synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Manoj <amilama...@gmail.com>
Subject Re: [SYNAPSE-860] AS2 Support
Date Thu, 26 Apr 2012 09:18:05 GMT
I would like to continue on this effort despite not being accepted as a
GSoC project.

I'm implementing a minimal scenario where the communication is without
encryption and signing, and the MDN is synchronous.

On Sat, Mar 31, 2012 at 8:17 PM, Amila Manoj <amilamanoj@gmail.com> wrote:

> Hi Hiranya,
>
> Yes you are right, a builder and a formatter is the correct approach for
> the implementation.
> Also, I think MIME content types are a initial consideration.
>
> I read some more on AS2 specification and experimented with Mendelson and
> Tcpmon to understand how an actual implementation of AS2 looks like.
>
> Sending a text file named "foo.txt" containing the word "bar", changing
> some parameters:
>
> 1. Without encryption or signing - http://pastebin.com/j7S9tN8V
> File is sent as a plain text attachment. content type is
> "application/EDI-Consent"
> File name is mentioned in the header "content-disposition: attachment;
> filename="foo.txt""
>
> 2. Only with encryption - http://pastebin.com/j7yGkVFc
> One MIME attachment whose content is encrypted using the selected
> algorithm. File name is not encrypted. (same as above). content type is
> "application/pkcs7-mime"
>
> 3. Without encryption and signing - http://pastebin.com/CXAuVgwY
> Looks like both signature and content are encrypted. One MIME attachment
> is sent. Filename is not the original (smime.p7m). content type is again
> "application/pkcs7-mime"
>
> 4. Only with signing - http://pastebin.com/tpJPHSDM
> A MIME multipart message, containing two parts, is sent. One part is the
> original file as a plain text attachment. Other part is the signature.
> content type is "multipart/signed"
>
> According to specs, at least following types has to be supported in an AS2
> implementation.
>              Content-Type: multipart/signed
>              Content-Type: multipart/report
>              Content-Type: message/disposition-notification
>              Content-Type: application/PKCS7-signature
>              Content-Type: application/PKCS7-mime
>              Content-Type: application/EDI-X12
>
> RFC-1767 defines three distinct categories as three different MIME
> content-types
> application/EDIFACT: content that conform to the range of specifications
> developed by the United Nations
> application/EDI-X12: conform to the range of specifications developed
> through the X12 standards organization
> application/EDI-consent: other content that haven't standardized. two
> trade parties must explicitly agree on the format. (content type is set to
> this when sending an arbitrary file such as foo.txt)
>
> I started writing a builder. Patch attached.
> As of now it handles "Application/EDI-consent", which means unencrypted
> and unsigned custom content.
> It simply reads the content of the MIME attachment and wraps in a SOAP
> Envelope.
>
> To test:
>
> 1. Add this to axis2.xml:
>
> *"<messageBuilder contentType="application/edi-consent"
> class="org.apache.synapse.format.as2.AS2MessageBuilder"/>"*
>
> 2. Start Synapse with following config:
>
> *<definitions xmlns="http://ws.apache.org/ns/synapse">
>     <proxy name="AS2Proxy">
>         <target>
>             <inSequence>
>             <log level="full" />
>             </inSequence>
>         </target>
>     </proxy>
> </definitions>*
>
> 3. Start mendelson and create a new partner.
> 4. Select "No signature" and "No encryption" under algorithms.
> 5. Set "http://localhost:8280/services/AS2Proxy" as the Receipt URL in
> Send tab.
>
> 6. Go to "File-> Send file to partner", and send a file such as a text
> file.
>
> If we send a text file containing the word "foo", the message should be
> logged as:
>
> *"INFO LogMediator To: /services/AS2Proxy, MessageID:
> urn:uuid:e3fe8e73-a4c1-48f7-9572-8d6a07a65516, Direction: request,
> Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/
> "><soapenv:Body><as2Message>foo</as2Message></soapenv:Body></soapenv:Envelope>"
> *
>
>
> Some points of concern:
>
> 1. Since we should handle multiple content types, I suppose we can specify
> same builder for those content types in axis2.xml and process them
> accordingly in the builder.
> 2. Security aspects:
> Java Security APIs [1] seem to provide support for many cryptographic
> algorithms. JavaMail API[2] could be used to process MIME messages.
> Meldonson uses Bouncy Castle Crypto APIs [3] (MIT). It provides APIs to
> specifically  handle S/MIME and PKCS7.
> Will read more on this.
> 3. EDIFACT representation in SOAP (i.e. when the content-type is
> "application/EDIFACT")
> 4. Have to look in to handling MDNs.
>
> [1] -
> http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html
> [2] - http://www.oracle.com/technetwork/java/javamail/index.html
> [3] - http://www.bouncycastle.org/java.html
>
> Feedback is much appreciated.
>
>
> Regards,
> Amila
>
>
> On Wed, Mar 28, 2012 at 9:51 AM, Hiranya Jayathilaka <hiranya911@gmail.com
> > wrote:
>
>> Great research work up front. Do you have a plan as to how this can be
>> implemented in Synapse? Since the wire level transport is HTTP I don't
>> think we need a new transport. It would be basically a builder/formatter
>> pair and a set of mediators to manipulate AS2 messages. Is that the case?
>>
>> Thanks,
>> Hiranya
>>
>>
>> On Tue, Mar 27, 2012 at 8:15 PM, Amila Manoj <amilamanoj@gmail.com>wrote:
>>
>>> Hi,
>>>
>>> Here's a brief summery on AS2.
>>> Files are encoded as attachments in a S/MIME message. This is what we
>>> call an AS2 message.
>>> Those messages are sent using the HTTP/HTTPS, usually POST
>>> The Messages can be signed, encrypted. This is optional according to the
>>> specs.
>>> Also, the Messages may request a MDN. (to provide non-repudiation) This
>>> is optional too. MDN is typically not encrypted.
>>> If there are problems receiving or interpreting the original AS2
>>> message, a "failed" MDN may be sent back.
>>> Both "failed" MDN and not receiving MDN (when it is requested) are
>>> considered as failures according to specs.
>>>
>>> I tried out Mendelson. They provide a AS2 server for testing [1] and a
>>> nice user interface.
>>> The endpoints are referred to as business partners in AS2 jargon.
>>> Mendelson allows to configure business partners. A business partner can
>>> be a local station or a remote station.
>>> In a local config, we need to specify private keys for encryption and
>>> signing. These are picked from a PKCS12 key-store file. The URL to receive
>>> MDN can be also configured.
>>> In a remote business partner, notable options are sending URL,
>>> encryption and signing algorithms (can choose not to sign/encrypt) and its
>>> public keys.
>>>
>>> I'm looking at its source to understand how they handle S/MIME messages.
>>>
>>> Will update the thread.
>>>
>>>
>>>
>>> On Fri, Mar 23, 2012 at 12:17 PM, Amila Manoj <amilamanoj@gmail.com>wrote:
>>>
>>>> Hi all,
>>>>
>>>> As I previously mentioned in the JIRA [0], I'm interested in adding
>>>> $subject for Synapse as my GSoC 2012 project.
>>>> I went through some AS2 and EDIFACT resources, including [1] [2].
>>>>
>>>> To add AS2 support to Synapse, I think the task is to write a new
>>>> transport (as described in Axis2 documentation).
>>>> Once the transport is complete, Synapse will be able to mediate AS2
>>>> based messages across other transports that Synapse support.
>>>>
>>>> Like all other transport components of Synapse, AS2 transport should
>>>> include a receiver and a sender.
>>>> These will be configurable in the axis2.xml file of Synapse.
>>>> Configuring Synapse using axis2.xml for AS2 will look like:
>>>>     <transportReceiver name="as2"
>>>> class="org.apache.synapse.transport.as2.AS2TransportListener">
>>>>          ...parameters...
>>>>     </transportReceiver>
>>>>         and similarly,
>>>>     <transportSender name="as2"
>>>> class="org.apache.synapse.transport.as2.AS2TransportSender">
>>>>         ...parameters...
>>>>     </transportSender>
>>>>
>>>> According to the specifications, AS2 can be used send appropriately
>>>> packaged EDI, XML, or other business data, using HTTP POST.
>>>> I think the focus should be to support EDIFACT based messages.
>>>>
>>>> Since Synapse uses SOAP as the common message representation, we should
>>>> convert incoming messages into a SOAP representation.
>>>> However, EDIFACT messages are non-XML. Therefore we'll have to convert
>>>> them into XML and wrap it within a SOAP envelope.
>>>> (Similar to what's done in FIX transport [3]). For this purpose, I
>>>> think XML/EDIFACT format can be used [4]
>>>> Found this [7] library to convert EDIFACT TO XML (GPLv3), which might
>>>> be useful.
>>>>
>>>> Usually AS2 clients are called "Trading partners". When sending a
>>>> message, they can request an acknowledgement message called MDN (Message
>>>> Disposition Notification).
>>>> There are several options to send MDN, Sync, ASync, NoMDN etc. I think
>>>> this is somewhat similar to axis2's MEP (message exchange patterns). (MDN
>>>> vs. NoMDN for in-out vs. in-only MEPs. Sync vs. ASying for Blocking vs.
>>>> Non-blocking MEPs)
>>>>
>>>> Found 2 open source implementations of AS2 for java:
>>>> OpenAS2 (BSD) [5]
>>>> Mendelson (GPL) [6]
>>>> These days I'm trying out those implementations to get a better
>>>> understanding of AS2.
>>>>
>>>> I Will read on how security requirements specified in AS2 can be
>>>> handled with Synapse.
>>>> Will also look into more details on how other transports in Synapse
>>>> (like FIX) are written.
>>>>
>>>> Any suggestions, pointers to the things I've missed are very much
>>>> appreciated.
>>>>
>>>> [0] - https://issues.apache.org/jira/browse/SYNAPSE-860
>>>> [1] - http://www.ietf.org/rfc/rfc4130.txt
>>>> [2] -
>>>> http://www.unece.org/tradewelcome/areas-of-work/un-centre-for-trade-facilitation-and-e-business-uncefact/outputs/standards/unedifact/tradeedifactrules/part-4-edifact-rules-for-electronic-data-interchange-for-administration-commerce-and-transport/part-4-unedifact-rules-chapter-22-syntax-rules.html
>>>> [3] -
>>>> http://svn.apache.org/viewvc/synapse/trunk/java/modules/transports/optional/fix/src/main/java/org/apache/synapse/transport
>>>> /fix/FIXUtils.java?view=markup
>>>> [4] - http://en.wikipedia.org/wiki/XML/EDIFACT
>>>> [5] - http://sourceforge.net/projects/openas2/
>>>> [6] - http://sourceforge.net/projects/mec-as2/
>>>> [7] - https://github.com/metormote/edifact-xml
>>>>
>>>>
>>>> Thanks,
>>>> Amila
>>>>
>>>> --
>>>> Amila Manoj Silva
>>>> Undergraduate
>>>> Department of Computer Science and Engineering
>>>> University of Moratuwa
>>>> http://amilamanoj.blogspot.com/
>>>>
>>>
>>> [1]- http://as2.mendelson-e-c.com:8080/webas2/
>>>
>>>
>>>
>>> --
>>> Amila Manoj Silva
>>> Undergraduate
>>> Department of Computer Science and Engineering
>>> University of Moratuwa
>>> http://amilamanoj.blogspot.com/
>>>
>>
>>
>>
>> --
>> Hiranya Jayathilaka
>> Associate Technical Lead;
>> WSO2 Inc.;  http://wso2.org
>> E-mail: hiranya@wso2.com;  Mobile: +94 77 633 3491
>> Blog: http://techfeast-hiranya.blogspot.com
>>
>
>
>
> --
> Amila Manoj Silva
> Undergraduate
> Department of Computer Science and Engineering
> University of Moratuwa
> http://amilamanoj.blogspot.com/
>



-- 
Amila Manoj Silva
Undergraduate
Department of Computer Science and Engineering
University of Moratuwa
http://amilamanoj.blogspot.com/

Mime
View raw message