Hi Thilina,
Thanks a lot for taking a look at this ...
Here is the scenario:
[Note: I had to sanitize the files a little bit that I have attached here
due to proprietery reasons but I made sure that the conceptually nothing is
changed.]
So At Server side, there are couple of files:
1) server_side_code.c and 2) services.xml
At Client side, there are couple of files as well:
1) client_side_code.c and 2) policy.xml
The libraries are created by compiling client_side_code.c (library name:
libsecprv.so and included it in policy.xml) and server_side_code.c (library
name: libsec_soap.so and included it in services.xml) separately.
Axis2C and Rampart was used for client and server side code for SOAP
implementation.
Now my goal here is to come up with a java code (client only) that will
perform a CreateObject operation (mentioned in services.xml) and by doing
this it will send the SOAP request with security to the server and creates
the object.
I have already written a java code with SOAP (without security) and its
working fine ... now I just have to add the security part ...
So I am doing following:
1) Since for SOAP I am using Client STUB, initializing that with context
2) engaging rampart module (getting engaged successfully)
3) setting the property RampartMessageData.KEY_RAMPART_POLICY with the value
of policy.xml that I have attached.
Its giving me Encryption token missing error.
Now I know that in my policy xml, the module name (.so file) is the comipled
code from the C file and I have to do the same thing in JAVA as its in C
file. But since I dont have C skills so need help there.
Thanks.
On Thu, Feb 17, 2011 at 10:00 PM, Thilina Mahesh Buddhika <
[email protected]> wrote:
> If you can share the complete policy/scenario with us, then it would be
> much easier to point you to an equivalent rampart config.
>
> Thanks,
> Thilina
>
>
> On Thu, Feb 17, 2011 at 11:29 PM, Devdatta Lele
> <[email protected]>wrote:
>
>> Hi I have RampartConfig used in Axis2C as follows:
>>
>> <rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
>> <rampc:SecurityContextTokenProvider>path to a library
>> file</rampc:SecurityContextTokenProvider>
>> </rampc:RampartConfig>
>>
>> Unfortunately, I am using Axis2Java and want to use the same config in my
>> policy.xml ... what will be the equivalent ? The reason I am wondering about
>> this is that I was not able to find equivalent of
>> SecurityContextTokenProvider in Axis2Java/Rmpart config web page.
>>
>> Thanks in advance.
>>
>>
>>
>
>
> --
> Thilina Mahesh Buddhika
> http://blog.thilinamb.com
>
#include <stdio.h>
#include <axutil_string.h>
#include <axutil_utils.h>
#include <oxs_utility.h>
#include <rampart_util.h>
#include <rampart_sct_provider.h>
#include <secconv_security_context_token.h>
#define RAMPART_CLIENT_SECRET_KEY "rampart_client_secret_key"
#ifdef __cplusplus
extern "C"
{
#endif
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_free(rampart_sct_provider_t *sct_provider,
const axutil_env_t* env)
{
if (sct_provider)
{
if (sct_provider->ops)
{
AXIS2_FREE(env->allocator, sct_provider->ops);
}
AXIS2_FREE(env->allocator, sct_provider);
}
return AXIS2_SUCCESS;
}
AXIS2_EXTERN void* AXIS2_CALL
sct_provider_obtain_token(
const axutil_env_t* env,
axis2_bool_t is_encryption,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t* sct_id,
int sct_id_type,
void* user_params)
{
security_context_token_t* sct = NULL;
/*rp_security_context_token_t* rp_sct = NULL;*/
oxs_buffer_t *key_buffer = NULL;
axis2_char_t *key = NULL;
axutil_property_t *key_property = NULL;
sct = security_context_token_create(env);
if(!sct)
{
AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot create security context token");
return NULL;
}
key_buffer = oxs_buffer_create(env);
key_property = axis2_msg_ctx_get_property(msg_ctx, env, RAMPART_CLIENT_SECRET_KEY);
if(key_property)
{
key = (axis2_char_t *)axutil_property_get_value(key_property, env);
}
if(key)
{
oxs_buffer_populate(key_buffer, env, (unsigned char*)key, strlen(key));
}
else
{
AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Key is not Set");
return NULL;
}
if(key_buffer)
{
security_context_token_set_secret(sct, env, key_buffer);
if(!sct_id)
{
sct_id = oxs_util_generate_id(env,const_cast<axis2_char_t*>("urn:uuid:"));
}
security_context_token_set_global_identifier(sct, env, (axis2_char_t*)axutil_strdup(env, sct_id));
security_context_token_set_local_identifier(sct, env, (axis2_char_t*)axutil_strdup(env, "#sctId-29530019"));
return sct;
}
else
{
return NULL;
}
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_store_token(
const axutil_env_t *env,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t *sct_global_id,
axis2_char_t *sct_local_id,
void *sct,
void *user_params)
{
return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_delete_token(
const axutil_env_t *env,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t *sct_id,
int sct_id_type,
void* user_params)
{
/* delete method is not implemented, because we are still not supporting sct cancel function */
return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_validate_token(
const axutil_env_t *env,
axiom_node_t *sct_node,
axis2_msg_ctx_t *msg_ctx,
void *user_params)
{
/* default implementation does not need to validate anything. We haven't extended the
* functionality of sct */
return AXIS2_SUCCESS;
}
AXIS2_EXTERN void* AXIS2_CALL
sct_provider_get_user_params(
const axutil_env_t *env)
{
return NULL;
}
/**
* Following block distinguish the exposed part of the dll.
*/
AXIS2_EXPORT int
axis2_get_instance(rampart_sct_provider_t **inst,
const axutil_env_t *env)
{
rampart_sct_provider_t* sct_provider = NULL;
sct_provider = (rampart_sct_provider_t*)AXIS2_MALLOC(env->allocator,
sizeof(rampart_sct_provider_t));
sct_provider->ops =(rampart_sct_provider_ops_t*)AXIS2_MALLOC(
env->allocator, sizeof(rampart_sct_provider_ops_t));
/*assign function pointers*/
sct_provider->ops->obtain_security_context_token = sct_provider_obtain_token;
sct_provider->ops->store_security_context_token = sct_provider_store_token;
sct_provider->ops->delete_security_context_token = sct_provider_delete_token;
sct_provider->ops->validate_security_context_token = sct_provider_validate_token;
sct_provider->ops->get_user_params = sct_provider_get_user_params;
sct_provider->ops->free = sct_provider_free;
*inst = sct_provider;
if (!(*inst))
{
AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot initialize the sct provider module");
return AXIS2_FAILURE;
}
return AXIS2_SUCCESS;
}
AXIS2_EXPORT int
axis2_remove_instance(rampart_sct_provider_t *inst,
const axutil_env_t *env)
{
axis2_status_t status = AXIS2_FAILURE;
if (inst)
{
status = RAMPART_SCT_PROVIDER_FREE(inst, env);
}
return status;
}
#ifdef __cplusplus
}
#endif
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:SecurityContextToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<!--sp:RequireDerivedKeys/-->
</wsp:Policy>
</sp:SecurityContextToken>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:EncryptBeforeSigning/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
<sp:MustSupportRefThumbprint/>
<sp:MustSupportRefEncryptedKey/>
</wsp:Policy>
</sp:Wss11>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
<rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
<rampc:SecurityContextTokenProvider>/usr/local/libsecprv.so</rampc:SecurityContextTokenProvider>
</rampc:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
#include <stdio.h>
#include <axutil_string.h>
#include <axutil_utils.h>
#include <oxs_utility.h>
#include <rampart_util.h>
#include <rampart_sct_provider.h>
#include <secconv_security_context_token.h>
#include <string>
#include "client_lib.hxx"
#include "security_controller.h"
#include "xlateutil.hxx"
#ifdef __cplusplus
extern "C"
{
#endif
#ifndef WS_UID
#define WS_UID "UID"
#endif
#ifndef NAMESPACE_PREFIX
#define NAMESPACE_PREFIX "cos"
#endif
#ifndef NAMESPACE_URI
#define NAMESPACE_URI "http://www.xyz.com/cos";
#endif
#ifndef OBTAIN_SEC_TOKEN
#define OBTAIN_SEC_TOKEN "sct_provider_obtain_token"
#endif
#ifndef IN_HEADER_PARAM
#define IN_HEADER_PARAM "GetInputParamFromHeaderByName"
#endif
axiom_element_t* GetRootElement(const axutil_env_t* env,
axiom_node_t* rootNode, const char* funcName);
bool GetInputParamByName(const axutil_env_t* env, axiom_node_t* rootNode,
axiom_element_t* rootElement, const axis2_char_t* paramName,
std::string& paramStr);
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_free(rampart_sct_provider_t *sct_provider,
const axutil_env_t* env)
{
if (sct_provider)
{
if (sct_provider->ops)
{
AXIS2_FREE(env->allocator, sct_provider->ops);
}
AXIS2_FREE(env->allocator, sct_provider);
}
return AXIS2_SUCCESS;
}
AXIS2_EXTERN void* AXIS2_CALL
sct_provider_obtain_token(
const axutil_env_t* env,
axis2_bool_t is_encryption,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t* sct_id,
int sct_id_type,
void* user_params)
{
security_context_token_t* sct = NULL;
axiom_soap_envelope_t *envelope = NULL;
axiom_soap_header_t *soap_header = NULL;
axiom_node_t *header_node = NULL;
std::string combined_id;
oxs_buffer_t *secretKeyBuffer = NULL;
envelope = axis2_msg_ctx_get_soap_envelope(msg_ctx, env);
if(envelope)
{
soap_header = axiom_soap_envelope_get_header(envelope, env);
}
if(soap_header)
{
header_node = axiom_soap_header_get_base_node(soap_header, env);
}
if(!header_node)
{
return NULL;
}
axiom_element_t* header_element = GetRootElement(env, header_node, OBTAIN_SEC_TOKEN);
if (!header_element)
{
return NULL;
}
if (false == GetInputParamByName(env, header_node, header_element,
WS_UID, combined_id))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] Could not retrieve the UID from the header.");
return NULL;
}
std::string groupId;
std::string subGroupId;
std::string user_id;
std::vector<std::string> idPair;
Xlate::SplitString(combined_id, "/", idPair);
groupId = GetGroupId();
if(1 == idPair.size())
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] SubGroupId not found in the header. Using GroupID instead....");
subGroupId = groupId;
user_id = idPair[0];
}
else if(2 == idPair.size())
{
subGroupId = idPair[0];
user_id = idPair[1];
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] Could not parse the UID/SubGroupId from the header.");
return NULL;
}
secretKeyBuffer = oxs_buffer_create(env);
if(false == user_id.empty())
{
std::string secretKey = getKey(groupId + ":" + subGroupId + ":" + user_id, LB_WEB_SERV, groupId, subGroupId);
if(false == secretKey.empty())
{
int realLen = 0;
char *realKey = Xlate::Base64Decode((unsigned char*)secretKey.c_str(), secretKey.length(), &realLen);
oxs_buffer_populate(secretKeyBuffer, env, (unsigned char*)realKey, realLen);
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] Could not retrieve the secret key for the specified Principal ID.");
return NULL;
}
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] Could not retrieve the Principal ID from the header.");
return NULL;
}
if(secretKeyBuffer)
{
sct = security_context_token_create(env);
if(!sct)
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] Could not create security context token");
return NULL;
}
security_context_token_set_secret(sct, env, secretKeyBuffer);
if(!sct_id)
{
sct_id = oxs_util_generate_id(env,const_cast<char *>("urn:uuid:"));
}
security_context_token_set_global_identifier(sct, env, (axis2_char_t *)axutil_strdup(env, sct_id));
security_context_token_set_local_identifier(sct, env, (axis2_char_t *)axutil_strdup(env, "#sctId-29530019"));
return sct;
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[sct_provider] secretKeyBuffer was NULL.");
return NULL;
}
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_store_token(
const axutil_env_t *env,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t *sct_global_id,
axis2_char_t *sct_local_id,
void *sct,
void *user_params)
{
return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_delete_token(
const axutil_env_t *env,
axis2_msg_ctx_t* msg_ctx,
axis2_char_t *sct_id,
int sct_id_type,
void* user_params)
{
/* delete method is not implemented, because we are still not supporting sct cancel function */
return AXIS2_SUCCESS;
}
AXIS2_EXTERN axis2_status_t AXIS2_CALL
sct_provider_validate_token(
const axutil_env_t *env,
axiom_node_t *sct_node,
axis2_msg_ctx_t *msg_ctx,
void *user_params)
{
/* default implementation does not need to validate anything. We haven't extended the
* functionality of sct */
return AXIS2_SUCCESS;
}
AXIS2_EXTERN void* AXIS2_CALL
sct_provider_get_user_params(
const axutil_env_t *env)
{
return NULL;
}
/**
* Following block distinguish the exposed part of the dll.
*/
AXIS2_EXPORT int
axis2_get_instance(rampart_sct_provider_t **inst,
const axutil_env_t *env)
{
rampart_sct_provider_t* sct_provider = NULL;
sct_provider = (rampart_sct_provider_t *)AXIS2_MALLOC(env->allocator,
sizeof(rampart_sct_provider_t));
sct_provider->ops = (rampart_sct_provider_ops_t*)AXIS2_MALLOC(
env->allocator, sizeof(rampart_sct_provider_ops_t));
/*assign function pointers*/
sct_provider->ops->obtain_security_context_token = sct_provider_obtain_token;
sct_provider->ops->store_security_context_token = sct_provider_store_token;
sct_provider->ops->delete_security_context_token = sct_provider_delete_token;
sct_provider->ops->validate_security_context_token = sct_provider_validate_token;
sct_provider->ops->get_user_params = sct_provider_get_user_params;
sct_provider->ops->free = sct_provider_free;
*inst = sct_provider;
if (!(*inst))
{
AXIS2_LOG_INFO(env->log, "[rampart][sct_provider_sample] Cannot initialize the sct provider module");
return AXIS2_FAILURE;
}
return AXIS2_SUCCESS;
}
AXIS2_EXPORT int
axis2_remove_instance(rampart_sct_provider_t *inst,
const axutil_env_t *env)
{
axis2_status_t status = AXIS2_FAILURE;
if (inst)
{
status = RAMPART_SCT_PROVIDER_FREE(inst, env);
}
return status;
}
axiom_element_t* GetRootElement(const axutil_env_t* env,
axiom_node_t* rootNode, const char* funcName)
{
if (!rootNode)
{
return NULL;
}
axiom_element_t* rootElement = (axiom_element_t*)
axiom_node_get_data_element(rootNode, env);
if (!rootElement)
{
return NULL;
}
return rootElement;
}
bool GetInputParamByName(const axutil_env_t* env, axiom_node_t* rootNode,
axiom_element_t* rootElement, const axis2_char_t* paramName,
std::string& paramStr)
{
axutil_qname_t* paramQname = axutil_qname_create(env, paramName,
NAMESPACE_URI, NAMESPACE_PREFIX);
axiom_node_t* paramNode = NULL;
axiom_element_t* paramElement =
axiom_element_get_first_child_with_qname(rootElement, env,
paramQname, rootNode, ¶mNode);
axutil_qname_free(paramQname, env);
if((paramNode) && (paramElement))
{
axis2_char_t* value = axiom_element_get_text(paramElement, env,
paramNode);
if (NULL != value)
{
paramStr = value;
value = NULL;
}
}
else
{
// noop
}
return true;
}
#ifdef __cplusplus
}
#endif
<serviceGroup name="V1">
<service name="object">
<parameter name="MTOMCachingCallback" locked="false">/usr/local/libcachingcallback.so</parameter>
<parameter name="MTOMSendingCallback" locked="false">/usr/local/libsendingcallback.so</parameter>
<parameter name="wsdl_path">/usr/local/axis2c/services/V1/objectws.wsdl</parameter>
<parameter name="ServiceClass" locked="xsd:false">mod_soap</parameter>
<!-- these parameters exist in the metadata service as well
they *must* be changed in *both* places! -->
<parameter name="VersionObject">On</parameter>
<parameter name="QueryObjects">Off</parameter>
<description>
this belongs to the V1 service group.
</description>
<module ref="rampart"/>
<operation name="CreateObject">
<parameter name="wsamapping">http://www.xyz.com/cos/ObjectWS/CreateObject</parameter>
<message label="in">
<wsp:Policy wsu:Id="SigEncrMessage" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:SignedParts>
</wsp:Policy>
</message>
<message label="out" />
</operation>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:SecurityContextToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<!--sp:RequireDerivedKeys/-->
</wsp:Policy>
</sp:SecurityContextToken>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:EncryptBeforeSigning/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefEmbeddedToken/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
<rampc:SecurityContextTokenProvider>/usr/local/libsec_soap.so</rampc:SecurityContextTokenProvider>
</rampc:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</service>
<service name="metadata">
<parameter name="MTOMCachingCallback" locked="false">/usr/local/libcachingcallback.so</parameter>
<parameter name="MTOMSendingCallback" locked="false">/usr/local/libsendingcallback.so</parameter>
<parameter name="wsdl_path">/usr/local/axis2c/services/V1/metadataws.wsdl</parameter>
<parameter name="ServiceClass" locked="xsd:false">mod_soap</parameter>
<!-- these parameters exist in the object service as well
they *must* be changed in *both* places! -->
<parameter name="VersionObject">On</parameter>
<parameter name="QueryObjects">Off</parameter>
<description>
this belongs to the V1 service group.
</description>
<module ref="rampart"/>
<operation name="ListObjects">
<parameter name="wsamapping">http://www.xyz.com/cos/MetadataWS/ListObjects</parameter>
<message label="in">
<wsp:Policy wsu:Id="SigEncrMessage" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body />
</sp:SignedParts>
</wsp:Policy>
</message>
<message label="out" />
</operation>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:SecurityContextToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<!--sp:RequireDerivedKeys/-->
</wsp:Policy>
</sp:SecurityContextToken>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:EncryptBeforeSigning/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefEmbeddedToken/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<rampc:RampartConfig xmlns:rampc="http://ws.apache.org/rampart/c/policy";>
<rampc:SecurityContextTokenProvider>/usr/local/libsec_soap.so</rampc:SecurityContextTokenProvider>
</rampc:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</service>
</serviceGroup>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
