I would like to continue on this effort despite not being accepted as a GSoC project.
I'm implementing a minimal scenario where the communication is without encryption and signing, and the MDN is synchronous. On Sat, Mar 31, 2012 at 8:17 PM, Amila Manoj <[email protected]> wrote: > Hi Hiranya, > > Yes you are right, a builder and a formatter is the correct approach for > the implementation. > Also, I think MIME content types are a initial consideration. > > I read some more on AS2 specification and experimented with Mendelson and > Tcpmon to understand how an actual implementation of AS2 looks like. > > Sending a text file named "foo.txt" containing the word "bar", changing > some parameters: > > 1. Without encryption or signing - http://pastebin.com/j7S9tN8V > File is sent as a plain text attachment. content type is > "application/EDI-Consent" > File name is mentioned in the header "content-disposition: attachment; > filename="foo.txt"" > > 2. Only with encryption - http://pastebin.com/j7yGkVFc > One MIME attachment whose content is encrypted using the selected > algorithm. File name is not encrypted. (same as above). content type is > "application/pkcs7-mime" > > 3. Without encryption and signing - http://pastebin.com/CXAuVgwY > Looks like both signature and content are encrypted. One MIME attachment > is sent. Filename is not the original (smime.p7m). content type is again > "application/pkcs7-mime" > > 4. Only with signing - http://pastebin.com/tpJPHSDM > A MIME multipart message, containing two parts, is sent. One part is the > original file as a plain text attachment. Other part is the signature. > content type is "multipart/signed" > > According to specs, at least following types has to be supported in an AS2 > implementation. > Content-Type: multipart/signed > Content-Type: multipart/report > Content-Type: message/disposition-notification > Content-Type: application/PKCS7-signature > Content-Type: application/PKCS7-mime > Content-Type: application/EDI-X12 > > RFC-1767 defines three distinct categories as three different MIME > content-types > application/EDIFACT: content that conform to the range of specifications > developed by the United Nations > application/EDI-X12: conform to the range of specifications developed > through the X12 standards organization > application/EDI-consent: other content that haven't standardized. two > trade parties must explicitly agree on the format. (content type is set to > this when sending an arbitrary file such as foo.txt) > > I started writing a builder. Patch attached. > As of now it handles "Application/EDI-consent", which means unencrypted > and unsigned custom content. > It simply reads the content of the MIME attachment and wraps in a SOAP > Envelope. > > To test: > > 1. Add this to axis2.xml: > > *"<messageBuilder contentType="application/edi-consent" > class="org.apache.synapse.format.as2.AS2MessageBuilder"/>"* > > 2. Start Synapse with following config: > > *<definitions xmlns="http://ws.apache.org/ns/synapse";> > <proxy name="AS2Proxy"> > <target> > <inSequence> > <log level="full" /> > </inSequence> > </target> > </proxy> > </definitions>* > > 3. Start mendelson and create a new partner. > 4. Select "No signature" and "No encryption" under algorithms. > 5. Set "http://localhost:8280/services/AS2Proxy"; as the Receipt URL in > Send tab. > > 6. Go to "File-> Send file to partner", and send a file such as a text > file. > > If we send a text file containing the word "foo", the message should be > logged as: > > *"INFO LogMediator To: /services/AS2Proxy, MessageID: > urn:uuid:e3fe8e73-a4c1-48f7-9572-8d6a07a65516, Direction: request, > Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/ > "><soapenv:Body><as2Message>foo</as2Message></soapenv:Body></soapenv:Envelope>" > * > > > Some points of concern: > > 1. Since we should handle multiple content types, I suppose we can specify > same builder for those content types in axis2.xml and process them > accordingly in the builder. > 2. Security aspects: > Java Security APIs [1] seem to provide support for many cryptographic > algorithms. JavaMail API[2] could be used to process MIME messages. > Meldonson uses Bouncy Castle Crypto APIs [3] (MIT). It provides APIs to > specifically handle S/MIME and PKCS7. > Will read more on this. > 3. EDIFACT representation in SOAP (i.e. when the content-type is > "application/EDIFACT") > 4. Have to look in to handling MDNs. > > [1] - > http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html > [2] - http://www.oracle.com/technetwork/java/javamail/index.html > [3] - http://www.bouncycastle.org/java.html > > Feedback is much appreciated. > > > Regards, > Amila > > > On Wed, Mar 28, 2012 at 9:51 AM, Hiranya Jayathilaka <[email protected] > > wrote: > >> Great research work up front. Do you have a plan as to how this can be >> implemented in Synapse? Since the wire level transport is HTTP I don't >> think we need a new transport. It would be basically a builder/formatter >> pair and a set of mediators to manipulate AS2 messages. Is that the case? >> >> Thanks, >> Hiranya >> >> >> On Tue, Mar 27, 2012 at 8:15 PM, Amila Manoj <[email protected]>wrote: >> >>> Hi, >>> >>> Here's a brief summery on AS2. >>> Files are encoded as attachments in a S/MIME message. This is what we >>> call an AS2 message. >>> Those messages are sent using the HTTP/HTTPS, usually POST >>> The Messages can be signed, encrypted. This is optional according to the >>> specs. >>> Also, the Messages may request a MDN. (to provide non-repudiation) This >>> is optional too. MDN is typically not encrypted. >>> If there are problems receiving or interpreting the original AS2 >>> message, a "failed" MDN may be sent back. >>> Both "failed" MDN and not receiving MDN (when it is requested) are >>> considered as failures according to specs. >>> >>> I tried out Mendelson. They provide a AS2 server for testing [1] and a >>> nice user interface. >>> The endpoints are referred to as business partners in AS2 jargon. >>> Mendelson allows to configure business partners. A business partner can >>> be a local station or a remote station. >>> In a local config, we need to specify private keys for encryption and >>> signing. These are picked from a PKCS12 key-store file. The URL to receive >>> MDN can be also configured. >>> In a remote business partner, notable options are sending URL, >>> encryption and signing algorithms (can choose not to sign/encrypt) and its >>> public keys. >>> >>> I'm looking at its source to understand how they handle S/MIME messages. >>> >>> Will update the thread. >>> >>> >>> >>> On Fri, Mar 23, 2012 at 12:17 PM, Amila Manoj <[email protected]>wrote: >>> >>>> Hi all, >>>> >>>> As I previously mentioned in the JIRA [0], I'm interested in adding >>>> $subject for Synapse as my GSoC 2012 project. >>>> I went through some AS2 and EDIFACT resources, including [1] [2]. >>>> >>>> To add AS2 support to Synapse, I think the task is to write a new >>>> transport (as described in Axis2 documentation). >>>> Once the transport is complete, Synapse will be able to mediate AS2 >>>> based messages across other transports that Synapse support. >>>> >>>> Like all other transport components of Synapse, AS2 transport should >>>> include a receiver and a sender. >>>> These will be configurable in the axis2.xml file of Synapse. >>>> Configuring Synapse using axis2.xml for AS2 will look like: >>>> <transportReceiver name="as2" >>>> class="org.apache.synapse.transport.as2.AS2TransportListener"> >>>> ...parameters... >>>> </transportReceiver> >>>> and similarly, >>>> <transportSender name="as2" >>>> class="org.apache.synapse.transport.as2.AS2TransportSender"> >>>> ...parameters... >>>> </transportSender> >>>> >>>> According to the specifications, AS2 can be used send appropriately >>>> packaged EDI, XML, or other business data, using HTTP POST. >>>> I think the focus should be to support EDIFACT based messages. >>>> >>>> Since Synapse uses SOAP as the common message representation, we should >>>> convert incoming messages into a SOAP representation. >>>> However, EDIFACT messages are non-XML. Therefore we'll have to convert >>>> them into XML and wrap it within a SOAP envelope. >>>> (Similar to what's done in FIX transport [3]). For this purpose, I >>>> think XML/EDIFACT format can be used [4] >>>> Found this [7] library to convert EDIFACT TO XML (GPLv3), which might >>>> be useful. >>>> >>>> Usually AS2 clients are called "Trading partners". When sending a >>>> message, they can request an acknowledgement message called MDN (Message >>>> Disposition Notification). >>>> There are several options to send MDN, Sync, ASync, NoMDN etc. I think >>>> this is somewhat similar to axis2's MEP (message exchange patterns). (MDN >>>> vs. NoMDN for in-out vs. in-only MEPs. Sync vs. ASying for Blocking vs. >>>> Non-blocking MEPs) >>>> >>>> Found 2 open source implementations of AS2 for java: >>>> OpenAS2 (BSD) [5] >>>> Mendelson (GPL) [6] >>>> These days I'm trying out those implementations to get a better >>>> understanding of AS2. >>>> >>>> I Will read on how security requirements specified in AS2 can be >>>> handled with Synapse. >>>> Will also look into more details on how other transports in Synapse >>>> (like FIX) are written. >>>> >>>> Any suggestions, pointers to the things I've missed are very much >>>> appreciated. >>>> >>>> [0] - https://issues.apache.org/jira/browse/SYNAPSE-860 >>>> [1] - http://www.ietf.org/rfc/rfc4130.txt >>>> [2] - >>>> http://www.unece.org/tradewelcome/areas-of-work/un-centre-for-trade-facilitation-and-e-business-uncefact/outputs/standards/unedifact/tradeedifactrules/part-4-edifact-rules-for-electronic-data-interchange-for-administration-commerce-and-transport/part-4-unedifact-rules-chapter-22-syntax-rules.html >>>> [3] - >>>> http://svn.apache.org/viewvc/synapse/trunk/java/modules/transports/optional/fix/src/main/java/org/apache/synapse/transport >>>> /fix/FIXUtils.java?view=markup >>>> [4] - http://en.wikipedia.org/wiki/XML/EDIFACT >>>> [5] - http://sourceforge.net/projects/openas2/ >>>> [6] - http://sourceforge.net/projects/mec-as2/ >>>> [7] - https://github.com/metormote/edifact-xml >>>> >>>> >>>> Thanks, >>>> Amila >>>> >>>> -- >>>> Amila Manoj Silva >>>> Undergraduate >>>> Department of Computer Science and Engineering >>>> University of Moratuwa >>>> http://amilamanoj.blogspot.com/ >>>> >>> >>> [1]- http://as2.mendelson-e-c.com:8080/webas2/ >>> >>> >>> >>> -- >>> Amila Manoj Silva >>> Undergraduate >>> Department of Computer Science and Engineering >>> University of Moratuwa >>> http://amilamanoj.blogspot.com/ >>> >> >> >> >> -- >> Hiranya Jayathilaka >> Associate Technical Lead; >> WSO2 Inc.; http://wso2.org >> E-mail: [email protected]; Mobile: +94 77 633 3491 >> Blog: http://techfeast-hiranya.blogspot.com >> > > > > -- > Amila Manoj Silva > Undergraduate > Department of Computer Science and Engineering > University of Moratuwa > http://amilamanoj.blogspot.com/ > -- Amila Manoj Silva Undergraduate Department of Computer Science and Engineering University of Moratuwa http://amilamanoj.blogspot.com/
