Author: keith
Date: Fri Jan 18 23:52:00 2008
New Revision: 12500
Log:
Adding policy for the MashupLoginServiceIC service. This simple encrypts the
ppid with limmited security so that it works out of the box
Added:
trunk/mashup/java/modules/core/conf/rampart/scenario22-policy.xml
Modified:
trunk/mashup/java/modules/core/conf/rampart/scenario-config.xml
trunk/mashup/java/modules/distribution/create-distro-build.xml
Modified: trunk/mashup/java/modules/core/conf/rampart/scenario-config.xml
==============================================================================
--- trunk/mashup/java/modules/core/conf/rampart/scenario-config.xml
(original)
+++ trunk/mashup/java/modules/core/conf/rampart/scenario-config.xml Fri Jan
18 23:52:00 2008
@@ -175,6 +175,14 @@
<Module>rampart</Module>
</Modules>
</Scenario>
+ <Scenario id="scenario22">
+ <Summary>Encrypt only - Anonymous clients with limited
Security</Summary>
+ <Description>Provides Integrity.</Description>
+ <Category>keystore.related</Category>
+ <Modules>
+ <Module>rampart</Module>
+ </Modules>
+ </Scenario>
<!--
This is the default required scenario. When no other security scenarios
are applied
this will be the effective scenario.
Added: trunk/mashup/java/modules/core/conf/rampart/scenario22-policy.xml
==============================================================================
--- (empty file)
+++ trunk/mashup/java/modules/core/conf/rampart/scenario22-policy.xml Fri Jan
18 23:52:00 2008
@@ -0,0 +1,71 @@
+<!--
+ ~ Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<wsp:Policy wsu:Id="EncrOnlyAnonymous"
+
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
+ xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";
+ xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
+ xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+ <wsp:ExactlyOne>
+ <wsp:All>
+ <sp:SymmetricBinding>
+ <wsp:Policy>
+ <sp:ProtectionToken>
+ <wsp:Policy>
+ <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
+ <wsp:Policy>
+
<sp:RequireThumbprintReference/>
+
<sp:WssX509V3Token10/>
+ </wsp:Policy>
+ </sp:X509Token>
+ </wsp:Policy>
+ </sp:ProtectionToken>
+ <sp:AlgorithmSuite>
+ <wsp:Policy>
+ <sp:Basic128/>
+ </wsp:Policy>
+ </sp:AlgorithmSuite>
+ <sp:Layout>
+ <wsp:Policy>
+ <sp:Lax/>
+ </wsp:Policy>
+ </sp:Layout>
+ <sp:IncludeTimestamp/>
+ <sp:OnlySignEntireHeadersAndBody/>
+ </wsp:Policy>
+ </sp:SymmetricBinding>
+ <sp:EncryptedParts>
+ <sp:Body/>
+ </sp:EncryptedParts>
+ <sp:Wss11>
+ <wsp:Policy>
+ <sp:MustSupportRefKeyIdentifier/>
+ <sp:MustSupportRefIssuerSerial/>
+ <sp:MustSupportRefThumbprint/>
+ <sp:MustSupportRefEncryptedKey/>
+ <sp:RequireSignatureConfirmation/>
+ </wsp:Policy>
+ </sp:Wss11>
+ <sp:Trust10>
+ <wsp:Policy>
+ <sp:MustSupportIssuedTokens/>
+ <sp:RequireClientEntropy/>
+ <sp:RequireServerEntropy/>
+ </wsp:Policy>
+ </sp:Trust10>
+ </wsp:All>
+ </wsp:ExactlyOne>
+</wsp:Policy>
\ No newline at end of file
Modified: trunk/mashup/java/modules/distribution/create-distro-build.xml
==============================================================================
--- trunk/mashup/java/modules/distribution/create-distro-build.xml
(original)
+++ trunk/mashup/java/modules/distribution/create-distro-build.xml Fri Jan
18 23:52:00 2008
@@ -195,6 +195,7 @@
</copy>
<copy file="../core/conf/rampart/scenario21-policy.xml"
tofile="${dist.dir}/conf/rampart/scenario21-policy.xml"/>
+ <copy file="../core/conf/rampart/scenario22-policy.xml"
tofile="${dist.dir}/conf/rampart/scenario22-policy.xml"/>
<copy file="../core/conf/rampart/scenario-config.xml"
tofile="${dist.dir}/conf/rampart/scenario-config.xml"/>
<copy todir="${dist.dir}/conf">
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
