You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by su...@apache.org on 2008/02/08 13:30:01 UTC
svn commit: r619859 - in /webservices/rampart/trunk/c: build/win32/
samples/client/saml_echo/ samples/secpolicy/ samples/secpolicy/scenario14/
Author: supun
Date: Fri Feb 8 04:30:00 2008
New Revision: 619859
URL: http://svn.apache.org/viewvc?rev=619859&view=rev
Log:
SAML signed supporting token sample.This change only updates the Windows build for inclusion of this sample.
Includes a script for RAMPART-61
Added:
webservices/rampart/trunk/c/samples/client/saml_echo/
webservices/rampart/trunk/c/samples/client/saml_echo/echo.c
webservices/rampart/trunk/c/samples/secpolicy/run_all.js
webservices/rampart/trunk/c/samples/secpolicy/scenario14/
webservices/rampart/trunk/c/samples/secpolicy/scenario14/client-policy.xml
webservices/rampart/trunk/c/samples/secpolicy/scenario14/services.xml
Modified:
webservices/rampart/trunk/c/build/win32/deploy_rampart.bat
webservices/rampart/trunk/c/samples/secpolicy/README
Modified: webservices/rampart/trunk/c/build/win32/deploy_rampart.bat
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/build/win32/deploy_rampart.bat?rev=619859&r1=619858&r2=619859&view=diff
==============================================================================
--- webservices/rampart/trunk/c/build/win32/deploy_rampart.bat (original)
+++ webservices/rampart/trunk/c/build/win32/deploy_rampart.bat Fri Feb 8 04:30:00 2008
@@ -33,6 +33,9 @@
md %AXIS2C_HOME%\bin\samples\rampart\client\sec_echo\
copy bin\samples\client\sec_echo\echo.exe %AXIS2C_HOME%\bin\samples\rampart\client\sec_echo\
+md %AXIS2C_HOME%\bin\samples\rampart\client\saml_echo\
+copy bin\samples\client\saml_echo\echo.exe %AXIS2C_HOME%\bin\samples\rampart\client\saml_echo\
+
md %AXIS2C_HOME%\bin\samples\rampart\callback
copy bin\samples\callback\pwcb.dll %AXIS2C_HOME%\bin\samples\rampart\callback\
Added: webservices/rampart/trunk/c/samples/client/saml_echo/echo.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/client/saml_echo/echo.c?rev=619859&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/client/saml_echo/echo.c (added)
+++ webservices/rampart/trunk/c/samples/client/saml_echo/echo.c Fri Feb 8 04:30:00 2008
@@ -0,0 +1,283 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <axiom.h>
+#include <axis2_util.h>
+#include <axiom_soap.h>
+#include <axis2_client.h>
+#include <rampart_constants.h>
+#include <neethi_util.h>
+#include <neethi_policy.h>
+#include <saml.h>
+#include <rampart_config.h>
+#include <rampart_saml_token.h>
+
+axiom_node_t *
+build_om_payload_for_echo_svc(const axutil_env_t *env);
+
+axiom_node_t * AXIS2_CALL
+create_saml_assertion(const axutil_env_t *env);
+
+int main(int argc, char** argv)
+{
+ const axutil_env_t *env = NULL;
+ const axis2_char_t *address = NULL;
+ const axis2_char_t *client_home = NULL;
+ axis2_char_t *file_name = NULL;
+ axis2_char_t *policy_file = NULL;
+ axis2_endpoint_ref_t* endpoint_ref = NULL;
+ axis2_options_t *options = NULL;
+ axis2_svc_client_t* svc_client = NULL;
+ axiom_node_t *payload = NULL;
+ axiom_node_t *ret_node = NULL;
+ axis2_status_t status = AXIS2_FAILURE;
+ neethi_policy_t *policy = NULL;
+ rampart_config_t* client_config = NULL;
+ axutil_property_t *property = NULL;
+ rampart_saml_token_t *saml = NULL;
+ axiom_node_t *assertion = NULL;
+ /* Set up the environment */
+ env = axutil_env_create_all("echo.log", AXIS2_LOG_LEVEL_TRACE);
+
+ /* Set end-point-reference of echo service */
+ address = "http://localhost:9090/axis2/services/echo";
+ if (argc > 2)
+ {
+ address = argv[1];
+ client_home = argv[2];
+ printf("Using endpoint : %s\n", address);
+ printf("Using client_home : %s\n", client_home);
+ }
+
+ if (axutil_strcmp(address, "-h") == 0)
+ {
+ printf("Usage : %s [endpoint_url] [client_home]\n", argv[0]);
+ printf("use -h for help\n");
+ return 0;
+ }
+
+ /* Create end-point-reference with given address */
+ endpoint_ref = axis2_endpoint_ref_create(env, address);
+
+ /* Setup options */
+ options = axis2_options_create(env);
+ axis2_options_set_to(options, env, endpoint_ref);
+ axis2_options_set_action(options, env,
+ "http://example.com/ws/2004/09/policy/Test/EchoRequest");
+ /*axis2_options_set_action(options, env,
+ "urn:echo");*/
+
+
+ /*If the client home is not specified, use the AXIS2C_HOME*/
+ if (!client_home)
+ {
+ client_home = AXIS2_GETENV("AXIS2C_HOME");
+ printf("\nNo client_home specified. Using default %s", client_home);
+ }
+
+ /* Create service client */
+ printf("client_home= %s", client_home);
+ svc_client = axis2_svc_client_create(env, client_home);
+ if (!svc_client)
+ {
+ printf("Error creating service client\n");
+ return -1;
+ }
+
+ client_config = rampart_config_create(env);
+ if(!client_config)
+ {
+ printf("Cannot create rampart config\n");
+ return 0;
+ }
+ assertion = create_saml_assertion(env);
+ saml = rampart_saml_token_create(env, assertion, RAMPART_ST_CONFIR_TYPE_SENDER_VOUCHES);
+ rampart_saml_token_set_token_type(saml, env, RP_PROPERTY_SIGNED_SUPPORTING_TOKEN);
+ rampart_config_add_saml_token(client_config, env, saml);
+
+ property = axutil_property_create_with_args(env, AXIS2_SCOPE_REQUEST ,
+ AXIS2_TRUE, (void *)rampart_config_free, client_config);
+ axis2_options_set_property(options, env, RAMPART_CLIENT_CONFIGURATION, property);
+
+ /* Set service client options */
+ axis2_svc_client_set_options(svc_client, env, options);
+
+ /*We need to specify the client's policy file location*/
+ if(client_home)
+ {
+ file_name = axutil_stracat(env, client_home, AXIS2_PATH_SEP_STR);
+ policy_file = axutil_stracat(env, file_name, "policy.xml" );
+ AXIS2_FREE(env->allocator, file_name);
+ file_name = NULL;
+ }else{
+ printf("Client Home not Specified\n");
+ printf("echo client invoke FAILED!\n");
+ return 0;
+ }
+ /*Create the policy, from file*/
+ policy = neethi_util_create_policy_from_file(env, policy_file);
+ if(policy_file){
+ AXIS2_FREE(env->allocator, policy_file);
+ policy_file = NULL;
+ }
+ if(!policy)
+ {
+ printf("\nPolicy creation failed from the file. %s\n", policy_file);
+ }
+
+ status = axis2_svc_client_set_policy(svc_client, env, policy);
+
+ if(status == AXIS2_FAILURE)
+ {
+ printf("Policy setting failed\n");
+ }
+
+ /* Build the SOAP request message payload using OM API.*/
+ payload = build_om_payload_for_echo_svc(env);
+
+ /*If not engaged in the client's axis2.xml, uncomment this line*/
+ /*axis2_svc_client_engage_module(svc_client, env, "rampart");*/
+
+ /* Send request */
+ ret_node = axis2_svc_client_send_receive(svc_client, env, payload);
+
+
+ if (axis2_svc_client_get_last_response_has_fault(svc_client, env))
+ {
+ axiom_soap_envelope_t *soap_envelope = NULL;
+ axiom_soap_body_t *soap_body = NULL;
+ axiom_soap_fault_t *soap_fault = NULL;
+
+ printf ("\nResponse has a SOAP fault\n");
+ soap_envelope =
+ axis2_svc_client_get_last_response_soap_envelope(svc_client, env);
+ if (soap_envelope)
+ soap_body = axiom_soap_envelope_get_body(soap_envelope, env);
+ if (soap_body)
+ soap_fault = axiom_soap_body_get_fault(soap_body, env);
+ if (soap_fault)
+ {
+ printf("\nReturned SOAP fault: %s\n",
+ axiom_node_to_string(axiom_soap_fault_get_base_node(soap_fault,env),
+ env));
+ }
+ printf("echo client invoke FAILED!\n");
+ return -1;
+ }
+
+ if (ret_node)
+ {
+ axis2_char_t *om_str = NULL;
+ om_str = axiom_node_to_string(ret_node, env);
+ if (om_str)
+ {
+ printf("\nReceived OM : %s\n", om_str);
+ }
+ printf("\necho client invoke SUCCESSFUL!\n");
+ AXIS2_FREE(env->allocator, om_str);
+ ret_node = NULL;
+ }
+ else
+ {
+ printf("echo client invoke FAILED!\n");
+ return -1;
+ }
+
+ if (svc_client)
+ {
+ axis2_svc_client_free(svc_client, env);
+ svc_client = NULL;
+ }
+ if (env)
+ {
+ axutil_env_free((axutil_env_t *) env);
+ env = NULL;
+ }
+
+ return 0;
+}
+
+/* build SOAP request message content using OM */
+axiom_node_t *
+build_om_payload_for_echo_svc(const axutil_env_t *env)
+{
+ axiom_node_t *echo_om_node = NULL;
+ axiom_element_t* echo_om_ele = NULL;
+ axiom_node_t* text_om_node = NULL;
+ axiom_element_t * text_om_ele = NULL;
+ axiom_namespace_t *ns1 = NULL;
+ axis2_char_t *om_str = NULL;
+
+ ns1 = axiom_namespace_create(env, "http://ws.apache.org/rampart/c/samples", "ns1");
+ echo_om_ele = axiom_element_create(env, NULL, "echoIn", ns1, &echo_om_node);
+
+
+ text_om_ele = axiom_element_create(env, echo_om_node, "text", NULL, &text_om_node);
+ axiom_element_set_text(text_om_ele, env, "Hello", text_om_node);
+
+ om_str = axiom_node_to_string(echo_om_node, env);
+ if (om_str){
+ printf("\nSending OM : %s\n", om_str);
+ AXIS2_FREE(env->allocator, om_str);
+ om_str = NULL;
+ }
+ return echo_om_node;
+}
+
+axiom_node_t * AXIS2_CALL
+create_saml_assertion(const axutil_env_t *env)
+{
+ saml_assertion_t *assertion = NULL;
+ saml_attr_stmt_t *attr_stmt = NULL;
+ saml_subject_t *subject = NULL;
+ saml_named_id_t *named_id = NULL;
+ saml_attr_t *attr = NULL;
+ axiom_node_t *attr_val = NULL;
+ axiom_element_t *e = NULL;
+ saml_stmt_t *stmt = NULL;
+
+ assertion = saml_assertion_create(env);
+ attr_stmt = saml_attr_stmt_create(env);
+ subject = saml_subject_create(env);
+
+ saml_assertion_set_issue_instant(assertion, env, axutil_date_time_create(env));
+ saml_assertion_set_issuer(assertion, env, "www.mrt.ac.lk");
+ saml_assertion_set_minor_version(assertion, env, 1);
+
+ saml_subject_add_confirmation(subject, env, SAML_SUB_CONFIRMATION_SENDER_VOUCHES);
+
+ named_id = saml_named_id_create(env);
+ saml_named_id_set_name(named_id, env, "cse07");
+ saml_subject_set_named_id(subject, env, named_id);
+
+ attr = saml_attr_create(env);
+ saml_attr_set_name(attr, env, "csestudent");
+ saml_attr_set_namespace(attr, env, "www.mrt.ac.lk/cse");
+ e = axiom_element_create(env, NULL, "noofstudent", NULL, &attr_val);
+ axiom_element_set_text(e, env, "10", attr_val);
+ saml_attr_add_value(attr, env, attr_val);
+
+ saml_attr_stmt_set_subject(attr_stmt, env, subject);
+ saml_attr_stmt_add_attribute(attr_stmt, env, attr);
+
+ stmt = saml_stmt_create(env);
+ saml_stmt_set_stmt(stmt, env, attr_stmt, SAML_STMT_ATTRIBUTESTATEMENT);
+
+ saml_assertion_add_statement(assertion, env, stmt);
+ return saml_assertion_to_om(assertion, NULL, env);
+}
\ No newline at end of file
Modified: webservices/rampart/trunk/c/samples/secpolicy/README
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/README?rev=619859&r1=619858&r2=619859&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/README (original)
+++ webservices/rampart/trunk/c/samples/secpolicy/README Fri Feb 8 04:30:00 2008
@@ -1,97 +1,98 @@
-The scenarios available here can be deployed using deploy.sh
-
-Simply give the scenario name as an argument to the script.
-
-E.g. %sh deploy.sh scenario1
-Windows users please use the "deploy.bat".
-Once policy files are deployed, Windows user must change path names and file extension appropriately.
-
-Make sure you have run the
-samples/client/sec_echo/deploy_client_repo.sh on Linux or
-samples\client\sec_echo\deploy_client_repo.bat in Windows.
-
-These scenarios will only copy the security policy (XML) files.
-
-Then go to $AXIS2C_HOME/bin and start the server.
-
-To run the client, use the script
-"samples/client/sec_echo/update_n_run.sh" on Linux or
-"samples\client\sec_echo\update_n_run.bat" on Windows.
-
-
-Following is a summary of scenarios available.
-
-Scenario Summary
--------------------
-1. Timestamp
-2. UsernameToken
-3. Encryption
-4. Signature
-5. A complete scenario to show: Timestamp, UsernameToken, Encrypt,
- The protection order is Sign->Encrypt
- Signature is Encrypted
-6. A complete scenario to show: Timestamp, UsernameToken, Encrypt,
- The protection order is Encrypt->Sign
- Signature is Encrypted
-7. Replay detection
-8. Symmetric binding. Encryption using derived keys.
-9. Symmetric binding. Signature
-10. Symmetric binding. Both encryption and sign.
- The protection order is Encrypt->Sign
-11. Symmetric binding. Both encryption and sign.
- The protection order is Sign->Encrypt
-12. Symmetric binding. Both encryption and sign.
- The protection order is Sign->Encrypt
- Signature is Encrypted
-13. Symmetric binding. Both encryption and sign.
- The protection order is Encrypt->Sign
- Signature is Encrypted
-
-FAQ:
----
-* I am NOT on LINUX. Are there any changes to be done in samples.
-----------------------------------------------------------------
-YES. You have to change file names accordingly. For example your password
-callback module might have "*.so" as the extension. This might be different in
-WIN32 and Mac OS.
-
-* I am in a HURRY and I need to try a scenario
---------------------------------------------
-If you are in a real hurry and need to try a scenario please use "test_scen.sh".
-Usage : %sh test_scen.sh scenarioX server-port
-E.g. %sh test_scen.sh scenario3 8080
-
-* I need to try all the scenarios
--------------------------------
-In this case please use the script run_all.sh.
-Usage: %sh run_all.sh server-port
-E.g. %sh run_all.sh 8080
-
-* I need to see messages exchanged
---------------------------------------
-You may use the TCP Monitor utility: http://ws.apache.org/commons/tcpmon/
-
-Make sure that you give the correct port that you have configured in TCPMon
-while running the scripts.
-
-* I cannot run samples and log says keys cannot be loaded
----------------------------------------------------------
-Check your policy files. Make sure that you have correct paths specified for
-key/certificate files.
-
-* My client sends a secured SOAP request. But the server throws me SOAP faults.
-------------------------------------------------------------------------------
-Well. You are on it. Check whether the server's policy configurations are
-satisfied by the client's policies. There is a <Reason> element carrying the
-information you need in the SOAP fault. Misconfigurations in the server also can be resulted
-in a SOAP fault.
-
-*Hmm... I'm still in a trouble. Can I contact you guys?
--------------------------------------------------------
-Indeed you can. Please check here.
-http://ws.apache.org/rampart/c/lists_issues.html
-Err... if you can attach log files under AXIS2C_HOME/logs, a trace of SOAP
-message, plus anything that you think relavent, that'll help the troubleshooting process.
-
-
-
+The scenarios available here can be deployed using deploy.sh
+
+Simply give the scenario name as an argument to the script.
+
+E.g. %sh deploy.sh scenario1
+Windows users please use the "deploy.bat".
+Once policy files are deployed, Windows user must change path names and file extension appropriately.
+
+Make sure you have run the
+samples/client/sec_echo/deploy_client_repo.sh on Linux or
+samples\client\sec_echo\deploy_client_repo.bat in Windows.
+
+These scenarios will only copy the security policy (XML) files.
+
+Then go to $AXIS2C_HOME/bin and start the server.
+
+To run the client, use the script
+"samples/client/sec_echo/update_n_run.sh" on Linux or
+"samples\client\sec_echo\update_n_run.bat" on Windows.
+
+
+Following is a summary of scenarios available.
+
+Scenario Summary
+-------------------
+1. Timestamp
+2. UsernameToken
+3. Encryption
+4. Signature
+5. A complete scenario to show: Timestamp, UsernameToken, Encrypt,
+ The protection order is Sign->Encrypt
+ Signature is Encrypted
+6. A complete scenario to show: Timestamp, UsernameToken, Encrypt,
+ The protection order is Encrypt->Sign
+ Signature is Encrypted
+7. Replay detection
+8. Symmetric binding. Encryption using derived keys.
+9. Symmetric binding. Signature
+10. Symmetric binding. Both encryption and sign.
+ The protection order is Encrypt->Sign
+11. Symmetric binding. Both encryption and sign.
+ The protection order is Sign->Encrypt
+12. Symmetric binding. Both encryption and sign.
+ The protection order is Sign->Encrypt
+ Signature is Encrypted
+13. Symmetric binding. Both encryption and sign.
+ The protection order is Encrypt->Sign
+ Signature is Encrypted
+14. SAML Signed supporting token inclution. This scenario uses the saml_echo client.
+
+FAQ:
+---
+* I am NOT on LINUX. Are there any changes to be done in samples.
+----------------------------------------------------------------
+YES. You have to change file names accordingly. For example your password
+callback module might have "*.so" as the extension. This might be different in
+WIN32 and Mac OS.
+
+* I am in a HURRY and I need to try a scenario
+--------------------------------------------
+If you are in a real hurry and need to try a scenario please use "test_scen.sh".
+Usage : %sh test_scen.sh scenarioX server-port
+E.g. %sh test_scen.sh scenario3 8080
+
+* I need to try all the scenarios
+-------------------------------
+In this case please use the script run_all.sh.
+Usage: %sh run_all.sh server-port
+E.g. %sh run_all.sh 8080
+
+* I need to see messages exchanged
+--------------------------------------
+You may use the TCP Monitor utility: http://ws.apache.org/commons/tcpmon/
+
+Make sure that you give the correct port that you have configured in TCPMon
+while running the scripts.
+
+* I cannot run samples and log says keys cannot be loaded
+---------------------------------------------------------
+Check your policy files. Make sure that you have correct paths specified for
+key/certificate files.
+
+* My client sends a secured SOAP request. But the server throws me SOAP faults.
+------------------------------------------------------------------------------
+Well. You are on it. Check whether the server's policy configurations are
+satisfied by the client's policies. There is a <Reason> element carrying the
+information you need in the SOAP fault. Misconfigurations in the server also can be resulted
+in a SOAP fault.
+
+*Hmm... I'm still in a trouble. Can I contact you guys?
+-------------------------------------------------------
+Indeed you can. Please check here.
+http://ws.apache.org/rampart/c/lists_issues.html
+Err... if you can attach log files under AXIS2C_HOME/logs, a trace of SOAP
+message, plus anything that you think relavent, that'll help the troubleshooting process.
+
+
+
Added: webservices/rampart/trunk/c/samples/secpolicy/run_all.js
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/run_all.js?rev=619859&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/run_all.js (added)
+++ webservices/rampart/trunk/c/samples/secpolicy/run_all.js Fri Feb 8 04:30:00 2008
@@ -0,0 +1,72 @@
+var WshShell = new ActiveXObject("WScript.Shell");
+fso = new ActiveXObject("Scripting.FileSystemObject");
+
+var fso, f, s, re, ss, r;
+var ForReading = 1, ForWriting = 2;
+
+var axis2c_home = WshShell.ExpandEnvironmentStrings("%AXIS2C_HOME%");
+var client_repo = axis2c_home + "\\client_repo";
+
+for (var i = 1; i <= 14; i++) {
+ WScript.Echo("Scenario " + i + ":");
+ // Deploy the client policy file
+ f = fso.OpenTextFile("scenario" + i + "\\client-policy.xml", ForReading);
+ s = f.ReadAll();
+ f.Close();
+
+ f = fso.OpenTextFile(client_repo + "\\policy.xml", ForWriting, true);
+ while (s.search(/AXIS2C_HOME/) != -1) {
+ r = s.replace(/AXIS2C_HOME/, axis2c_home);
+ s = r;
+ }
+ while (s.search(/libpwcb\.so/) != -1) {
+ r = s.replace(/libpwcb\.so/, "pwcb.dll");
+ s = r;
+ }
+ f.write(s);
+ f.close();
+
+ // Deploy the servces.xml files
+ f = fso.OpenTextFile("scenario" + i + "\\services.xml", ForReading);
+ s = f.ReadAll();
+ f.Close();
+
+ f = fso.OpenTextFile(axis2c_home + "\\services\\sec_echo\\services.xml", ForWriting, true);
+ while (s.search(/AXIS2C_HOME/) != -1) {
+ r = s.replace(/AXIS2C_HOME/, axis2c_home);
+ s = r;
+ }
+ while (s.search(/libpwcb\.so/) != -1) {
+ r = s.replace(/libpwcb\.so/, "pwcb.dll");
+ s = r;
+ }
+ while (s.search(/librdflatfile\.so/) != -1) {
+ r = s.replace(/librdflatfile\.so/, "rdflatfile.dll");
+ s = r;
+ }
+ f.write(s);
+ f.close();
+
+ WScript.Echo("services.xml and policy.xml deployed");
+
+ var http_server = WshShell.Exec(axis2c_home + "\\bin\\axis2_http_server.exe -p 7070 -r " + axis2c_home);
+ WScript.Sleep(3000);
+ WScript.Echo("Started Axis2C simple HTTP server\n\n");
+
+ var client;
+ if (i != 14) {
+ var client = WshShell.Exec(axis2c_home + "\\bin\\samples\\rampart\\client\\sec_echo\\echo.exe http://localhost:9090/axis2/services/sec_echo/echoString " + client_repo);
+ } else if (i == 14) {
+ client = WshShell.Exec(axis2c_home + "\\bin\\samples\\rampart\\client\\saml_echo\\echo.exe http://localhost:9090/axis2/services/sec_echo/echoString " + client_repo);
+ }
+
+ s = client.StdOut.ReadAll();
+ WScript.Echo(s);
+
+ http_server.Terminate();
+}
+
+
+
+
+
Added: webservices/rampart/trunk/c/samples/secpolicy/scenario14/client-policy.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario14/client-policy.xml?rev=619859&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario14/client-policy.xml (added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario14/client-policy.xml Fri Feb 8 04:30:00 2008
@@ -0,0 +1,64 @@
+<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ <sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
+ </sp:SignedParts>
+ <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
+ <rampc:User>Alice</rampc:User>
+ <rampc:TimeToLive>360</rampc:TimeToLive>
+ <rampc:EncryptionUser>a</rampc:EncryptionUser>
+ <rampc:PasswordType>Digest</rampc:PasswordType>
+ <rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ <rampc:ReceiverCertificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/bob_cert.cert</rampc:ReceiverCertificate>
+ <rampc:Certificate>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_cert.cert</rampc:Certificate>
+ <rampc:PrivateKey>AXIS2C_HOME/bin/samples/rampart/keys/ahome/alice_key.pem</rampc:PrivateKey>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
Added: webservices/rampart/trunk/c/samples/secpolicy/scenario14/services.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/secpolicy/scenario14/services.xml?rev=619859&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/secpolicy/scenario14/services.xml (added)
+++ webservices/rampart/trunk/c/samples/secpolicy/scenario14/services.xml Fri Feb 8 04:30:00 2008
@@ -0,0 +1,74 @@
+<service name="sec_echo">
+ <parameter name="ServiceClass" locked="xsd:false">sec_echo</parameter>
+
+ <description>
+ This is a testing service , to test the system is working or not
+ </description>
+ <module ref="rampart"/>
+ <operation name="echoString">
+ <parameter name="wsamapping">http://example.com/ws/2004/09/policy/Test/EchoRequest</parameter>
+ </operation>
+
+ <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+ <wsp:Policy>
+ <sp:RequireDerivedKeys/>
+ <sp:RequireThumbprintReference/>
+ <sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic256/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Strict/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:EncryptBeforeSigning/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:SamlToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
+ </wsp:Policy>
+ </sp:SignedSupportingTokens>
+ <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefEmbeddedToken/>
+ <sp:MustSupportRefIssuerSerial/>
+ </wsp:Policy>
+ </sp:Wss10>
+ <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+ <sp:Body/>
+ </sp:SignedParts>
+ <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
+ <rampc:User>Bob</rampc:User>
+ <rampc:TimeToLive>360</rampc:TimeToLive>
+ <rampc:EncryptionUser>b</rampc:EncryptionUser>
+ <rampc:PasswordType>Digest</rampc:PasswordType>
+ <rampc:PasswordCallbackClass>AXIS2C_HOME/bin/samples/rampart/callback/libpwcb.so</rampc:PasswordCallbackClass>
+ <rampc:ReceiverCertificate>AXIS2C_HOME/bin/samples/rampart/keys/bhome/alice_cert.cert</rampc:ReceiverCertificate>
+ <rampc:Certificate>AXIS2C_HOME/bin/samples/rampart/keys/bhome/bob_cert.cert</rampc:Certificate>
+ <rampc:PrivateKey>AXIS2C_HOME/bin/samples/rampart/keys/bhome/bob_key.pem</rampc:PrivateKey>
+ </rampc:RampartConfig>
+ </wsp:All>
+ </wsp:ExactlyOne>
+ </wsp:Policy>
+</service>