Hi devs, I have integrated the Rampart/C and security-policy for all the features Rampart supporting up to now.(UsernameToken,Timestamp and encryption.) This can be downloaded from https://svn.apache.org/repos/asf/webservices/axis2/scratch/c/security-policy/c
This is the major change I have done. When building or processing the message rampart get the configurations from a rampart_context which wraps a security policy object.This was previously done using rampart_actions which is created from parametrs(inflowsecurity and outflowsecurity) in axis2.xml or services.xml. Since we don't have a general policy framework there are 2 approaches we can follow to keep policies. 1.Keeping 1 agreed policy file in both server and client.(Initiator and Recipient.) -if we follow this, the message formats will be restricted. For example if the initiator to recipient message is encrypted, then recipient to initiator message will also be encrypted. 2.Keeping 2 policy files in each party. - The Recipient will have initiators outgoing message policy and will consider it as his incoming message policy and vice-versa. With this approach message formats will not be restricted, but user will have the overhead of keeping to many policy files. Another issue is how to give these policies to rampart.That is are we going put them in axis2.xml or services.xml or any other way. It is great if we can resolve these issues before merging the scratch with the head. Thanks. Manjula. On Tue, 2007-01-23 at 15:06 +0530, Manjula Peiris wrote: > Hi all, > > I have sent the patch implementing security policy for Rampart/c. In > order to integrate security policy with Rampart/C some significant > changes need to be done for some parts of Rampart/C. Meanwhile The > current Axis2/C (Rampart) code base may break due to these changes. So > can any one suggest a solution for this. > > Thanks. > > Manjula. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
