The security module for the Axis2 engine is ready to support encryption now.
The first release of rampart supported usernametokens and timestamps. The phase2 of rampart planned to implement the SOAP message encryption. But the biggest problem to be addressed is that there is no supporting XML encryption library. Thus the priority is given for writing an XML encryption library which is later known as OMXMLSec. The name stands for axiOM XML Security library.
OMXMLSec
OMXMLSec is written for the AXIOM, which is the XML Object Model for Axis2. It is designed to support XML Encryption and Signature. The first phase supports encryption only. Right now OMXMLSec has the capability of supporting following algorithms as specified in XNL Encryption recommendation.
http://www.w3.org/2001/04/xmlenc#tripledes-cbc
http://www.w3.org/2001/04/xmlenc#aes128-cbc
http://www.w3.org/2001/04/xmlenc#aes256-cbc
http://www.w3.org/2001/04/xmlenc#aes192-cbc
And for key transport
http://www.w3.org/2001/04/xmlenc#rsa-1_5
OMXMLSec uses Openssl as the underlying crypto library.
Moreover OMXMLSec has special capability to support asymmetric key encryption which is an essential part of SOAP message encryption.
Back to Rampart
Right now rampart is configured using the axis2 descriptor file. In future this will be changed with security policy implementation, which has started recently.
In this week I need to do the interop with Java implementation. Also need to integrate with the PHP. Mmm... might make my life very busy. :)
Monday, December 11, 2006
Tuesday, November 14, 2006
After a long missing
Hmm... after a long missing I'm back in my blog. The funny part is that this is my second post. Two posts for a year... not bad ha..? :)
Alright, hereafter I'll try to update the blog more often. Hope two visits for a week would do. /:
Cya
Alright, hereafter I'll try to update the blog more often. Hope two visits for a week would do. /:
Cya
Subscribe to:
Posts (Atom)