You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by sh...@apache.org on 2008/02/08 11:01:58 UTC
svn commit: r619818 - in /webservices/rampart/trunk/c/samples: Makefile.am
sct_provider/ sct_provider/Makefile.am sct_provider/sct_provider_hash_map.c
sct_provider/sct_provider_stored_key.c
Author: shankar
Date: Fri Feb 8 02:01:46 2008
New Revision: 619818
URL: http://svn.apache.org/viewvc?rev=619818&view=rev
Log:
pluggable module to get security context token from
(1) stored token
(2) from sts
Added:
webservices/rampart/trunk/c/samples/sct_provider/
webservices/rampart/trunk/c/samples/sct_provider/Makefile.am
webservices/rampart/trunk/c/samples/sct_provider/sct_provider_hash_map.c
webservices/rampart/trunk/c/samples/sct_provider/sct_provider_stored_key.c
Modified:
webservices/rampart/trunk/c/samples/Makefile.am
Modified: webservices/rampart/trunk/c/samples/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/Makefile.am?rev=619818&r1=619817&r2=619818&view=diff
==============================================================================
--- webservices/rampart/trunk/c/samples/Makefile.am (original)
+++ webservices/rampart/trunk/c/samples/Makefile.am Fri Feb 8 02:01:46 2008
@@ -1,6 +1,6 @@
TESTS =
datadir=$(prefix)/bin/samples/rampart/secpolicy
-SUBDIRS = callback client server keys authn_provider credential_provider data replay_detector
+SUBDIRS = callback client server keys authn_provider credential_provider data replay_detector sct_provider
data_DATA=
install-data-hook:
Added: webservices/rampart/trunk/c/samples/sct_provider/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/sct_provider/Makefile.am?rev=619818&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/sct_provider/Makefile.am (added)
+++ webservices/rampart/trunk/c/samples/sct_provider/Makefile.am Fri Feb 8 02:01:46 2008
@@ -0,0 +1,15 @@
+prglibdir=$(prefix)/bin/samples/rampart/sct_provider
+prglib_LTLIBRARIES = libsctprovider.la libsctprovider_hashdb.la
+libsctprovider_la_SOURCES = sct_provider_stored_key.c
+libsctprovider_la_LIBADD = $(LDFLAGS) \
+ -L$(AXIS2C_HOME)/lib \
+ -laxutil \
+ ../../src/util/librampart_util.la
+
+libsctprovider_hashdb_la_SOURCES = sct_provider_hash_map.c
+libsctprovider_hashdb_la_LIBADD = $(LDFLAGS) \
+ -L$(AXIS2C_HOME)/lib \
+ -laxutil \
+ ../../src/util/librampart_util.la
+INCLUDES = -I ../../include\
+ @AXIS2INC@
Added: webservices/rampart/trunk/c/samples/sct_provider/sct_provider_hash_map.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/sct_provider/sct_provider_hash_map.c?rev=619818&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/sct_provider/sct_provider_hash_map.c (added)
+++ webservices/rampart/trunk/c/samples/sct_provider/sct_provider_hash_map.c Fri Feb 8 02:01:46 2008
@@ -0,0 +1,345 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <rampart_sct_provider.h>
+#include <axutil_string.h>
+#include <axutil_utils.h>
+#include <oxs_utility.h>
+#include <trust_sts_client.h>
+
+#define SCT_DB_LABLE_ENC "Encryption"
+#define SCT_DB_LABLE_SIG "Signature"
+#define SCT_DB_LABLE_COM "Common"
+
+static security_context_token_t*
+sct_provider_obtain_token_from_sts(const axutil_env_t* env, rp_property_t *token, axis2_msg_ctx_t* msg_ctx);
+
+static axutil_hash_t *
+sct_provider_get_sct_db(const axutil_env_t *env, axis2_msg_ctx_t* msg_ctx);
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+sct_provider_free(rampart_sct_provider_t *sct_provider,
+ const axutil_env_t* env)
+{
+ if (sct_provider)
+ {
+ if (sct_provider->ops)
+ {
+ AXIS2_FREE(env->allocator, sct_provider->ops);
+ }
+ AXIS2_FREE(env->allocator, sct_provider);
+ }
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN security_context_token_t* AXIS2_CALL
+sct_provider_obtain_token(rampart_sct_provider_t *sct_provider, const axutil_env_t* env,
+ rp_property_t *token, axis2_bool_t server_side,
+ axis2_bool_t is_encryption, axis2_char_t* sct_id,
+ rampart_context_t* rampart_context, axis2_msg_ctx_t* msg_ctx)
+{
+ security_context_token_t* sct = NULL;
+ rp_security_context_token_t* rp_sct = NULL;
+ axis2_char_t *sct_db_lable = NULL;
+ axutil_hash_t *sct_db = NULL;
+
+ /* assume token is secure conversation token. In client side, we have to check whether the token is already
+ * obtained from STS. in that case, it will be available in sct_db. but, we don't know the sct_id, so the key
+ * should be "Encryption" or "Signature" or "Common". In server side, sct has to be in the sct_db and the key should be sct_id.
+
+ */
+
+ /*find the sct_db lable to be used*/
+ if(server_side)
+ sct_db_lable = sct_id;
+ else
+ {
+ if(is_different_session_key_for_encryption_and_signing(env, rampart_context))
+ {
+ if(is_encryption)
+ sct_db_lable = SCT_DB_LABLE_ENC;
+ else
+ sct_db_lable = SCT_DB_LABLE_SIG;
+ }
+ else
+ {
+ sct_db_lable = SCT_DB_LABLE_COM;
+ }
+ }
+
+ /*get the sct_db*/
+ sct_db = sct_provider_get_sct_db(env, msg_ctx);
+ if(!sct_db)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot find sct datastore");
+ return NULL;
+ }
+
+ /*get the sct*/
+ sct = (security_context_token_t *)axutil_hash_get(sct_db, sct_db_lable, AXIS2_HASH_KEY_STRING);
+ if(sct)
+ return sct;
+
+ /*sct is not in the db. So we have to get it*/
+
+ /*check whether rp_property is valid*/
+ if(!token)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] token property is not valid");
+ return NULL;
+ }
+
+ rp_sct = (rp_security_context_token_t*)rp_property_get_value(token, env);
+ if(!rp_sct)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] value of token property is not valid");
+ return NULL;
+ }
+
+ /*check whether the assertion is SecureConversationToken. If not (e.g. SecurityContextToken) then you can't
+ request the token from STS. We'll get it from stored token*/
+ if(!rp_security_context_token_get_is_secure_conversation_token(rp_sct, env))
+ {
+ /*sct = sct_provider_get_stored_token(env, sct_id);
+ if(sct)
+ axutil_hash_set(sct_db, sct_db_lable, AXIS2_HASH_KEY_STRING, sct);
+
+ return sct;*/
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] SecurityContextToken assertion is not supported. Only SecureConversationToken assertion is supported by this module.");
+ return NULL;
+ }
+
+ /*so the token is secure conversation token. If client side then we can request from sts. If server side, can't do anything*/
+ if(server_side)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot find security context token in server side");
+ return NULL;
+ }
+
+ sct = sct_provider_obtain_token_from_sts(env, token, msg_ctx);
+ if(sct)
+ axutil_hash_set(sct_db, sct_db_lable, AXIS2_HASH_KEY_STRING, sct);
+
+ return sct;
+}
+
+/**
+ * Following block distinguish the exposed part of the dll.
+ */
+AXIS2_EXPORT int
+axis2_get_instance(rampart_sct_provider_t **inst,
+ const axutil_env_t *env)
+{
+ rampart_sct_provider_t* sct_provider = NULL;
+
+ sct_provider = AXIS2_MALLOC(env->allocator,
+ sizeof(rampart_sct_provider_t));
+
+ sct_provider->ops = AXIS2_MALLOC(
+ env->allocator, sizeof(rampart_sct_provider_ops_t));
+
+ /*assign function pointers*/
+
+ sct_provider->ops->get_token = sct_provider_obtain_token;
+ sct_provider->ops->free = sct_provider_free;
+
+ *inst = sct_provider;
+
+ if (!(*inst))
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot initialize the sct provider module");
+ return AXIS2_FAILURE;
+ }
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXPORT int
+axis2_remove_instance(rampart_sct_provider_t *inst,
+ const axutil_env_t *env)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ if (inst)
+ {
+ status = RAMPART_SCT_PROVIDER_FREE(inst, env);
+ }
+ return status;
+}
+
+
+static security_context_token_t*
+sct_provider_obtain_token_from_sts(const axutil_env_t* env, rp_property_t *token, axis2_msg_ctx_t* msg_ctx)
+{
+ axis2_char_t* client_home = NULL;
+ trust_sts_client_t* sts_client = NULL;
+ axis2_char_t* issuer_address = NULL;
+ rp_security_context_token_t* rp_sct = NULL;
+ trust_context_t* trust_context = NULL;
+ trust_rst_t* rst = NULL;
+ trust_rstr_t* rstr = NULL;
+ security_context_token_t *sct = NULL;
+
+ /*check whether rp_property is valid*/
+ rp_sct = (rp_security_context_token_t*)rp_property_get_value(token, env);
+ if(!rp_sct)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] token property is not valid");
+ return NULL;
+ }
+
+ /*check whether the assertion is SecureConversationToken. If not (e.g. SecurityContextToken) then you can't
+ request the token from STS.*/
+ if(!rp_security_context_token_get_is_secure_conversation_token(rp_sct, env))
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] token is not a secure conversation token.");
+ return NULL;
+ }
+
+ /*get the token issuer address. If the address is not valid, then issuer should be same as the service.
+ so get the service end point*/
+ issuer_address = rp_security_context_token_get_issuer(rp_sct, env);
+ if(!issuer_address)
+ {
+ axis2_endpoint_ref_t *endpoint = NULL;
+ endpoint = axis2_msg_ctx_get_to(msg_ctx, env);
+
+ if(endpoint)
+ {
+ issuer_address = axis2_endpoint_ref_get_address(endpoint, env);
+ }
+
+ if(!issuer_address)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] issuer address is not valid.");
+ return NULL;
+ }
+ }
+
+ /*get the client home from msg_ctx */
+ client_home = axis2_conf_get_repo(axis2_conf_ctx_get_conf(axis2_msg_ctx_get_conf_ctx(msg_ctx, env), env), env);
+ if(!client_home)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot get client home");
+ return NULL;
+ }
+
+ /*Create sts client and set the values*/
+ sts_client = trust_sts_client_create(env);
+ trust_sts_client_set_home_dir(sts_client, env, client_home);
+ trust_sts_client_set_issuer_address(sts_client, env, issuer_address);
+
+ /*create trust context and populate it*/
+ trust_context = trust_context_create(env);
+ rst = trust_rst_create(env);
+ trust_rst_set_request_type(rst, env, TRUST_REQ_TYPE_ISSUE);
+ trust_rst_set_token_type(rst, env, OXS_VALUE_TYPE_SECURITY_CONTEXT_TOKEN);
+ trust_rst_set_wst_ns_uri(rst, env, TRUST_WST_XMLNS_05_02);
+ trust_context_set_rst(trust_context, env, rst);
+
+ /*call sts_client to get the token from sts*/
+ trust_sts_client_request_security_token_using_policy(sts_client, env, trust_context,
+ rp_security_context_token_get_bootstrap_policy(rp_sct, env));
+
+ /*obtain the reply from sts*/
+ rstr = trust_context_get_rstr(trust_context, env);
+ if(!rstr)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot get RSTR from STS");
+ return NULL;
+ }
+
+ /*create security context token and populate it with details given*/
+ sct = security_context_token_create(env);
+ security_context_token_set_token(sct, env, trust_rstr_get_requested_security_token(rstr, env));
+ security_context_token_set_attached_reference(sct, env, trust_rstr_get_requested_attached_reference(rstr, env));
+ security_context_token_set_unattached_reference(sct, env, trust_rstr_get_requested_unattached_reference(rstr, env));
+ security_context_token_set_requested_proof_token(sct, env, trust_rstr_get_requested_proof_token(rstr, env));
+
+ /*now we can clear unwanted stuff*/
+ trust_context_free(trust_context, env);
+
+ return sct;
+}
+
+static axutil_hash_t *
+sct_provider_get_sct_db(const axutil_env_t *env, axis2_msg_ctx_t* msg_ctx)
+{
+ axis2_conf_ctx_t *conf_ctx = NULL;
+ axis2_ctx_t *ctx = NULL;
+ axutil_property_t *property = NULL;
+ axutil_hash_t *db = NULL;
+
+ /*Get the conf ctx*/
+ conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env);
+ if(!conf_ctx)
+ {
+ AXIS2_LOG_ERROR(env->log,AXIS2_LOG_SI, "[rampart][sct_provider_sample] Conf context is NULL ");
+ return NULL;
+ }
+ ctx = axis2_conf_ctx_get_base(conf_ctx,env);
+ if(!ctx)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,"[rampart][sct_provider_sample] axis2 context is NULL ");
+ return NULL;
+ }
+
+ /*Get the DB property*/
+ property = axis2_ctx_get_property(ctx, env, RAMPART_SCT_PROVIDER_DB_PROB);
+ if(property)
+ {
+ /*Get the DB*/
+ db = (axutil_hash_t*)axutil_property_get_value(property, env);
+ }
+ else
+ {
+ axutil_property_t *db_prop = NULL;
+
+ db = axutil_hash_make(env);
+ db_prop = axutil_property_create(env);
+ axutil_property_set_value(db_prop, env, db);
+ axis2_ctx_set_property(ctx, env, RAMPART_SCT_PROVIDER_DB_PROB, db_prop);
+ }
+
+ return db;
+}
+
+/*
+static security_context_token_t *
+sct_provider_get_stored_token(const axutil_env_t *env, axis2_char_t *sct_id)
+{
+ security_context_token_t* sct = NULL;
+ oxs_buffer_t* key_buffer = NULL;
+
+ sct = security_context_token_create(env);
+ if(!sct)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot create security context token");
+ return NULL;
+ }
+
+ key_buffer = oxs_buffer_create(env);
+ oxs_buffer_populate(key_buffer, env, (unsigned char*)"01234567012345670123456701234567", 32);
+ security_context_token_set_secret(sct, env, key_buffer);
+
+ if(!sct_id)
+ sct_id = oxs_util_generate_id(env,"urn:uuid:");
+ security_context_token_set_global_identifier(sct, env, axutil_strdup(env, sct_id));
+ security_context_token_set_local_identifier(sct, env, axutil_strdup(env, "#sctId-29530019"));
+
+ return sct;
+}*/
\ No newline at end of file
Added: webservices/rampart/trunk/c/samples/sct_provider/sct_provider_stored_key.c
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/c/samples/sct_provider/sct_provider_stored_key.c?rev=619818&view=auto
==============================================================================
--- webservices/rampart/trunk/c/samples/sct_provider/sct_provider_stored_key.c (added)
+++ webservices/rampart/trunk/c/samples/sct_provider/sct_provider_stored_key.c Fri Feb 8 02:01:46 2008
@@ -0,0 +1,212 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stdio.h>
+#include <rampart_sct_provider.h>
+#include <axutil_string.h>
+#include <axutil_utils.h>
+#include <oxs_utility.h>
+#include <rampart_util.h>
+
+#define SCT_DB_LABLE_ENC "Encryption"
+#define SCT_DB_LABLE_SIG "Signature"
+#define SCT_DB_LABLE_COM "Common"
+
+static axutil_hash_t *
+sct_provider_get_sct_db(const axutil_env_t *env, axis2_msg_ctx_t* msg_ctx);
+
+static security_context_token_t *
+sct_provider_get_stored_token(const axutil_env_t *env, axis2_char_t *sct_id);
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+sct_provider_free(rampart_sct_provider_t *sct_provider,
+ const axutil_env_t* env)
+{
+ if (sct_provider)
+ {
+ if (sct_provider->ops)
+ {
+ AXIS2_FREE(env->allocator, sct_provider->ops);
+ }
+ AXIS2_FREE(env->allocator, sct_provider);
+ }
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN security_context_token_t* AXIS2_CALL
+sct_provider_obtain_token(rampart_sct_provider_t *sct_provider, const axutil_env_t* env,
+ rp_property_t *token, axis2_bool_t server_side,
+ axis2_bool_t is_encryption, axis2_char_t* sct_id,
+ rampart_context_t* rampart_context, axis2_msg_ctx_t* msg_ctx)
+{
+ security_context_token_t* sct = NULL;
+ rp_security_context_token_t* rp_sct = NULL;
+ axis2_char_t *sct_db_lable = NULL;
+ axutil_hash_t *sct_db = NULL;
+
+ /* We have to check whether the token is already created/loaded. in that case, it will be available in sct_db.
+ * in client side the key should be "Encryption" or "Signature" or "Common". In server side the key should be sct_id.
+ */
+
+ /*find the sct_db lable to be used*/
+ if(server_side)
+ sct_db_lable = sct_id;
+ else
+ {
+ if(is_different_session_key_for_encryption_and_signing(env, rampart_context))
+ {
+ if(is_encryption)
+ sct_db_lable = SCT_DB_LABLE_ENC;
+ else
+ sct_db_lable = SCT_DB_LABLE_SIG;
+ }
+ else
+ {
+ sct_db_lable = SCT_DB_LABLE_COM;
+ }
+ }
+
+ /*get the sct_db*/
+ sct_db = sct_provider_get_sct_db(env, msg_ctx);
+ if(!sct_db)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot find sct datastore");
+ return NULL;
+ }
+
+ /*get the sct*/
+ sct = (security_context_token_t *)axutil_hash_get(sct_db, sct_db_lable, AXIS2_HASH_KEY_STRING);
+ if(sct)
+ return sct;
+
+ /*sct is not in the db. So we have to get it*/
+ sct = sct_provider_get_stored_token(env, sct_id);
+ if(sct)
+ axutil_hash_set(sct_db, sct_db_lable, AXIS2_HASH_KEY_STRING, sct);
+
+ return sct;
+}
+
+/**
+ * Following block distinguish the exposed part of the dll.
+ */
+AXIS2_EXPORT int
+axis2_get_instance(rampart_sct_provider_t **inst,
+ const axutil_env_t *env)
+{
+ rampart_sct_provider_t* sct_provider = NULL;
+
+ sct_provider = AXIS2_MALLOC(env->allocator,
+ sizeof(rampart_sct_provider_t));
+
+ sct_provider->ops = AXIS2_MALLOC(
+ env->allocator, sizeof(rampart_sct_provider_ops_t));
+
+ /*assign function pointers*/
+
+ sct_provider->ops->get_token = sct_provider_obtain_token;
+ sct_provider->ops->free = sct_provider_free;
+
+ *inst = sct_provider;
+
+ if (!(*inst))
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot initialize the sct provider module");
+ return AXIS2_FAILURE;
+ }
+
+ return AXIS2_SUCCESS;
+}
+
+AXIS2_EXPORT int
+axis2_remove_instance(rampart_sct_provider_t *inst,
+ const axutil_env_t *env)
+{
+ axis2_status_t status = AXIS2_FAILURE;
+ if (inst)
+ {
+ status = RAMPART_SCT_PROVIDER_FREE(inst, env);
+ }
+ return status;
+}
+
+static axutil_hash_t *
+sct_provider_get_sct_db(const axutil_env_t *env, axis2_msg_ctx_t* msg_ctx)
+{
+ axis2_conf_ctx_t *conf_ctx = NULL;
+ axis2_ctx_t *ctx = NULL;
+ axutil_property_t *property = NULL;
+ axutil_hash_t *db = NULL;
+
+ /*Get the conf ctx*/
+ conf_ctx = axis2_msg_ctx_get_conf_ctx(msg_ctx, env);
+ if(!conf_ctx)
+ {
+ AXIS2_LOG_ERROR(env->log,AXIS2_LOG_SI, "[rampart][sct_provider_sample] Conf context is NULL ");
+ return NULL;
+ }
+ ctx = axis2_conf_ctx_get_base(conf_ctx,env);
+ if(!ctx)
+ {
+ AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,"[rampart][sct_provider_sample] axis2 context is NULL ");
+ return NULL;
+ }
+
+ /*Get the DB property*/
+ property = axis2_ctx_get_property(ctx, env, RAMPART_SCT_PROVIDER_DB_PROB);
+ if(property)
+ {
+ /*Get the DB*/
+ db = (axutil_hash_t*)axutil_property_get_value(property, env);
+ }
+ else
+ {
+ axutil_property_t *db_prop = NULL;
+
+ db = axutil_hash_make(env);
+ db_prop = axutil_property_create(env);
+ axutil_property_set_value(db_prop, env, db);
+ axis2_ctx_set_property(ctx, env, RAMPART_SCT_PROVIDER_DB_PROB, db_prop);
+ }
+
+ return db;
+}
+
+static security_context_token_t *
+sct_provider_get_stored_token(const axutil_env_t *env, axis2_char_t *sct_id)
+{
+ security_context_token_t* sct = NULL;
+ oxs_buffer_t* key_buffer = NULL;
+
+ sct = security_context_token_create(env);
+ if(!sct)
+ {
+ AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot create security context token");
+ return NULL;
+ }
+
+ key_buffer = oxs_buffer_create(env);
+ oxs_buffer_populate(key_buffer, env, (unsigned char*)"01234567012345670123456701234567", 32);
+ security_context_token_set_secret(sct, env, key_buffer);
+
+ if(!sct_id)
+ sct_id = oxs_util_generate_id(env,"urn:uuid:");
+ security_context_token_set_global_identifier(sct, env, axutil_strdup(env, sct_id));
+ security_context_token_set_local_identifier(sct, env, axutil_strdup(env, "#sctId-29530019"));
+
+ return sct;
+}
\ No newline at end of file