Author: nandana
Date: Wed Jan 2 23:55:10 2008
New Revision: 11791
Log:
Updated the Commodity Quote Sample Guide
Modified:
trunk/wsas/java/modules/documentation/src/site/xdoc/commodity_quote_guide.xml
Modified:
trunk/wsas/java/modules/documentation/src/site/xdoc/commodity_quote_guide.xml
==============================================================================
---
trunk/wsas/java/modules/documentation/src/site/xdoc/commodity_quote_guide.xml
(original)
+++
trunk/wsas/java/modules/documentation/src/site/xdoc/commodity_quote_guide.xml
Wed Jan 2 23:55:10 2008
@@ -163,30 +163,24 @@
domain policies. We would only demonstrate the sample with the
default policy available from Sandesha2
</li>
- <li>secure - Rampart/Rahas: WSO2 WSAS distribution compliant with
ten
+ <li>secure - Rampart/Rahas: WSO2 WSAS distribution compliant with
fifteen
security scenarios.
<ol>
- <li>Username Token authentication</li>
- <li>Requests as well as responses are signed</li>
- <li>Sign and encrypt using Basic256 algorithm suite</li>
- <li>Encrypt and sign using Basic256 algorithm suite</li>
- <li>Sign and encrypt using Basic256 algorithm suite and
derived
- keys
- </li>
- <li>Sign and encrypt using TripleDesRsa15 algorithm
suite</li>
- <li>Sign and encrypt using TripleDesRsa15 algorithm suite
and
- derived keys
- </li>
- <li>Sign and encrypt using TripleDesRsa15 algorithm suite,
derived
- keys and encrypt primary signature
- </li>
- <li>SecureConversation - Sign and encrypt - Service as STS
-
- Bootstrap policy - UsernameToken with Timestamp over
HTTPS
- </li>
- <li>SecureConversation - Sign and encrypt with signature
encrypted
- - Service as STS - Bootstrap policy - Derived Key
encr/sig based
- on an ephemeral key
- </li>
+ <li>Username Token authentication over HTTPS</li>
+ <li>Sign only - X509 Authentication</li>
+ <li>Sign and encrypt - X509 Authentication</li>
+ <li>Sign only - Anonymous clients</li>
+ <li>Encrypt only - Anonymous clients</li>
+ <li>Sign and Encrypt - Anonymous clients</li>
+ <li>Encrypt only - Username Token Authentication</li>
+ <li>Sign and Encrypt - Username Token Authentication</li>
+ <li>SecureConversation - Sign only - Service as STS -
Bootstrap policy - Sign and Encrypt , X509 Authentication </li>
+ <li>SecureConversation - Encrypt only - Service as STS -
Bootstrap policy - Sign and Encrypt , X509 Authentication</li>
+ <li>SecureConversation - Sign and Encrypt - Service as STS
- Bootstrap policy - Sign and Encrypt , X509 Authentication</li>
+ <li>SecureConversation - Sign Only - Service as STS -
Bootstrap policy - Sign and Encrypt , Anonymous clients</li>
+ <li>SecureConversation - Encrypt Only - Service as STS -
Bootstrap policy - Sign and Encrypt , Anonymous clients</li>
+ <li>SecureConversation - Encrypt Only - Service as STS -
Bootstrap policy - Sign and Encrypt , Username Token Authentication</li>
+ <li>SecureConversation - Sign and Encrypt - Service as STS
- Bootstrap policy - Sign and Encrypt , Username Token Authentication</li>
</ol>
<p><strong>Note:</strong> Some of the scenarios listed above
need
provision for unlimited security jurisdiction. This will
basically be
@@ -235,8 +229,8 @@
<pre>STARTING COMMODITY QUOTE SAMPLE CLIENT
=============================
-Enter security scenario [1 - 10]...
-{select a value between 1 to 10}</pre>
+Enter security scenario [1 - 15]...
+{select a value between 1 to 15}</pre>
<ol>
<li>Username Token authentication
<ul>
@@ -253,7 +247,7 @@
STARTING COMMODITY QUOTE SAMPLE CLIENT
=============================
-Enter security scenario [1 - 10]...
+Enter security scenario number [1 - 15]...
1
Client will be tuned to work on security scenario : 1
Please enter your username :
@@ -334,7 +328,7 @@
<pre>STARTING COMMODITY QUOTE SAMPLE CLIENT
=============================
-Enter security scenario [1 - 10]...
+Enter security scenario number [1 - 15]...
2
Client will be tuned to work on security scenario : 2
In this demonstration, client will use client.jks and server should use
@@ -373,33 +367,112 @@
</li>
</ul>
</li>
-<li>Sign and encrypt using Basic256 algorithm suite<br/>
+<li>Sign and encrypt - X509 Authentication<br/>
<strong>Configuration same as in scenario 2, except using this security
scenario.</strong></li>
-<li>Encrypt and sign using Basic256 algorithm suite<br/>
+<li>Sign only - Anonymous clients<br/>
<strong>Configuration as in scenario 2, except using this security
- scenario.</strong></li>
-<li>Sign and encrypt using Basic256 algorithm suite and derived keys<br/>
+ scenario. But in the client side, client's keys are not used and only
+ the service's public key is used</strong></li>
+<li>Encrypt only - Anonymous clients<br/>
<strong>Configuration as in scenario 2, except using this security
- scenario.</strong></li>
-<li>Sign and encrypt using TripleDesRsa15 algorithm suite<br/>
+ scenario. But in the client side, client's keys are not used and only
+ the service's public key is used</strong></li>
+<li>Sign and Encrypt - Anonymous clients<br/>
<strong>Configuration as in scenario 2, except using this security
- scenario.</strong></li>
-<li>Sign and encrypt using TripleDesRsa15 algorithm suite and derived
- keys<br/>
- <strong>Configuration as in scenario 2, except using this security
- scenario.</strong></li>
-<li>Sign and encrypt using TripleDesRsa15 algorithm suite, derived keys and
- encrypt primary signature<br/>
+ scenario. But in the client side, client's keys are not used and only
+ the service's public key is used</strong></li>
+<li>Requests as well as responses are encrypted for this scenario to work.
+ Commodity quote service needs to import a certificate. Let this
+ certificate be service.jks. In addition to this, client needs to import
+ the private key of the service.jks. Let's say this is client.jks. For
+ this demonstration, service.jks and client.jks will be shipped with the
+ sample and it's located at WSO2WSAS_HOME/samples/CommodityQuote/keys/
+ <ul>
+ <li><strong>Server side:</strong> Logging to management console. Go to
+ Security > Users > User Management. The add a user "client"
+ with password "testing". Go to Keystores and upload the
+ service.jks. Keystore password will be "testing" and private key
+ store password will be "testing". Then go to Services >
+ CommodityQuote > Security Configuration and select "Encrypt
only -
+ Username Token Authentication",after which select "Continue".
Select
+ Trusted Certificate Stores as service.jks and select private
keystore
+ as service.jks and also select user client and apply it.
+ </li>
+ <li><strong>Client side:</strong>
+ <pre>STARTING COMMODITY QUOTE SAMPLE CLIENT
+=============================
+
+Enter security scenario number [1 - 15]...
+7
+Selected security scenario : 7
+In this demonstration, client will use client.jks and server should use
+service.jks.
+Please enter your username :
+client
+Please enter your password :
+testing
+Sample will be invoked using following parameters ..
+CommodityQuoteService Endpoint reference :
http://10.100.1.130:9762/services/CommodityQuote
+Quality of Service : secure
+
+
+
+Please select your operation...
+---------------------------------
+(1) getQuote
+(2) getSymbols
+(3) Exit
+:1
+...Getting Quote...
+Please enter the symbol:xe
+
+Results
+-------
+Name :xe
+Symbol :Xenon
+High value :0.0
+Low value :0.0
+Price :24.0
+
+Please select your operation...
+---------------------------------
+(1) getQuote
+(2) getSymbols
+(3) Exit
+:
+
+
+ </pre>
+ </li>
+ </ul>
+</li>
+<li>Sign and Encrypt - Username Token Authentication<br/>
+ <strong>Configuration as in scenario 7, except using this security
+ scenario</strong></li>
+<li>Sign and Encrypt - Username Token Authentication<br/>
+ <strong>Configuration as in scenario 7, except using this security
+ scenario</strong></li>
+<li>SecureConversation - Sign only - Service as STS - Bootstrap policy - Sign
and Encrypt , X509 Authentication<br/>
<strong>Configuration as in scenario 2, except using this security
scenario</strong></li>
-<li>SecureConversation - Sign and encrypt - Service as STS - Bootstrap
- policy - UsernameToken with Timestamp over HTTPS<br/>
- <strong>Select "client" as the user.</strong></li>
-<li>SecureConversation - Sign and encrypt with signature encrypted -
- Service as STS - Bootstrap policy - Derived Key encr/sig based on an
- ephemeral key<br/>
- <strong>Configuration same as in scenario 2, except using this security
+<li>SecureConversation - Encrypt only - Service as STS - Bootstrap policy -
Sign and Encrypt , X509 Authentication<br/>
+ <strong>Configuration same as in scenario 2, except using this security
+ scenario.</strong></li>
+<li>SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy
- Sign and Encrypt , X509 Authentication<br/>
+ <strong>Configuration same as in scenario 2, except using this security
+ scenario.</strong></li>
+<li>SecureConversation - Sign Only - Service as STS - Bootstrap policy - Sign
and Encrypt , Anonymous clients<br/>
+ <strong>Configuration same as in scenario 2, except using this security
+ scenario.</strong></li>
+<li>SecureConversation - Encrypt Only - Service as STS - Bootstrap policy -
Sign and Encrypt , Anonymous clients<br/>
+ <strong>Configuration same as in scenario 2, except using this security
+ scenario.</strong></li>
+<li>SecureConversation - Encrypt Only - Service as STS - Bootstrap policy -
Sign and Encrypt , Username Token Authentication<br/>
+ <strong>Configuration same as in scenario 7, except using this security
+ scenario.</strong></li>
+<li>SecureConversation - Sign and Encrypt - Service as STS - Bootstrap policy
- Sign and Encrypt , Username Token Authentication<br/>
+ <strong>Configuration same as in scenario 7, except using this security
scenario.</strong></li>
</ol>
_______________________________________________
Wsas-java-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
