Hi Colm, On Tue, 22 Nov 2011 14:43:22 +0000 Colm O hEigeartaigh <cohei...@apache.org> wrote:
> Hi Marc, > > Are you still planning on building a common code-base for CXF & > Rampart as per your previous mail? Yes that's still my goal because swssf can/will use the common code-base too. The swssf policy engine needs just a little bit refactoring (the rampart-policy code refactoring is the first part of it) to fully support the new policy code. As you already know, swssf emits security-policy relevant events in realtime which will be asserted also in realtime (if possible). To simplify things further CXF (and rampart perhaps too) could then use the swssf assertion-engine to verify the policy also with the DOM-WSS (WSS4J) impl. The only difference is that the validation will not occur in realtime as with swssf. As example: When swssf hits an X509Token it will emit a X509TokenSecurityEvent. This event will be feeded to the policy engine. The policy engine throws an Exception when the assertions cannot be fullfilled. So WSS4j-DOM could also emit a X509TokenSecurityEvent when it processed the X509Token. The X509SecurityEvent could also be created from the WSResultVector and then hand over to the policy engine for verification. But in every case I think both implementation could use finally the same PolicyEngine. > If so wouldn't it be better to > create a new module in WSS4J that both projects could use? Yes, why not. WS-Sec-Policy is all around WSS minus some special things like Transport binding. Perhaps my explanation above will help to find the best way to go. It's just a matter of minutes to move the rampart-policy module to WSS4J because it has no deps to other rampart code. Thanks Marc > > Colm. > > On Tue, Nov 22, 2011 at 1:50 PM, Marc Giger <gi...@apache.org> wrote: > > Hi all > > > > I have now a bigger patch for rampart ready with the following changes and > > new features: > > > > - Axiom dependency removed. Just the axiom api is still there because of > > Neethi: > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] Building Rampart - Policy > > [INFO] task-segment: [dependency:tree] > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] [dependency:tree {execution: default-cli}] > > [INFO] org.apache.rampart:rampart-policy:jar:1.7.0-SNAPSHOT > > [INFO] +- org.apache.neethi:neethi:jar:3.0.2-SNAPSHOT:compile > > [INFO] | \- org.codehaus.woodstox:woodstox-core-asl:jar:4.0.8:compile > > [INFO] | +- javax.xml.stream:stax-api:jar:1.0-2:compile > > [INFO] | \- org.codehaus.woodstox:stax2-api:jar:3.0.2:compile > > [INFO] +- commons-lang:commons-lang:jar:2.3:compile > > [INFO] +- org.apache.ws.commons.axiom:axiom-api:jar:1.2.13-SNAPSHOT:test > > [INFO] | +- > > org.apache.geronimo.specs:geronimo-activation_1.1_spec:jar:1.0.2:test > > [INFO] | +- > > org.apache.geronimo.specs:geronimo-javamail_1.4_spec:jar:1.6:test > > [INFO] | +- commons-logging:commons-logging:jar:1.1.1:test > > [INFO] | +- jaxen:jaxen:jar:1.1.3:test > > [INFO] | +- > > org.apache.geronimo.specs:geronimo-stax-api_1.0_spec:jar:1.0.1:test > > [INFO] | \- org.apache.james:apache-mime4j-core:jar:0.8-SNAPSHOT:test > > [INFO] +- xmlunit:xmlunit:jar:1.3:test > > [INFO] \- junit:junit:jar:3.8.2:test > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] BUILD SUCCESSFUL > > [INFO] > > ------------------------------------------------------------------------ > > > > > > - Complete Support (if I didn't miss something) of WS-Sec-Pol 1.1, 1.2 and > > 1.3 > > - Support of nested Policies with multiple alternatives > > - The complete Rampart-Project builds and successfully runs all the tests. > > - A lot of additional tests for the rampart-policy module to test the > > Policy building > > - ... > > > > If someone branches the rampart-trunk and gives me rw access to it I will > > commit > > the changes. After this you can review it and merge it back to the trunk. > > > > Kind regards > > > > Marc > > > > > > > > Some stats: > > > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] Reactor Summary: > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] Apache Rampart ........................................ SUCCESS > > [0.954s] > > [INFO] Rampart - Policy ...................................... SUCCESS > > [4.365s] > > [INFO] Rampart - Trust ....................................... SUCCESS > > [4.932s] > > [INFO] Rampart - Core ........................................ SUCCESS > > [1.427s] > > [INFO] Rampart - Test Suite .................................. SUCCESS > > [4.489s] > > [INFO] Rampart - Mar ......................................... SUCCESS > > [0.271s] > > [INFO] Rampart - Trust-Mar ................................... SUCCESS > > [0.291s] > > [INFO] Rampart - Integration ................................. SUCCESS > > [3:18.602s] > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] > > ------------------------------------------------------------------------ > > [INFO] BUILD SUCCESSFUL > > [INFO] > > ------------------------------------------------------------------------ > > > > > > Lines added (incl. tests): ~14589 > > Lines deleted: ~13602 > > > > > > Changelist: > > A modules/rampart-policy/src/test > > A modules/rampart-policy/src/test/java > > A modules/rampart-policy/src/test/java/org > > A modules/rampart-policy/src/test/java/org/apache > > A modules/rampart-policy/src/test/java/org/apache/ws > > A modules/rampart-policy/src/test/java/org/apache/ws/secpolicy > > A modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/HttpsTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SignedElementsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/PolicyNormalizationTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/EncryptedPartsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SecurityContextTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/RequiredElementsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/KerberosTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/LayoutTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/Wss11Test.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/UsernameTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SecureConversationTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/Trust13Test.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/ContentEncryptedElementsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/KeyValueTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/TransportBindingTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/RequiredPartsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/EncryptedElementsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/AbstractTestBase.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/AlgorithmSuiteTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SpnegoContextTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/InitiatorTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/X509TokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SymmetricBindingTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/AsymmetricBindingTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/Wss10Test.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/Trust10Test.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SignedPartsTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/RecipientTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/RelTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SamlTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/IssuedTokenTest.java > > A > > modules/rampart-policy/src/test/java/org/apache/ws/secpolicy/tests/SupportingTokensTest.java > > A modules/rampart-policy/src/test/resources > > A modules/rampart-policy/src/test/resources/policy > > A > > modules/rampart-policy/src/test/resources/policy/WSP15_432-serialized.xml > > A modules/rampart-policy/src/test/resources/policy/model > > A modules/rampart-policy/src/test/resources/policy/model/sp11 > > A > > modules/rampart-policy/src/test/resources/policy/model/sp11/Trust10.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp11/normalized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp11/normalized/Trust10.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp11/serialized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp11/serialized/Trust10.xml > > A modules/rampart-policy/src/test/resources/policy/model/sp12 > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SecureConversationToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/RecipientToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/RelToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/KeyValueToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/EncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/RequiredParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SamlToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/IssuedToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/AlgorithmSuite.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/HttpsToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/RecipientToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/RelToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/ContentEncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/KeyValueToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/TransportBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/RequiredParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/EncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SamlToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/IssuedToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SupportingTokens.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/AlgorithmSuite.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SpnegoContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/InitiatorToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/HttpsToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/X509Token.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/AsymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/Wss10.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/SecurityContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/KerberosToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/RequiredElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/Layout.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/normalized/Wss11.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/X509Token.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/AsymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/Layout.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/KerberosToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/RequiredElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SecurityContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/ContentEncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/TransportBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SecureConversationToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/RecipientToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/RelToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/ContentEncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/KeyValueToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/TransportBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/RequiredParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/EncryptedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SamlToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/IssuedToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SupportingTokens.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/AlgorithmSuite.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SpnegoContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/InitiatorToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/HttpsToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/X509Token.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/AsymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/Wss10.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/SecurityContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/KerberosToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/RequiredElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/Layout.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/serialized/Wss11.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SupportingTokens.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SpnegoContextToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/InitiatorToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/SymmetricBinding.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/Wss10.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp12/Wss11.xml > > A modules/rampart-policy/src/test/resources/policy/model/sp13 > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/normalized/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized/UsernameToken.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized/SignedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized/Trust13.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized/SignedElements.xml > > A > > modules/rampart-policy/src/test/resources/policy/model/sp13/serialized/EncryptedParts.xml > > A > > modules/rampart-policy/src/test/resources/policy/WSP15_432-normalized.xml > > A > > modules/rampart-policy/src/test/resources/policy/WSP15_432-compact.xml > > D modules/rampart-policy/src/main/java/META-INF > > D modules/rampart-policy/src/main/java/META-INF/services > > D > > modules/rampart-policy/src/main/java/META-INF/services/org.apache.neethi.builders.AssertionBuilder > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricAsymmetricBindingBase.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedParts.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignatureToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/HttpsToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractTokenWrapper.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedElements.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptedParts.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Binding.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Attachments.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredElements.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Layout.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/KerberosToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecurityContextToken.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokenType.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss11.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorEncryptionToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/UsernameToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SecureConversationToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSecurityAssertion.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/XPath.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust13.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ContentEncryptedElements.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorSignatureToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/KeyValueToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportBinding.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmWrapper.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractSymmetricAsymmetricBinding.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptedElements.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RequiredParts.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/EncryptionToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientEncryptionToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractBinding.java > > R > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AlgorithmSuite.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SpnegoContextToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/InitiatorToken.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AbstractConfigurableSecurityAssertion.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientSignatureToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SymmetricBinding.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/AsymmetricBinding.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Wss10.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Token.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TokenWrapper.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Trust10.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RelToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/RecipientToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedParts.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/ProtectionToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/Header.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/IssuedToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SamlToken.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/TransportToken.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SupportingTokens.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SP11Constants.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SP12Constants.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SP13Constants.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPUtils.java > > A > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/AssertionState.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/EncryptionTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SupportingTokensBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SpnegoContextTokenBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SignatureTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/InitiatorTokenBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RecipientSignatureTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SignedElementsBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SymmetricBindingBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/WSS10Builder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/InitiatorEncryptionTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/WSS11Builder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/UsernameTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SecureConversationTokenBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RelTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RecipientTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SignedPartsBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/KeyValueTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ProtectionTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RequiredPartsBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/EncryptedElementsBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SamlTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/IssuedTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/TransportTokenBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RecipientEncryptionTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/AlgorithmSuiteBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/HttpsTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/X509TokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/EncryptedPartsBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/AsymmetricBindingBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/KerberosTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/SecurityContextTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/RequiredElementsBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/LayoutBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/Trust10Builder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/ContentEncryptedElementsBuilder.java > > A + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/InitiatorSignatureTokenBuilder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/Trust13Builder.java > > MM + > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/builders/TransportBindingBuilder.java > > MM > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/WSSPolicyException.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/Constants.java > > D modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11 > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/EncryptedElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/TransportTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/IssuedTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SupportingTokensBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/AlgorithmSuiteBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/InitiatorTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/X509TokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/EncryptedPartsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SymmetricBindingBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/AsymmetricBindingBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/WSS10Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/LayoutBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/RequiredElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SecurityContextTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/WSS11Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/UsernameTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SecureConversationTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/Trust10Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/SignedPartsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/RecipientTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/ProtectionTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/TransportBindingBuilder.java > > D modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12 > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/EncryptedElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/RequiredPartsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/TransportTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/IssuedTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SupportingTokensBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/AlgorithmSuiteBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/HttpsTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/InitiatorTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/X509TokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SymmetricBindingBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/EncryptedPartsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/AsymmetricBindingBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/RequiredElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SecurityContextTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/LayoutBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/WSS10Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/WSS11Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/UsernameTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SecureConversationTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/RecipientTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/SignedPartsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/ContentEncryptedElementsBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/Trust13Builder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/ProtectionTokenBuilder.java > > D > > modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/TransportBindingBuilder.java > > A modules/rampart-policy/src/main/resources > > A + modules/rampart-policy/src/main/resources/META-INF > > M + > > modules/rampart-policy/src/main/resources/META-INF/services/org.apache.neethi.builders.AssertionBuilder > > M modules/rampart-policy/pom.xml > > M > > modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java > > M modules/rampart-trust/pom.xml > > M > > modules/rampart-tests/src/test/java/org/apache/ws/secpolicy/model/SecpolicyModelTest.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyData.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/policy/SupportingPolicyData.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/policy/RampartPolicyBuilder.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java > > M > > modules/rampart-core/src/main/java/org/apache/rampart/handler/PostDispatchVerificationHandler.java > > M pom.xml > > > > > > > > > > On Thu, 10 Nov 2011 20:02:48 +0100 > > Marc Giger <gi...@apache.org> wrote: > > > >> Dear WS-devs, > >> > >> At the moment there are at least 4 AssertionBuilder and 3 Assertion > >> classes per WS-Security-Policy-Assertion. > >> The original Rampart ones, the CXF ones lent by rampart and my classes > >> (swssf) lent by Rampart. > >> All of you, which did contribute to the policy implementations, know how > >> much time it takes to implement > >> it and how complicated it can be. > >> > >> The attached patch is a first try/draft/proposal to to get rid of this > >> overhead so that we can use a common code base. > >> It is of course not intended for inclusion but to start a discussion about > >> requirements. > >> > >> The provided patch should show you > >> - the support of neested policies and its normalization (attached is a > >> sample policy in compact form > >> and its normalized version which was normalized with the code in the patch) > >> - the simplification of the multiple Policy-Versions handling > >> - generic (simple) method and class to do the final assert of an > >> alternative > >> > >> The axis/rampart developers will note that the builders are using the > >> W3C-DOM implementation instead of the axiom framework. > >> The rationale is that no additional dependencies are needed, DOM is an > >> official standard and we aren't in a "hot-path" > >> (Normally the policy will be build once during the whole runtime). So, > >> this shouldn't be a big deal. > >> > >> There is an alternative to the proposed concept. Build the policy without > >> the builders and call the concrete builders during > >> normalization or during other structural changes. The primitive assertion > >> objects can be hold behind the scene to allow > >> structural changes all the time. > >> > >> Before I invest more time I want to make sure the asf-dev-community is in > >> favor and the result will be accepted. > >> > >> What do you think? > >> > >> I agree [ ] > >> I disagree [ ] > >> I don't care [ ] > >> What do you want?, it is perfect as it is! [ ] > >> > >> I'm willing to help [ ] > >> > >> Comments/notes/concerns/objections/ideas? > >> > >> Please share your opinion! > >> > >> Thanks > >> > >> Marc > >> > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org > > For additional commands, e-mail: dev-h...@ws.apache.org > > > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org > For additional commands, e-mail: dev-h...@ws.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@ws.apache.org For additional commands, e-mail: dev-h...@ws.apache.org