You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by ka...@apache.org on 2007/02/02 05:14:45 UTC
svn commit: r502475 - in
/webservices/axis2/scratch/c/security-policy/c/rampart: include/ src/util/
Author: kaushalye
Date: Thu Feb 1 20:14:44 2007
New Revision: 502475
URL: http://svn.apache.org/viewvc?view=rev&rev=502475
Log:
Applying patch-2-2.txt in Jira AXIS2C-488.
Modified:
webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h
webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h
webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h
webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h Thu Feb 1 20:14:44 2007
@@ -84,6 +84,25 @@
rampart_context_t *rampart_context,
const axis2_env_t *env);
+ AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+ rampart_context_is_encrypt_before_sign(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env);
+
+ AXIS2_EXTERN axis2_status_t AXIS2_CALL
+ rampart_context_get_nodes_to_encrypt(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axiom_soap_envelope_t *soap_envelope,
+ axis2_array_list_t *nodes_to_encrypt);
+
+ AXIS2_EXTERN int AXIS2_CALL
+ rampart_context_check_token_type(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_bool_t for_encryption,
+ axis2_bool_t server_side);
+
#ifdef __cplusplus
}
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h Thu Feb 1 20:14:44 2007
@@ -22,6 +22,7 @@
#include <rampart_action.h>
#include <oxs_asym_ctx.h>
#include <oxs_xml_encryption.h>
+#include <rampart_context.h>
/**
* @file rampart_encryption.h
* @brief encrypts a SOAP message
@@ -44,6 +45,7 @@
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_enc_encrypt_message(const axis2_env_t *env,
axis2_msg_ctx_t *msg_ctx,
+ rampart_context_t *rampart_context,
rampart_actions_t *actions,
axiom_soap_envelope_t *soap_envelope,
axiom_node_t *sec_node);
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h Thu Feb 1 20:14:44 2007
@@ -195,6 +195,7 @@
#define RP_DECRYPTION_PROP_FILE "decryptionPropFile"
#define RP_SP_NS "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
+ #define RP_SECURITY_NS "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
#define RP_RAMPART_NS "http://ws.apache.org/rampart/c/policy"
#define RP_RAMPART_PREFIX "rampc"
#define RP_SP_PREFIX "sp"
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h Thu Feb 1 20:14:44 2007
@@ -30,6 +30,7 @@
#include <axis2_error_default.h>
#include <axis2_env.h>
#include <axiom.h>
+#include <axiom_soap.h>
#include <axis2_qname.h>
#include <rp_defines.h>
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h Thu Feb 1 20:14:44 2007
@@ -14,8 +14,8 @@
* limitations under the License.
*/
-#ifndef RP_HEADER_H
-#define RP_HEADER_H
+#ifndef RP_LAYOUT_H
+#define RP_LAYOUT_H
/** @defgroup rp_layout
* @ingroup rp_layout
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c Thu Feb 1 20:14:44 2007
@@ -16,6 +16,8 @@
*/
#include <rampart_context.h>
+#include <oxs_axiom.h>
+
struct rampart_context_t
{
@@ -47,6 +49,13 @@
rampart_context_t *rampart_context,
const axis2_env_t *env);
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+ rp_header_t *header,
+ const axis2_env_t *env,
+ axiom_soap_envelope_t *soap_envelope,
+ axis2_array_list_t *nodes_to_encrypt);
+
+
AXIS2_EXTERN rampart_context_t *AXIS2_CALL
@@ -239,7 +248,8 @@
{
inclusion = rp_username_token_get_inclusion(username_token,env);
if((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
- (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0))
+ (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0)||
+ (AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0))
return bval;
else
bval = AXIS2_FALSE;
@@ -283,6 +293,97 @@
return bvalidate;
}
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+ rp_header_t *header,
+ const axis2_env_t *env,
+ axiom_soap_envelope_t *soap_envelope,
+ axis2_array_list_t *nodes_to_encrypt)
+{
+ axis2_char_t *namespace = NULL;
+ axis2_char_t *local_name = NULL;
+ axiom_soap_header_t *soap_header = NULL;
+ axiom_node_t *header_node = NULL;
+
+ soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope,env);
+ if(!soap_header)
+ return AXIS2_FAILURE;
+
+ namespace = (axis2_char_t *) rp_header_get_namespace(header,env);
+ if(!namespace)
+ return AXIS2_FAILURE;
+
+ if(AXIS2_STRCMP(namespace,RP_SECURITY_NS)==0)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt security namespace headers");
+ return AXIS2_FAILURE;
+ }
+
+ local_name = (axis2_char_t*) rp_header_get_name(header,env);
+ if(!local_name)
+ {
+ axis2_array_list_t *soap_header_blocks = NULL;
+ int i = 0;
+ soap_header_blocks = AXIOM_SOAP_HEADER_GET_HEADER_BLOCKS_WITH_NAMESPACE_URI(soap_header,env,namespace);
+ if(!soap_header_blocks)
+ return AXIS2_FAILURE;
+
+ for(i=0 ; i<AXIS2_ARRAY_LIST_SIZE(soap_header_blocks,env); i++)
+ {
+ axiom_soap_header_block_t *header_block = NULL;
+ axiom_node_t *node = NULL;
+ header_block = (axiom_soap_header_block_t *)AXIS2_ARRAY_LIST_GET(soap_header_blocks,env,i);
+ if(header_block)
+ {
+ node = AXIOM_SOAP_HEADER_BLOCK_GET_BASE_NODE(header_block,env);
+ if(node)
+ {
+ AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,node);
+ return AXIS2_SUCCESS;
+ }
+ }
+
+ }
+ }
+ else if(AXIS2_STRCMP(local_name,"Security")==0)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt %s", local_name);
+ return AXIS2_FAILURE;
+ }
+ else
+ {
+ axiom_node_t *ret_node = NULL;
+ header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header,env);
+ if(header_node)
+ {
+ ret_node = oxs_axiom_get_node_by_local_name(env,header_node,local_name);
+ if(ret_node)
+ {
+ axiom_element_t *ret_node_ele = NULL;
+ ret_node_ele = (axiom_element_t *)
+ AXIOM_NODE_GET_DATA_ELEMENT(ret_node, env);
+ if(ret_node_ele)
+ {
+ axiom_namespace_t *ns = NULL;
+ axis2_char_t *namespace_uri = NULL;
+ ns = AXIOM_ELEMENT_GET_NAMESPACE(ret_node_ele, env,ret_node);
+ if(ns)
+ {
+ namespace_uri = AXIOM_NAMESPACE_GET_URI(ns, env);
+ if (AXIS2_STRCMP(namespace_uri,namespace) == 0)
+ {
+ AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,ret_node);
+ return AXIS2_SUCCESS;
+ }
+
+ }
+
+ }
+
+ }
+ }
+ }
+ return AXIS2_FAILURE;
+}
AXIS2_EXTERN axis2_bool_t AXIS2_CALL
@@ -388,3 +489,194 @@
else
return digest;
}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_encrypt_before_sign(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env)
+{
+ axis2_char_t *protection_order = NULL;
+ rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+ sym_asym_commons = rampart_context_get_symmetric_asymmetric_binding_commons(rampart_context,env);
+
+ if(!sym_asym_commons)
+ return AXIS2_FALSE;
+ else
+ {
+ protection_order = rp_symmetric_asymmetric_binding_commons_get_protection_order(sym_asym_commons,env);
+ if(!protection_order)
+ return AXIS2_FALSE;
+
+ else if(AXIS2_STRCMP(protection_order,RP_ENCRYPT_BEFORE_SIGNING)==0)
+ return AXIS2_TRUE;
+ }
+ return AXIS2_FALSE;
+}
+
+/*This method will return all the parts in the soap message
+outside the security header which needs to be encrypted.*/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_get_nodes_to_encrypt(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axiom_soap_envelope_t *soap_envelope,
+ axis2_array_list_t *nodes_to_encrypt)
+{
+ rp_signed_encrypted_parts_t *encrypted_parts = NULL;
+ axis2_array_list_t *parts = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+
+ encrypted_parts = rp_secpolicy_get_encrypted_parts(rampart_context->secpolicy,env);
+ if(!encrypted_parts)
+ return AXIS2_FAILURE;
+
+ parts = rp_signed_encrypted_parts_get_headers(encrypted_parts,env);
+ if(!parts || (AXIS2_ARRAY_LIST_SIZE(parts,env)==0))
+ {
+ if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+ {
+ axiom_soap_body_t *body = NULL;
+ axiom_node_t *body_node = NULL;
+ axiom_node_t *body_child_node = NULL;
+
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] No encryption parts specified. Using the body.");
+ body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+ body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+ body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+ AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+ return AXIS2_SUCCESS;
+ }
+ else
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Nothing to encrypt");
+ return AXIS2_FAILURE;
+ }
+ }
+ else
+ {
+ int i = 0;
+ for(i=0; i<AXIS2_ARRAY_LIST_SIZE(parts,env); i++)
+ {
+ rp_header_t *header = NULL;
+ header = (rp_header_t *)AXIS2_ARRAY_LIST_GET(parts,env,i);
+ if(header)
+ {
+ status = rampart_context_set_nodes_to_encrypt(header,env,soap_envelope,nodes_to_encrypt);
+ if(status!=AXIS2_FAILURE)
+ return AXIS2_FAILURE;
+ }
+
+ }
+ if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+ {
+ axiom_soap_body_t *body = NULL;
+ axiom_node_t *body_node = NULL;
+ axiom_node_t *body_child_node = NULL;
+
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Including the body the body.");
+ body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+ body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+ body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+ AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+ return AXIS2_SUCCESS;
+ }
+
+ }
+ return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN int AXIS2_CALL
+rampart_context_check_token_type(
+ rampart_context_t *rampart_context,
+ const axis2_env_t *env,
+ axis2_bool_t for_encryption,
+ axis2_bool_t server_side)
+{
+ rp_property_t *binding = NULL;
+ binding = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+ if(!binding)
+ return -1;
+
+ if(rp_property_get_type(binding,env)==RP_BINDING_ASYMMETRIC)
+ {
+ rp_asymmetric_binding_t *asym_binding = NULL;
+ asym_binding = (rp_asymmetric_binding_t *)rp_property_get_value(binding,env);
+ if(asym_binding)
+ {
+ rp_property_t *token = NULL;
+ if((for_encryption && server_side) || (!for_encryption && !server_side))
+ {
+ token = rp_asymmetric_binding_get_initiator_token(asym_binding,env);
+ if(!token)
+ return -1;
+ else
+ return rp_property_get_type(token,env);
+ }
+ else if((for_encryption && !server_side) || (!for_encryption && server_side))
+ {
+ token = rp_asymmetric_binding_get_recipient_token(asym_binding,env);
+ if(!token)
+ return -1;
+ else
+ return rp_property_get_type(token,env);
+ }
+ else return -1;
+ }
+ else
+ return -1;
+ }
+ /*In symmetric binding same tokens are used in the client and server sides.*/
+ else if(rp_property_get_type(binding,env)==RP_BINDING_SYMMETRIC)
+ {
+ rp_symmetric_binding_t *sym_binding = NULL;
+ sym_binding = (rp_symmetric_binding_t *)rp_property_get_value(binding,env);
+ if(sym_binding)
+ {
+ rp_property_t *token = NULL;
+ /*First check protection tokens have being specified.*/
+ token = rp_symmetric_binding_get_protection_token(sym_binding,env);
+ if(token)
+ return rp_property_get_type(token,env);
+
+ else
+ {
+ if(for_encryption)
+ {
+ token = rp_symmetric_binding_get_encryption_token(sym_binding,env);
+ if(!token)
+ return -1;
+ else
+ return rp_property_get_type(token,env);
+ }
+ else
+ {
+ token = rp_symmetric_binding_get_signature_token(sym_binding,env);
+ if(!token)
+ return -1;
+ else
+ return rp_property_get_type(token,env);
+ }
+ }
+ }
+ else
+ return -1;
+ }
+ else if(rp_property_get_type(binding,env)==RP_BINDING_TRANSPORT)
+ {
+ rp_transport_binding_t *transport_binding = NULL;
+ transport_binding = (rp_transport_binding_t *)rp_property_get_value(binding,env);
+ if(transport_binding)
+ {
+ rp_property_t *token = NULL;
+ token = rp_transport_binding_get_transport_token(transport_binding,env);
+ if(token)
+ return rp_property_get_type(token,env);
+ else return -1;
+ }
+ else return -1;
+ }
+ else return -1;
+
+}
+
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c Thu Feb 1 20:14:44 2007
@@ -46,7 +46,7 @@
**/
/*Private function implementations*/
-
+/*
static axis2_status_t
rampart_enc_get_nodes_to_encrypt(const axis2_env_t *env,
rampart_actions_t *actions,
@@ -55,10 +55,7 @@
{
axis2_char_t *encryption_parts = NULL;
- /*Get encryption parts*/
encryption_parts = AXIS2_STRDUP(RAMPART_ACTIONS_GET_ENCRYPTION_PARTS(actions, env), env);
- /*If no encryption parts are specified use body as default...
- * Well...hmmm.. the child of the body infact*/
if((!encryption_parts) || (0 == AXIS2_STRCMP(encryption_parts, "") || (0 == AXIS2_STRCMP(encryption_parts, "Body")))){
axiom_soap_body_t *body = NULL;
axiom_node_t *body_node = NULL;
@@ -82,12 +79,10 @@
AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] EncryptionParts specified = %s", encryption_parts);
envelope_node = AXIOM_SOAP_ENVELOPE_GET_BASE_NODE(soap_envelope, env);
- /*Tokenize*/
str_list = axis2_tokenize(env, encryption_parts, ' ');
size = AXIS2_ARRAY_LIST_SIZE(str_list, env);
for(i=0 ; i < size ; i++ ){
local_name = AXIS2_ARRAY_LIST_GET(str_list, env, i);
- /*We do not encrypt the security header*/
if(0 == AXIS2_STRCMP(local_name, "Security")){
AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] We do not encrypt %s", local_name);
continue;
@@ -100,7 +95,7 @@
return AXIS2_SUCCESS;
}
-
+*/
@@ -108,6 +103,7 @@
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_enc_encrypt_message(const axis2_env_t *env,
axis2_msg_ctx_t *msg_ctx,
+ rampart_context_t *rampart_context,
rampart_actions_t *actions,
axiom_soap_envelope_t *soap_envelope,
axiom_node_t *sec_node)
@@ -122,12 +118,33 @@
axis2_char_t *password = NULL;
oxs_key_t *session_key = NULL;
oxs_asym_ctx_t *asym_ctx = NULL;
+ axis2_bool_t server_side = AXIS2_FALSE;
+ int token_type = 0;
int i = 0;
/*Get nodes to be encrypted*/
- nodes_to_encrypt = axis2_array_list_create(env, 5);
- status = rampart_enc_get_nodes_to_encrypt(env, actions, soap_envelope, nodes_to_encrypt);
+ server_side = axis2_msg_ctx_get_server_side(msg_ctx,env);
+ nodes_to_encrypt = axis2_array_list_create(env,0);
+ status = rampart_context_get_nodes_to_encrypt(rampart_context,env,soap_envelope,nodes_to_encrypt);
+
+ if((status!=AXIS2_SUCCESS)||(AXIS2_ARRAY_LIST_SIZE(nodes_to_encrypt,env)==0))
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No parts specified or specified parts can't be found for encryprion.");
+ return AXIS2_SUCCESS;
+ }
+ /*Now we have to check whether a token is specified.*/
+ token_type = rampart_context_check_token_type(rampart_context,env,AXIS2_TRUE,server_side);
+ if(token_type == -1)
+ {
+ AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] Encryption Token is not specified");
+ return AXIS2_SUCCESS;
+ }
+ if(token_type != RP_TOKEN_X509)
+ {
+ AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We only support X509 tokens");
+ return AXIS2_SUCCESS;
+ }
/*Get the symmetric encryption algorithm*/
enc_sym_algo = RAMPART_ACTIONS_GET_ENC_SYM_ALGO(actions, env);
/*If not specified set the default*/
Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c Thu Feb 1 20:14:44 2007
@@ -17,7 +17,6 @@
#include <stdio.h>
#include <rampart_encryption.h>
-#include <rampart_context.h>
#include <rampart_constants.h>
#include <rampart_sec_header_builder.h>
#include <rampart_username_token.h>
@@ -115,41 +114,48 @@
return AXIS2_FAILURE;
}
}
+
/*Check whether we need username token*/
- if(rampart_context_is_include_username_token(rampart_context,env))
- {
- axis2_char_t *user = NULL;
- axis2_char_t *password_callback = NULL;
- axis2_bool_t is_digest = AXIS2_FALSE;
- rampart_username_token_t *username_token = NULL;
-
- user = rampart_context_get_user(rampart_context,env);
- password_callback = rampart_context_get_password_callback_class(rampart_context,env);
- is_digest = rampart_context_get_password_type(rampart_context,env);
-
- username_token = rampart_username_token_create(env);
-
- AXIS2_LOG_INFO(env->log, "[rampart][shb] building UsernmaeToken");
- status = RAMPART_USERNAME_TOKEN_BUILD(username_token,
- env,
- user,
- password_callback,
- NULL,
- is_digest,
- sec_node,
- sec_ns_obj);
- if (status == AXIS2_FAILURE)
+ /*User name tokens includes in messages sent from client to server*/
+ if(!axis2_msg_ctx_get_server_side(msg_ctx,env))
+ {
+ if(rampart_context_is_include_username_token(rampart_context,env))
{
- AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed. ERROR");
- return AXIS2_FAILURE;
- }
+ axis2_char_t *user = NULL;
+ axis2_char_t *password_callback = NULL;
+ axis2_bool_t is_digest = AXIS2_FALSE;
+ rampart_username_token_t *username_token = NULL;
+
+ user = rampart_context_get_user(rampart_context,env);
+ password_callback = rampart_context_get_password_callback_class(rampart_context,env);
+ is_digest = rampart_context_get_password_type(rampart_context,env);
+
+ username_token = rampart_username_token_create(env);
+
+ AXIS2_LOG_INFO(env->log, "[rampart][shb] building UsernmaeToken");
+ status = RAMPART_USERNAME_TOKEN_BUILD(username_token,
+ env,
+ user,
+ password_callback,
+ NULL,
+ is_digest,
+ sec_node,
+ sec_ns_obj);
+ if (status == AXIS2_FAILURE)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed. ERROR");
+ return AXIS2_FAILURE;
+ }
+ }
+ }
+ /*Check the encryption and signature order*/
+ if(rampart_context_is_encrypt_before_sign(rampart_context,env))
+ {
+ /*Check what are the parts to encrypt and send them to the encrypt method*/
+ /*status = rampart_enc_encrypt_message(env, msg_ctx,soap_envelope,rampart_context,sec_node);*/
+ return AXIS2_SUCCESS;
+
}
-
-
- /*username Token inclusion*/
-
- /*check the protection order*/
-
return AXIS2_SUCCESS;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org