Author: shankar
Date: Tue Apr 28 09:05:11 2009
New Revision: 769306
URL: http://svn.apache.org/viewvc?rev=769306&view=rev
Log:
Document modification for 1.3.0 release
Modified:
webservices/rampart/trunk/c/INSTALL
webservices/rampart/trunk/c/NEWS
webservices/rampart/trunk/c/xdocs/archived_news.html
webservices/rampart/trunk/c/xdocs/docs/configurations.html
webservices/rampart/trunk/c/xdocs/docs/installationguide.html
webservices/rampart/trunk/c/xdocs/docs/rampartc_manual.html
webservices/rampart/trunk/c/xdocs/download.html
webservices/rampart/trunk/c/xdocs/index.html
Modified: webservices/rampart/trunk/c/INSTALL
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/INSTALL?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/INSTALL (original)
+++ webservices/rampart/trunk/c/INSTALL Tue Apr 28 09:05:11 2009
@@ -26,7 +26,7 @@
Getting Rampart/C binary distribution working on Linux
======================================================
-1. Copy modules/rampart to $AXIS2C_HOME/modules
+1. Copy modules/* to $AXIS2C_HOME/modules/
2. Copy lib/* to $AXIS2C_HOME/lib
3. Copy services/* to $AXIS2C_HOME/services/
4. Engage rampart as described in section "Engaging Rampart/C with axis2/C"
Modified: webservices/rampart/trunk/c/NEWS
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/NEWS?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/NEWS (original)
+++ webservices/rampart/trunk/c/NEWS Tue Apr 28 09:05:11 2009
@@ -50,6 +50,7 @@
9. Keys management
- Support for X509 token profile
- Support for Key identifiers, Thumb prints, Issuer/Serial pairs, Embedded
and Direct references
+ - Support for PKCS12 keystore
10. WS-Secure Conversation Language support
- Establishing Security Context and thereby maintaining a session
@@ -76,8 +77,9 @@
1. WS-Secure Conversation Language support
2. WS-Trust Language support
3. Rahas module to give STS support to a service
-4. Memory leak fixes
-5. Many bug fixes
+4. PKCS12 Keystore support
+5. Memory leak fixes
+6. Many bug fixes
Planned to be implemented Architecture Features
Modified: webservices/rampart/trunk/c/xdocs/archived_news.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/archived_news.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/archived_news.html (original)
+++ webservices/rampart/trunk/c/xdocs/archived_news.html Tue Apr 28 09:05:11
2009
@@ -13,6 +13,88 @@
<p>This page contains information on previous releases running up to the
latest.</p>
+
+<a id="1.2.0"></a>
+<h3>13th May 2008 - Apache Rampart/C Version 1.2.0 Released</h3>
+<a href="http://ws.apache.org/rampart/c/download.cgi";>Download 1.2</a>
+<h4>Key Features</h4>
+<ol>
+<li>Ability to send and verify UsernameTokens with
+ <ul>
+ <li>Username and PlainText password
+ <li>Username and Digested password
+ </ul>
+<li>Ability to send Timestamp tokens
+<li>SOAP message encryption
+ <ul>
+ <li> With derived key support for improved security
+ <li> Symmetric and Asymmetric modes of operations
+ <li> Support for AES and Tripple DES encryption
+ <li> Signature encryption
+ <li> Keys encryption
+ </ul>
+<li>SOAP message signature
+ <ul>
+ <li> XML signature with RSA-SHA1
+ <li> Message authentication with HMAC-SHA1
+ <li> Signature confirmation support
+ <li> SOAP Header signing
+ </ul>
+<li>WS-Security Policy (spec 1.1) based configurations
+ <ul>
+ <li> Support for both Symmetric as well as Asymmetric policy bindings
+ <li> Support for different modes of key identifiers
+ <li> Support for different algorithm suites<br>
+ [Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15,
Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
+ </ul>
+<li>Replay detection support
+ <ul>
+ <li> Easy to use built-in replay detection module
+ <li> Ability to deploy a customized replay detection module
+ </ul>
+<li>Different protection orders
+ <ul>
+ <li> Encrypt before signing
+ <li> Sign before encrypting
+ </ul>
+<li>Extensible modules
+ <ul>
+ <li> Password callback module
+ <li> Authentication module
+ <li> Credentials module
+ </ul>
+<li>Keys management
+ <ul>
+ <li> Support for X509 token profile
+ <li> Support for Key identifiers, Thumb prints, Issuer/Serial pairs,
Embedded and Direct references
+ </ul>
+<li> WS-Secure Conversation Language support (Experimental)
+ <ul>
+ <li> Establishing Security Context and thereby maintaining a session
+ <li> Per message key derivation
+ <li> Support for stored securtiy context token
+ </ul>
+<li> WS-Trust Language support (Experimental)
+ <ul>
+ <li> Security Token Services (STS)
+ <li> STS Client
+ <li> Server and Client entrophy support
+ </ul>
+<li>Other
+ <ul>
+ <li> Easy to use deployment scripts
+ <li> A comprehensive set of samples
+ </ul>
+</ol>
+</div><div class="subsection"><a
name="Major_Changes_Since_Last_Release"></a><h3>Major Changes Since Last
Release</h3><p>
+<ol>
+ <li> WS-Secure Conversation Language support (Experimental)
+ <li> WS-Trust Language support (Experimental)
+ <li> SAML Support
+ <li> Memory leak fixes</li>
+ <li> Many bug fixes</li>
+ </ol>
+
<a id="1.1.0"></a>
<h3>16th Jan 2008 - Apache Rampart/C Version 1.1 Released</h3>
<a href='http://ws.apache.org/rampart/c/download.cgi'>Download 1.1</a>
Modified: webservices/rampart/trunk/c/xdocs/docs/configurations.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/docs/configurations.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/docs/configurations.html (original)
+++ webservices/rampart/trunk/c/xdocs/docs/configurations.html Tue Apr 28
09:05:11 2009
@@ -24,9 +24,14 @@
<li>Detecting replays of messages
</ol>
+<p>In addition to that, if you want to provide Secure Token Service (STS)
functionality to a service, add the following entry to your descriptor file.
</p>
+<pre>
+ <module ref="rahas"/>
+</pre>
+
<h2>Security policy based configurations</h2>
-<p>Rampart/C configurations are based on WS Security Policy Language 1.0.
Thus, we need to specify these policies in the descriptor file. For the client
side we place them in a separate policy file, whilst in the server side we
place them within either the services.xml or the axis2.xml.</p>
+<p>Rampart/C configurations are based on WS Security Policy Language. Thus, we
need to specify these policies in the descriptor file. For the client side we
place them in a separate policy file, whilst in the server side we place them
within either the services.xml or the axis2.xml.</p>
<h2>Client configurations</h2>
@@ -364,41 +369,5 @@
</p>
<p>The message ID is considered to be unique to a particular message. But for
this, user needs to have the addressing module engaged(which comes with
axis2/c). This is NOT a MUST but is the RECOMONDED approach. One can just
survive with only the timestamp. But shouldn't forget the chance of generating
two message at the same time, which definitely make them suspicious as a
replay.</p>
-<h2>Rampart/C samples</h2>
-
-<p>There are number of samples available under Rampart/C samples.
-Following is a brief description of Rampart/C samples</p>
-<p>
-<b><i>Service :</b> samples/services/sec_echo</i><br>
-The security enabled service. Depends on deployed security policy scenario.</p>
-<p>
-<b><i>Client:</b> samples/client/sec_echo</i><br>
-The client to send secured SOAP messages. Depends on deployed security policy
scenario.</p>
-<p>
-<b><i>Security policies:</b> samples/secpolicy/scenarioX</i><br>
-Provides several identified scenarios to demonstrate features of Rampart/C.
-Please read the README file under samples/secpolicy to learn more about
them.</p>
-<p>
-<b><i>Callbacks :</b> samples/callback</i><br>
-To retrieve passwords for a particular user, Rampart/C uses password callback
mechanism.
-Such callback modules can be plugged into Rampart/C by defining them in the
policy assertions.
-The sample shows how to write a simple password callback module.</p>
-<p>
-<b><i>Credential Provider:</b> samples/credential_provider</i><br>
-In the client side it's possible to give a username/password pair to the
client, using a credential_provider.
-Similar to Callbacks, these can too plugged into Rampart/C by defining them in
the policy assertions.
-The sample shows how to write a simple credentials provider.</p>
-<p>
-<b><i>Authentication Provider :</b> samples/authn_provider</i><br>
-In the server side, in order to validate a usernametoken in more application
specific way, an authentication module can be used.<br>
-The authentication module gets both the username and the password and returns
a status code back to Rampart/C.
-The sample shows how to write a simple authentication provider.</p>
-<p>
-<b><i>Keys :</b> samples/keys</i><br>
-All the certificates, private keys and key stores that are used by samples,
placed here.</p>
-<p>
-<b><i>Data :</b> samples/data</i><br>
-Data files that are used by samples, placed here.
-</p>
</body>
</html>
Modified: webservices/rampart/trunk/c/xdocs/docs/installationguide.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/docs/installationguide.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/docs/installationguide.html (original)
+++ webservices/rampart/trunk/c/xdocs/docs/installationguide.html Tue Apr 28
09:05:11 2009
@@ -19,7 +19,7 @@
<p>Please send your feedback to the developer mailing list: <a
href="mailto:rampart-c-...@ws.apache.org";>rampart-c-...@ws.apache.org</a>
(Subscription details are available on the <a
-href="http://ws.apache.org/rampart/c/mail-lists.html";>Rampart/C site</a>.</p>
+href="http://ws.apache.org/rampart/c/mail-lists.html";>Rampart/C site</a>).</p>
<h2>Contents</h2>
<ul>
@@ -61,14 +61,14 @@
<li>export AXIS2C_HOME</li>
</ul>
</li>
- <li>Copy modules/rampart to $AXIS2C_HOME/modules
+ <li>Copy modules/* to $AXIS2C_HOME/modules/
<li>Copy lib/* to $AXIS2C_HOME/lib
- <li>Copy bin/samples/server/sec_echo to $AXIS2C_HOME/services/
- <li>Copy bin/samples/* to $AXIS2C_HOME/bin/samples/rampart. This will copy
callback modules etc
+ <li>Copy services/* to $AXIS2C_HOME/services/
+ <li>Copy samples/* to $AXIS2C_HOME/samples/. This will copy callback modules
etc.
<li>Engage Rampart/C as specified in the section <a href="#engage">Engage
Rampart/C with Axis2/C</a>
- <li>Go to bin/samples/client/sec_echo/ and deploy the client repo
+ <li>Go to samples/src/rampartc/client/ and deploy the client repo
<pre>%sh deploy_client_repo.sh</pre>
- <li>Go to bin/samples/secpolicy/ and try a scenario
+ <li>Go to samples/src/rampartc/secpolicy/ and try a scenario
<pre> %sh test_scen.sh scenarioX server-port</pre>
</ol>
<a id="linux_source"></a>
@@ -93,7 +93,7 @@
<li>This can be done using the following command sequence, in the
directory where you have extracted the source:
<ul>
- <li>./configure --prefix=${AXIS2C_HOME} --enable-static=no
--with-axis2=${AXIS2C_HOME}/include/axis2-1.2</li>
+ <li>./configure --prefix=${AXIS2C_HOME} --enable-static=no
--with-axis2=${AXIS2C_HOME}/include/axis2-1.6.0</li>
<li>make</li>
<li>make install</li>
</ul>
@@ -128,10 +128,12 @@
<ol>
<li>Extract the binary distribution to a folder of your choice. (example:
C:\rampartc).</li>
- <li>Copy modules\rampart to %AXIS2C_HOME%\modules.</li>
+ <li>Set the AXIS2C_HOME envirionment variable to direct to your Axis2/C
Installation. </li>
+ <pre>SET AXIS2C_HOME=[your-path-to-axis2c]</pre>
+ <li>Run the deploy_rampart.bat that could be found in the root of the
rampart binary distribution.</li>
<li>Engage Rampart/C as specified in the section <a href="#engage">Engage
Rampart/C with Axis2/C</a>.
- <li>Copy samples\server\sec_echo to %AXIS2C_HOME%\services </li>
- <li>Start the axis2_http_server and run the echo client in the
samples\client\sec_echo to consume the secured service.
+ <li>Go to samples/src/rampartc/secpolicy/ and try a scenario
+ <pre> test_scen.bat scenarioX server-port</pre>
</ol>
<a id="bin_run"></a>
@@ -144,9 +146,8 @@
<li>The makefile shipped with this version needs Microsoft Visual Studio
Compiler (cl) and the nmake build tool.</li>
- <p>(Note: You can <a
- href="http://msdn.microsoft.com/vstudio/express/downloads/";>download the
- Microsoft VSExpress2005 edition and Platform SDK</a> from the Microsoft Web
+ <p>(Note: You can download the <a
+ href="http://msdn.microsoft.com/vstudio/express/downloads/";>Microsoft
VSExpress edition and Platform SDK</a> from the Microsoft Web
site. You will need to add the path to the Platform SDK Include and Lib
folders to the makefile)</p>
</li>
@@ -161,7 +162,13 @@
<ul>
<li>Extract the source distribution to a folder of your choice. (Example:
C:\rampartc)</li>
- <li>Edit the configure.in file to specify the Axis2/C repository path and
the OpenSSL installation path</li>
+ <li>Edit the configure.in file to specify the Axis2/C repository path and
the OpenSSL installation path
+ <ul>
+ <li>AXIS2_BIN_DIR = path/to/where/you/have/installed/axis2</li>
+ <li>OPENSSL_BIN_DIR = path/to/where/you/have/installed/openssl</li>
+ <li>DEBUG = 1 if enabled, 0 otherwise</li>
+ </ul>
+ </li>
<li>Open a DOS shell</li>
<li>cd C:\rampartc\build\win32</li>
<li>to access .Net tools, run
@@ -173,13 +180,6 @@
cannot find this batch file. This file is located in <your MS Visual
Studio install Directory>\VC\bin directory.)</p>
</li>
- <li>Set the patameters in the configure.in
- <ul>
- <li>AXIS2_BIN_DIR = path/to/where/you/have/installed/axis2</li>
- <li>OPENSSL_BIN_DIR = path/to/where/you/have/installed/openssl</li>
- <li>DEBUG = 1 if enabled, 0 otherwise</li>
- </ul>
- </li>
<li>To build the system and create the binary files in a directory named
deploy under the build directory,
<ul>
@@ -187,7 +187,10 @@
</ul>
</li>
<li>Engage Rampart/C as specified in the section <a href="#engage">Engage
Rampart/C with Axis2/C</a>
- <li>Start the axis2_http_server and run the echo client in the
samples/client/sec_echo to consume the secured service
+ <li>Then go to samples/secpolicy and try a scenario
+ <pre>
+ test_scen.bat scenarioX server-port
+ </pre>
</ul>
<a id="src_run"></a>
@@ -201,12 +204,23 @@
<module ref="rampart"/>
</pre>
-<p> Also you need to add follwoing phase under <phaseOrder
type="outflow">
+<p>If you want to provide Secure Token Service (STS) functionality to a
service, add the following entry to services.xml. </p>
+ <module ref="rahas"/>
+
+<p>Then add following "Security" phase to the phase order in the inflow and
outflow in the axis2.xml. Also add "Rahas" phase to inflow.</p>
<pre>
- <phaseOrder type="outflow">
- <!-- Other Phases-->
+ <phaseOrder type="inflow">
+ <phase name="Transport"/>
+ <phase name="PreDispatch"/>
+ <phase name="Dispatch"/>
+ <phase name="PostDispatch"/>
+ <phase name="Security" />
+ <phase name="Rahas"/>
+ </phaseOrder>
+ <phaseOrder type="outflow">
+ <phase name="MessageOut"/>
<phase name="Security"/>
- </phaseOrder>
+ </phaseOrder>
</pre>
<p>Apart from that you must define security policies for the client and the
server.
@@ -230,7 +244,5 @@
<li>services.xml : Defines what the security configurations are for a
particular service using security policies</li>
</ol>
<p><strong>NOTE:</strong> If you have changed a client's policy file, make
sure that you change the corresponding policy assertions in the services.xml
file as well, and vise versa. </p>
-<p><strong>NOTE:</strong> To try out samples, use the client available under
samples/client/sec_echo <br>
-Usage: echo [address] [client_repo]</p>
</body>
</html>
Modified: webservices/rampart/trunk/c/xdocs/docs/rampartc_manual.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/docs/rampartc_manual.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/docs/rampartc_manual.html (original)
+++ webservices/rampart/trunk/c/xdocs/docs/rampartc_manual.html Tue Apr 28
09:05:11 2009
@@ -59,9 +59,9 @@
Similar to processes, Rampart/C uses two builders that builds outgoing
messages.
<ol>
- <li>Security header builder : Builds Security headers of an outgoing
+ <li><strong>Security Header Builder</strong> : Builds Security headers
of an outgoing
message depending on security policies.</li>
- <li>Token Builder : Builds token claims such as binary security token.</li>
+ <li><strong>Token Builder</strong> : Builds token claims such as binary
security token.</li>
</ol>
These builders and processes assemble other components such as encryption,
signature, UsernameToken together. Decisions are taken in these processes
@@ -76,7 +76,7 @@
</p>
<p>Rampart/C is configured using policy assertions defined in WS-Security
-Policy specification 1.1. These policies are defined in policy.xml files.
+Policy specification (1.1 or 1.2). These policies are defined in policy.xml
files.
The client side policies are defined in a seperate policy.xml file located in
the client's repository.
The service's policies are defined in the services.xml file.
Modified: webservices/rampart/trunk/c/xdocs/download.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/download.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/download.html (original)
+++ webservices/rampart/trunk/c/xdocs/download.html Tue Apr 28 09:05:11 2009
@@ -34,6 +34,57 @@
<td width="119" align="center">Description</td>
</tr>
<tr>
+ <td align="center" valign="middle">1.3.0</td>
+ <td align="center">Release</td>
+ <td>MS Windows Distribution<br>
+ - Binary Distribution <a
+ href="[preferred]/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip"
+ title="[preferred]/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip"
+ onClick="javascript:urchinTracker
('/downloads/rampartc-bin-1.3.0-win32.zip');">zip</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip.md5";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip.md5";>MD5</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip.asc";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-win32.zip.asc";>PGP</a>
+ <br>
+ - Source Distribution <a
+ href="[preferred]/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip"
+ title="[preferred]/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip"
+ onClick="javascript:urchinTracker
('/downloads/rampartc-src-1.3.0.zip');">zip</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip.md5";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip.md5";>MD5</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip.asc";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.zip.asc";>PGP</a>
+ <br>
+ Linux Distribution <br>
+ - Binary Distribution <a
+ href="[preferred]/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz"
+ title="[preferred]/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz"
+ onClick="javascript:urchinTracker
('/downloads/rampartc-bin-1.3.0-linux.tar.gz');">tar.gz</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz.md5";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz.md5";>MD5</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz.asc";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-bin-1.3.0-linux.tar.gz.asc";>PGP</a>
+ <br>
+ - Source Distribution <a
+ href="[preferred]/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz"
+ title="[preferred]/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz"
+ onClick="javascript:urchinTracker
('/downloads/rampartc-src-1.3.0.tar.gz');">tar.gz</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz.md5";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz.md5";>MD5</a>
+ <a
+
href="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz.asc";
+
title="http://www.apache.org/dist/ws/rampart/c/1_3_0/rampartc-src-1.3.0.tar.gz.asc";>PGP</a></td>
+ <td>13 - 05 - 2009</td>
+ <td>1.3.0 Release (Mirrored) Depends on <a
href="http://ws.apache.org/axis2/c/download.cgi";>Axis2/C 1.6.0</a> </td>
+ </tr>
+ <tr>
<td align="center" valign="middle">1.2.0</td>
<td align="center">Release</td>
<td>MS Windows Distribution<br>
Modified: webservices/rampart/trunk/c/xdocs/index.html
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/c/xdocs/index.html?rev=769306&r1=769305&r2=769306&view=diff
==============================================================================
--- webservices/rampart/trunk/c/xdocs/index.html (original)
+++ webservices/rampart/trunk/c/xdocs/index.html Tue Apr 28 09:05:11 2009
@@ -18,8 +18,8 @@
<h2>Latest Release</h2>
-<h3>25th Apr 2008 - Apache Rampart/C Version 1.2.0 Released</h3>
-<a href="http://ws.apache.org/rampart/c/download.cgi";>Download 1.2</a>
+<h3>13th May 2009 - Apache Rampart/C Version 1.3.0 Released</h3>
+<a href="http://ws.apache.org/rampart/c/download.cgi";>Download 1.3</a>
<h4>Key Features</h4>
<ol>
@@ -44,12 +44,14 @@
<li> Signature confirmation support
<li> SOAP Header signing
</ul>
-<li>WS-Security Policy (spec 1.1) based configurations
+<li>WS-Security Policy (spec 1.1 and spec 1.2) based configurations
<ul>
<li> Support for both Symmetric as well as Asymmetric policy bindings
<li> Support for different modes of key identifiers
<li> Support for different algorithm suites<br>
[Basic128, Basic 192, Basic256, TrippleDES, Basic128Rsa15,
Basic192Rsa15,Basic256Rsa15, TripleDesRsa15]
+ <li> Support for IssuedToken assertion in client side
+ <li> Support for SAMLToken assertion
</ul>
<li>Replay detection support
<ul>
@@ -66,24 +68,34 @@
<li> Password callback module
<li> Authentication module
<li> Credentials module
+ <li> Replay detection module
+ <li> Secure conversation token module
</ul>
<li>Keys management
<ul>
<li> Support for X509 token profile
- <li> Support for Key identifiers, Thumb prints, Issuer/Serial pairs,
Embedded and Direct references
+ <li> Support for Key identifiers, Thumb prints, Issuer/Serial pairs,
Embedded and Direct references
+ <li> Support for PKCS12 keystore
</ul>
-<li> WS-Secure Conversation Language support (Experimental)
+<li> WS-Secure Conversation Language support
<ul>
<li> Establishing Security Context and thereby maintaining a session
<li> Per message key derivation
<li> Support for stored securtiy context token
+ <li> Rahas module support to give STS functionality to a service
</ul>
-<li> WS-Trust Language support (Experimental)
+<li> WS-Trust Language support
<ul>
<li> Security Token Services (STS)
<li> STS Client
<li> Server and Client entrophy support
</ul>
+<li> SAML Support
+ <ul>
+ <li> Support for Creation and Processing of SAML Core 1.1
Assertion
+ <li> SAML Token as Sign Supporting Token
+ <li> Signing and Encryption with SAML
+ </ul>
<li>Other
<ul>
<li> Easy to use deployment scripts
@@ -93,9 +105,10 @@
<h4>Major Changes Since Last Release</h4>
<p>
<ol>
- <li> WS-Secure Conversation Language support (Experimental)
- <li> WS-Trust Language support (Experimental)
- <li> SAML Support
+ <li> WS-Secure Conversation Language support
+ <li> WS-Trust Language support
+ <li> Rahas module to give STS support to a service
+ <li> PKCS12 Keystore support
<li> Memory leak fixes</li>
<li> Many bug fixes</li>
</ol>
