activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cmacn...@apache.org
Subject svn commit: r898181 [2/5] - in /activemq/sandbox/activemq-apollo-actor/activemq-amqp-generator: ./ specification/ specification/1.0-PR2/ src/ src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/activemq/ src/m...
Date Tue, 12 Jan 2010 04:23:34 GMT
Added: activemq/sandbox/activemq-apollo-actor/activemq-amqp-generator/specification/1.0-PR2/security.xml
URL: http://svn.apache.org/viewvc/activemq/sandbox/activemq-apollo-actor/activemq-amqp-generator/specification/1.0-PR2/security.xml?rev=898181&view=auto
==============================================================================
--- activemq/sandbox/activemq-apollo-actor/activemq-amqp-generator/specification/1.0-PR2/security.xml
(added)
+++ activemq/sandbox/activemq-apollo-actor/activemq-amqp-generator/specification/1.0-PR2/security.xml
Tue Jan 12 04:23:30 2010
@@ -0,0 +1,460 @@
+<?xml version="1.0"?>
+
+<!--
+  Copyright Notice
+  ================
+  (c) Copyright Cisco Systems, Credit Suisse, Deutsche Borse Systems, Envoy Technologies,
Inc.,
+  Goldman Sachs, IONA Technologies PLC, iMatix Corporation sprl.,JPMorgan Chase Bank Inc.
N.A,
+  Novell, Rabbit Technologies Ltd., Red Hat, Inc., TWIST Process Innovations ltd, and 29West
Inc.
+  2006, 2007. All rights reserved.
+
+  License
+  =======
+
+  Cisco Systems, Credit Suisse, Deutsche Borse Systems, Envoy Technologies, Inc.,Goldman
Sachs,
+  IONA Technologies PLC, iMatix Corporation sprl.,JPMorgan Chase Bank Inc. N.A, Novell, Rabbit
+  Technologies Ltd., Red Hat, Inc., TWIST Process Innovations ltd, and 29West Inc. (collectively,
+  the "Authors") each hereby grants to you a worldwide, perpetual, royalty-free, nontransferable,
+  nonexclusive license to (i) copy, display, distribute and implement the Advanced Messaging
Queue
+  Protocol ("AMQP") Specification and (ii) the Licensed Claims that are held by the Authors,
all for
+  the purpose of implementing the Advanced Messaging Queue Protocol Specification. Your license
and
+  any rights under this Agreement will terminate immediately without notice from any Author
if you
+  bring any claim, suit, demand, or action related to the Advanced Messaging Queue Protocol
+  Specification against any Author. Upon termination, you shall destroy all copies of the
Advanced
+  Messaging Queue Protocol Specification in your possession or control.
+
+  As used hereunder, "Licensed Claims" means those claims of a patent or patent application,
+  throughout the world, excluding design patents and design registrations, owned or controlled,
or
+  that can be sublicensed without fee and in compliance with the requirements of this Agreement,
by
+  an Author or its affiliates now or at any future time and which would necessarily be infringed
by
+  implementation of the Advanced Messaging Queue Protocol Specification. A claim is necessarily
+  infringed hereunder only when it is not possible to avoid infringing it because there is
no
+  plausible non-infringing alternative for implementing the required portions of the Advanced
+  Messaging Queue Protocol Specification. Notwithstanding the foregoing, Licensed Claims
shall not
+  include any claims other than as set forth above even if contained in the same patent as
Licensed
+  Claims; or that read solely on any implementations of any portion of the Advanced Messaging
Queue
+  Protocol Specification that are not required by the Advanced Messaging Queue Protocol
+  Specification, or that, if licensed, would require a payment of royalties by the licensor
to
+  unaffiliated third parties. Moreover, Licensed Claims shall not include (i) any enabling
+  technologies that may be necessary to make or use any Licensed Product but are not themselves
+  expressly set forth in the Advanced Messaging Queue Protocol Specification (e.g., semiconductor
+  manufacturing technology, compiler technology, object oriented technology, networking technology,
+  operating system technology, and the like); or (ii) the implementation of other published
+  standards developed elsewhere and merely referred to in the body of the Advanced Messaging
Queue
+  Protocol Specification, or (iii) any Licensed Product and any combinations thereof the
purpose or
+  function of which is not required for compliance with the Advanced Messaging Queue Protocol
+  Specification. For purposes of this definition, the Advanced Messaging Queue Protocol
+  Specification shall be deemed to include both architectural and interconnection requirements
+  essential for interoperability and may also include supporting source code artifacts where
such
+  architectural, interconnection requirements and source code artifacts are expressly identified
as
+  being required or documentation to achieve compliance with the Advanced Messaging Queue
Protocol
+  Specification.
+
+  As used hereunder, "Licensed Products" means only those specific portions of products (hardware,
+  software or combinations thereof) that implement and are compliant with all relevant portions
of
+  the Advanced Messaging Queue Protocol Specification.
+
+  The following disclaimers, which you hereby also acknowledge as to any use you may make
of the
+  Advanced Messaging Queue Protocol Specification:
+
+  THE ADVANCED MESSAGING QUEUE PROTOCOL SPECIFICATION IS PROVIDED "AS IS," AND THE AUTHORS
MAKE NO
+  REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, WARRANTIES
OF
+  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR TITLE; THAT THE
CONTENTS
+  OF THE ADVANCED MESSAGING QUEUE PROTOCOL SPECIFICATION ARE SUITABLE FOR ANY PURPOSE; NOR
THAT THE
+  IMPLEMENTATION OF THE ADVANCED MESSAGING QUEUE PROTOCOL SPECIFICATION WILL NOT INFRINGE
ANY THIRD
+  PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
+
+  THE AUTHORS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL
+  DAMAGES ARISING OUT OF OR RELATING TO ANY USE, IMPLEMENTATION OR DISTRIBUTION OF THE ADVANCED
+  MESSAGING QUEUE PROTOCOL SPECIFICATION.
+
+  The name and trademarks of the Authors may NOT be used in any manner, including advertising
or
+  publicity pertaining to the Advanced Messaging Queue Protocol Specification or its contents
+  without specific, written prior permission. Title to copyright in the Advanced Messaging
Queue
+  Protocol Specification will at all times remain with the Authors.
+
+  No other rights are granted by implication, estoppel or otherwise.
+
+  Upon termination of your license or rights under this Agreement, you shall destroy all
copies of
+  the Advanced Messaging Queue Protocol Specification in your possession or control.
+
+  Trademarks
+  ==========
+  "JPMorgan", "JPMorgan Chase", "Chase", the JPMorgan Chase logo and the Octagon Symbol are
+  trademarks of JPMorgan Chase & Co.
+
+  IMATIX and the iMatix logo are trademarks of iMatix Corporation sprl.
+
+  IONA, IONA Technologies, and the IONA logos are trademarks of IONA Technologies PLC and/or
its
+  subsidiaries.
+
+  LINUX is a trademark of Linus Torvalds. RED HAT and JBOSS are registered trademarks of
Red Hat,
+  Inc. in the US and other countries.
+
+  Java, all Java-based trademarks and OpenOffice.org are trademarks of Sun Microsystems,
Inc. in the
+  United States, other countries, or both.
+
+  Other company, product, or service names may be trademarks or service marks of others.
+
+  Links to full AMQP specification:
+  i================================
+  http://www.envoytech.org/spec/amq/
+  http://www.iona.com/opensource/amqp/
+  http://www.redhat.com/solutions/specifications/amqp/
+  http://www.twiststandards.org/tiki-index.php?page=AMQ
+  http://www.imatix.com/amqp
+-->
+
+<!DOCTYPE amqp SYSTEM "amqp.dtd">
+
+<amqp xmlns="http://www.amqp.org/schema/amqp.xsd"
+      name="security" label="working version">
+
+  <section name="security-layers" title="Security Layers" label="Security Layers">
+    <doc>
+      <p>
+        Security Layers are used to establish an authenticated and/or encrypted transport
over which
+        regular AMQP traffic can be tunneled. Security Layers may be tunneled over one another
(for
+        instance a Security Layer used by the peers to do authentication may be tunneled
over a
+        Security Layer established for encryption purposes).
+      </p>
+
+      <p>
+        The framing and protocol definitions for security layers are expected to be defined
+        externally to the AMQP specification as in the case of TLS. An exception to this
is the SASL
+        security layer which depends on its host protocol to provide framing. Because of
this we
+        define the controls necessary for SASL to function in the <xref name="sasl"/>
section below.
+        When a security layer terminates (either before or after a secure tunnel is established),
+        the TCP Connection MUST be closed by first shutting down the outgoing stream and
then
+        reading the incoming stream until it is terminated.
+      </p>
+    </doc>
+  </section>
+
+  <section name="tls" title="TLS" label="TLS Security Layer">
+    <doc>
+      <p>
+        To establish a TLS tunnel, each peer MUST start by sending a protocol header. The
protocol
+        header consists of the upper case ASCII letters "AMQP" followed by a protocol id
of one,
+        followed by three unsigned bytes representing the major, minor, and revision of the
+        specification version (currently <xref name="MAJOR"/>, <xref name="MINOR"/>,
+        <xref name="REVISION"/>). In total this is an 8-octet sequence:
+      </p>
+
+      <picture><![CDATA[
+  4 OCTETS   1 OCTET   1 OCTET   1 OCTET   1 OCTET
++----------+---------+---------+---------+----------+
+|  "AMQP"  |   %d1   |  major  |  minor  | revision |
++----------+---------+---------+---------+----------+
+]]>
+      </picture>
+
+      <p>
+        Other than using a protocol id of one, the exchange of TLS tunnel headers follows
the same
+        rules specified in the version negotiation section of the transport specification
(See
+        <xref name="version-negotiation"/>).
+      </p>
+    </doc>
+
+    <doc>
+      <p>
+        The following diagram illustrates the interaction involved in creating a TLS Security
Layer:
+      </p>
+      <picture><![CDATA[
+TCP Client                 TCP Server
+=========================================
+AMQP%d1.1.0.0  --------->
+               <---------  AMQP%d1.1.0.0
+                    :
+                    :
+            <TLS negotiation>
+                    :
+                    :
+AMQP%d0.1.0.0  --------->                (over TLS secured connection)
+               <---------  AMQP%d0.1.0.0
+         open  --------->
+               <---------  open
+]]>
+      </picture>
+
+      <p>
+        When the use of the TLS Security Layer is negotiated, the following rules apply:
+      </p>
+
+      <ul>
+        <li>
+          <p>
+            The TLS client peer and TLS server peer are determined by the TCP client peer
and TCP
+            server peer respectively.
+          </p>
+        </li>
+
+        <li>
+          <p>
+            The TLS client peer SHOULD use the server name indication extension as described
in
+            RFC-4366.
+          </p>
+        </li>
+
+        <li>
+          <p>
+            The TLS client MUST validate the certificate presented by the TLS server.
+          </p>
+        </li>
+      </ul>
+    </doc>
+  </section>
+
+  <!-- == Section: sasl ========================================================================
-->
+
+  <section name="sasl" title="SASL" label="SASL Security Layer">
+    <doc>
+      <p>
+        To establish a SASL tunnel, each peer MUST start by sending a protocol header. The
protocol
+        header consists of the upper case ASCII letters "AMQP" followed by a protocol id
of two,
+        followed by three unsigned bytes representing the major, minor, and revision of the
+        specification version (currently <xref name="MAJOR"/>, <xref name="MINOR"/>,
+        <xref name="REVISION"/>). In total this is an 8-octet sequence:
+      </p>
+
+      <picture><![CDATA[
+  4 OCTETS   1 OCTET   1 OCTET   1 OCTET   1 OCTET
++----------+---------+---------+---------+----------+
+|  "AMQP"  |   %d2   |  major  |  minor  | revision |
++----------+---------+---------+---------+----------+
+]]>
+      </picture>
+
+      <p>
+        Other than using a protocol id of two, the exchange of SASL tunnel headers follows
the same
+        rules specified in the version negotiation section of the transport specification
(See
+        <xref name="version-negotiation"/>).
+      </p>
+
+      <p>
+        The following diagram illustrates the interaction involved in creating a SASL Security
+        Layer:
+      </p>
+
+      <picture><![CDATA[
+TCP Client                 TCP Server
+=========================================
+AMQP%d2.1.0.0  --------->
+               <---------  AMQP%d2.1.0.0
+                    :
+                    :
+            <SASL negotiation>
+                    :
+                    :
+AMQP%d0.1.0.0  --------->                (over SASL secured connection)
+               <---------  AMQP%d0.1.0.0
+         open  --------->
+               <---------  open
+]]>
+      </picture>
+    </doc>
+
+    <doc title="SASL Negotiation">
+      <p>
+        The peer acting as the SASL Server must announce supported authentication mechanisms
using
+        the <xref name="sasl-mechanisms"/> control. The partner must then choose one
of the
+        supported mechanisms and initiate a sasl exchange.
+      </p>
+
+      <picture title="SASL Exchange"><![CDATA[
+SASL Client       SASL Server
+================================
+              <-- SASL-MECHANISMS
+SASL-INIT     -->
+              ...
+              <-- SASL-CHALLENGE *
+SASL-RESPONSE -->
+              ...
+              <-- SASL-OUTCOME
+--------------------------------
+  * Note that the SASL
+    challenge/response step may
+    occur zero or more times
+    depending on the details of
+    the SASL mechanism chosen.
+]]>
+      </picture>
+
+      <p>
+        The peer playing the role of the SASL Client and the peer playing the role of the
SASL
+        server MUST correspond to the TCP client and server respectively.
+      </p>
+    </doc>
+
+    <doc title="Security Controls"/>
+
+    <!-- - Control: sasl-mechanisms  - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -->
+
+    <type class="compound" name="sasl-mechanisms" label="advertise available sasl mechanisms">
+      <doc>
+        <p>
+          Advertises the available SASL mechanisms that may be used for authentication.
+        </p>
+      </doc>
+
+      <descriptor name="amqp:sasl-mechanisms:list" code="0x00000001:0x00000701"/>
+
+      <field name="options" type="map" label="options map"/>
+
+      <field name="sasl-server-mechanisms" type="string" multiple="true"
+             label="supported sasl mechanisms">
+        <doc>
+          <p>
+            A list of the sasl security mechanisms supported by the sending peer. If the
sending
+            peer does not require its partner to authenticate with it, this list may be empty
or
+            absent. The server mechanisms are ordered in decreasing level of preference.
+          </p>
+        </doc>
+      </field>
+    </type>
+
+    <!-- - Control: sasl-init  - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -->
+
+    <type class="compound" name="sasl-init" label="initiate sasl exchange">
+      <doc>
+        <p>Selects the sasl mechanism and provides the initial response if needed.</p>
+      </doc>
+
+      <descriptor name="amqp:sasl-init:list" code="0x00000001:0x00000702"/>
+
+      <field name="options" type="map" label="options map"/>
+
+      <field name="mechanism" type="string" label="selected security mechanism" required="true">
+        <doc>
+          <p>
+            The name of the SASL mechanism used for the SASL exchange. If the selected mechanism
is
+            not supported by the receiving peer, it MUST close the Connection with the
+            authentication-failure close-code. Each peer MUST authenticate using the highest-level
+            security profile it can handle from the list provided by the partner.
+          </p>
+        </doc>
+      </field>
+
+      <field name="initial-response" type="binary" label="security response data">
+        <doc>
+          <p>
+            A block of opaque data passed to the security mechanism. The contents of this
data are
+            defined by the SASL security mechanism.
+          </p>
+        </doc>
+      </field>
+    </type>
+
+    <!-- - Control: sasl-challenge - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -->
+
+    <type class="compound" name="sasl-challenge" label="security mechanism challenge">
+      <doc>
+        <p>Send the SASL challenge data as defined by the SASL specification.</p>
+      </doc>
+
+      <descriptor name="amqp:sasl-challenge:list" code="0x00000001:0x00000703"/>
+
+      <field name="options" type="map" label="options map"/>
+
+      <field name="challenge" type="binary" label="security challenge data" required="true">
+        <doc>
+          <p>
+            Challenge information, a block of opaque binary data passed to the security
+            mechanism.
+          </p>
+        </doc>
+      </field>
+    </type>
+
+    <!-- - Control: sasl-response  - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -->
+
+    <type class="compound" name="sasl-response" label="security mechanism response">
+      <doc>
+        <p>Send the SASL response data as defined by the SASL specification.</p>
+      </doc>
+
+      <descriptor name="amqp:sasl-response:list" code="0x00000001:0x00000704"/>
+
+      <field name="options" type="map" label="options map"/>
+
+      <field name="response" type="binary" label="security response data" required="true">
+        <doc>
+          <p>
+            A block of opaque data passed to the security mechanism. The contents of this
data are
+            defined by the SASL security mechanism.
+          </p>
+        </doc>
+      </field>
+    </type>
+
+    <!-- - Control: sasl-outcome - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - -->
+
+    <type class="compound" name="sasl-outcome" label="indicates the outcome of the sasl
dialog">
+      <doc>
+        <p>
+          This control indicates the outcome of the SASL dialog. Upon successful completion
of the
+          SASL dialog the Security Layer has been established, and the peers must exchange
protocol
+          headers to either start a nested Security Layer, or to establish the AMQP Connection.
+        </p>
+      </doc>
+
+      <descriptor name="amqp:sasl-outcome:list" code="0x00000001:0x00000705"/>
+
+      <field name="options" type="map" label="options map"/>
+
+      <field name="code" type="sasl-code" label="indicates the outcome of the sasl dialog">
+        <doc>
+          <p>A reply-code indicating the outcome of the SASL dialog.</p>
+        </doc>
+      </field>
+
+      <field name="additional-data" type="binary" label="additional data as specified
in RFC-4422">
+        <doc>
+          <p>
+            The additional-data field carries additional data on successful authentication
outcome
+            as specified by the SASL specification (RFC-4422). If the authentication is
+            unsuccessful, this field is not set.
+          </p>
+        </doc>
+      </field>
+    </type>
+
+    <type class="restricted" name="sasl-code" source="ubyte"
+          label="codes to indicate the outcome of the sasl dialog">
+      <choice name="ok" value="0">
+        <doc>
+          <p>Connection authentication succeeded.</p>
+        </doc>
+      </choice>
+      <choice name="auth" value="1">
+        <doc>
+          <p>
+            Connection authentication failed due to an unspecified problem with the supplied
+            credentials.
+          </p>
+        </doc>
+      </choice>
+      <choice name="sys" value="2">
+        <doc>
+          <p>Connection authentication failed due to a system error.</p>
+        </doc>
+      </choice>
+      <choice name="sys-perm" value="3">
+        <doc>
+          <p>
+            Connection authentication failed due to a system error that is unlikely to be
corrected
+            without intervention.
+          </p>
+        </doc>
+      </choice>
+      <choice name="sys-temp" value="4">
+        <doc>
+          <p>
+            Connection authentication failed due to a transient system error.
+          </p>
+        </doc>
+      </choice>
+    </type>
+  </section>
+
+</amqp>



Mime
View raw message