axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kausha...@apache.org
Subject svn commit: r502475 - in /webservices/axis2/scratch/c/security-policy/c/rampart: include/ src/util/
Date Fri, 02 Feb 2007 04:14:45 GMT
Author: kaushalye
Date: Thu Feb  1 20:14:44 2007
New Revision: 502475

URL: http://svn.apache.org/viewvc?view=rev&rev=502475
Log:
Applying patch-2-2.txt in Jira AXIS2C-488.

Modified:
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h
    webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
    webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_context.h Thu Feb
 1 20:14:44 2007
@@ -84,6 +84,25 @@
             rampart_context_t *rampart_context,
             const axis2_env_t *env);
 
+    AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+    rampart_context_is_encrypt_before_sign(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env);
+    
+    AXIS2_EXTERN axis2_status_t AXIS2_CALL
+    rampart_context_get_nodes_to_encrypt(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            axiom_soap_envelope_t *soap_envelope,
+            axis2_array_list_t *nodes_to_encrypt);
+
+    AXIS2_EXTERN int AXIS2_CALL 
+    rampart_context_check_token_type(
+            rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            axis2_bool_t for_encryption,
+            axis2_bool_t server_side);
+
 
 #ifdef __cplusplus
 }

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rampart_encryption.h Thu
Feb  1 20:14:44 2007
@@ -22,6 +22,7 @@
 #include <rampart_action.h>
 #include <oxs_asym_ctx.h>
 #include <oxs_xml_encryption.h>
+#include <rampart_context.h>
 /**
   * @file rampart_encryption.h
   * @brief encrypts a SOAP message 
@@ -44,6 +45,7 @@
 AXIS2_EXTERN axis2_status_t AXIS2_CALL
 rampart_enc_encrypt_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
+    rampart_context_t *rampart_context,
     rampart_actions_t *actions,
     axiom_soap_envelope_t *soap_envelope,
     axiom_node_t *sec_node);

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_defines.h Thu Feb  1
20:14:44 2007
@@ -195,6 +195,7 @@
     #define RP_DECRYPTION_PROP_FILE "decryptionPropFile"
 
     #define RP_SP_NS "http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
+    #define RP_SECURITY_NS "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
     #define RP_RAMPART_NS "http://ws.apache.org/rampart/c/policy"
     #define RP_RAMPART_PREFIX "rampc"
     #define RP_SP_PREFIX "sp"

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_includes.h Thu Feb  1
20:14:44 2007
@@ -30,6 +30,7 @@
 #include <axis2_error_default.h>
 #include <axis2_env.h>
 #include <axiom.h>
+#include <axiom_soap.h>
 #include <axis2_qname.h> 
 #include <rp_defines.h>
 

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/include/rp_layout.h Thu Feb  1 20:14:44
2007
@@ -14,8 +14,8 @@
  * limitations under the License.
  */
 
-#ifndef RP_HEADER_H
-#define RP_HEADER_H
+#ifndef RP_LAYOUT_H
+#define RP_LAYOUT_H
 
 /** @defgroup rp_layout
  * @ingroup rp_layout

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_context.c Thu Feb
 1 20:14:44 2007
@@ -16,6 +16,8 @@
  */
 
 #include <rampart_context.h>
+#include <oxs_axiom.h>
+
 
 struct rampart_context_t
 {
@@ -47,6 +49,13 @@
     rampart_context_t *rampart_context,
     const axis2_env_t *env);
 
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+    rp_header_t *header,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt);
+
+
 
 
 AXIS2_EXTERN rampart_context_t *AXIS2_CALL 
@@ -239,7 +248,8 @@
     {
         inclusion = rp_username_token_get_inclusion(username_token,env);
         if((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
-           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0))
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0))
             return bval;
         else
             bval = AXIS2_FALSE;
@@ -283,6 +293,97 @@
     return bvalidate;
 }
 
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+    rp_header_t *header,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt)
+{
+    axis2_char_t *namespace = NULL;
+    axis2_char_t *local_name = NULL;
+    axiom_soap_header_t *soap_header = NULL;
+    axiom_node_t *header_node = NULL;
+
+    soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope,env);
+    if(!soap_header)
+        return AXIS2_FAILURE;
+
+    namespace = (axis2_char_t *) rp_header_get_namespace(header,env);
+    if(!namespace)
+        return AXIS2_FAILURE;
+
+    if(AXIS2_STRCMP(namespace,RP_SECURITY_NS)==0)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt security
namespace headers");
+        return AXIS2_FAILURE;
+    }
+
+    local_name = (axis2_char_t*) rp_header_get_name(header,env);
+    if(!local_name)
+    {
+        axis2_array_list_t *soap_header_blocks = NULL;
+        int i = 0;
+        soap_header_blocks = AXIOM_SOAP_HEADER_GET_HEADER_BLOCKS_WITH_NAMESPACE_URI(soap_header,env,namespace);
+        if(!soap_header_blocks)
+            return AXIS2_FAILURE;
+
+        for(i=0 ; i<AXIS2_ARRAY_LIST_SIZE(soap_header_blocks,env); i++)
+        {
+            axiom_soap_header_block_t *header_block = NULL;
+            axiom_node_t *node = NULL;
+            header_block = (axiom_soap_header_block_t *)AXIS2_ARRAY_LIST_GET(soap_header_blocks,env,i);
+            if(header_block)
+            {
+                node = AXIOM_SOAP_HEADER_BLOCK_GET_BASE_NODE(header_block,env);
+                if(node)
+                {    
+                    AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,node);
+                    return AXIS2_SUCCESS;
+                }
+            }
+            
+        }
+    }
+    else if(AXIS2_STRCMP(local_name,"Security")==0)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt %s", local_name);
+        return AXIS2_FAILURE;
+    }
+    else
+    {
+        axiom_node_t *ret_node = NULL;
+        header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header,env);
+        if(header_node)
+        {
+            ret_node = oxs_axiom_get_node_by_local_name(env,header_node,local_name);
+            if(ret_node)
+            {
+                axiom_element_t *ret_node_ele = NULL;
+                ret_node_ele = (axiom_element_t *)
+                           AXIOM_NODE_GET_DATA_ELEMENT(ret_node, env);
+                if(ret_node_ele)
+                {
+                    axiom_namespace_t *ns = NULL;
+                    axis2_char_t *namespace_uri = NULL;
+                    ns = AXIOM_ELEMENT_GET_NAMESPACE(ret_node_ele, env,ret_node);
+                    if(ns)
+                    {
+                        namespace_uri = AXIOM_NAMESPACE_GET_URI(ns, env);
+                        if (AXIS2_STRCMP(namespace_uri,namespace) == 0)
+                        {
+                            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,ret_node);
+                            return AXIS2_SUCCESS;
+                        }
+
+                    }                
+
+                }
+        
+            }
+        }
+    }
+    return AXIS2_FAILURE;
+}
 
 
 AXIS2_EXTERN axis2_bool_t AXIS2_CALL
@@ -388,3 +489,194 @@
     else
         return digest;
 }
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_encrypt_before_sign(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    axis2_char_t *protection_order = NULL;
+    rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+    sym_asym_commons = rampart_context_get_symmetric_asymmetric_binding_commons(rampart_context,env);
+
+    if(!sym_asym_commons)
+        return AXIS2_FALSE;
+    else
+    {
+        protection_order = rp_symmetric_asymmetric_binding_commons_get_protection_order(sym_asym_commons,env);
      
+        if(!protection_order)
+            return AXIS2_FALSE;
+ 
+        else if(AXIS2_STRCMP(protection_order,RP_ENCRYPT_BEFORE_SIGNING)==0)
+            return AXIS2_TRUE;
+    }
+    return AXIS2_FALSE;
+}
+
+/*This method will return all the parts in the soap message
+outside the security header which needs to be encrypted.*/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_get_nodes_to_encrypt(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt)
+{
+    rp_signed_encrypted_parts_t *encrypted_parts = NULL;    
+    axis2_array_list_t *parts = NULL;
+    axis2_status_t status = AXIS2_FAILURE;
+
+    encrypted_parts = rp_secpolicy_get_encrypted_parts(rampart_context->secpolicy,env);
+    if(!encrypted_parts)
+        return AXIS2_FAILURE;
+    
+    parts = rp_signed_encrypted_parts_get_headers(encrypted_parts,env);
+    if(!parts || (AXIS2_ARRAY_LIST_SIZE(parts,env)==0))
+    {
+        if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+        {
+            axiom_soap_body_t *body = NULL;
+            axiom_node_t *body_node = NULL;
+            axiom_node_t *body_child_node = NULL;
+            
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] No encryption parts specified.
Using the body.");
+            body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+            body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+            body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+            return AXIS2_SUCCESS;
+        }
+        else
+        {
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Nothing to encrypt");
+            return AXIS2_FAILURE;
+        }
+    }
+    else
+    {
+        int i = 0;
+        for(i=0; i<AXIS2_ARRAY_LIST_SIZE(parts,env); i++)
+        {
+            rp_header_t *header = NULL;
+            header = (rp_header_t *)AXIS2_ARRAY_LIST_GET(parts,env,i);
+            if(header)
+            {
+                status = rampart_context_set_nodes_to_encrypt(header,env,soap_envelope,nodes_to_encrypt);
+                if(status!=AXIS2_FAILURE)
+                    return AXIS2_FAILURE;
+            }
+            
+        }
+        if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+        {
+            axiom_soap_body_t *body = NULL;
+            axiom_node_t *body_node = NULL;
+            axiom_node_t *body_child_node = NULL;
+
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Including the body the
body.");
+            body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+            body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+            body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+            return AXIS2_SUCCESS;
+        }
+        
+    }
+    return AXIS2_FAILURE;
+}
+
+AXIS2_EXTERN int AXIS2_CALL 
+rampart_context_check_token_type(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env,
+        axis2_bool_t for_encryption,
+        axis2_bool_t server_side)
+{
+    rp_property_t *binding = NULL;
+    binding = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+    if(!binding)
+        return -1;
+
+    if(rp_property_get_type(binding,env)==RP_BINDING_ASYMMETRIC)
+    {
+        rp_asymmetric_binding_t *asym_binding = NULL;
+        asym_binding = (rp_asymmetric_binding_t *)rp_property_get_value(binding,env);
+        if(asym_binding)
+        {
+            rp_property_t *token = NULL;
+            if((for_encryption && server_side) || (!for_encryption && !server_side))
+            {
+                token = rp_asymmetric_binding_get_initiator_token(asym_binding,env);
+                if(!token)
+                    return -1;
+                else
+                    return rp_property_get_type(token,env);        
+            }    
+            else if((for_encryption && !server_side) || (!for_encryption &&
server_side))
+            {
+                token = rp_asymmetric_binding_get_recipient_token(asym_binding,env);
+                if(!token)
+                    return -1;
+                else
+                    return rp_property_get_type(token,env);
+            }
+            else return -1;
+        }
+        else
+            return -1;
+    }
+    /*In symmetric binding same tokens are used in the client and server sides.*/
+    else if(rp_property_get_type(binding,env)==RP_BINDING_SYMMETRIC)
+    {
+        rp_symmetric_binding_t *sym_binding = NULL;
+        sym_binding = (rp_symmetric_binding_t *)rp_property_get_value(binding,env);
+        if(sym_binding)
+        {
+            rp_property_t *token = NULL;
+            /*First check protection tokens have being specified.*/
+            token = rp_symmetric_binding_get_protection_token(sym_binding,env);
+            if(token)
+                return rp_property_get_type(token,env);    
+            
+            else
+            {
+                if(for_encryption)
+                {
+                    token = rp_symmetric_binding_get_encryption_token(sym_binding,env);
+                    if(!token)
+                        return -1;
+                    else
+                        return rp_property_get_type(token,env);
+                }
+                else
+                {
+                    token = rp_symmetric_binding_get_signature_token(sym_binding,env);
+                    if(!token)
+                        return -1;
+                    else
+                        return rp_property_get_type(token,env);
+                }
+            }
+        }
+        else
+            return -1;
+    }
+    else if(rp_property_get_type(binding,env)==RP_BINDING_TRANSPORT)
+    {
+        rp_transport_binding_t *transport_binding = NULL;
+        transport_binding = (rp_transport_binding_t *)rp_property_get_value(binding,env);
+        if(transport_binding)
+        {
+            rp_property_t *token = NULL;
+            token = rp_transport_binding_get_transport_token(transport_binding,env);
+            if(token)
+                return rp_property_get_type(token,env);
+            else return -1;
+        }
+        else return -1;                    
+    }
+    else return -1;
+
+}
+

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_encryption.c Thu
Feb  1 20:14:44 2007
@@ -46,7 +46,7 @@
  **/
 
 /*Private function implementations*/
-
+/*
 static axis2_status_t  
 rampart_enc_get_nodes_to_encrypt(const axis2_env_t *env,
     rampart_actions_t *actions,
@@ -55,10 +55,7 @@
 {
     axis2_char_t *encryption_parts = NULL;
 
-    /*Get encryption parts*/
     encryption_parts =  AXIS2_STRDUP(RAMPART_ACTIONS_GET_ENCRYPTION_PARTS(actions, env),
env);
-    /*If no encryption parts are specified use body as default... 
-     * Well...hmmm.. the child of the body infact*/
     if((!encryption_parts) || (0 == AXIS2_STRCMP(encryption_parts, "") || (0 == AXIS2_STRCMP(encryption_parts,
"Body")))){
         axiom_soap_body_t *body = NULL;
         axiom_node_t *body_node = NULL;
@@ -82,12 +79,10 @@
 
         AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] EncryptionParts specified
= %s", encryption_parts);
         envelope_node = AXIOM_SOAP_ENVELOPE_GET_BASE_NODE(soap_envelope, env);
-        /*Tokenize*/
         str_list = axis2_tokenize(env, encryption_parts, ' ');
         size = AXIS2_ARRAY_LIST_SIZE(str_list, env);
         for(i=0 ; i < size ; i++ ){
             local_name = AXIS2_ARRAY_LIST_GET(str_list, env, i);
-            /*We do not encrypt the security header*/
             if(0 == AXIS2_STRCMP(local_name, "Security")){
                 AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] We do not encrypt
%s", local_name);
                 continue;
@@ -100,7 +95,7 @@
 
     return AXIS2_SUCCESS;
 }
-
+*/
 
 
 
@@ -108,6 +103,7 @@
 AXIS2_EXTERN axis2_status_t AXIS2_CALL
 rampart_enc_encrypt_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
+    rampart_context_t *rampart_context,
     rampart_actions_t *actions,
     axiom_soap_envelope_t *soap_envelope,
     axiom_node_t *sec_node)
@@ -122,12 +118,33 @@
     axis2_char_t *password = NULL;
     oxs_key_t *session_key = NULL;
     oxs_asym_ctx_t *asym_ctx = NULL;
+    axis2_bool_t server_side = AXIS2_FALSE;
+    int token_type = 0;    
 
     int i = 0;
     /*Get nodes to be encrypted*/
-    nodes_to_encrypt = axis2_array_list_create(env, 5);
-    status = rampart_enc_get_nodes_to_encrypt(env, actions, soap_envelope, nodes_to_encrypt);
+    server_side = axis2_msg_ctx_get_server_side(msg_ctx,env);
+    nodes_to_encrypt = axis2_array_list_create(env,0);
 
+    status = rampart_context_get_nodes_to_encrypt(rampart_context,env,soap_envelope,nodes_to_encrypt);
+
+    if((status!=AXIS2_SUCCESS)||(AXIS2_ARRAY_LIST_SIZE(nodes_to_encrypt,env)==0))
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No parts specified or
specified parts can't be found for encryprion.");
+        return AXIS2_SUCCESS;
+    }                            
+    /*Now we have to check whether a token is specified.*/
+    token_type = rampart_context_check_token_type(rampart_context,env,AXIS2_TRUE,server_side);
+    if(token_type == -1)
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] Encryption Token is not
specified");
+        return AXIS2_SUCCESS;
+    }        
+    if(token_type != RP_TOKEN_X509)
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We only support X509 tokens");
+        return AXIS2_SUCCESS;
+    }
     /*Get the symmetric encryption algorithm*/
     enc_sym_algo = RAMPART_ACTIONS_GET_ENC_SYM_ALGO(actions, env); 
     /*If not specified set the default*/

Modified: webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c?view=diff&rev=502475&r1=502474&r2=502475
==============================================================================
--- webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
(original)
+++ webservices/axis2/scratch/c/security-policy/c/rampart/src/util/rampart_sec_header_builder.c
Thu Feb  1 20:14:44 2007
@@ -17,7 +17,6 @@
 
 #include <stdio.h>
 #include <rampart_encryption.h>
-#include <rampart_context.h>
 #include <rampart_constants.h>
 #include <rampart_sec_header_builder.h>
 #include <rampart_username_token.h>
@@ -115,41 +114,48 @@
                 return AXIS2_FAILURE;
             }
         } 
+        
         /*Check whether we need username token*/
-        if(rampart_context_is_include_username_token(rampart_context,env))
-        {
-            axis2_char_t *user = NULL;
-            axis2_char_t *password_callback = NULL;
-            axis2_bool_t is_digest = AXIS2_FALSE;
-            rampart_username_token_t *username_token = NULL;
-
-            user = rampart_context_get_user(rampart_context,env);
-            password_callback = rampart_context_get_password_callback_class(rampart_context,env);
-            is_digest = rampart_context_get_password_type(rampart_context,env);
-
-            username_token = rampart_username_token_create(env);
-
-            AXIS2_LOG_INFO(env->log, "[rampart][shb]  building UsernmaeToken");
-            status = RAMPART_USERNAME_TOKEN_BUILD(username_token,
-                            env,
-                            user,
-                            password_callback,
-                            NULL,
-                            is_digest,
-                            sec_node,
-                            sec_ns_obj);
-            if (status == AXIS2_FAILURE)
+        /*User name tokens includes in messages sent from client to server*/
+        if(!axis2_msg_ctx_get_server_side(msg_ctx,env))
+        {            
+            if(rampart_context_is_include_username_token(rampart_context,env))
             {
-                AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed. ERROR");
-                return AXIS2_FAILURE;
-            }
+                axis2_char_t *user = NULL;
+                axis2_char_t *password_callback = NULL;
+                axis2_bool_t is_digest = AXIS2_FALSE;
+                rampart_username_token_t *username_token = NULL;
+
+                user = rampart_context_get_user(rampart_context,env);
+                password_callback = rampart_context_get_password_callback_class(rampart_context,env);
+                is_digest = rampart_context_get_password_type(rampart_context,env);
+
+                username_token = rampart_username_token_create(env);
+
+                AXIS2_LOG_INFO(env->log, "[rampart][shb]  building UsernmaeToken");
+                status = RAMPART_USERNAME_TOKEN_BUILD(username_token,
+                                env,
+                                user,
+                                password_callback,
+                                NULL,
+                                is_digest,
+                                sec_node,
+                                sec_ns_obj);
+                if (status == AXIS2_FAILURE)
+                {
+                    AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed.
ERROR");
+                    return AXIS2_FAILURE;
+                }
+            }            
+        }                
+        /*Check the encryption and signature order*/
+        if(rampart_context_is_encrypt_before_sign(rampart_context,env))
+        {
+            /*Check what are the parts to encrypt and send them to the encrypt method*/
+            /*status = rampart_enc_encrypt_message(env, msg_ctx,soap_envelope,rampart_context,sec_node);*/
+            return AXIS2_SUCCESS;        
+        
         }            
-                
-
-        /*username Token inclusion*/
-
-        /*check the protection order*/
-
 
         return AXIS2_SUCCESS;        
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message