Skip to content
Permalink
Browse files
Committing patches supplied by Kaushalye.
  • Loading branch information
Damitha N.M. Kumarage committed Jun 14, 2006
1 parent f9a2073 commit 85ef6d1e98dea7c29cd0e85ccc3405ddeba8e2a1
Showing 12 changed files with 142 additions and 46 deletions.
@@ -0,0 +1,7 @@
Rampart/C

* Initial release
* Usernametoken support
* Timestamp support
* Samples for clients and callbacks
-- Axis2-C team <axis-c-dev@ws.apache.org> Tue 13 June 2006
14 INSTALL
@@ -9,26 +9,24 @@ This can be done using the following command sequence:

Engage rampart with axis2/C
==================================
Steps:

Configuring server:
Configuring:
-----------------------------------
1. Run build.sh in axis2/c/rampart directory
2. Copy rampart directory created in rampart/target to AXIS2C_HOME/deploy/modules
3. To engage rampart add to axis.xml
3. To engage rampart add to axis2.xml
<module ref="rampart"/>

4. To set inflow security parameters add following to global configuration file or service configuration file
4. To set inflow security parameters add followings to global configuration file or service configuration file
<parameter name="InflowSecurity">
<action>
<items>UsernameToken</items>
<passwordCallbackClass>/your/module/to/load/passwordcallback.so</passwordCallbackClass>
</action>
</parameter>

Configure client:
-----------------------------------
1. To set outflow security parameters add following to global configuration file or service configuration file

5. To set outflow security parameters add following to global configuration file or service configuration file
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken</items>
@@ -38,6 +36,8 @@ Configure client:
</action>
</parameter>

6. Configure the client similarly adding In/Outflow parameters to axis2.xml file.

Writing callback modules:
-----------------------------------
User can specify which .so module to use to callback the password.
25 NEWS
@@ -1 +1,24 @@
AWAIT : Timestamp token
We are happy to announce the first release of Rampart/C which is the security module for Apache Axis2/C

You can get the lates version from https://svn.apache.org/repos/asf/webservices/axis2/trunk/c/rampart

Key features
-------------
1. Ability to send and verify UsernameTokens with
1. PlainText password
2. Digested password

2. Support for callback mechanism
3. Ability to send Timestamp tokens
4. Support for both dynamic and static configurations.

Un-Implemented Architecture Features
------------------------------------
1. Timestamptoken verification
2. Support for Signing and Encrypting messages


We welcome your early feedback on this implementation.
Thanks for your interest in Rampart/C


@@ -30,18 +30,23 @@ extern "C"
* @{
*/

/** Type name for struct rampart_callback_ops */
/**
* Type name for struct rampart_callback_ops
*/
typedef struct rampart_callback_ops rampart_callback_ops_t;

/** Type name for struct rampart_callback */
/**
* Type name for struct rampart_callback
*/

typedef struct rampart_callback rampart_callback_t;

/**
* Only operation get_password is to get the password
* User should prvide a function pointer to this
*/
AXIS2_DECLARE_DATA struct rampart_callback_ops
{
{
axis2_char_t *(AXIS2_CALL*
get_password)(rampart_callback_t *rcb,
const axis2_env_t *env, const axis2_char_t *username);
@@ -42,7 +42,7 @@ extern "C"
#define RAMPART_WSU_XMLNS "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
#define RAMPART_PASSWORD_DIGEST_URI "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"

/* Inflow outflow security parameter */
/* Inflow outflow security parameter */
#define RAMPART_INFLOW_SECURITY "InflowSecurity"
#define RAMPART_OUTFLOW_SECURITY "OutflowSecurity"
#define RAMPART_ACTION "action"
@@ -102,7 +102,6 @@ rampart_get_security_token(const axis2_env_t *env,
* @param env pointer to environment struct
* @return password
*/

AXIS2_EXTERN axis2_char_t* AXIS2_CALL
rampart_callback_pw( const axis2_env_t *env,
const axis2_char_t *callback_module_name,
@@ -29,10 +29,22 @@ extern "C"
{
#endif

/**
* Creates In handler
* @param env pointer to environment struct
* @param qname
* @return Created In handler
*/
AXIS2_EXTERN axis2_handler_t* AXIS2_CALL
rampart_in_handler_create(const axis2_env_t *env,
axis2_qname_t *qname);

/**
* Creates Out handler
* @param env pointer to environment struct
* @param qname
* @return Created Out handler
*/
AXIS2_EXTERN axis2_handler_t* AXIS2_CALL
rampart_out_handler_create(const axis2_env_t *env,
axis2_qname_t *qname);
@@ -36,21 +36,22 @@ extern "C" {
*/


/**
/**
* Generates the nonce. Nonce is a base64 encoded random string.
* @return generated nonce
*/

AXIS2_EXTERN axis2_char_t *AXIS2_CALL
rampart_generate_nonce(const axis2_env_t *env);

/* Generates the nonce. Nonce is a base64 encoded random string.
* @return generated nonce
**/
/**
* Generates the nonce. Nonce is a base64 encoded random string.
* @param ttl Time to live. The time difference between created and expired in mili seconds.
* @return generated nonce
**/
AXIS2_EXTERN axis2_char_t* AXIS2_CALL
rampart_generate_time(const axis2_env_t *env, int ttl);


AXIS2_EXTERN int AXIS2_CALL
rampart_format_date_zulu_to_mili(const axis2_env_t *env, axis2_char_t *str);

@@ -28,10 +28,13 @@ extern "C"
#include <rampart/rampart_constants.h>

/*
*
* @param
* @param
* @return
* Builds timestamp token.
* @param env pointer to environment struct
* @param ctx axis2 context
* @param sec_node security node
* @param sec_ns_obj Security namespace object
* @param ttl Time to live. The time difference btwn Created and Expired
* @return timestamp token.
*/
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
rampart_build_timestamp_token(const axis2_env_t *env,
@@ -41,11 +44,12 @@ rampart_build_timestamp_token(const axis2_env_t *env,
int ttl
);

/*
*
* @param
* @param
* @return
/**
* Validates time stamp token. Validation is based in expiration time of the
* Expired element.
* @param env pointer to environment struct
* @param ts_node Timestamp node
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_validate_timestamp(const axis2_env_t *env,
@@ -31,10 +31,10 @@ extern "C"

/**
* Get the password for given outflow security configuration
* @param env
* @param env pointer to environment struct
* @param ctx axis2 context
* @param Outflow security parameter
* @return
* @return password
*/
AXIS2_EXTERN axis2_char_t* AXIS2_CALL
rampart_get_password( const axis2_env_t *env,
@@ -43,10 +43,11 @@ rampart_get_password( const axis2_env_t *env,


/**
*
* @param
* @param
* @return
* Get the value for a given key from the axis2 context. The key is the parameter and
* value is the property value.
* @param env pointer to environment struct
* @param ctx axis2 context
* @return property value
*/
AXIS2_EXTERN axis2_char_t* AXIS2_CALL
rampart_get_value( const axis2_env_t *env,
@@ -56,12 +57,12 @@ rampart_get_value( const axis2_env_t *env,

/**
* Build username token
* @param
* @param
* @param
* @param
* @param
* @return
* @param env pointer to environment struct
* @param ctx axis2 context
* @param param_action action parameter
* @param sec_node security node
* @param sec_ns_obj security namespace object
* @return UsernameToken as a node
*/
AXIS2_EXTERN axiom_node_t* AXIS2_CALL
rampart_build_username_token(const axis2_env_t *env,
@@ -73,10 +74,10 @@ rampart_build_username_token(const axis2_env_t *env,

/**
* Validates the given username token
* @param
* @param
* @param
* @return
* @param env pointer to environment struct
* @param msg_ctx axis2 message context
* @param sopa_header SOAP Header
* @return AXIS2_SUCCESS on success, else AXIS2_FAILURE
*/
AXIS2_EXTERN axis2_status_t AXIS2_CALL
rampart_validate_username_token(const axis2_env_t *env,
@@ -1,2 +1,41 @@
This is a sample to help test rampart.
This sample works with echo service.

How to run
----------
1. Create the binary
make
make install

2. Create client repository
e.g. ~/client_repo [CLIENT_REPO]

3. Copy ./data/axis2.xml to CLIENT_REPO

4. Copy AXIS2_HOME/lib to CLIENT_REPO

5. Copy AXIS2_HOME/modules to CLIENT_REPO

6. Enable rampart in axis2.xml in the server and add In/Outflow parameters as
in ./data/server.axis2.xml

7. Go to samples/calback/ and run make install. This will create pwcb.so inside
rampart/targt directory. Specify the correct path to pwcb.so using
passwordCallbackClass parameter in the configuration file.
<action>
....
<passwordCallbackClass>/your/path/to/libpwcb.so</passwordCallbackClass>
....
</action>
NOTE: Right now this sample callback will provide only two pairs of
Username/password. You may add more by editing the get_password() function
in pwcb.c


8. To view the message flow use TCPMonitor
Listen port: 9090

9. Run the echo sample as ./echo


NOTE : Also you can use other samples available under AXIS2C.
@@ -62,16 +62,21 @@ int main(int argc, char** argv)



/*Set security params*/
/*
/*
* Set security params. If you need to enable dynamic settings uncomment
* following code section.
*/

/*
un_property = axis2_property_create(env);
AXIS2_PROPERTY_SET_VALUE(un_property, env, "Malinda");
AXIS2_OPTIONS_SET_PROPERTY(options, env, "user", un_property);
pw_property = axis2_property_create(env);
AXIS2_PROPERTY_SET_VALUE(pw_property, env, "MyBigSecret");
AXIS2_OPTIONS_SET_PROPERTY(options, env, "password", pw_property);
*/
*/

#if 0
client_home = AXIS2_GETENV("AXIS2C_HOME");

0 comments on commit 85ef6d1

Please sign in to comment.