On Tue, 2007-08-14 at 09:34 +0100, Jamie Lyon wrote:
Hi Jamie,
Neethi/C Security policy extension is for building and ordering the
security header. It has nothing to do with the content of the payload.
So in your requirement to include the security token in the payload You
need to do it in your own. You can use OpenSSL directly to read from
certficate or can use methods in rampart/src/omxmlsec/openssl
seperately. please see rampart/src/omxmlsec/openssl/x509.C to get an
idea of using openssl functions.
Thanks
-Manjula.
Sorry for not being overly clear.
Basically I've loaded a policy using:
neethi_policy* policy = neethi_util_create_policy_from_file( axisEnv,
fileName );
Then applied it to the service client using:
axis2_svc_client_set_policy( svcClient, axisEnv, policy );
Now if possible I would like to be able to get the OpenSSL structures
(i.e. the struct named 'X509'); or just some way of obtaining the
subject DN and certificate string from the certificate in that policy.
I suppose the filename of that certificate would also suffice, as I
could then load it in manually, though a pre-loaded one would be
preferable.
The ultimate goal is to access the current security token to include it
in my message payload (not as part of the security header, or
ws-security, which is why I was wary about mentioning rampart).
Hopefully that clears things up :)
Cheers,
Jamie
-Original Message-
From: Manjula Peiris [mailto:[EMAIL PROTECTED]
Sent: 14 August 2007 05:01
To: Apache AXIS C User List
Subject: Re: [Rampart/C | Neethi/C] Possible to get the current
x509security certificate from a policy?
Hi Jamie,
Please see my comments inline. BTW Your requirement is not very clear.
Can you please emphasize more on this.
On Mon, 2007-08-13 at 16:51 +0100, Jamie Lyon wrote:
Hi,
Is it possible to get the OpenSSL construct (or some other form) of
policy out of the current neethi policy?
OpenSSL functions are called from Rampart/C, not through Neethi. Here
what do You mean by OpenSSL construct of policy?
I'm basically trying to get the subjectDN and base64 encoded cert to
include in my message. I can encode the data to a base64 string from
a
char array, so no worries there, so long as I can somehow access the
data.
If you have the buffer containing the base64 string of the key you can
attached it to the message by setting it in the rampart_context. You
can
use the following functions,
rampart_context_set_certificate() and
rampart_context_set_certificate_type.
But to do this you need to create a rampart_context outside of rampart
and set it as a value in a axis2_parameter called
RAMPART_CONFIGURATION.
Otherwise you need to change the code.
-Manjula
Any suggestions are highly welcome.
Cheers,
Jamie
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
