You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by ka...@apache.org on 2006/11/21 06:36:13 UTC
svn commit: r477510 - in /webservices/axis2/trunk/c/rampart: include/
src/handlers/ src/omxmlsec/ src/util/
Author: kaushalye
Date: Mon Nov 20 21:36:11 2006
New Revision: 477510
URL: http://svn.apache.org/viewvc?view=rev&rev=477510
Log:
This update includes.
1. On arrival token verification for usernametoken and timestamps.
2. More specific LOG messages.
3. Improved soap fault generation.
Modified:
webservices/axis2/trunk/c/rampart/include/rampart_sec_header_processor.h
webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c
webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c
webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c
webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c
webservices/axis2/trunk/c/rampart/src/util/username_token.c
Modified: webservices/axis2/trunk/c/rampart/include/rampart_sec_header_processor.h
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/include/rampart_sec_header_processor.h?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/include/rampart_sec_header_processor.h (original)
+++ webservices/axis2/trunk/c/rampart/include/rampart_sec_header_processor.h Mon Nov 20 21:36:11 2006
@@ -46,7 +46,8 @@
axis2_msg_ctx_t *msg_ctx,
rampart_actions_t *actions,
axiom_soap_envelope_t *soap_envelope,
- axiom_node_t *sec_node);
+ axiom_node_t *sec_node,
+ axis2_array_list_t *sub_codes);
/* @} */
Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c (original)
+++ webservices/axis2/trunk/c/rampart/src/handlers/rampart_in_handler.c Mon Nov 20 21:36:11 2006
@@ -29,7 +29,7 @@
#include <rampart_handler_util.h>
#include <rampart_timestamp_token.h>
#include <rampart_util.h>
-
+#include <rampart_sec_header_processor.h>
/*************************** Function headers *********************************/
axis2_status_t AXIS2_CALL
@@ -70,9 +70,7 @@
axis2_ctx_t *ctx = NULL;
axis2_array_list_t *action_list = NULL;
axis2_param_t *param_action = NULL;
- axis2_char_t *items = NULL;
- axiom_node_t *sec_node, *ts_node = NULL;
- axiom_element_t *sec_ele, *ts_ele = NULL;
+ axiom_node_t *sec_node = NULL;
rampart_actions_t *actions = NULL;
AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
@@ -88,9 +86,6 @@
soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env);
if (soap_header)
{
- axis2_char_t* item = NULL;
- axis2_array_list_t *items_list = NULL;
- int i = 0, size = 0;
AXIS2_LOG_TRACE(env->log, AXIS2_LOG_SI, "SOAP header found");
@@ -98,7 +93,6 @@
actions = rampart_actions_create(env);
/*Check InFlowSecurity parameters*/
-
ctx = AXIS2_MSG_CTX_GET_BASE(msg_ctx, env);
param_in_flow_security = rampart_get_security_param(env, msg_ctx, RAMPART_INFLOW_SECURITY);
@@ -133,155 +127,35 @@
/*Then re-populate using the axis2_ctx*/
status = RAMPART_ACTIONS_POPULATE_FROM_CTX(actions, env, ctx);
- items = AXIS2_STRDUP(RAMPART_ACTIONS_GET_ITEMS(actions, env), env);
- if (!items)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] No items defined. So nothing to do.");
+ sec_node = rampart_get_security_token(env, msg_ctx, soap_header);
+ axis2_array_list_t *sub_codes = NULL;
+
+ sub_codes = axis2_array_list_create(env, 0);
+
+ if(!sec_node){
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] No security header element.");
return AXIS2_SUCCESS;
+
}
- /*Get action items seperated by spaces*/
- items_list = axis2_tokenize(env, items, ' ');
- if (items_list)
+ /*status = rampart_validate_security_token(env, msg_ctx, sec_node);
+ if (AXIS2_FAILURE == status)
{
- size = AXIS2_ARRAY_LIST_SIZE(items_list, env);
+ AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_INVALID_SECURITY_TOKEN);
+ rampart_create_fault_envelope(env, "wsse:Security", "Security header element is not valid", sub_codes, msg_ctx);
+ return AXIS2_FAILURE;
}
-
- for (i = 0; i < size; i++)
+ */
+ /*The main entry point for all security header validations*/
+ status = rampart_shp_process_message(env, msg_ctx, actions, soap_envelope, sec_node, sub_codes);
+ if (AXIS2_FAILURE == status)
{
- item = AXIS2_ARRAY_LIST_GET(items_list, env, i);
- sec_node = rampart_get_security_token(env, msg_ctx, soap_header);
- /*If no sec_node return fault*/
- if (!sec_node)
- {
- axis2_array_list_t *sub_codes = NULL;
- sub_codes = axis2_array_list_create(env, 1);
- if (sub_codes)
- {
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_SECURITY_TOKEN_UNAVAILABLE);
- }
-
- rampart_create_fault_envelope(env, "wsse:Security", "Security header element is unavailable", sub_codes, msg_ctx);
- return AXIS2_FAILURE;
- }
-
- status = rampart_validate_security_token(env, msg_ctx, sec_node);
- if (AXIS2_FAILURE == status)
- {
- axis2_array_list_t *sub_codes = NULL;
- sub_codes = axis2_array_list_create(env, 1);
- if (sub_codes)
- {
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_INVALID_SECURITY_TOKEN);
- }
- rampart_create_fault_envelope(env, "wsse:Security", "Security header element is not valid", sub_codes, msg_ctx);
- return AXIS2_FAILURE;
- }
- /*NEW CODE*/
- /*status = rampart_shp_process_message(env, msg_ctx, actions, soap_envelope, sec_node);*/
-
- sec_ele = AXIOM_NODE_GET_DATA_ELEMENT(sec_node, env);
-
- /*UsernameToken*/
- if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_USERNAMETOKEN, AXIS2_STRTRIM(env, item, NULL)))
- {
- rampart_username_token_t *username_token = NULL;
- axis2_array_list_t *sub_codes = NULL;
- axis2_status_t valid_user = AXIS2_FAILURE;
-
- sub_codes = axis2_array_list_create(env, 0);
- username_token = rampart_username_token_create(env);
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Validating UsernameToken");
- valid_user = RAMPART_USERNAME_TOKEN_VALIDATE(username_token, env,
- msg_ctx, soap_header, actions, sub_codes);
- if (valid_user)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Validating UsernameToken SUCCESS");
- status = AXIS2_SUCCESS;
- }
- else
- {
- if (sub_codes)
- {
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_FAILED_AUTHENTICATION);
- }
-
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Validating UsernameToken FAILED");
- rampart_create_fault_envelope(env, "wsse:UsernameToken", "Username is not valid", sub_codes, msg_ctx);
- return AXIS2_FAILURE;
- }
- /*Encrypt*/
- }
- else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_ENCRYPT, AXIS2_STRTRIM(env, item, NULL)))
- {
- /*Do useful to verify encrypt*/
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Decryption... NOT IMPLEMENTED YET.. SORRY");
-
-
- /*Signature*/
- }
- else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_SIGNATURE, AXIS2_STRTRIM(env, item, NULL)))
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Verfying signature... NOT IMPLEMENTED YET.. SORRY");
- /*Timestamp Token*/
- }
- else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_TIMESTAMP, AXIS2_STRTRIM(env, item, NULL)))
- {
- axis2_qname_t *qname = NULL;
- axis2_array_list_t *sub_codes = NULL;
- axis2_status_t valid_ts = AXIS2_FAILURE;
- rampart_timestamp_token_t *timestamp_token = NULL;
-
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Validating Timestamp");
- sub_codes = axis2_array_list_create(env, 0);
-
- qname = axis2_qname_create(env,
- RAMPART_SECURITY_TIMESTAMP,
- RAMPART_WSU_XMLNS,
- RAMPART_WSU);
- if (qname)
- {
- ts_ele = AXIOM_ELEMENT_GET_FIRST_CHILD_WITH_QNAME(sec_ele, env, qname, sec_node, &ts_node);
- if (!ts_ele)
- {
- AXIS2_LOG_INFO(env->log, "Cannot find Timestamp in Security element...");
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, "Time stamp token expected");
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_FAILED_AUTHENTICATION);
- rampart_create_fault_envelope(env, "wsse:Timestamptoken", "Timestamp is not available", sub_codes, msg_ctx);
- return AXIS2_FAILURE;
- }
- }
- timestamp_token = rampart_timestamp_token_create(env);
- valid_ts = RAMPART_TIMESTAMP_TOKEN_VALIDATE(timestamp_token, env, ts_node, sub_codes);
- /*TODO free*/
- if (valid_ts)
- {
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_in_handler] Validating Timestamp is SUCCESS ");
- status = AXIS2_SUCCESS;
- }
- else
- {
- /*TODO return a fault*/
-
- AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart] Timestamp is not valid");
- if (sub_codes)
- {
- AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_FAILED_AUTHENTICATION);
- }
-
- rampart_create_fault_envelope(env, "wsse:Timestamptoken", "Timestamp is not valid", sub_codes, msg_ctx);
- return AXIS2_FAILURE;
-
- }
- }
- else
- {
- return AXIS2_SUCCESS;
- }
+ rampart_create_fault_envelope(env, "wsse:Security", "Security header processing failed", sub_codes, msg_ctx);
+ return AXIS2_FAILURE;
+ }
- } /* End of for */
} /* End of sec_header */
}/* End of soap_envelope */
Modified: webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c (original)
+++ webservices/axis2/trunk/c/rampart/src/handlers/rampart_out_handler.c Mon Nov 20 21:36:11 2006
@@ -27,6 +27,7 @@
#include <rampart_handler_util.h>
#include <rampart_timestamp_token.h>
#include <rampart_action.h>
+#include <rampart_encryption.h>
/*********************** Function headers *********************************/
@@ -271,7 +272,7 @@
{
AXIS2_LOG_INFO(env->log, "[rampart][rampart_out_handler] Encrypting we do not support yet");
- /*status = rampart_enc_encrypt_message(env, msg_ctx, actions, soap_envelope, sec_node); */
+ status = rampart_enc_encrypt_message(env, msg_ctx, actions, soap_envelope, sec_node);
/*Signature*/
}
else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_SIGNATURE,
Modified: webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c (original)
+++ webservices/axis2/trunk/c/rampart/src/omxmlsec/error.c Mon Nov 20 21:36:11 2006
@@ -83,12 +83,11 @@
va_list ap;
error_msg = oxs_errors_get_msg_by_code(code);
- /*TODO Log instead of printf*/
va_start(ap, msg);
AXIS2_VSNPRINTF(value, AXIS2_LEN_VALUE, msg, ap);
va_end(ap);
-
+
printf("\nERROR [%s:%d in %s] %s , %s\n", file, line, func, error_msg, value);
}
Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_processor.c Mon Nov 20 21:36:11 2006
@@ -20,6 +20,8 @@
#include <rampart_action.h>
#include <rampart_constants.h>
#include <rampart_sec_header_processor.h>
+#include <rampart_username_token.h>
+#include <rampart_timestamp_token.h>
#include <oxs_ctx.h>
#include <oxs_error.h>
#include <oxs_utility.h>
@@ -37,13 +39,88 @@
#include <oxs_axiom.h>
#include <oxs_asym_ctx.h>
+
+
+
/*Private functions*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_shp_process_timestamptoken(const axis2_env_t *env,
+ axis2_msg_ctx_t *msg_ctx,
+ rampart_actions_t *actions,
+ axiom_soap_envelope_t *soap_envelope,
+ axiom_node_t *ts_node,
+ axis2_array_list_t *sub_codes)
+{
+ rampart_timestamp_token_t *timestamp_token = NULL;
+ axis2_status_t valid_ts = AXIS2_FAILURE;
+
+ timestamp_token = rampart_timestamp_token_create(env);
+ valid_ts = RAMPART_TIMESTAMP_TOKEN_VALIDATE(timestamp_token, env, ts_node, sub_codes);
+
+ if (valid_ts)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][scp] Validating Timestamp is SUCCESS ");
+ return AXIS2_SUCCESS;
+ }
+ else
+ {
+ /*TODO return a fault*/
+
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][scp] Timestamp is not valid");
+ if (sub_codes)
+ {
+ AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_FAILED_AUTHENTICATION);
+ }
+
+ return AXIS2_FAILURE;
+
+ }
+
+}
+
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_shp_process_usernametoken(const axis2_env_t *env,
+ axis2_msg_ctx_t *msg_ctx,
+ rampart_actions_t *actions,
+ axiom_soap_envelope_t *soap_envelope,
+ axiom_node_t *ut_node,
+ axis2_array_list_t *sub_codes)
+{
+ rampart_username_token_t *username_token = NULL;
+ axiom_soap_header_t *soap_header = NULL;
+ axis2_status_t valid_user = AXIS2_FAILURE;
+
+ soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env);
+
+ username_token = rampart_username_token_create(env);
+ AXIS2_LOG_INFO(env->log, "[rampart][shp] Validating UsernameToken");
+ valid_user = RAMPART_USERNAME_TOKEN_VALIDATE(username_token, env,
+ msg_ctx, soap_header, actions, sub_codes);
+
+ if (valid_user)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][shp] Validating UsernameToken SUCCESS");
+ return AXIS2_SUCCESS;
+ }else{
+ if (sub_codes)
+ {
+ AXIS2_ARRAY_LIST_ADD(sub_codes, env, RAMPART_FAULT_FAILED_AUTHENTICATION);
+ }
+
+ AXIS2_LOG_INFO(env->log, "[rampart][shp] Validating UsernameToken FAILED");
+ return AXIS2_FAILURE;
+ }
+
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_shp_process_encrypted_key(const axis2_env_t *env,
axis2_msg_ctx_t *msg_ctx,
rampart_actions_t *actions,
axiom_soap_envelope_t *soap_envelope,
- axiom_node_t *encrypted_key_node)
+ axiom_node_t *encrypted_key_node,
+ axis2_array_list_t *sub_codes)
{
axiom_node_t *ref_list_node = NULL;
axis2_array_list_t *reference_list = NULL;
@@ -109,20 +186,18 @@
AXIS2_LOG_INFO(env->log, "[rampart][shp] Node ID=%s decrypted successfuly", id);
}
-
return AXIS2_SUCCESS;
}
-
/*Public functions*/
-
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_shp_process_message(const axis2_env_t *env,
axis2_msg_ctx_t *msg_ctx,
rampart_actions_t *actions,
axiom_soap_envelope_t *soap_envelope,
- axiom_node_t *sec_node)
+ axiom_node_t *sec_node,
+ axis2_array_list_t *sub_codes)
{
axiom_node_t *cur_node = NULL;
axiom_element_t *cur_ele = NULL;
@@ -143,15 +218,15 @@
if(0 == AXIS2_STRCMP(cur_node_name , RAMPART_SECURITY_USERNAMETOKEN) ){
/*Process UT*/
AXIS2_LOG_INFO(env->log, "[rampart][shp] Process Usernametoken");
-
+ status = rampart_shp_process_usernametoken(env,msg_ctx, actions, soap_envelope, cur_node, sub_codes);
}else if(0 == AXIS2_STRCMP(cur_node_name , RAMPART_SECURITY_TIMESTAMP)){
/*Verify TS*/
AXIS2_LOG_INFO(env->log, "[rampart][shp] Process Timestamptoken");
-
+ status = rampart_shp_process_timestamptoken(env,msg_ctx, actions, soap_envelope, cur_node, sub_codes);
}else if(0 == AXIS2_STRCMP(cur_node_name ,OXS_NODE_ENCRYPTED_KEY)){
/*Process EncryptedKey*/
AXIS2_LOG_INFO(env->log, "[rampart][shp] Process EncryptedKey");
- status = rampart_shp_process_encrypted_key(env,msg_ctx, actions, soap_envelope, cur_node);
+ status = rampart_shp_process_encrypted_key(env,msg_ctx, actions, soap_envelope, cur_node, sub_codes);
}else if(0 == AXIS2_STRCMP(cur_node_name ,OXS_NODE_ENCRYPTED_DATA)){
/*Process Encrypteddata*/
AXIS2_LOG_INFO(env->log, "[rampart][shp] Process EncryptedData");
@@ -160,6 +235,11 @@
/*List is placed Out side of the EncryptedKey*/
AXIS2_LOG_INFO(env->log, "[rampart][shp] Process ReferenceList");
}
+ /*Retuen failure on error*/
+ if(AXIS2_FAILURE == status){
+ return AXIS2_FAILURE;
+ }
+ /*Proceed to next node*/
cur_node = AXIOM_NODE_GET_NEXT_SIBLING(cur_node, env);
}/*End of while*/
Modified: webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/timestamp_token.c Mon Nov 20 21:36:11 2006
@@ -217,7 +217,7 @@
if (!ts_ele)
{
AXIS2_ARRAY_LIST_ADD(sub_codes, env, "Cannot find Timestamp element");
- AXIS2_LOG_INFO(env->log, " Cannot find timestamp ... ");
+ AXIS2_LOG_INFO(env->log, " Cannot find timestamp ");
return AXIS2_FAILURE;
}
@@ -233,7 +233,7 @@
}
created_val = AXIOM_ELEMENT_GET_TEXT(created_ele, env, created_node);
- /*Check weather created is less than current time or not*/
+ /*Check whether created is less than current time or not*/
current_val = rampart_generate_time(env, 0);
validity = rampart_compare_date_time(env, created_val, current_val);
if (validity == AXIS2_FAILURE)
@@ -259,17 +259,18 @@
return AXIS2_FAILURE;
}
- /*Now the expires element is present. So check weather this has a valid timestamp.
+ /*Now the expires element is present. So check whether this has a valid timestamp.
If not it's a failure*/
expires_val = AXIOM_ELEMENT_GET_TEXT(expires_ele, env, expires_node);
- /*Check weather time has expired or not*/
+ /*Check whether time has expired or not*/
validity = rampart_compare_date_time(env, current_val, expires_val);
if (validity == AXIS2_FAILURE)
{
AXIS2_ARRAY_LIST_ADD(sub_codes, env, "Timestamp token has expired");
return AXIS2_FAILURE;
}
+ AXIS2_LOG_INFO(env->log, "[rampart][ts] Timstamp is valid");
/*free memory for qnames*/
return validity;
Modified: webservices/axis2/trunk/c/rampart/src/util/username_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/username_token.c?view=diff&rev=477510&r1=477509&r2=477510
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/username_token.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/username_token.c Mon Nov 20 21:36:11 2006
@@ -115,7 +115,7 @@
return password;
}
- /*If not check weather there is a callback class specified*/
+ /*If not check whether there is a callback class specified*/
pw_callback_module = RAMPART_ACTIONS_GET_PW_CB_CLASS(actions, env);
if (pw_callback_module)
{
@@ -529,29 +529,36 @@
}
else
{
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] Cannot find child elements of Usernametoken");
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][rampart_usernametoken] Cannot find child elements of Usernametoken");
return AXIS2_FAILURE;
}
/*Now we process collected usernametoken parameters*/
if (!username)
{
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] Username is not specified");
return AXIS2_FAILURE;
}
ctx = AXIS2_MSG_CTX_GET_BASE(msg_ctx, env);
pw_callback_module = RAMPART_ACTIONS_GET_PW_CB_CLASS(actions, env);
-
+ if(!pw_callback_module){
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][rampart_usernametoken] Password callback module is not specified");
+ AXIS2_ARRAY_LIST_ADD(sub_codes, env, "Server configuration error. Callback module not specified");
+ return AXIS2_FAILURE;
+ }
+
password_from_svr = rampart_username_token_callback_pw(env, pw_callback_module, username, ctx);
if (!password_from_svr)
{
- AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] Cannot get the password for user %s", username);
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][rampart_usernametoken] Cannot get the password for user %s", username);
return AXIS2_FAILURE;
}
/*Alright NOW we have the password. Is digest needed?*/
if (0 == AXIS2_STRCMP(password_type, RAMPART_PASSWORD_DIGEST_URI))
{
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] Generating digest to compare from the password");
password_to_compare = rampart_crypto_sha1(env, nonce, created, password_from_svr);
}
else
@@ -562,6 +569,7 @@
/*The BIG moment. Compare passwords*/
if (0 == AXIS2_STRCMP(password_to_compare , password))
{
+ AXIS2_LOG_INFO(env->log, "[rampart][rampart_usernametoken] Password comparison SUCCESS");
return AXIS2_SUCCESS;
}
else
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org