axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kausha...@apache.org
Subject svn commit: r507411 [2/3] - in /webservices/axis2/trunk/c/rampart: include/ src/core/ src/handlers/ src/secpolicy/builder/ src/secpolicy/model/ src/secpolicy/test-resources/ src/util/
Date Wed, 14 Feb 2007 06:20:09 GMT
Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/builder/wss11_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/builder/wss11_builder.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/builder/wss11_builder.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/builder/wss11_builder.c Tue Feb 13 22:20:06 2007
@@ -96,7 +96,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_KEY_IDENTIFIER,node,element))
         {
             rp_wss11_set_must_support_ref_key_identifier(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -107,7 +106,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_ISSUER_SERIAL,node,element))
         {
             rp_wss11_set_must_support_ref_issuer_serial(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -118,7 +116,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_EXTERNAL_URI,node,element))
         {
             rp_wss11_set_must_support_ref_external_uri(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -129,7 +126,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_EMBEDDED_TOKEN,node,element))
         {
             rp_wss11_set_must_support_ref_embedded_token(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -140,7 +136,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_THUMBPRINT,node,element))
         {
             rp_wss11_set_must_support_ref_thumbprint(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -151,7 +146,6 @@
         if(rp_match_secpolicy_qname(env,RP_MUST_SUPPORT_REF_ENCRYPTED_KEY,node,element))
         {
             rp_wss11_set_must_support_ref_encryptedkey(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -162,7 +156,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_SIGNATURE_CONFIRMATION,node,element))
         {
             rp_wss11_set_require_signature_confirmation(wss11,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/builder/x509_token_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/builder/x509_token_builder.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/builder/x509_token_builder.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/builder/x509_token_builder.c Tue Feb 13 22:20:06 2007
@@ -126,7 +126,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_KEY_IDENTIFIRE_REFERENCE,node,element))
         {
             rp_x509_token_set_require_key_identifier_reference(x509_token,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -137,7 +136,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_ISSUER_SERIAL_REFERENCE,node,element))
         {
             rp_x509_token_set_require_issuer_serial_reference(x509_token,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -148,7 +146,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_EMBEDDED_TOKEN_REFERENCE,node,element))
         {
             rp_x509_token_set_require_embedded_token_reference(x509_token,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -159,7 +156,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_THUMBPRINT_REFERENCE,node,element))
         {
             rp_x509_token_set_require_thumb_print_reference(x509_token,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -170,7 +166,6 @@
         if(rp_match_secpolicy_qname(env,RP_REQUIRE_DERIVED_KEYS,node,element))
         {
             rp_x509_token_set_derivedkeys(x509_token,env,AXIS2_TRUE);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -181,7 +176,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_V1_TOKEN_10,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -192,7 +186,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_V3_TOKEN_10,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -203,7 +196,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_PKCS7_TOKEN_10,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -214,7 +206,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_PKI_PATH_V1_TOKEN_10,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -225,7 +216,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_V1_TOKEN_11,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -236,7 +226,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_V3_TOKEN_11,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -247,7 +236,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_PKCS7_TOKEN_11,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else
@@ -258,7 +246,6 @@
         if(rp_match_secpolicy_qname(env,RP_WSS_X509_PKI_PATH_V1_TOKEN_11,node,element))
         {
             rp_x509_token_set_token_version_and_type(x509_token,env,local_name);
-            printf("%s\n",local_name);
             return AXIS2_SUCCESS;
         }
         else

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/asymmetric_binding.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/asymmetric_binding.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/asymmetric_binding.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/asymmetric_binding.c Tue Feb 13 22:20:06 2007
@@ -126,14 +126,9 @@
 {
     AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
     AXIS2_PARAM_CHECK(env->error,initiator_token,AXIS2_FAILURE);
-    if(!asymmetric_binding->initiator_token)
-    {
-        return AXIS2_FAILURE;
-    }
     asymmetric_binding->initiator_token =initiator_token; 
-
     return AXIS2_SUCCESS;
-    
+
 }
 
 AXIS2_EXTERN axis2_status_t AXIS2_CALL 
@@ -144,12 +139,8 @@
 {
     AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
     AXIS2_PARAM_CHECK(env->error,recipient_token,AXIS2_FAILURE);
-    if(!asymmetric_binding->recipient_token)
-    {
-        return AXIS2_FAILURE;
-    }
+    
     asymmetric_binding->recipient_token = recipient_token; 
-
     return AXIS2_SUCCESS;
     
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/header.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/header.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/header.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/header.c Tue Feb 13 22:20:06 2007
@@ -54,16 +54,6 @@
     
     if(header)
     {
-        if(header->name)
-        {
-            AXIS2_FREE(env->allocator, header->name);
-            header->name = NULL;
-        }
-        if(header->namespace)
-        {
-            AXIS2_FREE(env->allocator, header->namespace);
-            header->namespace = NULL;
-        }
         AXIS2_FREE(env->allocator, header);
         header = NULL;
     }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/https_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/https_token.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/https_token.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/https_token.c Tue Feb 13 22:20:06 2007
@@ -83,7 +83,6 @@
     AXIS2_PARAM_CHECK(env->error,inclusion,AXIS2_FAILURE);
     
     https_token->inclusion = inclusion;
-    printf("%s\n",https_token->inclusion);
 
     return AXIS2_SUCCESS;
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/layout.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/layout.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/layout.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/layout.c Tue Feb 13 22:20:06 2007
@@ -37,7 +37,7 @@
         AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE);
         return NULL;
     }
-    layout->value = RP_LAYOUT_LAX;
+    layout->value = RP_LAYOUT_STRICT;
     return layout;
 
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/rampart_config.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/rampart_config.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/rampart_config.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/rampart_config.c Tue Feb 13 22:20:06 2007
@@ -24,6 +24,7 @@
     axis2_char_t *encryption_user;
     axis2_char_t *password_callback_class;
     axis2_char_t *authenticate_module;
+    axis2_char_t *password_type;
     rp_signature_crypto_t *signature_crypto;
     rp_encryption_crypto_t *encryption_crypto;
 };
@@ -49,7 +50,7 @@
     rampart_config->signature_crypto = NULL;
     rampart_config->encryption_crypto = NULL;
     rampart_config->authenticate_module = NULL;
-
+    rampart_config->password_type = NULL;
     return rampart_config;
 }
 
@@ -168,6 +169,29 @@
     rampart_config->authenticate_module = authenticate_module;
     return AXIS2_SUCCESS;
 }
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rp_rampart_config_get_password_type(
+    rp_rampart_config_t *rampart_config,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    return rampart_config->password_type;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rp_rampart_config_set_password_type(rp_rampart_config_t *rampart_config,
+            const axis2_env_t *env,
+            axis2_char_t *password_type)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,password_type,AXIS2_FAILURE);   
+        
+    rampart_config->password_type = password_type;
+    return AXIS2_SUCCESS;
+}
+
 
 AXIS2_EXTERN rp_signature_crypto_t *AXIS2_CALL
 rp_rampart_config_get_signature_crypto(

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/ut.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/ut.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/ut.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/ut.c Tue Feb 13 22:20:06 2007
@@ -70,7 +70,7 @@
 /* Implementations */
 
 AXIS2_EXTERN axis2_char_t *AXIS2_CALL 
-rp_username_token_get_inclsion(
+rp_username_token_get_inclusion(
     rp_username_token_t *username_token,
     const axis2_env_t *env)
 {
@@ -89,7 +89,6 @@
     AXIS2_PARAM_CHECK(env->error,inclusion,AXIS2_FAILURE);
     
     username_token->inclusion = inclusion;
-    printf("%s\n",username_token->inclusion);
 
     return AXIS2_SUCCESS;
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss10.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss10.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss10.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss10.c Tue Feb 13 22:20:06 2007
@@ -25,6 +25,7 @@
     axis2_bool_t must_support_ref_issuer_serial;
     axis2_bool_t must_support_ref_external_uri;
     axis2_bool_t must_support_ref_embedded_token;
+    axis2_bool_t must_support_direct_reference;
 };
 
 AXIS2_EXTERN rp_wss10_t *AXIS2_CALL
@@ -46,7 +47,8 @@
     wss10->must_support_ref_issuer_serial  = AXIS2_FALSE;
     wss10->must_support_ref_external_uri = AXIS2_FALSE;
     wss10->must_support_ref_embedded_token = AXIS2_FALSE;
-        
+    wss10->must_support_direct_reference = AXIS2_TRUE;
+
     return wss10;
 
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss11.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss11.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss11.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/wss11.c Tue Feb 13 22:20:06 2007
@@ -28,6 +28,7 @@
     axis2_bool_t must_support_ref_thumbprint;
     axis2_bool_t must_support_ref_encryptedkey;
     axis2_bool_t require_signature_confirmation;
+    axis2_bool_t must_support_direct_reference;
 };
 
 AXIS2_EXTERN rp_wss11_t *AXIS2_CALL
@@ -52,6 +53,8 @@
     wss11->must_support_ref_thumbprint = AXIS2_FALSE;
     wss11->must_support_ref_encryptedkey = AXIS2_FALSE;
     wss11->require_signature_confirmation = AXIS2_FALSE;
+    wss11->must_support_direct_reference = AXIS2_TRUE;
+
     return wss11;
 
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/model/x509_token.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/model/x509_token.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/model/x509_token.c (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/model/x509_token.c Tue Feb 13 22:20:06 2007
@@ -74,7 +74,7 @@
 /* Implementations */
 
 AXIS2_EXTERN axis2_char_t *AXIS2_CALL 
-rp_x509_token_get_inclsion(rp_x509_token_t *x509_token,
+rp_x509_token_get_inclusion(rp_x509_token_t *x509_token,
             const axis2_env_t *env)
 {
     AXIS2_ENV_CHECK(env, NULL);
@@ -91,7 +91,6 @@
     AXIS2_PARAM_CHECK(env->error,inclusion,AXIS2_FAILURE);    
     
     x509_token->inclusion = inclusion;
-    printf("%s\n",x509_token->inclusion);
 
     return AXIS2_SUCCESS;
 }

Modified: webservices/axis2/trunk/c/rampart/src/secpolicy/test-resources/2.xml
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/secpolicy/test-resources/2.xml?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/secpolicy/test-resources/2.xml (original)
+++ webservices/axis2/trunk/c/rampart/src/secpolicy/test-resources/2.xml Tue Feb 13 22:20:06 2007
@@ -5,7 +5,7 @@
 				<wsp:Policy>
 					<sp:InitiatorToken>
 						<wsp:Policy>
-							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
+							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
 								<wsp:Policy>
 									<sp:WssX509V3Token10/>
 								</wsp:Policy>
@@ -14,7 +14,7 @@
 					</sp:InitiatorToken>
 					<sp:RecipientToken>
 						<wsp:Policy>
-							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
+							<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
 								<wsp:Policy>
 									<sp:WssX509V3Token10/>
 								</wsp:Policy>
@@ -23,7 +23,7 @@
 					</sp:RecipientToken>
 					<sp:AlgorithmSuite>
 						<wsp:Policy>
-							<sp:Basic256/>
+							<sp:Basic256Rsa15/>
 						</wsp:Policy>
 					</sp:AlgorithmSuite>
 					<sp:Layout>
@@ -31,29 +31,35 @@
 							<sp:Strict/>
 						</wsp:Policy>
 					</sp:Layout>
-					<sp:IncludeTimestamp/>
+                    <sp:IncludeTimestamp/>
+                    <sp:EncryptBeforeSigning/>
 					<sp:OnlySignEntireHeadersAndBody/>
 				</wsp:Policy>
-			</sp:AsymmetricBinding>
+            </sp:AsymmetricBinding>
+            <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+            <wsp:Policy>
+                <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always"/>
+            </wsp:Policy>
+            </sp:SignedSupportingTokens>
 			<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 				<wsp:Policy>
-					<sp:MustSupportRefKeyIdentifier/>
 					<sp:MustSupportRefIssuerSerial/>
 				</wsp:Policy>
 			</sp:Wss10>
-			<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
+			<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
 				<sp:Body/>
-            </sp:SignedParts>
+            </sp:EncryptedParts>
             <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy">
-                <rampc:user>alice</rampc:user>
-                <rampc:encryptionUser>bob</rampc:encryptionUser>
-                <rampc:passwordCallbackClass>/home/manjula/axis2/c/deploy/bin/samples/rampart/callback/libpwcb.so</rampc:passwordCallbackClass>
+                <rampc:user>Gampola</rampc:user>
+                <rampc:encryptionUser>b</rampc:encryptionUser>
+                <rampc:passwordType>Digest</rampc:passwordType>
+                <rampc:passwordCallbackClass>/home/manjula/axis2/scratch/security-policy/c/deploy/bin/samples/rampart/callback/libpwcb.so</rampc:passwordCallbackClass>
                 <rampc:signatureCrypto>
                     <rampc:signaturePropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/b_cert.cert</rampc:signaturePropFile>
                 </rampc:signatureCrypto>
                 <rampc:encryptionCypto>
-                    <rampc:encryptionPropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/b_cert.cert</rampc:encryptionPropFile>
-                    <rampc:decryptionPropFile>/home/manjula/axis2/c/rampart/samples/keys/ahome/a_store.pfx</rampc:decryptionPropFile>
+                    <rampc:encryptionPropFile>/home/manjula/axis2/scratch/security-policy/c/rampart/samples/keys/ahome/b_cert.cert</rampc:encryptionPropFile>
+                    <rampc:decryptionPropFile>/home/manjula/axis2/scratch/security-policy/c/rampart/samples/keys/bhome/b_store.pfx</rampc:decryptionPropFile>
                 </rampc:encryptionCypto>
         </rampc:RampartConfig>
 		</wsp:All>

Modified: webservices/axis2/trunk/c/rampart/src/util/Makefile.am
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/Makefile.am?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/Makefile.am (original)
+++ webservices/axis2/trunk/c/rampart/src/util/Makefile.am Tue Feb 13 22:20:06 2007
@@ -5,7 +5,7 @@
 librampart_util_la_SOURCES = rampart_action.c rampart_crypto_util.c \
 							rampart_util.c rampart_handler_util.c username_token.c  timestamp_token.c \
 							rampart_encryption.c rampart_sec_header_processor.c rampart_sec_processed_result.c \
-							rampart_sec_header_builder.c
+							rampart_sec_header_builder.c rampart_context.c rampart_engine.c
 
 
 librampart_util_la_LIBADD  = -lssl \
@@ -15,4 +15,5 @@
 INCLUDES = -I$(top_builddir)/include \
 			-I ../../../include \
 			-I ../../../util/include \
+			-I ../../../xml_schema/include \
 			-I ../../../axiom/include

Added: webservices/axis2/trunk/c/rampart/src/util/rampart_context.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_context.c?view=auto&rev=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_context.c (added)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_context.c Tue Feb 13 22:20:06 2007
@@ -0,0 +1,1089 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <rampart_context.h>
+#include <rampart_constants.h>
+#include <oxs_axiom.h>
+
+
+
+
+struct rampart_context_t
+{
+    rp_secpolicy_t *secpolicy;
+    rampart_callback_t* password_callback_module;
+    rampart_authn_provider_t *authn_provider;
+    
+    /*Function pointers for php extension to assign*/
+    pfunc password_func; 
+    auth_password_func authenticate_with_password;
+    auth_digest_func authenticate_with_digest;
+};
+
+
+/*private functions*/
+
+rp_symmetric_asymmetric_binding_commons_t 
+*rampart_context_get_symmetric_asymmetric_binding_commons(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env);
+
+rp_binding_commons_t *rampart_context_get_binding_commons(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env);
+
+axis2_bool_t rampart_context_use_username_token(
+    rp_supporting_tokens_t *signed_supporting,
+    const axis2_env_t *env);
+
+axis2_bool_t rampart_context_validate_ut(
+    rp_username_token_t *username_token,
+    const axis2_env_t *env);
+
+rp_supporting_tokens_t
+*rampart_context_get_signed_supporting_from_binding(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env);
+
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+    rp_header_t *header,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt);
+
+axis2_char_t *AXIS2_CALL
+rampart_context_get_key_identifier_from_wss(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env);
+
+
+
+AXIS2_EXTERN rampart_context_t *AXIS2_CALL 
+rampart_context_create(const axis2_env_t *env)
+{
+    rampart_context_t *rampart_context = NULL;
+
+    AXIS2_ENV_CHECK(env, NULL);
+
+    rampart_context =  (rampart_context_t *) AXIS2_MALLOC (env->allocator,
+    sizeof (rampart_context_t));
+
+    if(rampart_context == NULL)
+    {
+        AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE);
+        return NULL;
+    }
+    rampart_context->secpolicy = NULL;
+    rampart_context->password_callback_module = NULL; 
+    rampart_context->authn_provider = NULL;
+    rampart_context->password_func = NULL;
+    rampart_context->authenticate_with_password = NULL;
+    rampart_context->authenticate_with_digest = NULL;
+
+    return rampart_context;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_free(rampart_context_t *rampart_context,
+        const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    if(rampart_context)
+    {
+        if(rampart_context->secpolicy)
+        {
+            rp_secpolicy_free(rampart_context->secpolicy,env);
+            rampart_context->secpolicy = NULL;
+        }
+        AXIS2_FREE(env->allocator,rampart_context);
+        rampart_context = NULL;
+    }
+    return AXIS2_SUCCESS;
+}
+
+
+/* Implementations */
+
+AXIS2_EXTERN rp_secpolicy_t *AXIS2_CALL
+rampart_context_get_secpolicy(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->secpolicy;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_secpolicy(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            rp_secpolicy_t *secpolicy)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,secpolicy,AXIS2_FAILURE);
+
+    rampart_context->secpolicy = secpolicy;
+    return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN rampart_callback_t *AXIS2_CALL
+rampart_context_get_password_callback(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->password_callback_module;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_password_callback(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            rampart_callback_t *password_callback_module)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,password_callback_module,AXIS2_FAILURE);
+
+    rampart_context->password_callback_module = password_callback_module;
+    return AXIS2_SUCCESS;
+}
+
+/*This function get the function pointer of the password callback function*/
+
+AXIS2_EXTERN pfunc AXIS2_CALL
+rampart_context_get_password_function(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->password_func;
+}
+
+/*set the password callback function*/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_password_function(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            pfunc password_func)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,password_func,AXIS2_FAILURE);
+
+    rampart_context->password_func = password_func;
+    return AXIS2_SUCCESS;
+}
+
+/*The 4 functions below deals with setting and getting authentication 
+ *module function pointers */
+
+AXIS2_EXTERN auth_password_func AXIS2_CALL
+rampart_context_get_auth_password_function(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->authenticate_with_password;
+}
+
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_auth_password_function(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            auth_password_func authenticate_with_password)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,authenticate_with_password,AXIS2_FAILURE);
+
+    rampart_context->authenticate_with_password = authenticate_with_password;
+    return AXIS2_SUCCESS;
+}
+
+
+
+AXIS2_EXTERN auth_digest_func AXIS2_CALL
+rampart_context_get_auth_digest_function(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->authenticate_with_digest;
+}
+
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_auth_digest_function(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            auth_digest_func authenticate_with_digest)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,authenticate_with_digest,AXIS2_FAILURE);
+
+    rampart_context->authenticate_with_digest = authenticate_with_digest;
+    return AXIS2_SUCCESS;
+}
+
+AXIS2_EXTERN rampart_authn_provider_t *AXIS2_CALL
+rampart_context_get_authn_provider(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    
+    return rampart_context->authn_provider;
+}
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_set_authn_provider(rampart_context_t *rampart_context,
+            const axis2_env_t *env,
+            rampart_authn_provider_t *authn_provider)
+{
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+    AXIS2_PARAM_CHECK(env->error,authn_provider,AXIS2_FAILURE);
+
+    rampart_context->authn_provider = authn_provider;
+    return AXIS2_SUCCESS;
+}
+
+
+
+AXIS2_EXTERN int AXIS2_CALL
+rampart_context_get_binding_type(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_property_t *property = NULL;
+
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    property = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+    if(!property)
+        return -1;
+
+    return rp_property_get_type(property,env);   
+}
+
+rp_symmetric_asymmetric_binding_commons_t 
+*rampart_context_get_symmetric_asymmetric_binding_commons(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_property_t *property = NULL;
+    property = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+    if(!property)
+        return NULL;
+
+    if(rp_property_get_type(property,env)==RP_BINDING_ASYMMETRIC)
+    {
+        rp_asymmetric_binding_t *asymmetric_binding = NULL;
+        asymmetric_binding = (rp_asymmetric_binding_t*)rp_property_get_value(property,env);
+        if(!asymmetric_binding)
+            return NULL;
+
+        return rp_asymmetric_binding_get_symmetric_asymmetric_binding_commons(asymmetric_binding,env);
+    }
+    else if(rp_property_get_type(property,env)==RP_BINDING_SYMMETRIC)
+    {
+        rp_symmetric_binding_t *symmetric_binding = NULL;
+        symmetric_binding = (rp_symmetric_binding_t*)rp_property_get_value(property,env);
+        if(!symmetric_binding)
+            return NULL;
+
+        return rp_symmetric_binding_get_symmetric_asymmetric_binding_commons(symmetric_binding,env);
+    }
+    else
+        return NULL;
+}
+
+rp_binding_commons_t 
+*rampart_context_get_binding_commons(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_property_t *property = NULL;
+    property = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+    if(!property)
+        return NULL;
+
+    if(rp_property_get_type(property,env)==RP_BINDING_ASYMMETRIC)
+    {
+        rp_asymmetric_binding_t *asymmetric_binding = NULL;
+        rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+        asymmetric_binding = (rp_asymmetric_binding_t*)rp_property_get_value(property,env);
+        if(!asymmetric_binding)
+            return NULL;
+
+        sym_asym_commons = rp_asymmetric_binding_get_symmetric_asymmetric_binding_commons(asymmetric_binding,env);
+        if(!sym_asym_commons)
+            return NULL;
+
+        return rp_symmetric_asymmetric_binding_commons_get_binding_commons(sym_asym_commons,env);
+    }
+    else if(rp_property_get_type(property,env)==RP_BINDING_SYMMETRIC)
+    {
+        rp_symmetric_binding_t *symmetric_binding = NULL;
+        rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+        symmetric_binding = (rp_symmetric_binding_t*)rp_property_get_value(property,env);
+        if(!symmetric_binding)
+            return NULL;
+
+        sym_asym_commons = rp_symmetric_binding_get_symmetric_asymmetric_binding_commons(symmetric_binding,env);
+        if(!sym_asym_commons)
+            return NULL;
+
+        return rp_symmetric_asymmetric_binding_commons_get_binding_commons(sym_asym_commons,env);
+        
+    }
+    else if(rp_property_get_type(property,env)==RP_BINDING_TRANSPORT)
+    {
+        rp_transport_binding_t *transport_binding = NULL;
+        transport_binding = (rp_transport_binding_t*)rp_property_get_value(property,env);
+        if(!transport_binding)
+            return NULL;
+
+        return rp_transport_binding_get_binding_commons(transport_binding,env);
+    }
+    else
+        return NULL;
+}
+/*supporting tokens may contain under binding*/
+
+rp_supporting_tokens_t  
+*rampart_context_get_signed_supporting_from_binding(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_binding_commons_t *commons = NULL;
+    commons = rampart_context_get_binding_commons(rampart_context,env);
+    if(!commons)
+        return NULL;
+    return rp_binding_commons_get_signed_supporting_tokens(commons,env);     
+}
+
+axis2_bool_t
+rampart_context_validate_ut(
+    rp_username_token_t *username_token,
+    const axis2_env_t *env)
+{
+    axis2_char_t *inclusion = NULL;
+    axis2_bool_t bval = AXIS2_FALSE;
+
+    bval = rp_username_token_get_useUTprofile10(username_token,env);
+    if(bval)
+    {
+        inclusion = rp_username_token_get_inclusion(username_token,env);
+        if((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0))
+            return bval;
+        else
+            bval = AXIS2_FALSE;
+    }
+    return bval;
+}
+
+
+
+axis2_bool_t 
+rampart_context_use_username_token(
+    rp_supporting_tokens_t *signed_supporting,
+    const axis2_env_t *env)
+{
+    axis2_array_list_t *array_list = NULL;
+    axis2_bool_t bvalidate = AXIS2_FALSE;
+    array_list = rp_supporting_tokens_get_tokens(signed_supporting,env);
+    if(!array_list)
+        return AXIS2_FALSE;
+
+    else
+    {
+        int i = 0;
+        for (i = 0; i < AXIS2_ARRAY_LIST_SIZE(array_list,env); i++)
+        {
+            rp_property_t *token = NULL;
+            token = (rp_property_t *)
+                   AXIS2_ARRAY_LIST_GET(array_list,env, i);
+            if (token)
+            {
+                if(rp_property_get_type(token,env)==RP_TOKEN_USERNAME)
+                {
+                    rp_username_token_t *username_token = 
+                        (rp_username_token_t *)rp_property_get_value(token,env);
+                    bvalidate = rampart_context_validate_ut(username_token,env);
+                    break;
+                }
+            }
+        }
+    }
+    return bvalidate;
+}
+
+axis2_status_t rampart_context_set_nodes_to_encrypt(
+    rp_header_t *header,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt)
+{
+    axis2_char_t *namespace = NULL;
+    axis2_char_t *local_name = NULL;
+    axiom_soap_header_t *soap_header = NULL;
+    axiom_node_t *header_node = NULL;
+
+    soap_header = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope,env);
+    if(!soap_header)
+        return AXIS2_FAILURE;
+
+    namespace = (axis2_char_t *) rp_header_get_namespace(header,env);
+    if(!namespace)
+        return AXIS2_FAILURE;
+
+    if(AXIS2_STRCMP(namespace,RP_SECURITY_NS)==0)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt security namespace headers");
+        return AXIS2_FAILURE;
+    }
+
+    local_name = (axis2_char_t*) rp_header_get_name(header,env);
+    if(!local_name)
+    {
+        axis2_array_list_t *soap_header_blocks = NULL;
+        int i = 0;
+        soap_header_blocks = AXIOM_SOAP_HEADER_GET_HEADER_BLOCKS_WITH_NAMESPACE_URI(soap_header,env,namespace);
+        if(!soap_header_blocks)
+            return AXIS2_FAILURE;
+
+        for(i=0 ; i<AXIS2_ARRAY_LIST_SIZE(soap_header_blocks,env); i++)
+        {
+            axiom_soap_header_block_t *header_block = NULL;
+            axiom_node_t *node = NULL;
+            header_block = (axiom_soap_header_block_t *)AXIS2_ARRAY_LIST_GET(soap_header_blocks,env,i);
+            if(header_block)
+            {
+                node = AXIOM_SOAP_HEADER_BLOCK_GET_BASE_NODE(header_block,env);
+                if(node)
+                {    
+                    AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,node);
+                    return AXIS2_SUCCESS;
+                }
+            }
+            
+        }
+    }
+    else if(AXIS2_STRCMP(local_name,"Security")==0)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] We do not encrypt %s", local_name);
+        return AXIS2_FAILURE;
+    }
+    else
+    {
+        axiom_node_t *ret_node = NULL;
+        header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header,env);
+        if(header_node)
+        {
+            ret_node = oxs_axiom_get_node_by_local_name(env,header_node,local_name);
+            if(ret_node)
+            {
+                axiom_element_t *ret_node_ele = NULL;
+                ret_node_ele = (axiom_element_t *)
+                           AXIOM_NODE_GET_DATA_ELEMENT(ret_node, env);
+                if(ret_node_ele)
+                {
+                    axiom_namespace_t *ns = NULL;
+                    axis2_char_t *namespace_uri = NULL;
+                    ns = AXIOM_ELEMENT_GET_NAMESPACE(ret_node_ele, env,ret_node);
+                    if(ns)
+                    {
+                        namespace_uri = AXIOM_NAMESPACE_GET_URI(ns, env);
+                        if (AXIS2_STRCMP(namespace_uri,namespace) == 0)
+                        {
+                            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt,env,ret_node);
+                            return AXIS2_SUCCESS;
+                        }
+
+                    }                
+
+                }
+        
+            }
+        }
+    }
+    return AXIS2_FAILURE;
+}
+
+rp_algorithmsuite_t *AXIS2_CALL 
+rampart_context_get_algorithmsuite(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env)
+{
+    rp_binding_commons_t *binding_commons = NULL;
+
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    binding_commons = rampart_context_get_binding_commons(rampart_context,env);
+
+    if(!binding_commons)
+        return AXIS2_FALSE;
+
+    return rp_binding_commons_get_algorithmsuite(binding_commons,env);
+}
+
+axis2_char_t *AXIS2_CALL 
+rampart_context_get_key_identifier_from_wss(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env)
+{
+    rp_property_t *wss = NULL;
+    axis2_char_t *identifier = NULL;
+             
+    wss = rp_secpolicy_get_wss(rampart_context->secpolicy,env);
+    if(!wss)
+    {
+        identifier = RAMPART_STR_DIRECT_REFERENCE;
+        return identifier;    
+    }
+
+    if(rp_property_get_type(wss,env)==RP_WSS_WSS10)
+    {
+        rp_wss10_t *wss10 = NULL;
+        wss10 = rp_property_get_value(wss,env);
+        if(!wss10)
+            return NULL;
+            
+        if(rp_wss10_get_must_support_ref_key_identifier(wss10,env))
+            identifier = RAMPART_STR_KEY_IDENTIFIER;
+        else if(rp_wss10_get_must_support_ref_issuer_serial(wss10,env))
+            identifier = RAMPART_STR_ISSUER_SERIAL;
+        else if(rp_wss10_get_must_support_ref_external_uri(wss10,env))
+            identifier = RAMPART_STR_EXTERNAL_URI;
+        else if(rp_wss10_get_must_support_ref_embedded_token(wss10,env))
+            identifier = RAMPART_STR_EMBEDDED;
+        else
+            identifier = RAMPART_STR_DIRECT_REFERENCE;
+        
+        return identifier;                                         
+    }
+    else if(rp_property_get_type(wss,env)==RP_WSS_WSS11)
+    {
+        rp_wss11_t *wss11 = NULL;
+        wss11 = rp_property_get_value(wss,env);
+        if(!wss11)
+            return NULL;
+            
+        if(rp_wss11_get_must_support_ref_key_identifier(wss11,env))
+            identifier = RAMPART_STR_KEY_IDENTIFIER;
+        else if(rp_wss11_get_must_support_ref_issuer_serial(wss11,env))
+            identifier = RAMPART_STR_ISSUER_SERIAL;
+        else if(rp_wss11_get_must_support_ref_external_uri(wss11,env))
+            identifier = RAMPART_STR_EXTERNAL_URI;
+        else if(rp_wss11_get_must_support_ref_embedded_token(wss11,env))
+            identifier = RAMPART_STR_EMBEDDED;
+        else if(rp_wss11_get_must_support_ref_thumbprint(wss11,env))
+            identifier = RAMPART_STR_THUMB_PRINT;
+        else if(rp_wss11_get_must_support_ref_encryptedkey(wss11,env))
+            identifier = RAMPART_STR_ENCRYPTED_KEY;
+        else
+            identifier = RAMPART_STR_DIRECT_REFERENCE;                                         
+
+        return identifier;
+    }
+    else return NULL;
+} 
+
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_include_timestamp(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_binding_commons_t *binding_commons = NULL;
+
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    binding_commons = rampart_context_get_binding_commons(rampart_context,env);
+
+    if(!binding_commons)
+        return AXIS2_FALSE;
+
+    return rp_binding_commons_get_include_timestamp(binding_commons,env);
+}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_include_username_token(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    /*Username tokens should be in signed supporting tikens.
+      Otherwise no meaning  */
+
+    rp_supporting_tokens_t *signed_supporting = NULL;
+
+    /*First we should check in the direct policy members*/
+    signed_supporting = rp_secpolicy_get_signed_supporting_tokens(rampart_context->secpolicy,env);
+    /*If not there then we should ckeck in the binding*/
+    if(!signed_supporting)
+    {
+        signed_supporting = rampart_context_get_signed_supporting_from_binding(rampart_context,env);
+        if(!signed_supporting)
+            return AXIS2_FALSE;
+    }
+    /*Now we have signed supporting tokens*/
+    /*Get the user name token if available and check the validity*/
+    return rampart_context_use_username_token(signed_supporting,env); 
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_user(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+
+    rp_rampart_config_t *config = NULL;
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return NULL;    
+
+    return rp_rampart_config_get_user(config,env);
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_password_callback_class(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *config = NULL;
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return NULL;
+
+    return rp_rampart_config_get_password_callback_class(config,env);
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_authn_module_name(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *config = NULL;
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return NULL;
+
+    return rp_rampart_config_get_authenticate_module(config,env);
+}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_get_password_type(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    axis2_bool_t digest = AXIS2_FALSE;
+    axis2_char_t *type = NULL;
+    rp_rampart_config_t *config = NULL;
+    
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return AXIS2_FALSE;
+
+    type = rp_rampart_config_get_password_type(config,env);
+    if(AXIS2_STRCMP(type,RP_DIGEST)==0)
+    {
+        digest = AXIS2_TRUE;
+        return digest;
+    }
+    else
+        return digest;
+}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_is_encrypt_before_sign(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    axis2_char_t *protection_order = NULL;
+    rp_symmetric_asymmetric_binding_commons_t *sym_asym_commons = NULL;
+    sym_asym_commons = rampart_context_get_symmetric_asymmetric_binding_commons(rampart_context,env);
+
+    if(!sym_asym_commons)
+        return AXIS2_FALSE;
+    else
+    {
+        protection_order = rp_symmetric_asymmetric_binding_commons_get_protection_order(sym_asym_commons,env);       
+        if(!protection_order || AXIS2_STRCMP(protection_order,RP_SIGN_BEFORE_ENCRYPTING)==0)
+            return AXIS2_FALSE;
+ 
+        else if(AXIS2_STRCMP(protection_order,RP_ENCRYPT_BEFORE_SIGNING)==0)
+            return AXIS2_TRUE;
+    }
+    return AXIS2_FALSE;
+}
+
+/*This method will return all the parts in the soap message
+outside the security header which needs to be encrypted.*/
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_context_get_nodes_to_encrypt(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env,
+    axiom_soap_envelope_t *soap_envelope,
+    axis2_array_list_t *nodes_to_encrypt)
+{
+    rp_signed_encrypted_parts_t *encrypted_parts = NULL;    
+    axis2_array_list_t *parts = NULL;
+    axis2_status_t status = AXIS2_FAILURE;
+
+    encrypted_parts = rp_secpolicy_get_encrypted_parts(rampart_context->secpolicy,env);
+    if(!encrypted_parts)
+        return AXIS2_FAILURE;
+    
+    parts = rp_signed_encrypted_parts_get_headers(encrypted_parts,env);
+    if(!parts || (AXIS2_ARRAY_LIST_SIZE(parts,env)==0))
+    {
+        if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+        {
+            axiom_soap_body_t *body = NULL;
+            axiom_node_t *body_node = NULL;
+            axiom_node_t *body_child_node = NULL;
+            
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] No encryption parts specified. Using the body.");
+            body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+            body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+            body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+            return AXIS2_SUCCESS;
+        }
+        else
+        {
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Nothing to encrypt");
+            return AXIS2_FAILURE;
+        }
+    }
+    else
+    {
+        int i = 0;
+        for(i=0; i<AXIS2_ARRAY_LIST_SIZE(parts,env); i++)
+        {
+            rp_header_t *header = NULL;
+            header = (rp_header_t *)AXIS2_ARRAY_LIST_GET(parts,env,i);
+            if(header)
+            {
+                status = rampart_context_set_nodes_to_encrypt(header,env,soap_envelope,nodes_to_encrypt);
+                if(status!=AXIS2_FAILURE)
+                    return AXIS2_FAILURE;
+            }
+            
+        }
+        if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+        {
+            axiom_soap_body_t *body = NULL;
+            axiom_node_t *body_node = NULL;
+            axiom_node_t *body_child_node = NULL;
+
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context] Including the body the body.");
+            body = AXIOM_SOAP_ENVELOPE_GET_BODY(soap_envelope, env);
+            body_node = AXIOM_SOAP_BODY_GET_BASE_NODE(body, env);
+            body_child_node = AXIOM_NODE_GET_FIRST_CHILD(body_node, env);
+            AXIS2_ARRAY_LIST_ADD(nodes_to_encrypt, env, body_child_node);
+            return AXIS2_SUCCESS;
+        }
+        
+    }
+    return AXIS2_FAILURE;
+}
+
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_check_whether_to_encrypt(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_signed_encrypted_parts_t *encrypted_parts = NULL;    
+    axis2_array_list_t *parts = NULL;
+
+    encrypted_parts = rp_secpolicy_get_encrypted_parts(rampart_context->secpolicy,env);
+    if(!encrypted_parts)
+        return AXIS2_FALSE;
+    
+    parts = rp_signed_encrypted_parts_get_headers(encrypted_parts,env);
+    if(!parts || (AXIS2_ARRAY_LIST_SIZE(parts,env)==0))
+    {
+        if(rp_signed_encrypted_parts_get_body(encrypted_parts,env))
+            return AXIS2_TRUE;       
+        
+        else
+        {
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_context]No encryption parts specified Nothing to decrypt");
+            return AXIS2_FALSE;
+        }
+    }
+    return AXIS2_TRUE;
+}        
+
+AXIS2_EXTERN rp_property_t *AXIS2_CALL 
+rampart_context_get_token(
+        rampart_context_t *rampart_context,
+        const axis2_env_t *env,
+        axis2_bool_t for_encryption,
+        axis2_bool_t server_side)
+{
+    rp_property_t *binding = NULL;
+    binding = rp_secpolicy_get_binding(rampart_context->secpolicy,env);
+    if(!binding)
+        return NULL;
+
+    if(rp_property_get_type(binding,env)==RP_BINDING_ASYMMETRIC)
+    {
+        rp_asymmetric_binding_t *asym_binding = NULL;
+        asym_binding = (rp_asymmetric_binding_t *)rp_property_get_value(binding,env);
+        if(asym_binding)
+        {
+            if((for_encryption && server_side) || (!for_encryption && !server_side))
+            {
+                return rp_asymmetric_binding_get_initiator_token(asym_binding,env);
+            }    
+            else if((for_encryption && !server_side) || (!for_encryption && server_side))
+            {
+                return rp_asymmetric_binding_get_recipient_token(asym_binding,env);
+            }
+            else return NULL;
+        }
+        else
+            return NULL;
+    }
+    /*In symmetric binding same tokens are used in the client and server sides.*/
+    else if(rp_property_get_type(binding,env)==RP_BINDING_SYMMETRIC)
+    {
+        rp_symmetric_binding_t *sym_binding = NULL;
+        rp_property_t *token = NULL;
+        sym_binding = (rp_symmetric_binding_t *)rp_property_get_value(binding,env);
+        if(sym_binding)
+        {
+            /*First check protection tokens have being specified.*/
+            token = rp_symmetric_binding_get_protection_token(sym_binding,env);
+            if(token)
+                return token;    
+            
+            else
+            {
+                if(for_encryption)
+                {
+                    return rp_symmetric_binding_get_encryption_token(sym_binding,env);
+                }
+                else
+                {
+                    return rp_symmetric_binding_get_signature_token(sym_binding,env);
+                }
+            }
+        }
+        else
+            return NULL;
+    }
+    else if(rp_property_get_type(binding,env)==RP_BINDING_TRANSPORT)
+    {
+        rp_transport_binding_t *transport_binding = NULL;
+        transport_binding = (rp_transport_binding_t *)rp_property_get_value(binding,env);
+        if(transport_binding)
+        {
+            return rp_transport_binding_get_transport_token(transport_binding,env);
+        }
+        else return NULL;                    
+    }
+    else return NULL;
+}
+
+AXIS2_EXTERN axis2_bool_t AXIS2_CALL
+rampart_context_check_is_derived_keys(
+    const axis2_env_t *env,
+    rp_property_t *token)
+{
+    if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+    {
+        rp_x509_token_t *x509_token = NULL;
+        x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+        return rp_x509_token_get_derivedkeys(x509_token,env);
+    }        
+    /*This can be extended when we are supporting other token types.*/
+    else
+        return AXIS2_FALSE;        
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_sym_algo(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_algorithmsuite_t *algosuite = NULL;
+  
+    algosuite = rampart_context_get_algorithmsuite(rampart_context,env); 
+    if(algosuite)
+    {
+        return rp_algorithmsuite_get_encryption(algosuite,env);
+    }
+    else
+        return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_asym_algo(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_algorithmsuite_t *algosuite = NULL;
+  
+    algosuite = rampart_context_get_algorithmsuite(rampart_context,env); 
+    if(algosuite)
+    {
+        return rp_algorithmsuite_get_asymmetrickeywrap(algosuite,env);
+    }
+    else
+        return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_encryption_prop_file(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *rampart_config = NULL;
+    rp_encryption_crypto_t *enc_crypto = NULL;
+
+    rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(rampart_config)
+    {
+        enc_crypto = rp_rampart_config_get_encryption_crypto(rampart_config,env);
+        if(enc_crypto)
+        {
+            return rp_encryption_crypto_get_encryption_prop_file(enc_crypto,env);
+        }
+        else
+            return NULL;
+    }
+    else
+        return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_decryption_prop_file(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *rampart_config = NULL;
+    rp_encryption_crypto_t *enc_crypto = NULL;
+
+    rampart_config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(rampart_config)
+    {
+        enc_crypto = rp_rampart_config_get_encryption_crypto(rampart_config,env);
+        if(enc_crypto)
+        {
+            return rp_encryption_crypto_get_decryption_prop_file(enc_crypto,env);
+        }
+        else
+            return NULL;
+    }
+    else
+        return NULL;
+}
+
+
+
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_encryption_user(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_rampart_config_t *config = NULL;
+    config = rp_secpolicy_get_rampart_config(rampart_context->secpolicy,env);
+    if(!config)
+        return NULL;
+
+    return rp_rampart_config_get_encryption_user(config,env);
+
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_enc_key_identifier(
+    rampart_context_t *rampart_context,
+    rp_property_t *token,
+    axis2_bool_t server_side,
+    const axis2_env_t *env)
+{
+    axis2_char_t *inclusion = NULL;    
+    axis2_bool_t include = AXIS2_TRUE;
+    axis2_char_t *identifier = NULL;
+
+    if(rp_property_get_type(token,env)==RP_TOKEN_X509)
+    {
+        rp_x509_token_t *x509_token = NULL;
+        x509_token = (rp_x509_token_t *)rp_property_get_value(token,env);
+        inclusion = rp_x509_token_get_inclusion(x509_token,env);
+
+        if(server_side)
+            include = ((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
+                        (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0));
+        else
+            include = ((AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ONCE)==0)||
+           (AXIS2_STRCMP(inclusion,RP_INCLUDE_ALWAYS_TO_RECIPIENT)==0));
+        
+        if(include)
+        {
+           if(rp_x509_token_get_require_key_identifier_reference(x509_token,env))
+                identifier = RAMPART_STR_KEY_IDENTIFIER;
+           else if(rp_x509_token_get_require_issuer_serial_reference(x509_token,env))
+                identifier = RAMPART_STR_ISSUER_SERIAL;                        
+           else if(rp_x509_token_get_require_embedded_token_reference(x509_token,env))
+                identifier = RAMPART_STR_EMBEDDED; 
+           else if(rp_x509_token_get_require_thumb_print_reference(x509_token,env))
+                identifier = RAMPART_STR_THUMB_PRINT;
+           else
+                return rampart_context_get_key_identifier_from_wss(rampart_context,env);                             
+
+           return identifier;              
+        }
+        else return NULL;
+                            
+    }
+    /*This can be extended when we are supporting other token types.*/
+    else return NULL;
+}
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_context_get_layout(
+    rampart_context_t *rampart_context,
+    const axis2_env_t *env)
+{
+    rp_binding_commons_t *binding_commons = NULL;
+    rp_layout_t *layout = NULL;
+
+    AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
+
+    binding_commons = rampart_context_get_binding_commons(rampart_context,env);
+
+    if(!binding_commons)
+        return NULL;
+    
+    layout = rp_binding_commons_get_layout(binding_commons,env);
+    if(!layout)
+        return RP_LAYOUT_STRICT;
+
+    return rp_layout_get_value(layout,env);
+}

Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_encryption.c Tue Feb 13 22:20:06 2007
@@ -46,7 +46,7 @@
  **/
 
 /*Private function implementations*/
-
+/*
 static axis2_status_t  
 rampart_enc_get_nodes_to_encrypt(const axis2_env_t *env,
     rampart_actions_t *actions,
@@ -55,10 +55,7 @@
 {
     axis2_char_t *encryption_parts = NULL;
 
-    /*Get encryption parts*/
     encryption_parts =  AXIS2_STRDUP(RAMPART_ACTIONS_GET_ENCRYPTION_PARTS(actions, env), env);
-    /*If no encryption parts are specified use body as default... 
-     * Well...hmmm.. the child of the body infact*/
     if((!encryption_parts) || (0 == AXIS2_STRCMP(encryption_parts, "") || (0 == AXIS2_STRCMP(encryption_parts, "Body")))){
         axiom_soap_body_t *body = NULL;
         axiom_node_t *body_node = NULL;
@@ -82,12 +79,10 @@
 
         AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] EncryptionParts specified = %s", encryption_parts);
         envelope_node = AXIOM_SOAP_ENVELOPE_GET_BASE_NODE(soap_envelope, env);
-        /*Tokenize*/
         str_list = axis2_tokenize(env, encryption_parts, ' ');
         size = AXIS2_ARRAY_LIST_SIZE(str_list, env);
         for(i=0 ; i < size ; i++ ){
             local_name = AXIS2_ARRAY_LIST_GET(str_list, env, i);
-            /*We do not encrypt the security header*/
             if(0 == AXIS2_STRCMP(local_name, "Security")){
                 AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] We do not encrypt %s", local_name);
                 continue;
@@ -100,7 +95,7 @@
 
     return AXIS2_SUCCESS;
 }
-
+*/
 
 
 
@@ -108,7 +103,7 @@
 AXIS2_EXTERN axis2_status_t AXIS2_CALL
 rampart_enc_encrypt_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
-    rampart_actions_t *actions,
+    rampart_context_t *rampart_context,
     axiom_soap_envelope_t *soap_envelope,
     axiom_node_t *sec_node)
 {
@@ -122,14 +117,46 @@
     axis2_char_t *password = NULL;
     oxs_key_t *session_key = NULL;
     oxs_asym_ctx_t *asym_ctx = NULL;
+    axis2_bool_t server_side = AXIS2_FALSE;
+    int token_type = 0;   
+    rp_property_t *token = NULL;
+    axis2_char_t *enc_user = NULL;
+    rampart_callback_t *password_callback = NULL;
+    pfunc password_function = NULL;
+    void *param = NULL;
 
     int i = 0;
     /*Get nodes to be encrypted*/
-    nodes_to_encrypt = axis2_array_list_create(env, 5);
-    status = rampart_enc_get_nodes_to_encrypt(env, actions, soap_envelope, nodes_to_encrypt);
+    server_side = axis2_msg_ctx_get_server_side(msg_ctx,env);
+    nodes_to_encrypt = axis2_array_list_create(env,0);
 
+    status = rampart_context_get_nodes_to_encrypt(rampart_context,env,soap_envelope,nodes_to_encrypt);
+
+    if((status!=AXIS2_SUCCESS)||(AXIS2_ARRAY_LIST_SIZE(nodes_to_encrypt,env)==0))
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No parts specified or specified parts can't be found for encryprion.");
+        return AXIS2_SUCCESS;
+    }                            
+    /*Now we have to check whether a token is specified.*/
+    token = rampart_context_get_token(rampart_context,env,AXIS2_TRUE,server_side);
+    if(!token)
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] Encryption Token is not specified");
+        return AXIS2_SUCCESS;
+    }   
+    token_type = rp_property_get_type(token,env);
+    if(token_type != RP_TOKEN_X509)
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We only support X509 tokens");
+        return AXIS2_SUCCESS;
+    }
+    if(rampart_context_check_is_derived_keys(env,token))
+    {
+        AXIS2_LOG_INFO(env->log,"[rampart][rampart_encryption] We still do not support derived keys");
+        return AXIS2_FAILURE;
+    }        
     /*Get the symmetric encryption algorithm*/
-    enc_sym_algo = RAMPART_ACTIONS_GET_ENC_SYM_ALGO(actions, env); 
+    enc_sym_algo = rampart_context_get_enc_sym_algo(rampart_context,env);
     /*If not specified set the default*/
     if(!enc_sym_algo ||  (0 == AXIS2_STRCMP(enc_sym_algo, ""))){
         AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] No symmetric algorithm is specified for encryption. Using the default");
@@ -176,19 +203,48 @@
         }
     }
     /*Get the asymmetric key encryption algorithm*/
-    enc_asym_algo = RAMPART_ACTIONS_GET_ENC_KT_ALGO(actions, env);
+    enc_asym_algo = rampart_context_get_enc_asym_algo(rampart_context,env);
     /*Get the certificate file name*/
-    certificate_file = RAMPART_ACTIONS_GET_ENC_KEY_FILE(actions, env);
+    certificate_file = rampart_context_get_encryption_prop_file(rampart_context,env);
+
+    
     /*Get the password to retrieve the key from key store*/
-    password = rampart_callback_encuser_password(env, actions, msg_ctx);
+    enc_user = rampart_context_get_encryption_user(rampart_context,env);
+
+    if(!enc_user)
+        enc_user = rampart_context_get_user(rampart_context,env);
+
+    if(!enc_user)
+        return AXIS2_FAILURE;      
+
+    password_function = rampart_context_get_password_function(rampart_context,env);
+    if(password_function)
+        password = (*password_function)(env,enc_user,param);
+
+    else
+    {
+        password_callback = rampart_context_get_password_callback(rampart_context,env);
+        if(!password_callback)
+        {
+            AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] Password call back module is not loaded.");
+            return AXIS2_FAILURE;
+        }        
+        password = rampart_callback_password(env, password_callback, enc_user);
+    }
+/*  password = rampart_callback_encuser_password(env, actions, msg_ctx);*/
     /*Get encryption key identifier*/
-    eki = RAMPART_ACTIONS_GET_ENC_KEY_IDENTIFIER(actions, env);
+    eki = rampart_context_get_enc_key_identifier(rampart_context,token,server_side,env);
+    if(!eki)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_encryption] The token is not needed for inclusion.");
+        return AXIS2_SUCCESS;
+    }
     /*Create asymmetric encryption context*/
     asym_ctx = oxs_asym_ctx_create(env);
     oxs_asym_ctx_set_algorithm(asym_ctx, env, enc_asym_algo);
     oxs_asym_ctx_set_file_name(asym_ctx, env, certificate_file);
     
-    oxs_asym_ctx_set_pem_buf(asym_ctx, env, RAMPART_ACTIONS_GET_KEY_BUF(actions, env));
+/*  oxs_asym_ctx_set_pem_buf(asym_ctx, env, RAMPART_ACTIONS_GET_KEY_BUF(actions, env));*/
     oxs_asym_ctx_set_password(asym_ctx, env, password);
     oxs_asym_ctx_set_operation(asym_ctx, env, OXS_ASYM_CTX_OPERATION_PUB_ENCRYPT);
     oxs_asym_ctx_set_st_ref_pattern(asym_ctx, env, eki);

Added: webservices/axis2/trunk/c/rampart/src/util/rampart_engine.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_engine.c?view=auto&rev=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_engine.c (added)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_engine.c Tue Feb 13 22:20:06 2007
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* 
+ *
+ */
+
+#include <rampart_engine.h>
+
+/*This method sets all the configurations
+ loads required modules and start rampart.*/
+
+
+AXIS2_EXTERN rampart_context_t* AXIS2_CALL
+rampart_engine_init(const axis2_env_t *env, 
+        axis2_msg_ctx_t *msg_ctx,
+        axis2_char_t *x_flow_policy)
+{
+
+    axis2_char_t *file_name = NULL;
+    rampart_context_t *rampart_context = NULL;
+    rp_secpolicy_t *secpolicy = NULL;
+    rampart_callback_t* password_callback_module = NULL;
+    rampart_authn_provider_t *authn_provider = NULL;
+    axis2_char_t *pwcb_module_name = NULL;
+    axis2_char_t *authn_provider_name = NULL;
+        
+    file_name = rampart_get_policy_location(env,msg_ctx,x_flow_policy);
+    if(!file_name)
+    {
+        AXIS2_LOG_INFO(env->log,
+         "[rampart][rampart_Engine] No Security in the flow. So nothing to do");
+        return NULL;
+    }
+
+    secpolicy = rp_policy_create_from_file(env,file_name);
+
+    if(!secpolicy)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_Engine] Cannot get policy" );
+        /*No policy so we cant proceed.*/
+        return NULL;
+    }
+    rampart_context = rampart_context_create(env);
+
+    if(!rampart_context)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][rampart_Engine] Cannot get Rampart Context " );
+        /*No policy so we cant proceed.*/
+        return NULL;
+    }
+        
+    rampart_context_set_secpolicy(rampart_context,env,secpolicy);
+
+    pwcb_module_name = rampart_context_get_password_callback_class(rampart_context,env);
+
+    if(pwcb_module_name)
+    {
+        password_callback_module = rampart_load_pwcb_module(env,pwcb_module_name);
+        if(password_callback_module)
+            rampart_context_set_password_callback(rampart_context,env,password_callback_module);        
+    }
+    authn_provider_name = rampart_context_get_authn_module_name(rampart_context,env);
+    
+    if(authn_provider_name)
+    {
+        authn_provider = rampart_load_auth_module(env,authn_provider_name);
+        if(authn_provider)
+            rampart_context_set_authn_provider(rampart_context,env,authn_provider);
+    }
+    return rampart_context;
+}

Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_handler_util.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_handler_util.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_handler_util.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_handler_util.c Tue Feb 13 22:20:06 2007
@@ -72,6 +72,11 @@
         axis2_msg_ctx_t *msg_ctx,
         axiom_node_t *sec_node);
 
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_get_policy_location(const axis2_env_t *env,
+        axis2_msg_ctx_t *msg_ctx,
+        axis2_char_t *param_name);
+
 /**********************end of header functions ****************************/
 
 axis2_char_t* AXIS2_CALL
@@ -80,10 +85,9 @@
             axis2_msg_ctx_t *msg_ctx)
 {
     axis2_char_t *enc_user = NULL;
-    axis2_char_t *pw_callback_module_name = NULL;
+    axis2_char_t *pw_callback_module = NULL;
     axis2_char_t *password = NULL;
     axis2_ctx_t *ctx = NULL;
-    rampart_callback_t *pwcb = NULL;
 
     /*Check if encUserPassword is in the context. This is designed specially for PHP
     i.e.In any context in the context hierarchy starting from msg, op, svc, etc.*/
@@ -96,8 +100,8 @@
     /*If not found then callback the password*/ 
 
     enc_user = RAMPART_ACTIONS_GET_ENC_USER(actions, env);
-    pw_callback_module_name = RAMPART_ACTIONS_GET_PW_CB_CLASS(actions, env);
-    if(!pw_callback_module_name){
+    pw_callback_module = RAMPART_ACTIONS_GET_PW_CB_CLASS(actions, env);
+    if(!pw_callback_module){
         return NULL;
     }
     if(!enc_user){
@@ -109,18 +113,13 @@
         }
     }
     /*Get axis2_ctx_t. This is designed specially for PHP*/
-    pwcb = rampart_load_pwcb_module(env, pw_callback_module_name);
-    if(!pwcb){
-        AXIS2_LOG_INFO(env->log, "[rampart][rhu] Password callback module %s is NULL", pw_callback_module_name);
-        return NULL;
-    }else{
-        password = rampart_callback_password(env, pwcb, enc_user, ctx);
-    }
+
+/*  password = rampart_callback_password(env, pw_callback_module, enc_user, ctx);*/
+/*  password = rampart_callback_password(env, pw_callback_module, enc_user);*/
 
     return password;
 }
 
-
 axis2_char_t* AXIS2_CALL
 rampart_get_property_from_ctx(const axis2_env_t *env,
         axis2_ctx_t *ctx,
@@ -320,5 +319,28 @@
     }
 
     return AXIS2_SUCCESS;
+}
+
+
+AXIS2_EXTERN axis2_char_t *AXIS2_CALL
+rampart_get_policy_location(const axis2_env_t *env,
+        axis2_msg_ctx_t *msg_ctx,
+        axis2_char_t *param_name)
+        
+{
+    axis2_param_t *param_x_flow_security = NULL;
+    axis2_char_t *value = NULL;
+
+    param_x_flow_security = rampart_get_security_param(env, msg_ctx,
+                                    param_name);
+    
+    if (!param_x_flow_security)
+    {
+        AXIS2_LOG_INFO(env->log,
+            "[rampart][rampart_handler_utils] some error in the configurations");
+        return NULL;
+    }
+    value = AXIS2_PARAM_GET_VALUE(param_x_flow_security, env);
+    return value;
 }
 

Modified: webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c?view=diff&rev=507411&r1=507410&r2=507411
==============================================================================
--- webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c (original)
+++ webservices/axis2/trunk/c/rampart/src/util/rampart_sec_header_builder.c Tue Feb 13 22:20:06 2007
@@ -17,7 +17,6 @@
 
 #include <stdio.h>
 #include <rampart_encryption.h>
-#include <rampart_action.h>
 #include <rampart_constants.h>
 #include <rampart_sec_header_builder.h>
 #include <rampart_username_token.h>
@@ -48,17 +47,158 @@
 
 /*Public functions*/
 
+
+AXIS2_EXTERN axis2_status_t AXIS2_CALL
+rampart_shb_build_message(const axis2_env_t *env,
+    axis2_msg_ctx_t *msg_ctx,
+    rampart_context_t *rampart_context,
+    axiom_soap_envelope_t *soap_envelope)
+{
+   
+    axis2_status_t status = AXIS2_FAILURE;
+    axiom_soap_header_t *soap_header = NULL;
+    axiom_node_t *soap_header_node = NULL;
+    axiom_element_t *soap_header_ele = NULL;
+    axiom_soap_header_block_t *sec_header_block = NULL;
+    axiom_namespace_t *sec_ns_obj = NULL;
+    axiom_node_t *sec_node =  NULL;
+    axiom_element_t *sec_ele = NULL;
+
+    AXIS2_ENV_CHECK(env,AXIS2_FAILURE);    
+    soap_header  = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env);
+    soap_header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header, env);
+    soap_header_ele = (axiom_element_t *)AXIOM_NODE_GET_DATA_ELEMENT(
+                            soap_header_node, env);
+
+
+    sec_ns_obj =  axiom_namespace_create(env, RAMPART_WSSE_XMLNS,
+                RAMPART_WSSE);
+
+    sec_header_block = AXIOM_SOAP_HEADER_ADD_HEADER_BLOCK(soap_header,
+                env, RAMPART_SECURITY, sec_ns_obj);
+
+    if(!sec_header_block)
+    {
+        AXIS2_LOG_INFO(env->log, "[rampart][shb] Security header block is NULL");
+        return AXIS2_SUCCESS;
+    }
+
+    AXIOM_SOAP_HEADER_BLOCK_SET_MUST_UNDERSTAND_WITH_BOOL(sec_header_block,
+                env, AXIS2_TRUE);
+
+    sec_node = AXIOM_SOAP_HEADER_BLOCK_GET_BASE_NODE(sec_header_block, env);
+    sec_ele = (axiom_element_t *)
+                    AXIOM_NODE_GET_DATA_ELEMENT(sec_node, env);
+        
+    /*check the binding*/
+    if((rampart_context_get_binding_type(rampart_context,env)) == RP_BINDING_ASYMMETRIC)
+    {
+        /*Do Asymmetric Binding specific things*/
+
+        /*Timestamp Inclusion*/
+        if(rampart_context_is_include_timestamp(rampart_context,env))
+        {
+            rampart_timestamp_token_t *timestamp_token = NULL;
+            int ttl = -1;
+            AXIS2_LOG_INFO(env->log, "[rampart][shb]  building Timestamp Token");
+            AXIS2_LOG_INFO(env->log, "[rampart][shb]  Using default timeToLive value %d",
+                RAMPART_TIMESTAMP_TOKEN_DEFAULT_TIME_TO_LIVE);
+            ttl = RAMPART_TIMESTAMP_TOKEN_DEFAULT_TIME_TO_LIVE;
+            
+            timestamp_token = rampart_timestamp_token_create(env);
+            status = RAMPART_TIMESTAMP_TOKEN_BUILD(timestamp_token, env,
+                             sec_node, sec_ns_obj, ttl);
+            if (status == AXIS2_FAILURE)
+            {
+                AXIS2_LOG_INFO(env->log, "[rampart][shb] Timestamp Token build failed. ERROR");
+                return AXIS2_FAILURE;
+            }
+        } 
+        
+        /*Check whether we need username token*/
+        /*User name tokens includes in messages sent from client to server*/
+        if(!axis2_msg_ctx_get_server_side(msg_ctx,env))
+        {            
+            if(rampart_context_is_include_username_token(rampart_context,env))
+            {
+                rampart_username_token_t *username_token = NULL;
+
+                username_token = rampart_username_token_create(env);
+        /*Now we are passing rampart_context here so inside this method user can 
+        relevant parameters are extracted. */
+
+                AXIS2_LOG_INFO(env->log, "[rampart][shb]  building UsernmaeToken");
+                status = RAMPART_USERNAME_TOKEN_BUILD(username_token,
+                                env,
+                                rampart_context,
+                                sec_node,
+                                sec_ns_obj);
+                if (status == AXIS2_FAILURE)
+                {
+                    AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed. ERROR");
+                    return AXIS2_FAILURE;
+                }
+            }            
+        }                
+        /*Check the encryption and signature order*/
+        if(rampart_context_is_encrypt_before_sign(rampart_context,env))
+        {
+            /*Check what are the parts to encrypt and send them to the encrypt method*/
+            status = rampart_enc_encrypt_message(env, msg_ctx,rampart_context,soap_envelope,sec_node);
+            if(!status)            
+                return AXIS2_FAILURE;       
+
+
+            /*Then do signature specific things*/
+            /*Then Handle Supporting token stuff  */
+        }  
+        else
+        {
+            /*First do signature specific stuff*/
+            
+            /*Then Handle Encryption stuff*/
+            
+            status = rampart_enc_encrypt_message(env, msg_ctx,rampart_context,soap_envelope,sec_node);
+            if(!status)
+                return AXIS2_FAILURE;
+
+        }            
+
+        return AXIS2_SUCCESS;        
+    }
+    else if((rampart_context_get_binding_type(rampart_context,env)) == RP_BINDING_SYMMETRIC)
+    {
+        /*Do Symmetric_binding specific things*/
+        AXIS2_LOG_INFO(env->log, "[rampart][shb] Symmetric Binding. We do not support yet");
+        return AXIS2_FAILURE;
+    }        
+    else if((rampart_context_get_binding_type(rampart_context,env)) == RP_BINDING_TRANSPORT)        
+    {
+        /*Do Transport Binding specific things */
+        AXIS2_LOG_INFO(env->log, "[rampart][shb] Transport Binding. We do not support yet");
+        return AXIS2_FAILURE;
+    }
+    else
+        return AXIS2_FAILURE;
+   /*Timestamp Inclusion*/
+    
+    /*username Token inclusion*/
+
+    /*check the protection order*/
+
+
+}
+/*    
 AXIS2_EXTERN axis2_status_t AXIS2_CALL
 rampart_shb_build_message(const axis2_env_t *env,
     axis2_msg_ctx_t *msg_ctx,
-    rampart_actions_t *actions,
+    rampart_context_t *rampart_context,
     axiom_soap_envelope_t *soap_envelope)
 {
     axis2_status_t status = AXIS2_FAILURE;
     AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
     AXIS2_PARAM_CHECK(env->error, msg_ctx, AXIS2_FAILURE);
 
-    /*We need a SOAP envelope.*/
     if(soap_envelope){
         axis2_ctx_t *ctx = NULL;
         axiom_soap_header_t *soap_header = NULL;
@@ -68,7 +208,6 @@
         axiom_soap_header_block_t *sec_header_block = NULL;
         axiom_namespace_t *sec_ns_obj = NULL;
 
-        /*We are checking for the soap header element*/
         soap_header  = AXIOM_SOAP_ENVELOPE_GET_HEADER(soap_envelope, env);
         soap_header_node = AXIOM_SOAP_HEADER_GET_BASE_NODE(soap_header, env);
         soap_header_ele = (axiom_element_t *)AXIOM_NODE_GET_DATA_ELEMENT(
@@ -89,7 +228,6 @@
         sec_header_block = AXIOM_SOAP_HEADER_ADD_HEADER_BLOCK(soap_header,
                 env, RAMPART_SECURITY, sec_ns_obj);
 
-        /*Set mustUnderstand=1*/
         AXIOM_SOAP_HEADER_BLOCK_SET_MUST_UNDERSTAND_WITH_BOOL(sec_header_block,
                 env, AXIS2_TRUE);
 
@@ -105,7 +243,6 @@
             sec_ele = (axiom_element_t *)
                     AXIOM_NODE_GET_DATA_ELEMENT(sec_node, env);
 
-            /*Get action items seperated by spaces*/
             string_list = axis2_tokenize(env, items, ' ');
             if (string_list)
             {
@@ -113,11 +250,9 @@
             }
 
             ctx = AXIS2_MSG_CTX_GET_BASE(msg_ctx, env);
-            /*Iterate thru items. Eg. Usernmaetoken, Timestamp, Encrypt, Signature*/
             for (i = 0; i < size; i++)
             {
                 item = AXIS2_ARRAY_LIST_GET(string_list, env, i);
-                /*Username token*/
                 if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_USERNAMETOKEN ,
                         AXIS2_STRTRIM(env, item, NULL)))
                 {
@@ -136,8 +271,6 @@
                         AXIS2_LOG_INFO(env->log, "[rampart][shb] UsernmaeToken build failed. ERROR");
                         return AXIS2_FAILURE;
                     }
-                    /*TODO free*/
-                    /*Timestamp token*/
                 }
                 else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_TIMESTAMP,
                         AXIS2_STRTRIM(env, item, NULL)))
@@ -148,7 +281,6 @@
 
                     AXIS2_LOG_INFO(env->log, "[rampart][shb]  building Timestamp Token");
                     ttl_str = RAMPART_ACTIONS_GET_TIME_TO_LIVE(actions, env);
-                    /*Check for the ttl. If not specified use the default*/
                     if(!ttl_str){
                         AXIS2_LOG_INFO(env->log, "[rampart][shb]  Using default timeToLive value %d",
                                 RAMPART_TIMESTAMP_TOKEN_DEFAULT_TIME_TO_LIVE);
@@ -164,7 +296,6 @@
                         AXIS2_LOG_INFO(env->log, "[rampart][shb] Timestamp Token build failed. ERROR");
                         return AXIS2_FAILURE;
                     }
-                    /*Encrypt*/
                 }
                 else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_ENCRYPT,
                         AXIS2_STRTRIM(env, item, NULL)))
@@ -178,31 +309,29 @@
                         return AXIS2_FAILURE;
                     }
 
-                    /*Signature*/
                 }
                 else if (0 == AXIS2_STRCMP(RAMPART_ACTION_ITEMS_SIGNATURE,
                         AXIS2_STRTRIM(env, item, NULL)))
                 {
                     AXIS2_LOG_INFO(env->log, "[rampart][shb] Signing message. We do not support yet");
 
-                    /*Any other type of action*/
                 }
                 else
                 {
                     AXIS2_LOG_INFO(env->log, "[rampart][shb] We do not support %s item yet" , item);
                 }
-            }/*End of for*/
+            }
 
         }
         else
         {
             AXIS2_LOG_INFO(env->log, "[rampart][shb] Security header block is NULL");
         }
-    }else{/*No SOAP message*/
+    }else{
         return AXIS2_FAILURE;
     }
 
     
     return AXIS2_SUCCESS;
 }
-
+*/



---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org


Mime
View raw message