WS-Security in WS Binding Axis2 and Policy Fwk

[Venkata Krishnan <fo...@gmail.com>]

Hi,

I have checked in a basic implementation of ws security that integrates with
our policy framework.  Here is what has been done upto now.

1)  a new module policy-security has been added to deal with policy
attachments related to security.  For now I have added abstractions for
policy attachments that could encapsulate axis2 config params.
2) included the deployment of Apache Rampart module with the Axis2 WS
Binding extension.
3) created policysets around ws security involving basic user authentication
with password text.  This is in the definitions.xml of the Axis2 WS Binding
module.
4) Included an itest in the Axis2 WS Binding to exercise the policysets
defined in (3).

Next steps:
----------------
- What has been implemented in the Axis2 WS Binding is means for configuring
various axis2 config parameters thro tuscany policies.  Security is just one
of the things that could be enabled thro some specific axis2 config params.
I shall be trying out policysets around other parameter settings.
- While the axis2 config params are one way, as far I understand, we could
very much do the same such thro the use of WS-Policy.  This is something I
will be working on integrating next - more specifically -
ws-security-policy.
- I'd also like to pull out the SCA Definitions related code out of the
policy module to a separate module.

I'd like to hear people's views on what has been done and also suggestions
on things futher up ahead.

Thanks.

- Venkat