axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manjula Peiris <manj...@wso2.com>
Subject RE: [Rampart/C | Neethi/C] Possible to get the current x509security certificate from a policy?
Date Tue, 14 Aug 2007 11:20:30 GMT
On Tue, 2007-08-14 at 09:34 +0100, Jamie Lyon wrote:

Hi Jamie,

Neethi/C Security policy extension is for building and ordering the
security header. It has nothing to do with the content of the payload.
So in your requirement to include the security token in the payload You
need to do it in your own. You can use OpenSSL directly to read from
certficate or can use methods in rampart/src/omxmlsec/openssl
seperately. please see  rampart/src/omxmlsec/openssl/x509.C to get an
idea of using openssl functions.

Thanks
-Manjula.



> Sorry for not being overly clear.
> 
> Basically I've loaded a policy using:
> neethi_policy* policy = neethi_util_create_policy_from_file( axisEnv,
> fileName );
> 
> Then applied it to the service client using:
> axis2_svc_client_set_policy( svcClient, axisEnv, policy );
> 
> Now if possible I would like to be able to get the OpenSSL structures
> (i.e. the struct named 'X509'); or just some way of obtaining the
> subject DN and certificate string from the certificate in that policy.
> 
> I suppose the filename of that certificate would also suffice, as I
> could then load it in manually, though a pre-loaded one would be
> preferable.
> 
> The ultimate goal is to access the current security token to include it
> in my message payload (not as part of the security header, or
> ws-security, which is why I was wary about mentioning rampart).
> 
> Hopefully that clears things up :)
> 
> Cheers,
> Jamie
> 
> 
> > -----Original Message-----
> > From: Manjula Peiris [mailto:manjula@wso2.com]
> > Sent: 14 August 2007 05:01
> > To: Apache AXIS C User List
> > Subject: Re: [Rampart/C | Neethi/C] Possible to get the current
> > x509security certificate from a policy?
> > 
> > Hi Jamie,
> > 
> > Please see my comments inline. BTW Your requirement is not very clear.
> > Can you please emphasize more on this.
> > 
> > 
> > On Mon, 2007-08-13 at 16:51 +0100, Jamie Lyon wrote:
> > > Hi,
> > >
> > >
> > >
> > > Is it possible to get the OpenSSL construct (or some other form) of
> > > policy out of the current neethi policy?
> > OpenSSL functions are called from Rampart/C, not through Neethi. Here
> > what do You mean by OpenSSL construct of policy?
> > 
> > 
> > > I'm basically trying to get the subjectDN and base64 encoded cert to
> > > include in my message. I can encode the data to a base64 string from
> a
> > > char array, so no worries there, so long as I can somehow access the
> > > data.
> > If you have the buffer containing the base64 string of the key you can
> > attached it to the message by setting it in the rampart_context. You
> can
> > use the following functions,
> > 
> > rampart_context_set_certificate() and
> > rampart_context_set_certificate_type.
> > 
> > But to do this you need to create a rampart_context outside of rampart
> > and set it as a value in a axis2_parameter called
> RAMPART_CONFIGURATION.
> > Otherwise you need to change the code.
> > 
> > -Manjula
> > >
> > >
> > >
> > > Any suggestions are highly welcome.
> > >
> > >
> > >
> > > Cheers,
> > > Jamie
> > >
> > >
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-c-user-help@ws.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-user-help@ws.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-user-help@ws.apache.org


Mime
View raw message