActions.iterator(); iter.hasNext();) {
+ Integer act = (Integer) iter.next();
+ if(act.intValue() == WSConstants.SIGN) {
+ sigNotPresent = false;
+ } else if(act.intValue() == WSConstants.ENCR) {
+ encrNotPresent = false;
+ }
+ }
+
+ // Only one action is present, so there is no order to check
+ if ( sigNotPresent || encrNotPresent ) {
+ return;
+ }
+
+
+ boolean done = false;
+ if(SPConstants.SIGN_BEFORE_ENCRYPTING.equals(protectionOrder)) {
+
+ boolean sigFound = false;
+ for (Iterator iter = sigEncrActions.iterator();
+ iter.hasNext() || !done;) {
+ Integer act = (Integer) iter.next();
+ if(act.intValue() == WSConstants.ENCR && ! sigFound ) {
+ // We found ENCR and SIGN has not been found - break and fail
+ break;
+ }
+ if(act.intValue() == WSConstants.SIGN) {
+ sigFound = true;
+ } else if(sigFound) {
+ //We have an ENCR action after sig
+ done = true;
+ }
+ }
+
+ } else {
+ boolean encrFound = false;
+ for (Iterator iter = sigEncrActions.iterator(); iter.hasNext();) {
+ Integer act = (Integer) iter.next();
+ if(act.intValue() == WSConstants.SIGN && ! encrFound ) {
+ // We found SIGN and ENCR has not been found - break and fail
+ break;
+ }
+ if(act.intValue() == WSConstants.ENCR) {
+ encrFound = true;
+ } else if(encrFound) {
+ //We have an ENCR action after sig
+ done = true;
+ }
+ }
+ }
+
+ if(!done) {
+ throw new RampartException("protectionOrderMismatch");
+ }
+ }
+
+
+ protected ArrayList getSigEncrActions(Vector results) {
+ ArrayList sigEncrActions = new ArrayList();
+ for (Iterator iter = results.iterator(); iter.hasNext();) {
+ Integer actInt = (Integer) ((WSSecurityEngineResult) iter.next())
+ .get(WSSecurityEngineResult.TAG_ACTION);
+ int action = actInt.intValue();
+ if(WSConstants.SIGN == action || WSConstants.ENCR == action) {
+ sigEncrActions.add(new Integer(action));
+ }
+
+ }
+ return sigEncrActions;
+ }
+
+ protected void validateEncryptedParts(ValidatorData data, Vector encryptedParts, Vector results)
+ throws RampartException {
+
+ RampartMessageData rmd = data.getRampartMessageData();
+
+ ArrayList encrRefs = getEncryptedReferences(results);
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+
+ // build the list of encrypted nodes based on the dataRefs xpath expressions
+ SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
+ Set namespaces = RampartUtil.findAllPrefixNamespaces(envelope,
+ rpd.getDeclaredNamespaces());
+
+ Map decryptedElements = new HashMap();
+ for (int i = 0; i < encrRefs.size() ; i++) {
+ WSDataRef dataRef = (WSDataRef)encrRefs.get(i);
+
+ if(dataRef == null || dataRef.getXpath() == null) {
+ continue;
+ }
+
+ try {
+ XPath xp = new AXIOMXPath(dataRef.getXpath());
+
+ Iterator nsIter = namespaces.iterator();
+
+ while (nsIter.hasNext())
+ {
+ OMNamespace tmpNs = (OMNamespace)nsIter.next();
+ xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
+ }
+
+ Iterator nodesIterator = xp.selectNodes(envelope).iterator();
+
+ while (nodesIterator.hasNext()) {
+ decryptedElements.put(nodesIterator.next(), Boolean.valueOf(dataRef.isContent()));
+ }
+
+
+ } catch (JaxenException e) {
+ // This has to be changed to propagate an instance of a RampartException up
+ throw new RampartException("An error occurred while searching for decrypted elements.", e);
+ }
+
+ }
+
+
+ //Check for encrypted body
+ if(rpd.isEncryptBody()) {
+
+ if( !isRefIdPresent(encrRefs, data.getBodyEncrDataId())){
+ throw new RampartException("encryptedPartMissing",
+ new String[]{data.getBodyEncrDataId()});
+ }
+ }
+
+ for (int i = 0 ; i < encryptedParts.size() ; i++) {
+
+ WSEncryptionPart encPart = (WSEncryptionPart)encryptedParts.get(i);
+
+ //This is the encrypted Body and we already checked encrypted body
+ if (encPart.getType() == WSConstants.PART_TYPE_BODY) {
+ continue;
+ }
+
+ if ((WSConstants.SIG_LN.equals(encPart.getName()) &&
+ WSConstants.SIG_NS.equals(encPart.getNamespace()))
+ || encPart.getType() == WSConstants.PART_TYPE_HEADER ) {
+ if (!isRefIdPresent(encrRefs, new QName(encPart.getNamespace(),encPart.getName()))) {
+ throw new RampartException("encryptedPartMissing",
+ new String[]{encPart.getNamespace()+":"+encPart.getName()});
+ }
+ continue;
+ }
+
+ // it is not a header or body part... verify encrypted xpath elements
+ String xpath = encPart.getXpath();
+ boolean found = false;
+ try {
+ XPath xp = new AXIOMXPath(xpath);
+ Iterator nsIter = namespaces.iterator();
+
+ while (nsIter.hasNext()) {
+ OMNamespace tmpNs = (OMNamespace) nsIter.next();
+ xp.addNamespace(tmpNs.getPrefix(), tmpNs.getNamespaceURI());
+ }
+
+ Iterator nodesIterator = xp.selectNodes(envelope).iterator();
+
+ while (nodesIterator.hasNext()) {
+ Object result = decryptedElements.get(nodesIterator.next());
+ if (result != null &&
+ ("Element".equals(encPart.getEncModifier())
+ ^ ((Boolean) result).booleanValue())) {
+ found = true;
+ break;
+ }
+ }
+
+ if (!found) {
+ throw new RampartException("encryptedPartMissing",
+ new String[]{xpath});
+ }
+
+
+ } catch (JaxenException e) {
+ // This has to be changed to propagate an instance of a RampartException up
+ throw new RampartException("An error occurred while searching for decrypted elements.", e);
+ }
+
+ }
+
+ }
+
+ public void validateRequiredElements(ValidatorData data) throws RampartException {
+
+ RampartMessageData rmd = data.getRampartMessageData();
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+
+ SOAPEnvelope envelope = rmd.getMsgContext().getEnvelope();
+
+ Iterator elementsIter = rpd.getRequiredElements().iterator();
+
+ while (elementsIter.hasNext()) {
+
+ String expression = (String) elementsIter.next();
+
+ if ( !RampartUtil.checkRequiredElements(envelope, rpd.getDeclaredNamespaces(), expression)) {
+ throw new RampartException("requiredElementsMissing", new String[] { expression } );
+ }
+ }
+
+ }
+
+ protected void validateSignedPartsHeaders(ValidatorData data, Vector signatureParts, Vector results)
+ throws RampartException {
+
+ RampartMessageData rmd = data.getRampartMessageData();
+
+ Node envelope = rmd.getDocument().getFirstChild();
+
+ WSSecurityEngineResult[] actionResults = fetchActionResults(results, WSConstants.SIGN);
+
+ // Find elements that are signed
+ Vector actuallySigned = new Vector();
+ if (actionResults != null) {
+ for (int j = 0; j < actionResults.length; j++) {
+ WSSecurityEngineResult actionResult = actionResults[j];
+ Set signedIDs = (Set) actionResult
+ .get(WSSecurityEngineResult.TAG_SIGNED_ELEMENT_IDS);
+ for (Iterator i = signedIDs.iterator(); i.hasNext();) {
+ String e = (String) i.next();
+
+ Element element = WSSecurityUtil.findElementById(envelope, e,
+ WSConstants.WSU_NS);
+ actuallySigned.add(element);
+ }
+ }
+ }
+
+ for(int i=0; i<signatureParts.size(); i++) {
+ WSEncryptionPart wsep = (WSEncryptionPart) signatureParts.get( i );
+
+ if (wsep.getType() == WSConstants.PART_TYPE_BODY) {
+
+ Element body;
+
+ if (WSConstants.URI_SOAP11_ENV.equals(envelope.getNamespaceURI())) {
+ body = WSSecurityUtil.findBodyElement(rmd.getDocument(), new SOAP11Constants());
+ } else {
+ body = WSSecurityUtil.findBodyElement(rmd.getDocument(), new SOAP12Constants());
+ }
+
+ if (!actuallySigned.contains(body)) {
+ // soap body is not signed
+ throw new RampartException("bodyNotSigned");
+ }
+
+ } else if (wsep.getType() == WSConstants.PART_TYPE_HEADER ||
+ wsep.getType() == WSConstants.PART_TYPE_ELEMENT) {
+
+ Element element = (Element) WSSecurityUtil.findElement(
+ envelope, wsep.getName(), wsep.getNamespace() );
+ if( element == null ) {
+ // The signedpart header or element we are checking is not present in
+ // soap envelope - this is allowed
+ continue;
+ }
+
+ // header or the element present in soap envelope - verify that it is part of signature
+ if( actuallySigned.contains( element) ) {
+ continue;
+ }
+
+ String msg = wsep.getType() == WSConstants.PART_TYPE_HEADER ?
+ "signedPartHeaderNotSigned" : "signedElementNotSigned";
+
+ // header or the element defined in policy is present but not signed
+ throw new RampartException(msg, new String[] { wsep.getNamespace()+":"+wsep.getName() });
+
+ }
+ }
+ }
+
+
+ protected boolean isSignatureRequired(RampartMessageData rmd) {
+ RampartPolicyData rpd = rmd.getPolicyData();
+ return (rpd.isSymmetricBinding() && rpd.getSignatureToken() != null) ||
+ (!rpd.isSymmetricBinding() && !rpd.isTransportBinding() &&
+ ((rpd.getInitiatorToken() != null && rmd.isInitiator())
+ || rpd.getRecipientToken() != null && !rmd.isInitiator()));
+ }
+
+
+ /*
+ * Verify that ts->Created is before 'now'
+ * - testing that timestamp has not expired ('now' is before ts->Expires) is handled earlier by WSS4J
+ */
+ protected boolean verifyTimestamp(Timestamp timestamp, RampartMessageData rmd) throws RampartException {
+
+ Calendar cre = timestamp.getCreated();
+ if (cre != null) {
+ long now = Calendar.getInstance().getTimeInMillis();
+
+ // adjust 'now' with allowed timeskew
+ long maxSkew = RampartUtil.getTimestampMaxSkew( rmd );
+ if( maxSkew > 0 ) {
+ now += (maxSkew * 1000);
+ }
+
+ // fail if ts->Created is after 'now'
+ if( cre.getTimeInMillis() > now ) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Evaluate whether a given certificate should be trusted.
+ * Hook to allow subclasses to implement custom validation methods however they see fit.
+ * <p/>
+ * Policy used in this implementation:
+ * 1. Search the keystore for the transmitted certificate
+ * 2. Search the keystore for a connection to the transmitted certificate
+ * (that is, search for certificate(s) of the issuer of the transmitted certificate
+ * 3. Verify the trust path for those certificates found because the search for the issuer might be fooled by a phony DN (String!)
+ *
+ * @param cert the certificate that should be validated against the keystore
+ * @return true if the certificate is trusted, false if not (AxisFault is thrown for exceptions during CertPathValidation)
+ * @throws WSSecurityException
+ */
+ protected boolean verifyTrust(X509Certificate cert, RampartMessageData rmd) throws RampartException {
+
+ // If no certificate was transmitted, do not trust the signature
+ if (cert == null) {
+ return false;
+ }
+
+ String[] aliases = null;
+ String alias = null;
+ X509Certificate[] certs;
+
+ String subjectString = cert.getSubjectDN().getName();
+ String issuerString = cert.getIssuerDN().getName();
+ BigInteger issuerSerial = cert.getSerialNumber();
+
+ boolean doDebug = log.isDebugEnabled();
+
+ if (doDebug) {
+ log.debug("WSHandler: Transmitted certificate has subject " +
+ subjectString);
+ log.debug("WSHandler: Transmitted certificate has issuer " +
+ issuerString + " (serial " + issuerSerial + ")");
+ }
+
+ // FIRST step
+ // Search the keystore for the transmitted certificate
+
+ // Search the keystore for the alias of the transmitted certificate
+ try {
+ alias = RampartUtil.getSignatureCrypto(
+ rmd.getPolicyData().getRampartConfig(),
+ rmd.getCustomClassLoader()).getAliasForX509Cert(
+ issuerString, issuerSerial);
+ } catch (WSSecurityException ex) {
+ throw new RampartException("cannotFindAliasForCert", new String[]{subjectString}, ex);
+ }
+
+ if (alias != null) {
+ // Retrieve the certificate for the alias from the keystore
+ try {
+ certs = RampartUtil.getSignatureCrypto(
+ rmd.getPolicyData().getRampartConfig(),
+ rmd.getCustomClassLoader()).getCertificates(alias);
+ } catch (WSSecurityException ex) {
+ throw new RampartException("noCertForAlias", new String[] {alias}, ex);
+ }
+
+ // If certificates have been found, the certificates must be compared
+ // to ensure againgst phony DNs (compare encoded form including signature)
+ if (certs != null && certs.length > 0 && cert.equals(certs[0])) {
+ if (doDebug) {
+ log.debug("Direct trust for certificate with " + subjectString);
+ }
+ return true;
+ }
+ } else {
+ if (doDebug) {
+ log.debug("No alias found for subject from issuer with " + issuerString + " (serial " + issuerSerial + ")");
+ }
+ }
+
+ // SECOND step
+ // Search for the issuer of the transmitted certificate in the keystore
+
+ // Search the keystore for the alias of the transmitted certificates issuer
+ try {
+ aliases = RampartUtil.getSignatureCrypto(
+ rmd.getPolicyData().getRampartConfig(),
+ rmd.getCustomClassLoader()).getAliasesForDN(issuerString);
+ } catch (WSSecurityException ex) {
+ throw new RampartException("cannotFindAliasForCert", new String[]{issuerString}, ex);
+ }
+
+ // If the alias has not been found, the issuer is not in the keystore
+ // As a direct result, do not trust the transmitted certificate
+ if (aliases == null || aliases.length < 1) {
+ if (doDebug) {
+ log.debug("No aliases found in keystore for issuer " + issuerString + " of certificate for " + subjectString);
+ }
+ return false;
+ }
+
+ // THIRD step
+ // Check the certificate trust path for every alias of the issuer found in the keystore
+ for (int i = 0; i < aliases.length; i++) {
+ alias = aliases[i];
+
+ if (doDebug) {
+ log.debug("Preparing to validate certificate path with alias " + alias + " for issuer " + issuerString);
+ }
+
+ // Retrieve the certificate(s) for the alias from the keystore
+ try {
+ certs = RampartUtil.getSignatureCrypto(
+ rmd.getPolicyData().getRampartConfig(),
+ rmd.getCustomClassLoader()).getCertificates(alias);
+ } catch (WSSecurityException ex) {
+ throw new RampartException("noCertForAlias", new String[] {alias}, ex);
+ }
+
+ // If no certificates have been found, there has to be an error:
+ // The keystore can find an alias but no certificate(s)
+ if (certs == null || certs.length < 1) {
+ throw new RampartException("noCertForAlias", new String[] {alias});
+ }
+
+ // Form a certificate chain from the transmitted certificate
+ // and the certificate(s) of the issuer from the keystore
+ // First, create new array
+ X509Certificate[] x509certs = new X509Certificate[certs.length + 1];
+ // Then add the first certificate ...
+ x509certs[0] = cert;
+ // ... and the other certificates
+ for (int j = 0; j < certs.length; j++) {
+ cert = certs[j];
+ x509certs[j + 1] = cert;
+ }
+ certs = x509certs;
+
+ // Use the validation method from the crypto to check whether the subjects certificate was really signed by the issuer stated in the certificate
+ try {
+ if (RampartUtil.getSignatureCrypto(
+ rmd.getPolicyData().getRampartConfig(),
+ rmd.getCustomClassLoader()).validateCertPath(certs)) {
+ if (doDebug) {
+ log.debug("WSHandler: Certificate path has been verified for certificate with subject " + subjectString);
+ }
+ return true;
+ }
+ } catch (WSSecurityException ex) {
+ throw new RampartException("certPathVerificationFailed", new String[]{subjectString}, ex);
+ }
+ }
+
+ log.debug("WSHandler: Certificate path could not be verified for certificate with subject " + subjectString);
+ return false;
+ }
+
+
+ protected ArrayList getEncryptedReferences(Vector results) {
+
+ //there can be multiple ref lists
+ ArrayList encrResults = getResults(results, WSConstants.ENCR);
+
+ ArrayList refs = new ArrayList();
+
+ for (Iterator iter = encrResults.iterator(); iter.hasNext();) {
+ WSSecurityEngineResult engineResult = (WSSecurityEngineResult) iter.next();
+ ArrayList dataRefUris = (ArrayList) engineResult
+ .get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+
+ //take only the ref list processing results
+ if(dataRefUris != null) {
+ for (Iterator iterator = dataRefUris.iterator(); iterator
+ .hasNext();) {
+ WSDataRef uri = (WSDataRef) iterator.next();
+ refs.add(uri);
+ }
+ }
+ }
+
+ return refs;
+ }
+
+
+
+ protected ArrayList getResults(Vector results, int action) {
+
+ ArrayList list = new ArrayList();
+
+ for (int i = 0; i < results.size(); i++) {
+ // Check the result of every action whether it matches the given
+ // action
+ Integer actInt = (Integer)((WSSecurityEngineResult) results.get(i)).get(WSSecurityEngineResult.TAG_ACTION);
+ if (actInt.intValue() == action) {
+ list.add((WSSecurityEngineResult) results.get(i));
+ }
+ }
+
+ return list;
+ }
+
+ protected boolean isUsernameTokenPresent(ValidatorData data) {
+
+ //TODO This can be integrated with supporting token processing
+ // which also checks whether Username Tokens present
+
+ RampartPolicyData rpd = data.getRampartMessageData().getPolicyData();
+
+ Vector supportingToks = rpd.getSupportingTokensList();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ SupportingToken suppTok = (SupportingToken) supportingToks.get(i);
+ if (isUsernameTokenPresent(suppTok)) {
+ return true;
+ }
+ }
+
+ SupportingToken signedSuppToken = rpd.getSignedSupportingTokens();
+ if(isUsernameTokenPresent(signedSuppToken)) {
+ return true;
+ }
+
+ SupportingToken signedEndSuppToken = rpd.getSignedEndorsingSupportingTokens();
+ if(isUsernameTokenPresent(signedEndSuppToken)) {
+ return true;
+ }
+
+ SupportingToken endSuppToken = rpd.getEndorsingSupportingTokens();
+ if(isUsernameTokenPresent(endSuppToken)){
+ return true;
+ }
+
+ return false;
+
+
+ }
+
+ protected boolean isUsernameTokenPresent(SupportingToken suppTok) {
+
+ if(suppTok == null) {
+ return false;
+ }
+
+ ArrayList tokens = suppTok.getTokens();
+ for (Iterator iter = tokens.iterator(); iter.hasNext();) {
+ Token token = (Token) iter.next();
+ if(token instanceof UsernameToken) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ private boolean isRefIdPresent(ArrayList refList , String id) {
+
+ if(id != null && id.charAt(0) == '#') {
+ id = id.substring(1);
+ }
+
+ for (int i = 0; i < refList.size() ; i++) {
+ WSDataRef dataRef = (WSDataRef)refList.get(i);
+
+ //ArrayList can contain null elements
+ if(dataRef == null) {
+ continue;
+ }
+ //Try to get the wsuId of the decrypted element
+ String dataRefUri = dataRef.getWsuId();
+ //If not found, try the reference Id of encrypted element ( we set the same Id when we
+ // decrypted element in WSS4J)
+ if (dataRefUri == null) {
+ dataRefUri = dataRef.getDataref();
+ }
+ if (dataRefUri != null && dataRefUri.equals(id)) {
+ return true;
+ }
+ }
+
+ return false;
+
+ }
+
+ public static WSSecurityEngineResult[] fetchActionResults(Vector wsResultVector, int action) {
+ List wsResult = new ArrayList();
+
+ // Find the part of the security result that matches the given action
+ for (int i = 0; i < wsResultVector.size(); i++) {
+ // Check the result of every action whether it matches the given action
+ WSSecurityEngineResult result = (WSSecurityEngineResult) wsResultVector.get(i);
+ int resultAction = ((java.lang.Integer) result.get(WSSecurityEngineResult.TAG_ACTION))
+ .intValue();
+ if (resultAction == action) {
+ wsResult.add((WSSecurityEngineResult) wsResultVector.get(i));
+ }
+ }
+
+ return (WSSecurityEngineResult[]) wsResult.toArray(new WSSecurityEngineResult[wsResult
+ .size()]);
+ }
+
+ private boolean isRefIdPresent(ArrayList refList , QName qname) {
+
+ for (int i = 0; i < refList.size() ; i++) {
+ WSDataRef dataRef = (WSDataRef)refList.get(i);
+
+ //ArrayList can contain null elements
+ if(dataRef == null) {
+ continue;
+ }
+ //QName of the decrypted element
+ QName dataRefQName = dataRef.getName();
+
+ if ( dataRefQName != null && dataRefQName.equals(qname)) {
+ return true;
+ }
+
+ }
+
+ return false;
+
+ }
+
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/PolicyValidatorCallbackHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyValidatorCallbackHandler.java
new file mode 100644
index 0000000..725af1c
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/PolicyValidatorCallbackHandler.java
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.rampart;
+
+import java.util.Vector;
+
+/**
+ * Callback handler interface to allow different implementations of policy based results validation.
+ * Default implementation is <code>org.apache.rampart.PolicyBasedResultsValidator</code>.
+ * Custom implementations could be provided in rampart config as shown in below example.
+ *
+ * Example:
+ * <PRE>
+ * <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ * <ramp:policyValidatorCbClass>xx.yy.CustomPolicyValidator</ramp:policyValidatorCbClass>
+ * ...
+ * </ramp:RampartConfig>
+ * </PRE>
+ */
+
+public interface PolicyValidatorCallbackHandler {
+ /**
+ * Validate policy based results.
+ *
+ * @param data validator data
+ * @param results policy based ws-security results
+ * @throws RampartException Rampart exception
+ */
+ public abstract void validate(ValidatorData data, Vector results) throws RampartException;
+
+}
\ No newline at end of file
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/Rampart.java b/modules/rampart-core/src/main/java/org/apache/rampart/Rampart.java
new file mode 100644
index 0000000..87cac0e
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/Rampart.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.description.AxisDescription;
+import org.apache.axis2.description.AxisModule;
+import org.apache.axis2.modules.Module;
+import org.apache.neethi.Assertion;
+import org.apache.neethi.Policy;
+
+public class Rampart implements Module /* , ModulePolicyExtension */ {
+
+ public void init(ConfigurationContext configContext, AxisModule module)
+ throws AxisFault {
+ }
+
+ public void engageNotify(AxisDescription axisDescription) throws AxisFault {
+ //Nothing to do here, since RampartMessageData will pick up the
+ //effective policy from the message context
+ }
+
+ public void shutdown(ConfigurationContext configurationContext) throws AxisFault {
+ // at the moment, nothing needs to be done ..
+ }
+
+// public PolicyExtension getPolicyExtension() {
+// throw new UnsupportedOperationException("TODO");
+// }
+
+ public void applyPolicy(Policy policy, AxisDescription axisDescription) throws AxisFault {
+ //Do not do anything
+ }
+
+ public boolean canSupportAssertion(Assertion assertion) {
+ //TODO doesn't we need to check whether policy is security policy or
+ // RampartConfig assertion
+ return true;
+ }
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartConfigCallbackHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConfigCallbackHandler.java
new file mode 100644
index 0000000..7217e26
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConfigCallbackHandler.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.rampart;
+
+import org.apache.rampart.policy.model.RampartConfig;
+
+/**
+ * Callback handler interface to update Rampart Configuration dynamically. Updater class should
+ * implement this interface and should be registered using the Rampart Configuration as below.
+ *
+ * Example:
+ * <PRE>
+ * <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
+ * <ramp:rampartConfigCallbackClass>o.a.r.ConfigUpdater</ramp:rampartConfigCallbackClass>
+ * ...
+ * </ramp:RampartConfig>
+ * </PRE>
+ */
+
+public interface RampartConfigCallbackHandler {
+
+ public void update(RampartConfig rampartConfig);
+
+}
\ No newline at end of file
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java
new file mode 100644
index 0000000..a21c048
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartConstants.java
@@ -0,0 +1,9 @@
+package org.apache.rampart;
+
+public class RampartConstants {
+
+ public static final String TIME_LOG = "org.apache.rampart.TIME";
+ public static final String MESSAGE_LOG = "org.apache.rampart.MESSAGE";
+ public static final String SEC_FAULT = "SECURITY_VALIDATION_FAILURE";
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
new file mode 100644
index 0000000..5e3e5b8
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
@@ -0,0 +1,319 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.soap.*;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.MessageContext;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.Token;
+import org.apache.rahas.TokenStorage;
+import org.apache.rahas.impl.util.SAML2KeyInfo;
+import org.apache.rahas.impl.util.SAML2Utils;
+import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.util.Axis2Util;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngine;
+import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.saml.SAMLKeyInfo;
+import org.apache.ws.security.saml.SAMLUtil;
+import org.opensaml.SAMLAssertion;
+import org.opensaml.saml2.core.Assertion;
+import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmationData;
+
+import javax.xml.namespace.QName;
+import java.security.Principal;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Vector;
+
+public class RampartEngine {
+
+ private static Log log = LogFactory.getLog(RampartEngine.class);
+ private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);
+
+ public Vector process(MessageContext msgCtx) throws WSSPolicyException,
+ RampartException, WSSecurityException, AxisFault {
+
+ boolean doDebug = log.isDebugEnabled();
+ boolean dotDebug = tlog.isDebugEnabled();
+
+ if(doDebug){
+ log.debug("Enter process(MessageContext msgCtx)");
+ }
+
+ RampartMessageData rmd = new RampartMessageData(msgCtx, false);
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+
+ msgCtx.setProperty(RampartMessageData.RAMPART_POLICY_DATA, rpd);
+
+ RampartUtil.validateTransport(rmd);
+
+ // If there is no policy information return immediately
+ if (rpd == null) {
+ return null;
+ }
+
+
+ //TODO these checks have to be done before the convertion to avoid unnecessary convertion to LLOM -> DOOM
+ // If the message is a security fault or no security
+ // header required by the policy
+ if(isSecurityFault(rmd) || !RampartUtil.isSecHeaderRequired(rpd,rmd.isInitiator(),true)) {
+ SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOMDocument(rmd.getDocument(), true);
+
+ //Convert back to llom since the inflow cannot use llom
+ msgCtx.setEnvelope(env);
+ Axis2Util.useDOOM(false);
+ if(doDebug){
+ log.debug("Return process MessageContext msgCtx)");
+ }
+ return null;
+ }
+
+
+ Vector results = null;
+
+ WSSecurityEngine engine = new WSSecurityEngine();
+
+ ValidatorData data = new ValidatorData(rmd);
+
+ SOAPHeader header = rmd.getMsgContext().getEnvelope().getHeader();
+ if(header == null) {
+ throw new RampartException("missingSOAPHeader");
+ }
+
+ ArrayList headerBlocks = header.getHeaderBlocksWithNSURI(WSConstants.WSSE_NS);
+ SOAPHeaderBlock secHeader = null;
+ //Issue is axiom - a returned collection must not be null
+ if(headerBlocks != null) {
+ Iterator headerBlocksIterator = headerBlocks.iterator();
+ while (headerBlocksIterator.hasNext()) {
+ SOAPHeaderBlock elem = (SOAPHeaderBlock) headerBlocksIterator.next();
+ if(elem.getLocalName().equals(WSConstants.WSSE_LN)) {
+ secHeader = elem;
+ break;
+ }
+ }
+ }
+
+ if(secHeader == null) {
+ throw new RampartException("missingSecurityHeader");
+ }
+
+ long t0=0, t1=0, t2=0, t3=0;
+ if(dotDebug){
+ t0 = System.currentTimeMillis();
+ }
+
+ String actorValue = secHeader.getAttributeValue(new QName(rmd
+ .getSoapConstants().getEnvelopeURI(), "actor"));
+
+ Crypto signatureCrypto = RampartUtil.getSignatureCrypto(rpd.getRampartConfig(),
+ msgCtx.getAxisService().getClassLoader());
+ TokenCallbackHandler tokenCallbackHandler = new TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd));
+ if(rpd.isSymmetricBinding()) {
+ //Here we have to create the CB handler to get the tokens from the
+ //token storage
+ if(doDebug){
+ log.debug("Processing security header using SymetricBinding");
+ }
+ results = engine.processSecurityHeader(rmd.getDocument(),
+ actorValue,
+ tokenCallbackHandler,
+ signatureCrypto,
+ RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
+ msgCtx.getAxisService().getClassLoader()));
+ } else {
+ if(doDebug){
+ log.debug("Processing security header in normal path");
+ }
+ results = engine.processSecurityHeader(rmd.getDocument(),
+ actorValue,
+ tokenCallbackHandler,
+ signatureCrypto,
+ RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
+ msgCtx.getAxisService().getClassLoader()));
+ }
+
+ if(dotDebug){
+ t1 = System.currentTimeMillis();
+ }
+
+ //Store symm tokens
+ //Pick the first SAML token
+ //TODO : This is a hack , MUST FIX
+ //get the sec context id from the req msg ctx
+
+ //Store username in MessageContext property
+
+ for (int j = 0; j < results.size(); j++) {
+ WSSecurityEngineResult wser = (WSSecurityEngineResult) results.get(j);
+ final Integer actInt =
+ (Integer) wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if (WSConstants.ST_UNSIGNED == actInt.intValue()) {
+
+ // If this is a SAML2.0 assertion
+ if (wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) instanceof Assertion) {
+
+ final Assertion assertion = (Assertion) wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ String id = assertion.getID();
+ Subject subject = assertion.getSubject();
+ SubjectConfirmationData scData = subject.getSubjectConfirmations()
+ .get(0).getSubjectConfirmationData();
+ Date dateOfCreation = scData.getNotBefore().toDate();
+ Date dateOfExpiration = scData.getNotOnOrAfter().toDate();
+
+ // TODO : SAML2KeyInfo element needs to be moved to WSS4J.
+ SAML2KeyInfo saml2KeyInfo = SAML2Utils.
+ getSAML2KeyInfo(assertion, signatureCrypto, tokenCallbackHandler);
+
+ //Store the token
+ try {
+ TokenStorage store = rmd.getTokenStorage();
+ if (store.getToken(id) == null) {
+ Token token = new Token(id, (OMElement) SAML2Utils.getElementFromAssertion(assertion), dateOfCreation, dateOfExpiration);
+ token.setSecret(saml2KeyInfo.getSecret());
+ store.add(token);
+ }
+ } catch (Exception e) {
+ throw new RampartException(
+ "errorInAddingTokenIntoStore", e);
+ }
+
+ }
+ //if this is a SAML1.1 assertion
+ else {
+ final SAMLAssertion assertion =
+
+ ((SAMLAssertion) wser
+ .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
+ String id = assertion.getId();
+ Date created = assertion.getNotBefore();
+ Date expires = assertion.getNotOnOrAfter();
+ SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
+ signatureCrypto, tokenCallbackHandler);
+ try {
+ TokenStorage store = rmd.getTokenStorage();
+ if (store.getToken(id) == null) {
+ Token token = new Token(id, (OMElement) assertion.toDOM(), created, expires);
+ token.setSecret(samlKi.getSecret());
+ store.add(token);
+ }
+ } catch (Exception e) {
+ throw new RampartException(
+ "errorInAddingTokenIntoStore", e);
+ }
+
+ }
+ } else if (WSConstants.UT == actInt.intValue()) {
+ String username = ((Principal) wser.get(WSSecurityEngineResult.TAG_PRINCIPAL))
+ .getName();
+ msgCtx.setProperty(RampartMessageData.USERNAME, username);
+ } else if (WSConstants.SIGN == actInt.intValue()) {
+ X509Certificate cert = (X509Certificate) wser.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+ msgCtx.setProperty(RampartMessageData.X509_CERT, cert);
+ }
+
+ }
+
+ SOAPEnvelope env = Axis2Util.getSOAPEnvelopeFromDOMDocument(rmd.getDocument(), true);
+
+ if(dotDebug){
+ t2 = System.currentTimeMillis();
+ }
+
+ //Convert back to llom since the inflow cannot use DOOM
+ msgCtx.setEnvelope(env);
+ Axis2Util.useDOOM(false);
+
+ PolicyValidatorCallbackHandler validator = RampartUtil.getPolicyValidatorCB(msgCtx, rpd);
+
+ validator.validate(data, results);
+
+ if(dotDebug){
+ t3 = System.currentTimeMillis();
+ tlog.debug("processHeader by WSSecurityEngine took : " + (t1 - t0) +
+ ", DOOM conversion took :" + (t2 - t1) +
+ ", PolicyBasedResultsValidattor took " + (t3 - t2));
+ }
+
+ if(doDebug){
+ log.debug("Return process(MessageContext msgCtx)");
+ }
+ return results;
+ }
+
+ // Check whether this a soap fault because of failure in processing the security header
+ //and if so, we don't expect the security header
+ //
+ //
+
+
+ private boolean isSecurityFault(RampartMessageData rmd) {
+
+ SOAPEnvelope soapEnvelope = rmd.getMsgContext().getEnvelope();
+
+ SOAPFault soapFault = soapEnvelope.getBody().getFault();
+
+ // This is not a soap fault
+ if (soapFault == null) {
+ return false;
+ }
+
+ String soapVersionURI = rmd.getMsgContext().getEnvelope().getNamespace().getNamespaceURI();
+
+ if (soapVersionURI.equals(SOAP11Constants.SOAP_ENVELOPE_NAMESPACE_URI) ) {
+
+ SOAPFaultCode faultCode = soapFault.getCode();
+
+ // This is a fault processing the security header
+ if (faultCode.getTextAsQName().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
+ return true;
+ }
+
+
+ } else if (soapVersionURI.equals(SOAP12Constants.SOAP_ENVELOPE_NAMESPACE_URI)) {
+
+ //TODO AXIOM API returns only one fault sub code, there can be many
+ SOAPFaultSubCode faultSubCode = soapFault.getCode().getSubCode();
+
+ if (faultSubCode != null) {
+ SOAPFaultValue faultSubCodeValue = faultSubCode.getValue();
+
+ // This is a fault processing the security header
+ if (faultSubCodeValue != null &&
+ faultSubCodeValue.getTextAsQName().getNamespaceURI().equals(WSConstants.WSSE_NS)) {
+ return true;
+ }
+ }
+
+ }
+
+ return false;
+ }
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java
new file mode 100644
index 0000000..f76de9c
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartException.java
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import java.text.MessageFormat;
+import java.util.MissingResourceException;
+import java.util.ResourceBundle;
+
+public class RampartException extends Exception {
+
+ private static final long serialVersionUID = 8674795537585339704L;
+
+ private static ResourceBundle resources;
+
+ private String faultCode;
+ private String faultString;
+
+ static {
+ try {
+ resources = ResourceBundle.getBundle("org.apache.rampart.errors");
+ } catch (MissingResourceException e) {
+ throw new RuntimeException(e.getMessage());
+ }
+ }
+
+ public RampartException(String faultCode, Object[] args) {
+ super(getMessage(faultCode, args));
+ this.faultCode = getFaultCode(faultCode);
+ this.faultString = getMessage(faultCode, args);
+ }
+
+ /**
+ * Construct the fault properly code for the standard faults
+ * @param faultCode2
+ * @return
+ */
+ private String getFaultCode(String code) {
+ //TODO check for spec specific error codes
+ return code;
+ }
+
+ public RampartException(String faultCode) {
+ this(faultCode, (Object[])null);
+ }
+
+ public RampartException(String faultCode, Object[] args, Throwable e) {
+ super(getMessage(faultCode, args),e);
+ this.faultCode = faultCode;
+ this.faultString = getMessage(faultCode, args);
+ }
+
+ public RampartException(String faultCode, Throwable e) {
+ this(faultCode, null, e);
+ }
+
+ /**
+ * get the message from resource bundle.
+ * <p/>
+ *
+ * @return the message translated from the property (message) file.
+ */
+ protected static String getMessage(String faultCode, Object[] args) {
+ String msg = null;
+ try {
+ msg = MessageFormat.format(resources.getString(faultCode), args);
+ } catch (MissingResourceException e) {
+ throw new RuntimeException("Undefined '" + faultCode + "' resource property");
+ }
+ return msg;
+ }
+
+ /**
+ * @return Returns the faultCode.
+ */
+ protected String getFaultCode() {
+ return faultCode;
+ }
+
+ /**
+ * @return Returns the faultString.
+ */
+ protected String getFaultString() {
+ return faultString;
+ }
+
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java b/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
new file mode 100644
index 0000000..6e1921b
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
@@ -0,0 +1,746 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.soap.SOAPEnvelope;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.util.PolicyUtil;
+import org.apache.axis2.engine.AxisConfiguration;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.context.OperationContext;
+import org.apache.axis2.description.AxisService;
+import org.apache.axis2.description.Parameter;
+import org.apache.axis2.wsdl.WSDLConstants;
+import org.apache.neethi.Policy;
+import org.apache.neethi.PolicyEngine;
+import org.apache.neethi.PolicyComponent;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.SimpleTokenStore;
+import org.apache.rahas.TokenStorage;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.TrustUtil;
+import org.apache.rampart.handler.WSSHandlerConstants;
+import org.apache.rampart.policy.RampartPolicyBuilder;
+import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.policy.model.RampartConfig;
+import org.apache.rampart.util.Axis2Util;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.WSSPolicyException;
+import org.apache.ws.security.SOAPConstants;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.conversation.ConversationConstants;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.message.token.SecurityContextToken;
+import org.apache.ws.security.util.Loader;
+import org.apache.ws.security.util.WSSecurityUtil;
+import org.opensaml.SAMLAssertion;
+import org.w3c.dom.Document;
+
+import java.util.List;
+import java.util.Vector;
+import java.util.ArrayList;
+
+public class RampartMessageData {
+
+ /**
+ * Axis2 parameter name to be used in the client's axis2 xml
+ */
+ public final static String KEY_RAMPART_POLICY = "rampartPolicy";
+
+ public final static String KEY_RAMPART_IN_POLICY = "rampartInPolicy";
+
+ public final static String KEY_RAMPART_OUT_POLICY = "rampartOutPolicy";
+
+ /**
+ * Key to hold the populated RampartPolicyData object
+ */
+ public final static String RAMPART_POLICY_DATA = "rampartPolicyData";
+
+ public final static String RAMPART_STS_POLICY = "rampartStsPolicy";
+
+ /**
+ * Key to hold the custom issued token identifier
+ */
+ public final static String KEY_CUSTOM_ISSUED_TOKEN = "customIssuedToken";
+
+ /**
+ * Key to hold username which was used to authenticate
+ */
+ public final static String USERNAME = "username";
+
+ /**
+ * Key to hold the WS-Trust version
+ */
+ public final static String KEY_WST_VERSION = "wstVersion";
+
+ public final static String PARAM_CLIENT_SIDE = "CLIENT_SIDE";
+
+ /**
+ * Key to hold the WS-SecConv version
+ */
+ public final static String KEY_WSSC_VERSION = "wscVersion";
+
+ public static final String KEY_SCT_ISSUER_POLICY = "sct-issuer-policy";
+
+ public final static String CANCEL_REQUEST = "cancelrequest";
+
+ public final static String SCT_ID = "sctID";
+
+ public final static String X509_CERT ="X509Certificate";
+
+ private MessageContext msgContext = null;
+
+ private RampartPolicyData policyData = null;
+
+ private WSSecHeader secHeader = null;
+
+ private WSSConfig config = null;
+
+ private int timeToLive = 300;
+
+ private int timestampMaxSkew = 0;
+
+ private String timestampId;
+
+ private Document document;
+
+ private TokenStorage tokenStorage;
+
+ /**
+ * WS-Trust version to use.
+ *
+ * Possible values:
+ * RahasConstants.VERSION_05_02
+ * RahasConstants.VERSION_05_12
+ */
+
+ private int wstVersion = RahasConstants.VERSION_05_02;
+
+ private int secConvVersion = ConversationConstants.DEFAULT_VERSION;
+
+ /*
+ * IssuedTokens or SecurityContextTokens can be used
+ * as the encryption token, signature token
+ */
+ private String issuedEncryptionTokenId;
+
+ private String issuedSignatureTokenId;
+
+ /**
+ * The service policy extracted from the message context.
+ * If policy is specified in the RampartConfig <b>this</b> will take precedence
+ */
+ private Policy servicePolicy;
+
+ private boolean isInitiator;
+
+ private boolean sender;
+
+ private ClassLoader customClassLoader;
+
+ private SOAPConstants soapConstants;
+
+ public RampartMessageData(MessageContext msgCtx, boolean sender) throws RampartException {
+
+ this.msgContext = msgCtx;
+
+ try {
+
+ //Extract known properties from the msgCtx
+
+ if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
+ this.wstVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
+ }
+
+ if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
+ this.secConvVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
+ }
+
+ // First obtain the axis service as we have to do a null check, there can be situations
+ // where Axis Service is null
+ AxisService axisService = msgCtx.getAxisService();
+
+ if(axisService != null && axisService.getParameter(PARAM_CLIENT_SIDE) != null) {
+ this.isInitiator = true;
+ } else {
+ this.isInitiator = !msgCtx.isServerSide();
+ //TODO if Axis Service is null at this point, do we have to create a dummy one ??
+ if(this.isInitiator && axisService != null ) {
+ Parameter clientSideParam = new Parameter();
+ clientSideParam.setName(PARAM_CLIENT_SIDE);
+ clientSideParam.setLocked(true);
+ msgCtx.getAxisService().addParameter(clientSideParam);
+ }
+ }
+
+ if(msgCtx.getProperty(KEY_RAMPART_POLICY) != null) {
+ this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_POLICY);
+ }
+
+
+ // Checking which flow we are in
+ int flow = msgCtx.getFLOW();
+
+ // If we are IN flow or IN_FAULT flow and the KEY_RAMPART_IN_POLICY is set , we set the
+ // merge that policy to the KEY_RAMPART_POLICY if it is present. Else we set
+ // KEY_RAMPART_IN_POLICY as the service policy
+ if ( (flow == MessageContext.IN_FLOW || flow == MessageContext.IN_FAULT_FLOW )
+ && msgCtx.getProperty(KEY_RAMPART_IN_POLICY) != null) {
+ if ( this.servicePolicy == null ) {
+ this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_IN_POLICY);
+ } else {
+ this.servicePolicy = this.servicePolicy.merge((Policy)msgCtx
+ .getProperty(KEY_RAMPART_IN_POLICY));
+ }
+
+ // If we are OUT flow or OUT_FAULT flow and the KEY_RAMPART_OUT_POLICY is set , we set
+ // the merge that policy to the KEY_RAMPART_POLICY if it is present. Else we set
+ // KEY_RAMPART_OUT_POLICY as the service policy
+ } else if ( (flow == MessageContext.OUT_FLOW || flow == MessageContext.OUT_FAULT_FLOW )
+ && msgCtx.getProperty(KEY_RAMPART_OUT_POLICY) != null) {
+ if (this.servicePolicy == null) {
+ this.servicePolicy = (Policy)msgCtx.getProperty(KEY_RAMPART_OUT_POLICY);
+ } else {
+ this.servicePolicy = this.servicePolicy.merge((Policy)msgCtx
+ .getProperty(KEY_RAMPART_OUT_POLICY));
+ }
+ }
+
+ /*
+ * Init policy:
+ * When creating the RampartMessageData instance we
+ * extract the service policy is set in the msgCtx.
+ * If it is missing then try to obtain from the configuration files.
+ */
+
+ if (this.servicePolicy == null) {
+ try {
+ this.servicePolicy = msgCtx.getEffectivePolicy();
+ } catch (NullPointerException e) {
+ //TODO remove this once AXIS2-4114 is fixed
+ if (axisService != null) {
+ List<PolicyComponent> policyList = new ArrayList<PolicyComponent>();
+ policyList.addAll(axisService.getPolicySubject().getAttachedPolicyComponents());
+ AxisConfiguration axisConfiguration = axisService.getAxisConfiguration();
+ policyList.addAll(axisConfiguration.getPolicySubject().getAttachedPolicyComponents());
+ this.servicePolicy = PolicyUtil.getMergedPolicy(policyList, axisService);
+ }
+ }
+ }
+
+ if(this.servicePolicy == null) {
+ Parameter param = msgCtx.getParameter(RampartMessageData.KEY_RAMPART_POLICY);
+ if(param != null) {
+ OMElement policyElem = param.getParameterElement().getFirstElement();
+ this.servicePolicy = PolicyEngine.getPolicy(policyElem);
+ }
+ }
+
+ if(this.servicePolicy != null){
+ List it = (List)this.servicePolicy.getAlternatives().next();
+
+ //Process policy and build policy data
+ this.policyData = RampartPolicyBuilder.build(it);
+ }
+
+
+ if(this.policyData != null) {
+
+ // Get the SOAP envelope as document, then create a security
+ // header and insert into the document (Envelope)
+ // WE SHOULD ONLY DO THE CONVERTION IF THERE IS AN APPLICABLE POLICY
+ this.document = Axis2Util.getDocumentFromSOAPEnvelope(msgCtx.getEnvelope(), true);
+ msgCtx.setEnvelope((SOAPEnvelope)this.document.getDocumentElement());
+
+ this.soapConstants = WSSecurityUtil.getSOAPConstants(this.document.getDocumentElement());
+
+ // Update the Rampart Config if RampartConfigCallbackHandler is present in the
+ // RampartConfig
+
+ RampartConfigCallbackHandler rampartConfigCallbackHandler = RampartUtil
+ .getRampartConfigCallbackHandler(msgCtx, policyData);
+
+ if (rampartConfigCallbackHandler != null) {
+ rampartConfigCallbackHandler.update(policyData.getRampartConfig());
+ }
+
+ //Check for RST and RSTR for an SCT
+ if((WSSHandlerConstants.RST_ACTON_SCT.equals(msgContext.getWSAAction())
+ || WSSHandlerConstants.RSTR_ACTON_SCT.equals(msgContext.getWSAAction())) &&
+ this.policyData.getIssuerPolicy() != null) {
+
+ this.servicePolicy = this.policyData.getIssuerPolicy();
+
+ RampartConfig rampartConfig = policyData.getRampartConfig();
+ if(rampartConfig != null) {
+ /*
+ * Copy crypto info into the new issuer policy
+ */
+ RampartConfig rc = new RampartConfig();
+ rc.setEncrCryptoConfig(rampartConfig.getEncrCryptoConfig());
+ rc.setSigCryptoConfig(rampartConfig.getSigCryptoConfig());
+ rc.setDecCryptoConfig(rampartConfig.getDecCryptoConfig());
+ rc.setUser(rampartConfig.getUser());
+ rc.setUserCertAlias(rc.getUserCertAlias());
+ rc.setEncryptionUser(rampartConfig.getEncryptionUser());
+ rc.setPwCbClass(rampartConfig.getPwCbClass());
+ rc.setSSLConfig(rampartConfig.getSSLConfig());
+
+ this.servicePolicy.addAssertion(rc);
+ }
+
+ List it = (List)this.servicePolicy.getAlternatives().next();
+
+ //Process policy and build policy data
+ this.policyData = RampartPolicyBuilder.build(it);
+ }
+ }
+
+
+ this.sender = sender;
+
+ OperationContext opCtx = this.msgContext.getOperationContext();
+
+ if(!this.isInitiator && this.sender) {
+ //Get hold of the incoming msg ctx
+ MessageContext inMsgCtx;
+ if (opCtx != null
+ && (inMsgCtx = opCtx
+ .getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE)) != null
+ && msgContext.getProperty(WSHandlerConstants.RECV_RESULTS) == null) {
+ msgContext.setProperty(WSHandlerConstants.RECV_RESULTS,
+ inMsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS));
+
+ //If someone set the sct_id externally use it at the receiver
+ msgContext.setProperty(SCT_ID, inMsgCtx.getProperty(SCT_ID));
+ }
+ }
+
+ if(this.isInitiator && !this.sender) {
+ MessageContext outMsgCtx;
+ if (opCtx != null
+ && (outMsgCtx = opCtx
+ .getMessageContext(WSDLConstants.MESSAGE_LABEL_OUT_VALUE)) != null) {
+
+ //If someone set the sct_id externally use it at the receiver
+ msgContext.setProperty(SCT_ID, outMsgCtx.getProperty(SCT_ID));
+ }
+ }
+
+ // Check whether RampartConfig is present
+ if (this.policyData != null && this.policyData.getRampartConfig() != null) {
+
+ boolean timestampPrecisionInMilliseconds = Boolean.valueOf(this.policyData
+ .getRampartConfig().getTimestampPrecisionInMilliseconds()).booleanValue();
+
+ // This is not the default behavior, we clone the default WSSConfig to prevent this
+ // affecting globally
+ if (timestampPrecisionInMilliseconds == WSSConfig.getDefaultWSConfig()
+ .isPrecisionInMilliSeconds()) {
+ this.config = WSSConfig.getDefaultWSConfig();
+ } else {
+ this.config = RampartUtil.getWSSConfigInstance();
+ this.config.setPrecisionInMilliSeconds(timestampPrecisionInMilliseconds);
+ }
+ } else {
+ this.config = WSSConfig.getDefaultWSConfig();
+ }
+
+ // To handle scenarios where password type is not set by default.
+ this.config.setHandleCustomPasswordTypes(true);
+
+ this.customClassLoader = msgCtx.getAxisService().getClassLoader();
+
+ if(this.sender && this.policyData != null) {
+ this.secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(this.document);
+ }
+
+ } catch (TrustException e) {
+ throw new RampartException("errorInExtractingMsgProps", e);
+ } catch (AxisFault e) {
+ throw new RampartException("errorInExtractingMsgProps", e);
+ } catch (WSSPolicyException e) {
+ throw new RampartException("errorInExtractingMsgProps", e);
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInExtractingMsgProps", e);
+ }
+
+ }
+
+ /**
+ * @return Returns the document.
+ */
+ public Document getDocument() {
+ return document;
+ }
+
+ /**
+ * @param document The document to set.
+ * @deprecated document is derived from MessageContext passed in constructor
+ */
+ public void setDocument(Document document) {
+ this.document = document;
+ }
+
+ /**
+ * @return Returns the timeToLive.
+ */
+ public int getTimeToLive() {
+ return timeToLive;
+ }
+
+ /**
+ * @param timeToLive The timeToLive to set.
+ */
+ public void setTimeToLive(int timeToLive) {
+ this.timeToLive = timeToLive;
+ }
+
+ /**
+ * @return Returns the timestampMaxSkew.
+ */
+ public int getTimestampMaxSkew() {
+ return timestampMaxSkew;
+ }
+
+ /**
+ * @param timestampMaxSkew The timestampMaxSkew to set.
+ */
+ public void setTimestampMaxSkew(int timestampMaxSkew) {
+ this.timestampMaxSkew = timestampMaxSkew;
+ }
+
+ /**
+ * @return Returns the config.
+ */
+ public WSSConfig getConfig() {
+ return config;
+ }
+
+ /**
+ * @param config
+ * The config to set.
+ */
+ public void setConfig(WSSConfig config) {
+ this.config = config;
+ }
+
+ /**
+ * @return Returns the msgContext.
+ */
+ public MessageContext getMsgContext() {
+ return msgContext;
+ }
+
+ /**
+ * @param msgContext The msgContext to set.
+ * @deprecated MessageContext is set in constructor
+ */
+ public void setMsgContext(MessageContext msgContext) {
+ this.msgContext = msgContext;
+ }
+
+ /**
+ * @return Returns the policyData.
+ */
+ public RampartPolicyData getPolicyData() {
+ return policyData;
+ }
+
+ /**
+ * @param policyData The policyData to set.
+ * @deprecated Policy data determined within constructor
+ */
+ public void setPolicyData(RampartPolicyData policyData) throws RampartException {
+ this.policyData = policyData;
+
+ try {
+ //if client side then check whether sig conf enabled
+ //and get hold of the stored signature values
+ if(this.isInitiator && !this.sender && policyData.isSignatureConfirmation()) {
+ OperationContext opCtx = msgContext.getOperationContext();
+ MessageContext outMsgCtx = opCtx
+ .getMessageContext(WSDLConstants.MESSAGE_LABEL_OUT_VALUE);
+ msgContext.setProperty(WSHandlerConstants.SEND_SIGV, outMsgCtx
+ .getProperty(WSHandlerConstants.SEND_SIGV));
+ }
+ } catch (AxisFault e) {
+ throw new RampartException("errorGettingSignatureValuesForSigconf", e);
+ }
+ }
+
+ /**
+ * @return Returns the secHeader.
+ */
+ public WSSecHeader getSecHeader() {
+ return secHeader;
+ }
+
+ /**
+ * @param secHeader
+ * The secHeader to set.
+ */
+ public void setSecHeader(WSSecHeader secHeader) {
+ this.secHeader = secHeader;
+ }
+
+ /**
+ * @return Returns the issuedEncryptionTokenId.
+ */
+ public String getIssuedEncryptionTokenId() {
+ return issuedEncryptionTokenId;
+ }
+
+ /**
+ * @param issuedEncryptionTokenId The issuedEncryptionTokenId to set.
+ */
+ public void setIssuedEncryptionTokenId(String issuedEncryptionTokenId) {
+ this.issuedEncryptionTokenId = issuedEncryptionTokenId;
+ }
+
+ /**
+ * @return Returns the issuedSignatureTokenId.
+ */
+ public String getIssuedSignatureTokenId() {
+ if(this.isInitiator) {
+ return issuedSignatureTokenId;
+ } else {
+ //Pick the first SAML token
+ //TODO : This is a hack , MUST FIX
+ //get the sec context id from the req msg ctx
+ Vector results = (Vector)this.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
+ for (int i = 0; i < results.size(); i++) {
+ WSHandlerResult rResult = (WSHandlerResult) results.get(i);
+ Vector wsSecEngineResults = rResult.getResults();
+
+ for (int j = 0; j < wsSecEngineResults.size(); j++) {
+ WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults
+ .get(j);
+ final Integer actInt =
+ (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if(WSConstants.ST_UNSIGNED == actInt.intValue()) {
+ final SAMLAssertion assertion =
+ ((SAMLAssertion) wser
+ .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
+ return assertion.getId();
+ }
+
+ }
+ }
+ return null;
+ }
+ }
+
+ /**
+ * @param issuedSignatureTokenId The issuedSignatureTokenId to set.
+ */
+ public void setIssuedSignatureTokenId(String issuedSignatureTokenId) {
+ this.issuedSignatureTokenId = issuedSignatureTokenId;
+ }
+
+ /**
+ * @return Returns the secConvTokenId.
+ */
+ public String getSecConvTokenId() {
+ String id = null;
+
+ if(this.isInitiator) {
+ String contextIdentifierKey = RampartUtil.getContextIdentifierKey(this.msgContext);
+ id = (String) RampartUtil.getContextMap(this.msgContext).get(contextIdentifierKey);
+ } else {
+ //get the sec context id from the req msg ctx
+ Vector results = (Vector)this.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
+ for (int i = 0; i < results.size(); i++) {
+ WSHandlerResult rResult = (WSHandlerResult) results.get(i);
+ Vector wsSecEngineResults = rResult.getResults();
+
+ for (int j = 0; j < wsSecEngineResults.size(); j++) {
+ WSSecurityEngineResult wser = (WSSecurityEngineResult) wsSecEngineResults
+ .get(j);
+ final Integer actInt =
+ (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if(WSConstants.SCT == actInt.intValue()) {
+ final SecurityContextToken sct =
+ ((SecurityContextToken) wser
+ .get(WSSecurityEngineResult.TAG_SECURITY_CONTEXT_TOKEN));
+ id = sct.getID();
+ }
+
+ }
+ }
+ }
+
+ if(id == null || id.length() == 0) {
+ //If we can't find the sec conv token id up to this point then
+ //check if someone has specified which one to use
+ id = (String)this.msgContext.getProperty(SCT_ID);
+ }
+
+ return id;
+ }
+
+ /**
+ * @param secConvTokenId The secConvTokenId to set.
+ */
+ public void setSecConvTokenId(String secConvTokenId) {
+ String contextIdentifierKey = RampartUtil.getContextIdentifierKey(this.msgContext);
+ RampartUtil.getContextMap(this.msgContext).put(
+ contextIdentifierKey,
+ secConvTokenId);
+ }
+
+
+
+ /**
+ * @return Returns the tokenStorage.
+ */
+ public TokenStorage getTokenStorage() throws RampartException {
+
+ if(this.tokenStorage != null) {
+ return this.tokenStorage;
+ }
+
+ TokenStorage storage = (TokenStorage) this.msgContext.getProperty(
+ TokenStorage.TOKEN_STORAGE_KEY);
+
+ if (storage != null) {
+ this.tokenStorage = storage;
+ } else {
+
+ if (this.policyData.getRampartConfig() != null &&
+ this.policyData.getRampartConfig().getTokenStoreClass() != null) {
+ Class stClass = null;
+ String storageClass = this.policyData.getRampartConfig()
+ .getTokenStoreClass();
+ try {
+ stClass = Loader.loadClass(msgContext.getAxisService()
+ .getClassLoader(), storageClass);
+ } catch (ClassNotFoundException e) {
+ throw new RampartException(
+ "WSHandler: cannot load token storage class: "
+ + storageClass, e);
+ }
+ try {
+ this.tokenStorage = (TokenStorage) stClass.newInstance();
+ } catch (java.lang.Exception e) {
+ throw new RampartException(
+ "Cannot create instance of token storage: "
+ + storageClass, e);
+ }
+ } else {
+ this.tokenStorage = new SimpleTokenStore();
+
+ }
+
+ //Set the storage instance
+ this.msgContext.getConfigurationContext().setProperty(
+ TokenStorage.TOKEN_STORAGE_KEY, this.tokenStorage);
+ }
+
+
+ return tokenStorage;
+ }
+
+ /**
+ * @param tokenStorage The tokenStorage to set.
+ */
+ public void setTokenStorage(TokenStorage tokenStorage) {
+ this.tokenStorage = tokenStorage;
+ }
+
+ /**
+ * @return Returns the wstVersion.
+ */
+ public int getWstVersion() {
+ return wstVersion;
+ }
+
+ /**
+ * @param wstVersion The wstVersion to set.
+ * @deprecated This is defined by the class.
+ */
+ public void setWstVersion(int wstVersion) {
+ this.wstVersion = wstVersion;
+ }
+
+ /**
+ * @return Returns the secConvVersion.
+ */
+ public int getSecConvVersion() {
+ return secConvVersion;
+ }
+
+ /**
+ * @return Returns the servicePolicy.
+ */
+ public Policy getServicePolicy() {
+ return servicePolicy;
+ }
+
+ /**
+ * @param servicePolicy The servicePolicy to set.
+ * @deprecated servicePolicy determined in constructor
+ */
+ public void setServicePolicy(Policy servicePolicy) {
+ this.servicePolicy = servicePolicy;
+ }
+
+ /**
+ * @return Returns the timestampId.
+ */
+ public String getTimestampId() {
+ return timestampId;
+ }
+
+ /**
+ * @param timestampId The timestampId to set.
+ */
+ public void setTimestampId(String timestampId) {
+ this.timestampId = timestampId;
+ }
+
+ /**
+ * @return Returns the Initiator value
+ */
+ public boolean isInitiator() {
+ return isInitiator;
+ }
+
+ /**
+ * Returns the custom class loader if we are using one
+ * @return Returns the custom class loader if we are using one
+ */
+ public ClassLoader getCustomClassLoader() {
+ return customClassLoader;
+ }
+
+ /**
+ * Returns an <code>org.apache.ws.security.SOAPConstants</code> instance
+ * with soap version information of this request.
+ * @return Returns soap version information of this request
+ */
+ public SOAPConstants getSoapConstants() {
+ return soapConstants;
+ }
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java b/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
new file mode 100644
index 0000000..d54fd42
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.rahas.EncryptedKeyToken;
+import org.apache.rahas.Token;
+import org.apache.rahas.TokenStorage;
+import org.apache.rahas.TrustException;
+import org.apache.ws.security.WSPasswordCallback;
+import org.w3c.dom.Element;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import java.io.IOException;
+
+
+public class TokenCallbackHandler implements CallbackHandler {
+
+ private TokenStorage store;
+ private CallbackHandler handler;
+
+ public TokenCallbackHandler(TokenStorage store, CallbackHandler handler) {
+ this.store = store;
+ this.handler = handler;
+ }
+
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+
+ for (int i = 0; i < callbacks.length; i++) {
+
+ if (callbacks[i] instanceof WSPasswordCallback) {
+ WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+ String id = pc.getIdentifer();
+
+ if((pc.getUsage() == WSPasswordCallback.SECURITY_CONTEXT_TOKEN ||
+ pc.getUsage() == WSPasswordCallback.CUSTOM_TOKEN) &&
+ this.store != null) {
+ Token tok;
+ try {
+ //Pick up the token from the token store
+ tok = this.store.getToken(id);
+ if(tok != null) {
+ //Get the secret and set it in the callback object
+ pc.setKey(tok.getSecret());
+ pc.setCustomToken((Element)tok.getToken());
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ throw new IOException(e.getMessage());
+ }
+ } else if (pc.getUsage() == WSPasswordCallback.ENCRYPTED_KEY_TOKEN){
+ try {
+ String[] tokenIdentifiers = this.store.getTokenIdentifiers();
+ Token tok;
+ for (int j = 0 ; j < tokenIdentifiers.length ; j++) {
+
+ tok = this.store.getToken(tokenIdentifiers[j]);
+
+ if (tok instanceof EncryptedKeyToken &&
+ ((EncryptedKeyToken)tok).getSHA1().equals(id)){
+ pc.setKey(tok.getSecret());
+ pc.setCustomToken((Element)tok.getToken());
+ }
+ }
+
+ } catch (TrustException e) {
+ e.printStackTrace();
+ throw new IOException(e.getMessage());
+ }
+ } else {
+ //Handle other types of callbacks with the usual handler
+ if(this.handler != null) {
+ handler.handle(new Callback[]{pc});
+ }
+ }
+
+ } else {
+ throw new UnsupportedCallbackException(callbacks[i],
+ "Unrecognized Callback");
+ }
+ }
+ }
+
+
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/ValidatorData.java b/modules/rampart-core/src/main/java/org/apache/rampart/ValidatorData.java
new file mode 100644
index 0000000..cd7c76b
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/ValidatorData.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart;
+
+import org.apache.axiom.soap.SOAP11Constants;
+import org.apache.ws.security.WSConstants;
+import org.apache.xml.security.utils.EncryptionConstants;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import java.util.ArrayList;
+
+public class ValidatorData {
+
+ private RampartMessageData rmd;
+ ArrayList encryptedDataRefIds = new ArrayList();
+ private String bodyEncrDataId;
+
+ public ValidatorData(RampartMessageData rmd) {
+ this.rmd = rmd;
+ this.extractEncryptedPartInformation();
+ }
+
+ private void extractEncryptedPartInformation() {
+ Element start = rmd.getDocument().getDocumentElement();
+ if(start != null) {
+ extractEncryptedPartInformation(start);
+ }
+
+ }
+
+ private void extractEncryptedPartInformation(Element parent) {
+
+ NodeList childNodes = parent.getChildNodes();
+ Node node;
+ for (int i = 0; i < childNodes.getLength(); i++) {
+ node = childNodes.item(i);
+ if (node instanceof Element) {
+ Element elem = (Element) node;
+ if (elem.getNamespaceURI() != null
+ && elem.getNamespaceURI().equals(WSConstants.ENC_NS)
+ && elem.getLocalName().equals(
+ EncryptionConstants._TAG_ENCRYPTEDDATA)) {
+ if (parent.getLocalName().equals(
+ SOAP11Constants.BODY_LOCAL_NAME)
+ && parent.getNamespaceURI().equals(
+ rmd.getSoapConstants().getEnvelopeURI())) {
+ this.bodyEncrDataId = elem.getAttribute("Id");
+ } else {
+ encryptedDataRefIds.add(elem.getAttribute("Id"));
+ }
+ break;
+ } else {
+ extractEncryptedPartInformation(elem);
+ }
+ }
+ }
+ }
+
+ public ArrayList getEncryptedDataRefIds() {
+ return encryptedDataRefIds;
+ }
+
+ public RampartMessageData getRampartMessageData() {
+ return rmd;
+ }
+
+ public String getBodyEncrDataId() {
+ return bodyEncrDataId;
+ }
+
+}
diff --git a/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java b/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
new file mode 100644
index 0000000..6f69a2f
--- /dev/null
+++ b/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
@@ -0,0 +1,877 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.rampart.builder;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.TrustException;
+import org.apache.rampart.RampartConstants;
+import org.apache.rampart.RampartException;
+import org.apache.rampart.RampartMessageData;
+import org.apache.rampart.policy.RampartPolicyData;
+import org.apache.rampart.policy.SupportingPolicyData;
+import org.apache.rampart.policy.model.RampartConfig;
+import org.apache.rampart.util.RampartUtil;
+import org.apache.ws.secpolicy.SPConstants;
+import org.apache.ws.secpolicy.model.AlgorithmSuite;
+import org.apache.ws.secpolicy.model.SupportingToken;
+import org.apache.ws.secpolicy.model.Token;
+import org.apache.ws.secpolicy.model.X509Token;
+import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSEncryptionPart;
+import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.conversation.ConversationException;
+import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.message.WSSecDKEncrypt;
+import org.apache.ws.security.message.WSSecDKSign;
+import org.apache.ws.security.message.WSSecEncrypt;
+import org.apache.ws.security.message.WSSecEncryptedKey;
+import org.apache.ws.security.message.WSSecSignature;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Vector;
+
+public class AsymmetricBindingBuilder extends BindingBuilder {
+
+ private static Log log = LogFactory.getLog(AsymmetricBindingBuilder.class);
+ private static Log tlog = LogFactory.getLog(RampartConstants.TIME_LOG);
+ private boolean dotDebug = false;
+
+ private Token sigToken;
+
+ private WSSecSignature sig;
+
+ private WSSecEncryptedKey encrKey;
+
+ private String encryptedKeyId;
+
+ private byte[] encryptedKeyValue;
+
+ private Vector signatureValues = new Vector();
+
+ private Element encrTokenElement;
+
+ private Element sigDKTElement;
+
+ private Element encrDKTElement;
+
+ private Vector sigParts = new Vector();
+
+ private Element signatureElement;
+
+ public AsymmetricBindingBuilder(){
+ dotDebug = tlog.isDebugEnabled();
+ }
+
+ public void build(RampartMessageData rmd) throws RampartException {
+ log.debug("AsymmetricBindingBuilder build invoked");
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+ if (rpd.isIncludeTimestamp()) {
+ this.addTimestamp(rmd);
+ }
+
+ if (SPConstants.ENCRYPT_BEFORE_SIGNING.equals(rpd.getProtectionOrder())) {
+ this.doEncryptBeforeSig(rmd);
+ } else {
+ this.doSignBeforeEncrypt(rmd);
+ }
+
+ log.debug("AsymmetricBindingBuilder build invoked : DONE");
+ }
+
+ private void doEncryptBeforeSig(RampartMessageData rmd)
+ throws RampartException {
+
+ long t0 = 0, t1 = 0, t2 = 0;
+ if(dotDebug){
+ t0 = System.currentTimeMillis();
+ }
+ RampartPolicyData rpd = rmd.getPolicyData();
+ Document doc = rmd.getDocument();
+ RampartConfig config = rpd.getRampartConfig();
+
+ /*
+ * We need to hold on to these two element to use them as refence in the
+ * case of encypting the signature
+ */
+ Element encrDKTokenElem = null;
+ WSSecEncrypt encr = null;
+ Element refList = null;
+ WSSecDKEncrypt dkEncr = null;
+
+ /*
+ * We MUST use keys derived from the same token
+ */
+ Token encryptionToken = null;
+ if(rmd.isInitiator()) {
+ encryptionToken = rpd.getRecipientToken();
+ } else {
+ encryptionToken = rpd.getInitiatorToken();
+ }
+ Vector encrParts = RampartUtil.getEncryptedParts(rmd);
+
+ //Signed parts are determined before encryption because encrypted signed headers
+ //will not be included otherwise
+ this.sigParts = RampartUtil.getSignedParts(rmd);
+
+ if(encryptionToken == null && encrParts.size() > 0) {
+ throw new RampartException("encryptionTokenMissing");
+ }
+
+ if (encryptionToken != null && encrParts.size() > 0) {
+
+ //Check for RampartConfig assertion
+ if(rpd.getRampartConfig() == null) {
+ //We'er missing the extra info rampart needs
+ throw new RampartException("rampartConigMissing");
+ }
+
+ if (encryptionToken.isDerivedKeys()) {
+ try {
+ this.setupEncryptedKey(rmd, encryptionToken);
+ // Create the DK encryption builder
+ dkEncr = new WSSecDKEncrypt();
+ dkEncr.setParts(encrParts);
+ dkEncr.setExternalKey(this.encryptedKeyValue,
+ this.encryptedKeyId);
+ dkEncr.setDerivedKeyLength(rpd.getAlgorithmSuite().getEncryptionDerivedKeyLength()/8);
+ dkEncr.prepare(doc);
+
+ // Get and add the DKT element
+ this.encrDKTElement = dkEncr.getdktElement();
+ encrDKTokenElem = RampartUtil.appendChildToSecHeader(rmd, this.encrDKTElement);
+
+ refList = dkEncr.encryptForExternalRef(null, encrParts);
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorCreatingEncryptedKey", e);
+ } catch (ConversationException e) {
+ throw new RampartException("errorInDKEncr", e);
+ }
+ } else {
+ try {
+ encr = new WSSecEncrypt();
+ encr.setParts(encrParts);
+ encr.setWsConfig(rmd.getConfig());
+ encr.setDocument(doc);
+ RampartUtil.setEncryptionUser(rmd, encr);
+ encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
+ RampartUtil.setKeyIdentifierType(rpd,encr, encryptionToken);
+ encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
+ encr.prepare(doc, RampartUtil.getEncryptionCrypto(config, rmd.getCustomClassLoader()));
+
+ Element bstElem = encr.getBinarySecurityTokenElement();
+ if (bstElem != null) {
+ RampartUtil.appendChildToSecHeader(rmd, bstElem);
+ }
+
+ this.encrTokenElement = encr.getEncryptedKeyElement();
+ this.encrTokenElement = RampartUtil.appendChildToSecHeader(rmd,
+ encrTokenElement);
+
+ refList = encr.encryptForExternalRef(null, encrParts);
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInEncryption", e);
+ }
+ }
+
+ RampartUtil.appendChildToSecHeader(rmd, refList);
+
+ if(dotDebug){
+ t1 = System.currentTimeMillis();
+ }
+
+ this.setInsertionLocation(encrTokenElement);
+
+ RampartUtil.handleEncryptedSignedHeaders(encrParts, this.sigParts, doc);
+
+ HashMap sigSuppTokMap = null;
+ HashMap endSuppTokMap = null;
+ HashMap sgndEndSuppTokMap = null;
+ HashMap sgndEncSuppTokMap = null;
+ HashMap endEncSuppTokMap = null;
+ HashMap sgndEndEncSuppTokMap = null;
+
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
+ .addWsuIdToElement((OMElement) this.timestampElement)));
+ }
+
+ if (rmd.isInitiator()) {
+
+ // Now add the supporting tokens
+ SupportingToken sgndSuppTokens = rpd.getSignedSupportingTokens();
+ sigSuppTokMap = this.handleSupportingTokens(rmd, sgndSuppTokens);
+
+ SupportingToken endSuppTokens = rpd.getEndorsingSupportingTokens();
+ endSuppTokMap = this.handleSupportingTokens(rmd, endSuppTokens);
+
+ SupportingToken sgndEndSuppTokens = rpd.getSignedEndorsingSupportingTokens();
+ sgndEndSuppTokMap = this.handleSupportingTokens(rmd, sgndEndSuppTokens);
+
+ SupportingToken sgndEncryptedSuppTokens = rpd.getSignedEncryptedSupportingTokens();
+ sgndEncSuppTokMap = this.handleSupportingTokens(rmd, sgndEncryptedSuppTokens);
+
+ SupportingToken endorsingEncryptedSuppTokens = rpd.getEndorsingEncryptedSupportingTokens();
+ endEncSuppTokMap = this.handleSupportingTokens(rmd, endorsingEncryptedSuppTokens);
+
+ SupportingToken sgndEndEncSuppTokens = rpd.getSignedEndorsingEncryptedSupportingTokens();
+ sgndEndEncSuppTokMap = this.handleSupportingTokens(rmd, sgndEndEncSuppTokens);
+
+ Vector supportingToks = rpd.getSupportingTokensList();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ this.handleSupportingTokens(rmd, (SupportingToken)supportingToks.get(i));
+ }
+
+ SupportingToken encryptedSupportingToks = rpd.getEncryptedSupportingTokens();
+ this.handleSupportingTokens(rmd, encryptedSupportingToks);
+
+ //Setup signature parts
+ sigParts = addSignatureParts(sigSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEncSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEndSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEndEncSuppTokMap, sigParts);
+
+ } else {
+ addSignatureConfirmation(rmd, sigParts);
+ }
+
+ if(( sigParts.size() > 0 &&
+ rmd.isInitiator() && rpd.getInitiatorToken() != null) ||
+ (!rmd.isInitiator() && rpd.getRecipientToken() != null)) {
+ this.doSignature(rmd);
+ }
+
+ if (rmd.isInitiator()) {
+
+ endSuppTokMap.putAll(endEncSuppTokMap);
+ // Do endorsed signatures
+ Vector endSigVals = this.doEndorsedSignatures(rmd,
+ endSuppTokMap);
+ for (Iterator iter = endSigVals.iterator(); iter.hasNext();) {
+ signatureValues.add(iter.next());
+ }
+
+ sgndEndSuppTokMap.putAll(sgndEndEncSuppTokMap);
+ // Do signed endorsing signatures
+ Vector sigEndSigVals = this.doEndorsedSignatures(rmd,
+ sgndEndSuppTokMap);
+ for (Iterator iter = sigEndSigVals.iterator(); iter.hasNext();) {
+ signatureValues.add(iter.next());
+ }
+ }
+
+ if(dotDebug){
+ t2 = System.currentTimeMillis();
+ tlog.debug("Encryption took :" + (t1 - t0)
+ +", Signature tool :" + (t2 - t1) );
+ }
+
+ // Check for signature protection
+ if (rpd.isSignatureProtection() && this.mainSigId != null) {
+ long t3 = 0, t4 = 0;
+ if(dotDebug){
+ t3 = System.currentTimeMillis();
+ }
+ Vector secondEncrParts = new Vector();
+
+ // Now encrypt the signature using the above token
+ secondEncrParts.add(new WSEncryptionPart(this.mainSigId,
+ "Element"));
+
+ if(rmd.isInitiator()) {
+ for (int i = 0 ; i < encryptedTokensIdList.size(); i++) {
+ secondEncrParts.add(new WSEncryptionPart((String)encryptedTokensIdList.get(i),"Element"));
+ }
+ }
+
+ Element secondRefList = null;
+
+ if (encryptionToken.isDerivedKeys()) {
+ try {
+
+ secondRefList = dkEncr.encryptForExternalRef(null,
+ secondEncrParts);
+ RampartUtil.insertSiblingAfter(rmd, encrDKTokenElem,
+ secondRefList);
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorCreatingEncryptedKey",
+ e);
+ }
+ } else {
+ try {
+ // Encrypt, get hold of the ref list and add it
+ secondRefList = encr.encryptForExternalRef(null,
+ secondEncrParts);
+
+ // Insert the ref list after the encrypted key elem
+ this.setInsertionLocation(RampartUtil
+ .insertSiblingAfter(rmd, encrTokenElement,
+ secondRefList));
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInEncryption", e);
+ }
+ }
+ if(dotDebug){
+ t4 = System.currentTimeMillis();
+ tlog.debug("Signature protection took :" + (t4 - t3));
+ }
+ }
+ }
+
+
+
+ }
+
+ private void doSignBeforeEncrypt(RampartMessageData rmd)
+ throws RampartException {
+
+ long t0 = 0, t1 = 0, t2 = 0;
+
+ RampartPolicyData rpd = rmd.getPolicyData();
+ Document doc = rmd.getDocument();
+
+ HashMap sigSuppTokMap = null;
+ HashMap endSuppTokMap = null;
+ HashMap sgndEndSuppTokMap = null;
+ HashMap sgndEncSuppTokMap = null;
+ HashMap endEncSuppTokMap = null;
+ HashMap sgndEndEncSuppTokMap = null;
+
+ sigParts = RampartUtil.getSignedParts(rmd);
+
+ //Add timestamp
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(RampartUtil
+ .addWsuIdToElement((OMElement) this.timestampElement)));
+ }else{
+ this.setInsertionLocation(null);
+ }
+
+ if(dotDebug){
+ t0 = System.currentTimeMillis();
+ }
+
+ if (rmd.isInitiator()) {
+
+ // Now add the supporting tokens
+ SupportingToken sgndSuppTokens = rpd.getSignedSupportingTokens();
+ sigSuppTokMap = this.handleSupportingTokens(rmd, sgndSuppTokens);
+
+ SupportingToken endSuppTokens = rpd.getEndorsingSupportingTokens();
+ endSuppTokMap = this.handleSupportingTokens(rmd, endSuppTokens);
+
+ SupportingToken sgndEndSuppTokens = rpd.getSignedEndorsingSupportingTokens();
+ sgndEndSuppTokMap = this.handleSupportingTokens(rmd, sgndEndSuppTokens);
+
+ SupportingToken sgndEncryptedSuppTokens = rpd.getSignedEncryptedSupportingTokens();
+ sgndEncSuppTokMap = this.handleSupportingTokens(rmd, sgndEncryptedSuppTokens);
+
+ SupportingToken endorsingEncryptedSuppTokens = rpd.getEndorsingEncryptedSupportingTokens();
+ endEncSuppTokMap = this.handleSupportingTokens(rmd, endorsingEncryptedSuppTokens);
+
+ SupportingToken sgndEndEncSuppTokens = rpd.getSignedEndorsingEncryptedSupportingTokens();
+ sgndEndEncSuppTokMap = this.handleSupportingTokens(rmd, sgndEndEncSuppTokens);
+
+ Vector supportingToks = rpd.getSupportingTokensList();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ this.handleSupportingTokens(rmd, (SupportingToken)supportingToks.get(i));
+ }
+
+ SupportingToken encryptedSupportingToks = rpd.getEncryptedSupportingTokens();
+ this.handleSupportingTokens(rmd, encryptedSupportingToks);
+
+ //Setup signature parts
+ sigParts = addSignatureParts(sigSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEncSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEndSuppTokMap, sigParts);
+ sigParts = addSignatureParts(sgndEndEncSuppTokMap, sigParts);
+
+ } else {
+ addSignatureConfirmation(rmd, sigParts);
+ }
+
+ if( sigParts.size() > 0 &&
+ ((rmd.isInitiator() && rpd.getInitiatorToken() != null) ||
+ (!rmd.isInitiator() && rpd.getRecipientToken() != null))) {
+ // Do signature
+ this.doSignature(rmd);
+ }
+
+ Vector supportingToks = rpd.getSupportingPolicyData();
+ for (int i = 0; i < supportingToks.size(); i++) {
+ SupportingPolicyData policyData = null;
+ if (supportingToks.get(i) != null) {
+ policyData = (SupportingPolicyData) supportingToks.get(i);
+ Vector supportingSigParts = RampartUtil.getSupportingSignedParts(rmd,
+ policyData);
+
+ if (supportingSigParts.size() > 0
+ && ((rmd.isInitiator() && rpd.getInitiatorToken() != null) || (!rmd
+ .isInitiator() && rpd.getRecipientToken() != null))) {
+ // Do signature for policies defined under SupportingToken.
+ this.doSupportingSignature(rmd, supportingSigParts,policyData);
+ }
+ }
+ }
+
+ //Do endorsed signature
+
+ if (rmd.isInitiator()) {
+
+ // Adding the endorsing encrypted supporting tokens to endorsing supporting tokens
+ endSuppTokMap.putAll(endEncSuppTokMap);
+ // Do endorsed signatures
+ Vector endSigVals = this.doEndorsedSignatures(rmd,
+ endSuppTokMap);
+ for (Iterator iter = endSigVals.iterator(); iter.hasNext();) {
+ signatureValues.add(iter.next());
+ }
+
+ //Adding the signed endorsed encrypted tokens to signed endorsed supporting tokens
+ sgndEndSuppTokMap.putAll(sgndEndEncSuppTokMap);
+ // Do signed endorsing signatures
+ Vector sigEndSigVals = this.doEndorsedSignatures(rmd,
+ sgndEndSuppTokMap);
+ for (Iterator iter = sigEndSigVals.iterator(); iter.hasNext();) {
+ signatureValues.add(iter.next());
+ }
+ }
+
+ if(dotDebug){
+ t1 = System.currentTimeMillis();
+ }
+
+ Vector encrParts = RampartUtil.getEncryptedParts(rmd);
+
+ //Check for signature protection
+ if(rpd.isSignatureProtection() && this.mainSigId != null) {
+ encrParts.add(new WSEncryptionPart(RampartUtil.addWsuIdToElement((OMElement)this.signatureElement), "Element"));
+ }
+
+ if(rmd.isInitiator()) {
+ for (int i = 0 ; i < encryptedTokensIdList.size(); i++) {
+ encrParts.add(new WSEncryptionPart((String)encryptedTokensIdList.get(i),"Element"));
+ }
+ }
+
+ //Do encryption
+ Token encrToken;
+ if (rmd.isInitiator()) {
+ encrToken = rpd.getRecipientToken();
+ } else {
+ encrToken = rpd.getInitiatorToken();
+ }
+
+ if(encrToken != null && encrParts.size() > 0) {
+ Element refList = null;
+ AlgorithmSuite algorithmSuite = rpd.getAlgorithmSuite();
+ if(encrToken.isDerivedKeys()) {
+
+ try {
+ WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
+
+ if(this.encrKey == null) {
+ this.setupEncryptedKey(rmd, encrToken);
+ }
+
+ dkEncr.setExternalKey(this.encryptedKeyValue, this.encryptedKeyId);
+ dkEncr.setCustomValueType(WSConstants.SOAPMESSAGE_NS11 + "#"
+ + WSConstants.ENC_KEY_VALUE_TYPE);
+ dkEncr.setSymmetricEncAlgorithm(algorithmSuite.getEncryption());
+ dkEncr.setDerivedKeyLength(algorithmSuite.getEncryptionDerivedKeyLength()/8);
+ dkEncr.prepare(doc);
+
+
+ if(this.encrTokenElement != null) {
+ this.encrDKTElement = RampartUtil.insertSiblingAfter(
+ rmd, this.encrTokenElement, dkEncr.getdktElement());
+ } else {
+ this.encrDKTElement = RampartUtil.insertSiblingBefore(
+ rmd, this.sigDKTElement, dkEncr.getdktElement());
+ }
+
+ refList = dkEncr.encryptForExternalRef(null, encrParts);
+
+ RampartUtil.insertSiblingAfter(rmd,
+ this.encrDKTElement,
+ refList);
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInDKEncr", e);
+ } catch (ConversationException e) {
+ throw new RampartException("errorInDKEncr", e);
+ }
+ } else {
+ try {
+
+ WSSecEncrypt encr = new WSSecEncrypt();
+
+ RampartUtil.setKeyIdentifierType(rpd, encr, encrToken);
+
+ encr.setWsConfig(rmd.getConfig());
+
+ encr.setDocument(doc);
+ RampartUtil.setEncryptionUser(rmd, encr);
+ encr.setSymmetricEncAlgorithm(algorithmSuite.getEncryption());
+ encr.setKeyEncAlgo(algorithmSuite.getAsymmetricKeyWrap());
+ encr.prepare(doc, RampartUtil.getEncryptionCrypto(rpd
+ .getRampartConfig(), rmd.getCustomClassLoader()));
+
+ if(this.timestampElement != null){
+ this.setInsertionLocation(this.timestampElement);
+ }else{
+ this.setInsertionLocation(null);
+ }
+
+ if(encr.getBSTTokenId() != null) {
+ this.setInsertionLocation(RampartUtil
+ .insertSiblingAfterOrPrepend(rmd,
+ this.getInsertionLocation(),
+ encr.getBinarySecurityTokenElement()));
+ }
+
+
+ Element encryptedKeyElement = encr.getEncryptedKeyElement();
+
+ //Encrypt, get hold of the ref list and add it
+ refList = encr.encryptForInternalRef(null, encrParts);
+
+ //Add internal refs
+ encryptedKeyElement.appendChild(refList);
+
+ this.setInsertionLocation(RampartUtil
+ .insertSiblingAfterOrPrepend(rmd,
+ this.getInsertionLocation(),
+ encryptedKeyElement));
+
+// RampartUtil.insertSiblingAfter(rmd,
+// this.getInsertionLocation(),
+// refList);
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInEncryption", e);
+ }
+ }
+ }
+
+ Vector supportingTokens = rpd.getSupportingPolicyData();
+ for (int i = 0; i < supportingTokens.size(); i++) {
+ SupportingPolicyData policyData = null;
... 64950 lines suppressed ...
[axis-axis2-java-rampart] 02/02: RAMPART-375 - Merged r1350592 to
1.5 branch.
Posted by bi...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch 1_5
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
commit 763d33d2992ef6057dcdcf3237a5dadfdd1cda45
Author: Sagara Gunathunga <sa...@apache.org>
AuthorDate: Fri Jun 15 12:11:02 2012 +0000
RAMPART-375 - Merged r1350592 to 1.5 branch.
---
modules/rampart-samples/policy/build.xml | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/modules/rampart-samples/policy/build.xml b/modules/rampart-samples/policy/build.xml
index caabbf3..1322ff4 100644
--- a/modules/rampart-samples/policy/build.xml
+++ b/modules/rampart-samples/policy/build.xml
@@ -23,6 +23,7 @@
<property name="temp.dir" value="build/temp"/>
<property name="keys.dir" value="../keys"/>
<property name="temp.client.dir" value="build/temp_client"/>
+ <property name="endorsed.dir" value="build/endorsed"/>
<property name="addressing.mar" value="addressing-1.5.1.mar"/>
<property name="rampart.mar" value="rampart-1.5.mar"/>
@@ -119,6 +120,12 @@
<create.and.run.client sample.number="08"/>
</target>
+ <target name="setup">
+ <mkdir dir="${endorsed.dir}"/>
+ <get src="http://repo2.maven.org/maven2/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar"
+ dest="${endorsed.dir}/xercesImpl-2.9.1.jar" verbose="true"/>
+ </target>
+
<target name="clean">
<delete dir="build" />
@@ -174,6 +181,7 @@
<include name="**/*.jar"/>
</fileset>
</classpath>
+ <jvmarg value="-Djava.endorsed.dirs=${endorsed.dir}"/>
</java>
</sequential>
@@ -230,6 +238,7 @@
<include name="**/*.jar"/>
</fileset>
</classpath>
+ <jvmarg value="-Djava.endorsed.dirs=${endorsed.dir}"/>
</java>
</sequential>